diff -r cdd9febe3652 sites/all/modules/contrib/ds/ds.module --- a/sites/all/modules/contrib/ds/ds.module Thu Nov 21 03:44:04 2013 +0000 +++ b/sites/all/modules/contrib/ds/ds.module Thu Nov 21 04:07:11 2013 +0000 @@ -869,6 +869,50 @@ list($module, $delta) = explode('|', $field['properties']['block']); $block = module_invoke($module, 'block_view', $delta); + // Check role access. + global $user; + $role_access = TRUE; + // Do the check for all users other than admin. + if ($user->uid > 1) { + $query = db_query("SELECT rid FROM {block_role} b WHERE b.delta = :delta and b.module = :module", array(':delta' => $delta, ':module' => $module)); + // Block roles must be configured to change visibility rules. + if ($query->rowCount() > 0) { + $role_access = FALSE; + $rids = array_keys($user->roles); + $roles = $query->fetchAll(); + foreach ($roles as $r) { + if (in_array($r->rid, $rids)) { + $role_access = TRUE; + } + } + } + } + if (!$role_access) { + return; + } + + // Check page access. + $page_access = TRUE; + $query = db_query("SELECT pages, visibility FROM {block} b where b.delta = :delta and b.module = :module", array(':delta' => $delta, ':module' => $module)); + $data = $query->fetch(); + if($data->visibility < 2) { + $path = drupal_get_path_alias($_GET['q']); + $page_access = drupal_match_path($path, $data->pages); + if ($path != $_GET['q']) { + $page_access = $page_access || drupal_match_path($_GET['q'], $data->pages); + } + // When $data->visibility has a value of 0, the block is displayed on + // all pages except those listed in $data->pages. When set to 1, it + // is displayed only on those pages listed in $data->pages. + $page_access = !($data->visibility xor $page_access); + } + elseif (module_exists('php')) { + $page_access = php_eval($data->pages); + } + if (!$page_access) { + return; + } + // Get contextual links. $contextual_links = array(); $contextual = module_exists('contextual') && user_access('access contextual links');