aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2005-08-08 20:52:19 +0000
committerplegall <plg@piwigo.org>2005-08-08 20:52:19 +0000
commit273884a65274e2688df1b2d3dc37103a46117772 (patch)
tree6d0756672c6b415c38abea4c8ea831cdeb3673fb /admin
parent8b97a8154ebb024c1c2610d82646e48b913721bc (diff)
- new : external authentication in another users table. Previous users table
is divided between users (common properties with any web application) and user_infos (phpwebgallery specific informations). External table and fields can be configured. - modification : profile.php is not reachable through administration anymore (not useful). - modification : in profile.php, current password is mandatory only if user tries to change his password. Username can't be changed. - deletion : of obsolete functions get_user_restrictions, update_user_restrictions, get_user_all_restrictions, is_user_allowed, update_user - modification : $user['forbidden_categories'] equals at least "-1" so that category_id NOT IN ($user['forbidden_categories']) can always be used. - modification : user_forbidden table becomes user_cache so that not only restriction informations can be stored in this table. git-svn-id: http://piwigo.org/svn/trunk@808 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--admin.php9
-rw-r--r--admin/cat_perm.php5
-rw-r--r--admin/include/functions.php243
-rw-r--r--admin/search.php2
-rw-r--r--admin/user_list.php56
5 files changed, 125 insertions, 190 deletions
diff --git a/admin.php b/admin.php
index ba6e1dd77..d56602854 100644
--- a/admin.php
+++ b/admin.php
@@ -30,6 +30,13 @@ define('PHPWG_ROOT_PATH','./');
define('IN_ADMIN', true);
include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
+
+// +-----------------------------------------------------------------------+
+// | synchronize user informations |
+// +-----------------------------------------------------------------------+
+
+sync_users();
+
//--------------------------------------- validating page and creation of title
$page_valide = false;
$title = '';
@@ -323,7 +330,7 @@ include(PHPWG_ROOT_PATH.'include/page_tail.php');
// | order permission refreshment |
// +-----------------------------------------------------------------------+
$query = '
-UPDATE '.USER_FORBIDDEN_TABLE.'
+UPDATE '.USER_CACHE_TABLE.'
SET need_update = \'true\'
;';
pwg_query($query);
diff --git a/admin/cat_perm.php b/admin/cat_perm.php
index 73bd0d866..7580cd28c 100644
--- a/admin/cat_perm.php
+++ b/admin/cat_perm.php
@@ -258,9 +258,10 @@ foreach (array_diff(array_keys($groups), $group_granted_ids) as $group_id)
$users = array();
$query = '
-SELECT id, username
+SELECT '.$conf['user_fields']['id'].' AS id,
+ '.$conf['user_fields']['username'].' AS username
FROM '.USERS_TABLE.'
- WHERE id != 2
+ WHERE id != '.$conf['guest_id'].'
;';
$result = pwg_query($query);
while($row = mysql_fetch_array($result))
diff --git a/admin/include/functions.php b/admin/include/functions.php
index a02ab962f..2364ada41 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -332,6 +332,8 @@ DELETE FROM '.IMAGES_TABLE.'
// - calculated permissions linked to the user
function delete_user($user_id)
{
+ global $conf;
+
// destruction of the access linked to the user
$query = '
DELETE FROM '.USER_ACCESS_TABLE.'
@@ -367,10 +369,17 @@ DELETE FROM '.USER_FORBIDDEN_TABLE.'
;';
pwg_query($query);
+ // deletion of phpwebgallery specific informations
+ $query = '
+DELETE FROM '.USER_INFOS_TABLE.'
+ WHERE user_id = '.$user_id.'
+;';
+ pwg_query($query);
+
// destruction of the user
$query = '
DELETE FROM '.USERS_TABLE.'
- WHERE id = '.$user_id.'
+ WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
;';
pwg_query($query);
}
@@ -553,165 +562,6 @@ function get_keywords( $keywords_string )
}
/**
- * returns an array with the ids of the restricted categories for the user
- *
- * Returns an array with the ids of the restricted categories for the
- * user. If the $check_invisible parameter is set to true, invisible
- * categorie are added to the restricted one in the array.
- *
- * @param int $user_id
- * @param string $user_status
- * @param bool $check_invisible
- * @param bool $use_groups
- * @return array
- */
-function get_user_restrictions( $user_id, $user_status,
- $check_invisible, $use_groups = true )
-{
- // 1. retrieving ids of private categories
- $query = 'SELECT id FROM '.CATEGORIES_TABLE;
- $query.= " WHERE status = 'private'";
- $query.= ';';
- $result = pwg_query( $query );
- $privates = array();
- while ( $row = mysql_fetch_array( $result ) )
- {
- array_push( $privates, $row['id'] );
- }
- // 2. retrieving all authorized categories for the user
- $authorized = array();
- // 2.1. retrieving authorized categories thanks to personnal user
- // authorization
- $query = 'SELECT cat_id FROM '.USER_ACCESS_TABLE;
- $query.= ' WHERE user_id = '.$user_id;
- $query.= ';';
- $result = pwg_query( $query );
- while ( $row = mysql_fetch_array( $result ) )
- {
- array_push( $authorized, $row['cat_id'] );
- }
- // 2.2. retrieving authorized categories thanks to group authorization to
- // which the user is a member
- if ( $use_groups )
- {
- $query = 'SELECT ga.cat_id';
- $query.= ' FROM '.USER_GROUP_TABLE.' as ug';
- $query.= ', '.GROUP_ACCESS_TABLE.' as ga';
- $query.= ' WHERE ug.group_id = ga.group_id';
- $query.= ' AND ug.user_id = '.$user_id;
- $query.= ';';
- $result = pwg_query( $query );
- while ( $row = mysql_fetch_array( $result ) )
- {
- array_push( $authorized, $row['cat_id'] );
- }
- $authorized = array_unique( $authorized );
- }
-
- $forbidden = array();
- foreach ( $privates as $private ) {
- if ( !in_array( $private, $authorized ) )
- {
- array_push( $forbidden, $private );
- }
- }
-
- if ( $check_invisible )
- {
- // 3. adding to the restricted categories, the invisible ones
- if ( $user_status != 'admin' )
- {
- $query = 'SELECT id FROM '.CATEGORIES_TABLE;
- $query.= " WHERE visible = 'false';";
- $result = pwg_query( $query );
- while ( $row = mysql_fetch_array( $result ) )
- {
- array_push( $forbidden, $row['id'] );
- }
- }
- }
- return array_unique( $forbidden );
-}
-
-/**
- * updates the calculated data users.forbidden_categories, it includes
- * sub-categories of the direct forbidden categories
- *
- * @param nt $user_id
- * @return array
- */
-function update_user_restrictions( $user_id )
-{
- $restrictions = get_user_all_restrictions( $user_id );
-
- // update the users.forbidden_categories in database
- $query = 'UPDATE '.USERS_TABLE;
- $query.= ' SET forbidden_categories = ';
- if ( count( $restrictions ) > 0 )
- $query.= "'".implode( ',', $restrictions )."'";
- else
- $query.= 'NULL';
- $query .= ' WHERE id = '.$user_id;
- $query.= ';';
- pwg_query( $query );
-
- return $restrictions;
-}
-
-/**
- * returns all the restricted categories ids including sub-categories
- *
- * @param int $user_id
- * @return array
- */
-function get_user_all_restrictions( $user_id )
-{
- global $page;
-
- $query = 'SELECT status';
- $query.= ' FROM '.USERS_TABLE;
- $query.= ' WHERE id = '.$user_id;
- $query.= ';';
- $row = mysql_fetch_array( pwg_query( $query ) );
-
- $base_restrictions=get_user_restrictions($user_id,$row['status'],true,true);
-
- $restrictions = $base_restrictions;
- foreach ( $base_restrictions as $category_id ) {
- echo $category_id.' is forbidden to user '.$user_id.'<br />';
- $restrictions =
- array_merge( $restrictions,
- $page['plain_structure'][$category_id]['all_subcats_ids'] );
- }
-
- return array_unique( $restrictions );
-}
-
-// The function is_user_allowed returns :
-// - 0 : if the category is allowed with this $restrictions array
-// - 1 : if this category is not allowed
-// - 2 : if an uppercat category is not allowed
-// Note : the restrictions array must represent ONLY direct forbidden
-// categories, not all forbidden categories
-function is_user_allowed( $category_id, $restrictions )
-{
- if ( in_array( $category_id, $restrictions ) ) return 1;
-
- $query = 'SELECT uppercats';
- $query.= ' FROM '.CATEGORIES_TABLE;
- $query.= ' WHERE id = '.$category_id;
- $query.= ';';
- $row = mysql_fetch_array( pwg_query( $query ) );
- $uppercats = explode( ',', $row['uppercats'] );
- foreach ( $uppercats as $category_id ) {
- if ( in_array( $category_id, $restrictions ) ) return 2;
- }
-
- // no restriction found : the user is allowed to access this category
- return 0;
-}
-
-/**
* returns an array containing sub-directories which can be a category
*
* directories nammed "thumbnail", "pwg_high" or "pwg_representative" are
@@ -842,8 +692,8 @@ function mass_updates($tablename, $dbfields, $datas)
// depending on the MySQL version, we use the multi table update or N
// update queries
$query = 'SELECT VERSION() AS version;';
- $row = mysql_fetch_array(pwg_query($query));
- if (count($datas) < 10 or version_compare($row['version'],'4.0.4') < 0)
+ list($mysql_version) = mysql_fetch_array(pwg_query($query));
+ if (count($datas) < 10 or version_compare($mysql_version, '4.0.4') < 0)
{
// MySQL is prior to version 4.0.4, multi table update feature is not
// available
@@ -1334,4 +1184,73 @@ function micro_seconds()
$t2 = $t1[1].substr($t2[1], 0, 6);
return $t2;
}
+
+/**
+ * compares and synchronizes USERS_TABLE and USER_INFOS_TABLE : each user in
+ * USERS_TABLE must be present in USER_INFOS_TABLE.
+ */
+function sync_users()
+{
+ global $conf;
+
+ $query = '
+SELECT '.$conf['user_fields']['id'].' AS id
+ FROM '.USERS_TABLE.'
+;';
+ $base_users = array_from_query($query, 'id');
+
+ $query = '
+SELECT user_id
+ FROM '.USER_INFOS_TABLE.'
+;';
+ $infos_users = array_from_query($query, 'user_id');
+
+ // users present in $base_users and not in $infos_users must be added
+ $to_create = array_diff($base_users, $infos_users);
+
+ if (count($to_create) > 0)
+ {
+ $inserts = array();
+
+ list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
+
+ foreach ($to_create as $user_id)
+ {
+ $insert = array();
+ $insert['user_id'] = $user_id;
+ $insert['status'] = 'guest';
+ $insert['template'] = $conf['default_template'];
+ $insert['nb_image_line'] = $conf['nb_image_line'];
+ $insert['nb_line_page'] = $conf['nb_line_page'];
+ $insert['language'] = $conf['default_language'];
+ $insert['recent_period'] = $conf['recent_period'];
+ $insert['feed_id'] = find_available_feed_id();
+ $insert['expand'] = boolean_to_string($conf['auto_expand']);
+ $insert['show_nb_comments'] =
+ boolean_to_string($conf['show_nb_comments']);
+ $insert['maxwidth'] = $conf['default_maxwidth'];
+ $insert['maxheight'] = $conf['default_maxheight'];
+ $insert['registration_date'] = $dbnow;
+
+ array_push($inserts, $insert);
+ }
+
+ mass_inserts(USER_INFOS_TABLE,
+ array_keys($inserts[0]),
+ $inserts);
+ }
+
+ // users present in $infos_users and not in $base_users must be deleted
+ $to_delete = array_diff($infos_users, $base_users);
+
+ if (count($to_delete) > 0)
+ {
+ $query = '
+DELETE
+ FROM '.USER_INFOS_TABLE.'
+ WHERE user_id in ('.implode(',', $to_delete).')
+;';
+ pwg_query($query);
+ }
+}
?>
diff --git a/admin/search.php b/admin/search.php
index e6eab6258..482d6afbc 100644
--- a/admin/search.php
+++ b/admin/search.php
@@ -73,7 +73,7 @@ if ( !empty($search_match) )
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "'
- AND id <> ".ANONYMOUS."
+ AND id <> ".$conf['guest_id']."
ORDER BY username";
if ( !($result = pwg_query($sql)) )
{
diff --git a/admin/user_list.php b/admin/user_list.php
index 9ffc84e10..aa1bbff22 100644
--- a/admin/user_list.php
+++ b/admin/user_list.php
@@ -45,10 +45,7 @@ include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
if (isset($_POST['submit_add']))
{
- $page['errors'] = register_user($_POST['login'],
- $_POST['password'],
- $_POST['password'],
- '');
+ $page['errors'] = register_user($_POST['login'], $_POST['password'], '');
}
// +-----------------------------------------------------------------------+
@@ -66,7 +63,7 @@ if (isset($_POST['pref_submit']))
$query = '
SELECT id
FROM '.USERS_TABLE.'
- WHERE id != 2
+ WHERE id != '.$conf['guest_id'].'
;';
$collection = array_from_query($query, 'id');
break;
@@ -123,7 +120,7 @@ DELETE FROM '.USER_GROUP_TABLE.'
// properties to set for the collection (a user list)
$datas = array();
- $dbfields = array('primary' => array('id'), 'update' => array());
+ $dbfields = array('primary' => array('user_id'), 'update' => array());
$formfields =
array('nb_image_line', 'nb_line_page', 'template', 'language',
@@ -146,7 +143,7 @@ DELETE FROM '.USER_GROUP_TABLE.'
foreach ($collection as $user_id)
{
$data = array();
- $data['id'] = $user_id;
+ $data['user_id'] = $user_id;
// TODO : verify if submited values are semanticaly correct
foreach ($dbfields['update'] as $dbfield)
@@ -168,7 +165,7 @@ DELETE FROM '.USER_GROUP_TABLE.'
array_push($datas, $data);
}
- mass_updates(USERS_TABLE, $dbfields, $datas);
+ mass_updates(USER_INFOS_TABLE, $dbfields, $datas);
}
}
else
@@ -202,7 +199,7 @@ $template->set_filenames(array('user_list'=>'admin/user_list.tpl'));
$base_url = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_list');
-$conf['users_page'] = 10;
+$conf['users_page'] = 20;
if (isset($_GET['start']) and is_numeric($_GET['start']))
{
@@ -317,7 +314,7 @@ $template->assign_block_vars(
'SELECTED' => ''
));
-foreach (get_enums(USERS_TABLE, 'status') as $status)
+foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
{
$selected = (isset($_GET['status']) and $_GET['status'] == $status) ?
'selected="selected"' : '';
@@ -432,7 +429,7 @@ foreach (get_languages() as $language_code => $language_name)
$blockname = 'pref_status_option';
-foreach (get_enums(USERS_TABLE, 'status') as $status)
+foreach (get_enums(USER_INFOS_TABLE, 'status') as $status)
{
if (isset($_POST['pref_submit']))
{
@@ -550,7 +547,7 @@ if (isset($_GET['group'])
}
if (isset($_GET['status'])
- and in_array($_GET['status'], get_enums(USERS_TABLE, 'status')))
+ and in_array($_GET['status'], get_enums(USER_INFOS_TABLE, 'status')))
{
$filter['status'] = $_GET['status'];
}
@@ -560,23 +557,27 @@ if (isset($_GET['status'])
// +-----------------------------------------------------------------------+
$query = '
-SELECT COUNT(DISTINCT(id))
- FROM '.USERS_TABLE.' LEFT JOIN '.USER_GROUP_TABLE.' ON id = user_id
- WHERE id != 2';
+SELECT COUNT(DISTINCT u.'.$conf['user_fields']['id'].')
+ FROM '.USERS_TABLE.' AS u
+ INNER JOIN '.USER_INFOS_TABLE.' AS ui
+ ON u.'.$conf['user_fields']['id'].' = ui.user_id
+ LEFT JOIN '.USER_GROUP_TABLE.' AS ug
+ ON u.'.$conf['user_fields']['id'].' = ug.user_id
+ WHERE u.'.$conf['user_fields']['id'].' != '.$conf['guest_id'];
if (isset($filter['username']))
{
$query.= '
- AND username LIKE \''.$filter['username'].'\'';
+ AND u.'.$conf['user_fields']['username'].' LIKE \''.$filter['username'].'\'';
}
if (isset($filter['group']))
{
$query.= '
- AND group_id = '.$filter['group'];
+ AND ug.group_id = '.$filter['group'];
}
if (isset($filter['status']))
{
$query.= '
- AND status = \''.$filter['status']."'";
+ AND ui.status = \''.$filter['status']."'";
}
$query.= '
;';
@@ -617,9 +618,16 @@ if (isset($_GET['direction'])
}
$query = '
-SELECT DISTINCT(id), username, mail_address, status
- FROM '.USERS_TABLE.' LEFT JOIN '.USER_GROUP_TABLE.' ON id = user_id
- WHERE id != 2';
+SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
+ u.'.$conf['user_fields']['username'].' AS username,
+ u.'.$conf['user_fields']['email'].' AS email,
+ ui.status
+ FROM '.USERS_TABLE.' AS u
+ INNER JOIN '.USER_INFOS_TABLE.' AS ui
+ ON u.'.$conf['user_fields']['id'].' = ui.user_id
+ LEFT JOIN '.USER_GROUP_TABLE.' AS ug
+ ON u.'.$conf['user_fields']['id'].' = ug.user_id
+ WHERE id != '.$conf['guest_id'];
if (isset($filter['username']))
{
$query.= '
@@ -628,12 +636,12 @@ if (isset($filter['username']))
if (isset($filter['group']))
{
$query.= '
- AND group_id = '.$filter['group'];
+ AND ug.group_id = '.$filter['group'];
}
if (isset($filter['status']))
{
$query.= '
- AND status = \''.$filter['status']."'";
+ AND ui.status = \''.$filter['status']."'";
}
$query.= '
ORDER BY '.$order_by.' '.$direction.'
@@ -687,7 +695,7 @@ SELECT user_id, group_id
'U_PERM'=>add_session_id($perm_url.$item['id']),
'USERNAME'=>$item['username'],
'STATUS'=>$lang['user_status_'.$item['status']],
- 'EMAIL'=>isset($item['mail_address']) ? $item['mail_address'] : '',
+ 'EMAIL'=>isset($item['email']) ? $item['email'] : '',
'GROUPS'=>$groups_string
));
}