fix: permissioning not working (2 bugs)

fix: locked gallery cannot be unlocked (impossible to login)

improvement: nicer display in redirect.tpl

improvement: when a page is not accessible because of permissions (accessed 
through bookmark or email), redirect to identification.php and after 
identification to the initially requested page


git-svn-id: http://piwigo.org/svn/trunk@1052 68402e56-0260-453c-a942-63ccdbb3a9ee

9 files changed, 45 insertions, 17 deletions

diff --git a/identification.php b/identification.php
index 3ff9d468d..5cf65b5a2 100644
--- a/identification.php
+++ b/identification.php
@@ -31,8 +31,20 @@ include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
 
 //-------------------------------------------------------------- identification
 $errors = array();
+
+$redirect_to = '';
+if ( !empty($_GET['redirect']) )
+{
+  $redirect_to = $_GET['redirect'];
+  if ( $user['is_the_guest'] )
+  {
+    array_push($errors, $lang['access_forbiden']);
+  }
+}
+
 if (isset($_POST['login']))
 {
+  $redirect_to = $_POST['redirect'];
   $username = mysql_escape_string($_POST['username']);
   // retrieving the encrypted password of the login submitted
   $query = '
@@ -54,7 +66,7 @@ SELECT '.$conf['user_fields']['id'].' AS id,
     session_set_cookie_params($session_length);
     session_start();
     $_SESSION['id'] = $row['id'];
-    redirect('category.php');
+    redirect(empty($redirect_to) ? 'category.php' : $redirect_to);
   }
   else
   {
@@ -85,6 +97,7 @@ $template->assign_vars(
     'U_REGISTER' => PHPWG_ROOT_PATH.'register.php',
     'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',
     'U_HOME' => PHPWG_ROOT_PATH.'category.php',
+    'U_REDIRECT' => $redirect_to,
     
     'F_LOGIN_ACTION' => PHPWG_ROOT_PATH.'identification.php'
     ));
diff --git a/include/common.inc.php b/include/common.inc.php
index b89258df1..e0c564033 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -200,12 +200,15 @@ if (defined('IN_ADMIN') and IN_ADMIN)
 
 if ($conf['gallery_locked'])
 {
+  ob_start(); // make sure we can send cookies
   echo
     '<div style="text-align:center;">'
-    .$lang['gallery_locked_message']
-    .'</div>';
+    .$lang['gallery_locked_message'];
+  echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">.</a>';
+  echo '</div>';
 
-  if ($user['status'] != 'admin')
+  if ( basename($_SERVER["PHP_SELF"]) != 'identification.php'
+      and $user['status'] != 'admin' )
   {
     exit();
   }
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index b3abce892..f7c5b926b 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -46,10 +46,21 @@ function check_restrictions($category_id)
 
   if (in_array($category_id, explode(',', $user['forbidden_categories'])))
   {
-    echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
-    echo '<a href="./category.php">';
-    echo $lang['thumbnails'].'</a></div>';
-    exit();
+    $login_url = './identification.php?redirect='.
+                  htmlentities(htmlentities($_SERVER['REQUEST_URI']));
+    if ( ! $user['is_the_guest'] )
+    {
+      echo '<div style="text-align:center;">';
+      echo $lang['hello'].' '.$user['username'].'! ';
+      echo $lang['access_forbiden'].'<br />';
+      echo '<a href="./category.php">'.$lang['thumbnails'].'</a> ';
+      echo '</div>';
+      exit();
+    }
+    else
+    {
+      redirect($login_url);
+    }
   }
 }
 
diff --git a/include/user.inc.php b/include/user.inc.php
index c22f4b369..4b3dd13e8 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -58,12 +58,11 @@ if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
   
   $user['is_the_guest'] = false;
 }
-
 $user = array_merge(
   $user,
   getuserdata(
     $user['id'],
-    defined('IN_ADMIN') and IN_ADMIN ? false : true // use cache ?
+    ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
     )
   );
 
diff --git a/language/en_UK.iso-8859-1/common.lang.php b/language/en_UK.iso-8859-1/common.lang.php
index 045b5ad65..3634797bd 100644
--- a/language/en_UK.iso-8859-1/common.lang.php
+++ b/language/en_UK.iso-8859-1/common.lang.php
@@ -113,7 +113,7 @@ $lang['Visits'] = 'Visits';
 $lang['Webmaster'] = 'Webmaster';
 $lang['Weekly'] = 'Weekly';
 $lang['about_page_title'] = 'About PhpWebGallery';
-$lang['access_forbiden'] = 'You are not authorized to access this page';
+$lang['access_forbiden'] = 'You are not authorized to access the requested page';
 $lang['add to caddie'] = 'add to caddie';
 $lang['add_favorites_alt'] = 'Add to favorites';
 $lang['add_favorites_hint'] = 'Add this picture to your favorites';
@@ -136,6 +136,7 @@ $lang['calendar_any'] = 'All';
 $lang['calendar_hint'] = 'displays each day with pictures, month per month';
 $lang['calendar_picture_hint'] = 'displays pictures added on ';
 $lang['categories'] = 'Categories';
+$lang['click_to_redirect'] = 'Click here if your browser does not automatically forward you';
 $lang['comment date'] = 'comment date';
 $lang['comment'] = 'Comment';
 $lang['comment_added'] = 'Your comment has been registered';
diff --git a/language/fr_FR.iso-8859-1/common.lang.php b/language/fr_FR.iso-8859-1/common.lang.php
index 0c2d9e09f..5d9cf5fdc 100644
--- a/language/fr_FR.iso-8859-1/common.lang.php
+++ b/language/fr_FR.iso-8859-1/common.lang.php
@@ -112,7 +112,7 @@ $lang['Visits'] = 'Visites';
 $lang['Webmaster'] = 'Webmestre';
 $lang['Weekly'] = 'Hebdomadaire';
 $lang['about_page_title'] = 'À propos de PhpWebGallery';
-$lang['access_forbiden'] = 'Vous n\'êtes pas autorisé sur cette page';
+$lang['access_forbiden'] = 'Vous n\'êtes pas autorisé sur la page demandée';
 $lang['add to caddie'] = 'ajouter au panier';
 $lang['add_favorites_alt'] = 'Ajouter aux favoris';
 $lang['add_favorites_hint'] = 'Ajouter cette image à vos favoris';
@@ -135,6 +135,7 @@ $lang['calendar_any'] = 'Tout';
 $lang['calendar_hint'] = 'affichage année par année, mois par mois, jour par jour';
 $lang['calendar_picture_hint'] = 'affiche les images du ';
 $lang['categories'] = 'Catégories';
+$lang['click_to_redirect'] = 'Cliquez ici si votre navigateur ne vous redirige pas.';
 $lang['comment date'] = 'date du commentaire';
 $lang['comment'] = 'Commentaire';
 $lang['comment_added'] = 'Votre commentaire a été enregistré';
diff --git a/picture.php b/picture.php
index 18133095a..d9b633f18 100644
--- a/picture.php
+++ b/picture.php
@@ -29,14 +29,14 @@ $rate_items = array(0,1,2,3,4,5);
 //--------------------------------------------------------------------- include
 define('PHPWG_ROOT_PATH','./');
 include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
+
+include(PHPWG_ROOT_PATH.'include/section_init.inc.php');
 //-------------------------------------------------- access authorization check
 if (isset($page['cat']) and is_numeric($page['cat']))
 {
   check_restrictions($page['cat']);
 }
 //-------------------------------------------------------------- initialization
-include(PHPWG_ROOT_PATH.'include/section_init.inc.php');
-
 // if this image_id doesn't correspond to this category, an error message is
 // displayed, and execution is stopped
 if (!in_array($_GET['image_id'], $page['items']))
diff --git a/template/yoga/identification.tpl b/template/yoga/identification.tpl
index f5195e011..7ff80a01c 100644
--- a/template/yoga/identification.tpl
+++ b/template/yoga/identification.tpl
@@ -23,7 +23,7 @@
 <form action="{F_LOGIN_ACTION}" method="post" class="properties">
   <fieldset>
     <legend>{lang:Connection settings}</legend>
-
+     <input type="hidden" name="redirect" value="{U_REDIRECT}">
     <ul>
       <li> 
         <label for="username">{L_USERNAME}</label>
diff --git a/template/yoga/redirect.tpl b/template/yoga/redirect.tpl
index 9742452a7..6d85d3afc 100644
--- a/template/yoga/redirect.tpl
+++ b/template/yoga/redirect.tpl
@@ -1,2 +1,2 @@
-redirection<br/>
-<a href="{U_REFRESH}">{U_REFRESH}</a>
\ No newline at end of file
+<p>Redirection...</p>
+<p><a href="{U_REFRESH}">{lang:click_to_redirect}</a></p>