From af81ed5a8a2a9d4c1f73587d222421ab22fba6bb Mon Sep 17 00:00:00 2001
From: jengo <jengo@alumni.egroupware.org>
Date: Wed, 14 Mar 2001 12:10:01 +0000
Subject: [PATCH] hook() now checks user permissions BEFORE the hook is
 included

---
 phpgwapi/inc/class.common.inc.php | 85 +++++++++++++++++++------------
 1 file changed, 53 insertions(+), 32 deletions(-)

diff --git a/phpgwapi/inc/class.common.inc.php b/phpgwapi/inc/class.common.inc.php
index ec44bdc24c..5ed829205f 100644
--- a/phpgwapi/inc/class.common.inc.php
+++ b/phpgwapi/inc/class.common.inc.php
@@ -715,38 +715,59 @@
       return $e_password;
   }
 
-  function hook($location = '', $order = ''){
-    global $phpgw, $phpgw_info;
-    if ($order == ''){$order[] = $phpgw_info['flags']['currentapp'];}
-    /* First include the ordered apps hook file */
-    reset ($order);
-    while (list (, $appname) = each ($order)){
-       $f = PHPGW_SERVER_ROOT . '/' . $appname . '/inc/hook_'.$phpgw_info['flags']['currentapp'];
-    	if ($location != '') {
-    	   $f .= '_'.$location.'.inc.php';
-    	} else {
-    	   $f .= '.inc.php';
-    	}
-  	  if (file_exists($f)) {include($f);}
-      $completed_hooks[$appname] = True;
-    }
-    /* Then add the rest */
-    reset ($phpgw_info['user']['apps']);
-    while ($permission = each($phpgw_info['user']['apps'])) {
-       if ($completed_hooks[$permission[0]] != True){
-          $appname = $permission[0];
-          $f = PHPGW_SERVER_ROOT . '/' . $permission[0] . '/inc/hook_'.$phpgw_info['flags']['currentapp'];
-      	if ($location != '') {
-      	   $f .= '_'.$location.'.inc.php';
-      	} else {
-      	   $f .= '.inc.php';
-      	}
-    	  if (file_exists($f)) {
-    	     include($f);
-    	  }
-      }
-    }
-  }
+		function hook($location = '', $order = '')
+		{
+			global $phpgw, $phpgw_info;
+			if ($order == '')
+			{
+				$order[] = $phpgw_info['flags']['currentapp'];
+			}
+
+			/* First include the ordered apps hook file */
+			reset ($order);
+			while (list (, $appname) = each ($order))
+			{
+				$f = PHPGW_SERVER_ROOT . '/' . $appname . '/inc/hook_'.$phpgw_info['flags']['currentapp'];
+				if ($location != '')
+				{
+					$f .= '_'.$location.'.inc.php';
+				}
+				else
+				{
+					$f .= '.inc.php';
+				}
+
+				if (file_exists($f) && $phpgw_info['user']['apps'][$appname])
+				{
+					include($f);
+				}
+				$completed_hooks[$appname] = True;
+			}
+
+			/* Then add the rest */
+			reset ($phpgw_info['user']['apps']);
+			while ($permission = each($phpgw_info['user']['apps']))
+			{
+				if ($completed_hooks[$permission[0]] != True)
+				{
+					$appname = $permission[0];
+					$f = PHPGW_SERVER_ROOT . '/' . $permission[0] . '/inc/hook_'.$phpgw_info['flags']['currentapp'];
+					if ($location != '')
+					{
+						$f .= '_'.$location.'.inc.php';
+					}
+					else
+					{
+						$f .= '.inc.php';
+					}
+
+					if (file_exists($f) && $phpgw_info['user']['apps'][$appname])
+					{
+						include($f);
+					}
+				}
+			}
+		}
 
   function hook_single($location = '', $appname = '')
   {