diff options
author | rvelices <rv-github@modusoptimus.com> | 2006-02-23 05:12:32 +0000 |
---|---|---|
committer | rvelices <rv-github@modusoptimus.com> | 2006-02-23 05:12:32 +0000 |
commit | 347d2e34b3972ec1d0022b831dd5a1fe13adbaa5 (patch) | |
tree | 92cd6cd3e49c50337de07c175c2d9d71291a74f0 /include | |
parent | 34538a62f4ac8bc6db41580058fdd040abaa3183 (diff) |
fix: permissioning not working (2 bugs)
fix: locked gallery cannot be unlocked (impossible to login)
improvement: nicer display in redirect.tpl
improvement: when a page is not accessible because of permissions (accessed
through bookmark or email), redirect to identification.php and after
identification to the initially requested page
git-svn-id: http://piwigo.org/svn/trunk@1052 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | include/common.inc.php | 9 | ||||
-rw-r--r-- | include/functions_category.inc.php | 19 | ||||
-rw-r--r-- | include/user.inc.php | 3 |
3 files changed, 22 insertions, 9 deletions
diff --git a/include/common.inc.php b/include/common.inc.php index b89258df1..e0c564033 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -200,12 +200,15 @@ if (defined('IN_ADMIN') and IN_ADMIN) if ($conf['gallery_locked']) { + ob_start(); // make sure we can send cookies echo '<div style="text-align:center;">' - .$lang['gallery_locked_message'] - .'</div>'; + .$lang['gallery_locked_message']; + echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">.</a>'; + echo '</div>'; - if ($user['status'] != 'admin') + if ( basename($_SERVER["PHP_SELF"]) != 'identification.php' + and $user['status'] != 'admin' ) { exit(); } diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index b3abce892..f7c5b926b 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -46,10 +46,21 @@ function check_restrictions($category_id) if (in_array($category_id, explode(',', $user['forbidden_categories']))) { - echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />'; - echo '<a href="./category.php">'; - echo $lang['thumbnails'].'</a></div>'; - exit(); + $login_url = './identification.php?redirect='. + htmlentities(htmlentities($_SERVER['REQUEST_URI'])); + if ( ! $user['is_the_guest'] ) + { + echo '<div style="text-align:center;">'; + echo $lang['hello'].' '.$user['username'].'! '; + echo $lang['access_forbiden'].'<br />'; + echo '<a href="./category.php">'.$lang['thumbnails'].'</a> '; + echo '</div>'; + exit(); + } + else + { + redirect($login_url); + } } } diff --git a/include/user.inc.php b/include/user.inc.php index c22f4b369..4b3dd13e8 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -58,12 +58,11 @@ if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) $user['is_the_guest'] = false; } - $user = array_merge( $user, getuserdata( $user['id'], - defined('IN_ADMIN') and IN_ADMIN ? false : true // use cache ? + ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ? ) ); |