diff options
author | rvelices <rv-github@modusoptimus.com> | 2007-02-22 05:31:08 +0000 |
---|---|---|
committer | rvelices <rv-github@modusoptimus.com> | 2007-02-22 05:31:08 +0000 |
commit | 20ba76b753f53c00fece9cc727e60414c7e95570 (patch) | |
tree | 7ee1505efec7140307eb2bc94905cba3b0e268d8 /include | |
parent | cea58b64ee31c3b34887845bef6761edee3c6fc7 (diff) |
- change the way conf['guest_access'] is handled so that web services work correctly (and also nbm.php and feed.php)
git-svn-id: http://piwigo.org/svn/trunk@1850 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | include/common.inc.php | 13 | ||||
-rw-r--r-- | include/functions_user.inc.php | 29 |
2 files changed, 18 insertions, 24 deletions
diff --git a/include/common.inc.php b/include/common.inc.php index a691f6cb5..bc24905bc 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -185,19 +185,6 @@ if ($conf['gallery_locked']) } } -if ($user['is_the_guest'] and !$conf['guest_access'] - and !in_array( script_basename(), - // Array of basename without file extention - array('identification', - 'password', - 'register' - ) - ) - ) -{ - redirect (get_absolute_root_url(false).'identification.php'); -} - if ($conf['check_upgrade_feed'] and defined('PHPWG_IN_UPGRADE') and PHPWG_IN_UPGRADE) diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index b1ddddf0f..57e609eab 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -392,8 +392,6 @@ DELETE FROM '.FAVORITES_TABLE.' */ function calculate_permissions($user_id, $user_status) { - global $user; - $private_array = array(); $authorized_array = array(); @@ -437,7 +435,7 @@ SELECT cat_id $forbidden_array = array_diff($private_array, $authorized_array); // if user is not an admin, locked categories are forbidden - if (!is_admin($user_status)) + if ( $user_status!='administrator' and $user_status!='webmaster' ) { $query = ' SELECT id @@ -981,11 +979,11 @@ SELECT '.$conf['user_fields']['id'].' AS id, * Test does with user status * @return bool */ -function get_access_type_status($user_status = '') +function get_access_type_status($user_status='') { global $user; - if (($user_status == '') and isset($user['status'])) + if ($user_status == '' and isset($user['status']) ) { $user_status = $user['status']; } @@ -1024,9 +1022,18 @@ function get_access_type_status($user_status = '') * Test does with user status * @return bool */ -function is_autorize_status($access_type, $user_status = '') +function is_autorize_status($access_type) { - return (get_access_type_status($user_status) >= $access_type); + global $user, $conf; + if ( + !isset($user) or + ($user['id']==$conf['guest_id'] and $conf['guest_access']==false) + ) + { + return ACCESS_NONE>=$access_type; + } + + return (get_access_type_status() >= $access_type); } /* @@ -1035,9 +1042,9 @@ function is_autorize_status($access_type, $user_status = '') * Test does with user status * @return none */ -function check_status($access_type, $user_status = '') +function check_status( $access_type ) { - if (!is_autorize_status($access_type, $user_status)) + if (!is_autorize_status($access_type) ) { access_denied(); } @@ -1047,9 +1054,9 @@ function check_status($access_type, $user_status = '') * Return if user is an administrator * @return bool */ -function is_admin($user_status = '') +function is_admin() { - return is_autorize_status(ACCESS_ADMINISTRATOR, $user_status); + return is_autorize_status(ACCESS_ADMINISTRATOR); } /* |