diff options
author | plegall <plg@piwigo.org> | 2005-08-08 20:52:19 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2005-08-08 20:52:19 +0000 |
commit | 273884a65274e2688df1b2d3dc37103a46117772 (patch) | |
tree | 6d0756672c6b415c38abea4c8ea831cdeb3673fb /include/user.inc.php | |
parent | 8b97a8154ebb024c1c2610d82646e48b913721bc (diff) |
- new : external authentication in another users table. Previous users table
is divided between users (common properties with any web application) and
user_infos (phpwebgallery specific informations). External table and
fields can be configured.
- modification : profile.php is not reachable through administration anymore
(not useful).
- modification : in profile.php, current password is mandatory only if user
tries to change his password. Username can't be changed.
- deletion : of obsolete functions get_user_restrictions,
update_user_restrictions, get_user_all_restrictions, is_user_allowed,
update_user
- modification : $user['forbidden_categories'] equals at least "-1" so that
category_id NOT IN ($user['forbidden_categories']) can always be used.
- modification : user_forbidden table becomes user_cache so that not only
restriction informations can be stored in this table.
git-svn-id: http://piwigo.org/svn/trunk@808 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/user.inc.php')
-rw-r--r-- | include/user.inc.php | 116 |
1 files changed, 7 insertions, 109 deletions
diff --git a/include/user.inc.php b/include/user.inc.php index 56b36039c..4c3e0fb6a 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -38,7 +38,6 @@ // pwg_query($query); // } - // retrieving connected user informations if (isset($_COOKIE['id'])) { @@ -87,65 +86,24 @@ DELETE FROM '.SESSIONS_TABLE.' } if (!isset($user['id'])) { - $user['id'] = 2; + $user['id'] = $conf['guest_id']; $user['is_the_guest'] = true; } // using Apache authentication override the above user search if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) { - $query = ' -SELECT id - FROM '.USERS_TABLE.' - WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\' -;'; - $result = pwg_query($query); - - if (mysql_num_rows($result) == 0) + if (!($user['id'] = get_userid($_SERVER['REMOTE_USER']))) { - register_user($_SERVER['REMOTE_USER'], '', '', ''); - - $query = ' -SELECT id - FROM '.USERS_TABLE.' - WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\' -;'; - list($user['id']) = mysql_fetch_row(pwg_query($query)); + register_user($_SERVER['REMOTE_USER'], '', ''); + $user['id'] = get_userid($_SERVER['REMOTE_USER']); } - else - { - list($user['id']) = mysql_fetch_row($result); - } - + $user['is_the_guest'] = false; } -$query = ' -SELECT u.*, uf.* - FROM '.USERS_TABLE.' AS u LEFT JOIN '.USER_FORBIDDEN_TABLE.' AS uf - ON id = user_id - WHERE u.id = '.$user['id'].' -;'; -$row = mysql_fetch_array(pwg_query($query)); - -// affectation of each value retrieved in the users table into a variable of -// the array $user. -foreach ($row as $key => $value) -{ - if (!is_numeric($key)) - { - // If the field is true or false, the variable is transformed into a - // boolean value. - if ($value == 'true' or $value == 'false') - { - $user[$key] = get_boolean($value); - } - else - { - $user[$key] = $value; - } - } -} +$use_cache = (defined('IN_ADMIN') and IN_ADMIN) ? false : true; +$user = array_merge($user, getuserdata($user['id'], $use_cache)); // properties of user guest are found in the configuration if ($user['is_the_guest']) @@ -161,66 +119,6 @@ if ($user['is_the_guest']) $user['show_nb_comments'] = $conf['show_nb_comments']; } -// if no information were found about user in user_forbidden table OR the -// forbidden categories must be updated : only if current user is in public -// part -if (!defined('IN_ADMIN') or !IN_ADMIN) -{ - if (!isset($user['need_update']) - or !is_bool($user['need_update']) - or $user['need_update'] == true) - { - $user['forbidden_categories'] = calculate_permissions($user['id'], - $user['status']); - } -} - -// forbidden_categories is a must be empty, at least -if (!isset($user['forbidden_categories'])) -{ - $user['forbidden_categories'] = ''; -} - -// special for $user['restrictions'] array -$user['restrictions'] = explode(',', $user['forbidden_categories']); -if ($user['restrictions'][0] == '') -{ - $user['restrictions'] = array(); -} - // calculation of the number of picture to display per page $user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page']; - -if (empty($user['language']) - or !file_exists(PHPWG_ROOT_PATH.'language/'. - $user['language'].'/common.lang.php')) -{ - $user['language'] = $conf['default_language']; -} -include_once(PHPWG_ROOT_PATH.'language/'.$user['language'].'/common.lang.php'); - -// displaying the username in the language of the connected user, instead of -// "guest" as you can find in the database -if ($user['is_the_guest']) -{ - $user['username'] = $lang['guest']; -} - -// only if we are in the administration section -if (defined('IN_ADMIN') and IN_ADMIN) -{ - $langdir = PHPWG_ROOT_PATH.'language/'.$user['language']; - if (!file_exists($langdir.'/admin.lang.php')) - { - $langdir = PHPWG_ROOT_PATH.'language/'.$conf['default_language']; - } - include_once($langdir.'/admin.lang.php'); - include_once($langdir.'/faq.lang.php'); -} - -if (empty($user['template'])) -{ - $user['template'] = $conf['default_template']; -} -$template = setup_style($user['template']); ?> |