From ade00c95c26eefbd60b5f9f3efc2f848a196cf3e Mon Sep 17 00:00:00 2001
From: rub <rub@piwigo.org>
Date: Fri, 10 Mar 2006 20:17:18 +0000
Subject: Step 4 improvement issue 0000301:   o Correction lock categories and
 is_admin (functions with parameters now)   o Cannot use check_status with
 upgrade.php and upgrade_feed.php => New function check_upgrade use in
 upgrade*.php (new functionality for upgrade_feed.php)   o upgrade_feed.php is
 showed only for administrator user

git-svn-id: http://piwigo.org/svn/trunk@1075 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/include/functions_upgrade.php | 44 +++++++++++++++++++++++++
 include/common.inc.php              | 52 +++++++++++++++---------------
 include/functions_user.inc.php      | 64 ++++++++++++++++++++-----------------
 upgrade.php                         | 18 ++++-------
 upgrade_feed.php                    |  8 ++++-
 5 files changed, 117 insertions(+), 69 deletions(-)
 create mode 100644 admin/include/functions_upgrade.php

diff --git a/admin/include/functions_upgrade.php b/admin/include/functions_upgrade.php
new file mode 100644
index 000000000..1646ce7e3
--- /dev/null
+++ b/admin/include/functions_upgrade.php
@@ -0,0 +1,44 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | PhpWebGallery - a PHP based picture gallery                           |
+// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
+// +-----------------------------------------------------------------------+
+// | branch        : BSF (Best So Far)
+// | file          : $RCSfile$
+// | last update   : $Date: 2006-03-09 00:14:53 +0100 (jeu., 09 mars 2006) $
+// | last modifier : $Author: rub $
+// | revision      : $Revision: 1070 $
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+function check_upgrade()
+{
+  // Is PhpWebGallery already installed ?
+  if (!defined('PHPWG_IN_UPGRADE') or !PHPWG_IN_UPGRADE)
+  {
+    $message = 'PhpWebGallery is not in upgrade mode. In include/mysql.inc.php,
+insert line
+<pre style="background-color:lightgray">
+define(\'PHPWG_IN_UPGRADE\', true);
+</pre>
+if you want to upgrade';
+    die($message);
+  }
+}
+
+
+?>
diff --git a/include/common.inc.php b/include/common.inc.php
index e2204cc8e..19af297e6 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -2,7 +2,7 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
@@ -132,31 +132,6 @@ or die ( "Could not connect to database server" );
 mysql_select_db( $cfgBase )
 or die ( "Could not connect to database" );
 
-if ($conf['check_upgrade_feed'])
-{
-  // retrieve already applied upgrades
-  $query = '
-SELECT id
-  FROM '.UPGRADE_TABLE.'
-;';
-  $applied = array_from_query($query, 'id');
-
-  // retrieve existing upgrades
-  $existing = get_available_upgrade_ids();
-
-  // which upgrades need to be applied?
-  if (count(array_diff($existing, $applied)) > 0)
-  {
-    ob_start();// buffer output so that cookies work
-    echo
-      '<p>'
-      .'Some database upgrades are missing, '
-      .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>'
-      .'</p>'
-      ;
-  }
-}
-
 //
 // Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
 // since basic gallery information is not available
@@ -190,6 +165,31 @@ while ( $row =mysql_fetch_array( $result ) )
 
 include(PHPWG_ROOT_PATH.'include/user.inc.php');
 
+if (is_admin() and $conf['check_upgrade_feed'])
+{
+  // retrieve already applied upgrades
+  $query = '
+SELECT id
+  FROM '.UPGRADE_TABLE.'
+;';
+  $applied = array_from_query($query, 'id');
+
+  // retrieve existing upgrades
+  $existing = get_available_upgrade_ids();
+
+  // which upgrades need to be applied?
+  if (count(array_diff($existing, $applied)) > 0)
+  {
+    ob_start();// buffer output so that cookies work
+    echo
+      '<p>'
+      .'Some database upgrades are missing, '
+      .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>'
+      .'</p>'
+      ;
+  }
+}
+
 // language files
 include_once(get_language_filepath('common.lang.php'));
 
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index aa60ab64c..9e4a83b94 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -2,7 +2,7 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
@@ -277,6 +277,8 @@ DELETE FROM '.FAVORITES_TABLE.'
  */
 function calculate_permissions($user_id, $user_status)
 {
+  global $user;
+
   $private_array = array();
   $authorized_array = array();
 
@@ -292,7 +294,7 @@ SELECT id
   }
 
   // if user is not an admin, locked categories can be considered as private$
-  if (!is_admin())
+  if (!is_admin($user_status))
   {
     $query = '
 SELECT id
@@ -541,36 +543,38 @@ function log_user($user_id, $remember_me)
  * Test does with user status
  * @return bool
 */
-function is_autorize_status($access_type)
+function is_autorize_status($access_type, $user_status = '')
 {
   global $user;
 
+  if (($user_status == '') and isset($user['status']))
+  {
+    $user_status = $user['status'];
+  }
+
   $access_type_status = ACCESS_NONE;
-  if (isset($user['status']))
+  switch ($user_status)
   {
-    switch ($user['status'])
+    case 'guest':
+    case 'generic':
     {
-      case 'guest':
-      case 'generic':
-      {
-        $access_type_status = ACCESS_GUEST;
-        break;
-      }
-      case 'normal':
-      {
-        $access_type_status = ACCESS_CLASSIC;
-        break;
-      }
-      case 'admin':
-      {
-        $access_type_status = ACCESS_ADMINISTRATOR;
-        break;
-      }
-      case 'webmaster':
-      {
-        $access_type_status = ACCESS_WEBMASTER;
-        break;
-      }
+      $access_type_status = ACCESS_GUEST;
+      break;
+    }
+    case 'normal':
+    {
+      $access_type_status = ACCESS_CLASSIC;
+      break;
+    }
+    case 'admin':
+    {
+      $access_type_status = ACCESS_ADMINISTRATOR;
+      break;
+    }
+    case 'webmaster':
+    {
+      $access_type_status = ACCESS_WEBMASTER;
+      break;
     }
   }
 
@@ -583,11 +587,11 @@ function is_autorize_status($access_type)
  * Test does with user status
  * @return none
 */
-function check_status($access_type)
+function check_status($access_type, $user_status = '')
 {
   global $lang;
 
-  if (!is_autorize_status($access_type))
+  if (!is_autorize_status($access_type, $user_status))
   {
     echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
     echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">'.$lang['identification'].'</a></div>';
@@ -599,9 +603,9 @@ function check_status($access_type)
  * Return if current user is an administrator
  * @return bool
 */
-function is_admin()
+function is_admin($user_status = '')
 {
-  return is_autorize_status(ACCESS_ADMINISTRATOR);
+  return is_autorize_status(ACCESS_ADMINISTRATOR, $user_status);
 }
 
 ?>
\ No newline at end of file
diff --git a/upgrade.php b/upgrade.php
index 89e42ce18..8871ebc88 100644
--- a/upgrade.php
+++ b/upgrade.php
@@ -2,7 +2,7 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
@@ -32,17 +32,11 @@ include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
 include(PHPWG_ROOT_PATH.'include/template.php');
 
 include(PHPWG_ROOT_PATH.'include/mysql.inc.php');
-// Is PhpWebGallery already installed ?
-if (!defined('PHPWG_IN_UPGRADE') or !PHPWG_IN_UPGRADE)
-{
-  $message = 'PhpWebGallery is not in upgrade mode. In include/mysql.inc.php,
-insert line
-<pre style="background-color:lightgray">
-define(\'PHPWG_IN_UPGRADE\', true);
-</pre>
-if you want to upgrade';
-  die($message);
-}
+
+// +-----------------------------------------------------------------------+
+// | Check Access and exit when it is not ok                               |
+// +-----------------------------------------------------------------------+
+check_upgrade();
 
 // concerning upgrade, we use the default users table
 $conf['users_table'] = $prefixeTable.'users';
diff --git a/upgrade_feed.php b/upgrade_feed.php
index ca9f9d0c3..941f3a2f2 100644
--- a/upgrade_feed.php
+++ b/upgrade_feed.php
@@ -2,7 +2,7 @@
 // +-----------------------------------------------------------------------+
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
 // | file          : $RCSfile$
@@ -29,9 +29,15 @@ define('PHPWG_ROOT_PATH', './');
 
 include_once(PHPWG_ROOT_PATH.'include/functions.inc.php');
 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+include_once(PHPWG_ROOT_PATH.'admin/include/functions_upgrade.php');
 include(PHPWG_ROOT_PATH.'include/template.php');
 include(PHPWG_ROOT_PATH.'include/mysql.inc.php');
 
+// +-----------------------------------------------------------------------+
+// | Check Access and exit when it is not ok                               |
+// +-----------------------------------------------------------------------+
+check_upgrade();
+
 define('PREFIX_TABLE', $prefixeTable);
 define('UPGRADES_PATH', PHPWG_ROOT_PATH.'install/db');
 
-- 
cgit v1.2.3