aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2006-04-01 01:24:21 +0000
committerrvelices <rv-github@modusoptimus.com>2006-04-01 01:24:21 +0000
commit7b4a6232cac2d23d2aecf7aeca06643429e1805d (patch)
tree98995f6dcd6d6e924c34fbbf9e09d6724e473090
parent324f3c4279ee0d1ff24e297535f5a62cc777ace1 (diff)
fix: allow adviser message was not allowing cookies to be sent
fix: cookie deletion on logout uses ini_get (on some systems ini_set(cookie_path) is ignored) bug 322: locked category is visible to all the users/groups that have been assigned the permissions git-svn-id: http://piwigo.org/svn/trunk@1117 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/common.inc.php1
-rw-r--r--include/functions_user.inc.php43
-rw-r--r--index.php2
3 files changed, 24 insertions, 22 deletions
diff --git a/include/common.inc.php b/include/common.inc.php
index 2b7757819..42697353e 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -234,6 +234,7 @@ include(
if (is_adviser())
{
+ ob_start();// buffer output so that cookies work
echo '
<div class="titrePage">
<h2>
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index c1e601aeb..cfa4d53aa 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -300,23 +300,6 @@ SELECT id
array_push($private_array, $row['id']);
}
- // if user is not an admin, locked categories can be considered as private$
- if (!is_admin($user_status))
- {
- $query = '
-SELECT id
- FROM '.CATEGORIES_TABLE.'
- WHERE visible = \'false\'
-;';
- $result = pwg_query($query);
- while ($row = mysql_fetch_array($result))
- {
- array_push($private_array, $row['id']);
- }
-
- $private_array = array_unique($private_array);
- }
-
// retrieve category ids directly authorized to the user
$query = '
SELECT cat_id
@@ -345,10 +328,28 @@ SELECT cat_id
// only unauthorized private categories are forbidden
$forbidden_array = array_diff($private_array, $authorized_array);
- // at least, the list contains -1 values. This category does not exists so
- // where clauses such as "WHERE category_id NOT IN(-1)" will always be
- // true.
- array_push($forbidden_array, '-1');
+ // if user is not an admin, locked categories are forbidden
+ if (!is_admin($user_status))
+ {
+ $query = '
+SELECT id
+ FROM '.CATEGORIES_TABLE.'
+ WHERE visible = \'false\'
+;';
+ $result = pwg_query($query);
+ while ($row = mysql_fetch_array($result))
+ {
+ array_push($forbidden_array, $row['id']);
+ }
+ $forbidden_array = array_unique($forbidden_array);
+ }
+
+ if ( empty($forbidden_array) )
+ {// at least, the list contains -1 values. This category does not exists so
+ // where clauses such as "WHERE category_id NOT IN(-1)" will always be
+ // true.
+ array_push($forbidden_array, '-1');
+ }
return implode(',', $forbidden_array);
}
diff --git a/index.php b/index.php
index 4e9454e34..3bb03d4bd 100644
--- a/index.php
+++ b/index.php
@@ -44,7 +44,7 @@ if ( isset( $_GET['act'] )
$_SESSION = array();
session_unset();
session_destroy();
- setcookie(session_name(),'',0, cookie_path() );
+ setcookie(session_name(),'',0, ini_get('session.cookie_path') );
redirect( make_index_url() );
}