aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/include/functions.php53
-rw-r--r--identification.php8
-rw-r--r--include/functions_user.inc.php52
-rw-r--r--register.php11
4 files changed, 70 insertions, 54 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php
index a1c13cd05..f40b0e52f 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -1,4 +1,3 @@
-
<?php
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
@@ -187,7 +186,7 @@ DELETE FROM '.USER_ACCESS_TABLE.'
'.wordwrap(implode(', ', $ids), 80, "\n").')
;';
pwg_query($query);
-
+
$query = '
DELETE FROM '.GROUP_ACCESS_TABLE.'
WHERE cat_id IN (
@@ -205,7 +204,7 @@ SELECT destination, source
$result = pwg_query($query);
$sources_of = array();
-
+
while ($row = mysql_fetch_array($result))
{
if (!isset($sources_of[ $row['destination'] ]))
@@ -445,7 +444,7 @@ SELECT category_id,
while ($row = mysql_fetch_array($result))
{
array_push($query_ids, $row['category_id']);
-
+
array_push(
$datas,
array(
@@ -1349,7 +1348,7 @@ SELECT id, id_uppercat
function update_path()
{
$images_of = array();
-
+
$query = '
SELECT category_id, image_id
FROM '.IMAGE_CATEGORY_TABLE.'
@@ -1368,7 +1367,7 @@ SELECT category_id, image_id
$row['image_id']
);
}
-
+
$fulldirs = get_fulldirs(
array_keys($images_of)
);
@@ -1618,7 +1617,7 @@ SELECT source, destination
$result = pwg_query($query);
$destinations_of = array();
-
+
while ($row = mysql_fetch_array($result))
{
if (!isset($destinations_of[ $row['source'] ]))
@@ -1638,7 +1637,7 @@ SELECT source, destination
{
// let's suppose we only need a single turn
$need_new_turn = false;
-
+
foreach ($destinations_of as $source => $destinations)
{
foreach ($destinations as $destination)
@@ -1655,7 +1654,7 @@ SELECT source, destination
$destinations,
array($source) // no cyclic link
);
-
+
if (count($missing_destinations) > 0)
{
$destinations_of[$source] = array_unique(
@@ -1684,7 +1683,7 @@ SELECT source, destination
{
$filtered_destinations_of[$category] = array();
}
-
+
foreach ($destinations_of as $source => $destinations)
{
if (in_array($source, $categories))
@@ -1712,7 +1711,7 @@ function get_sources($categories = 'all')
$destinations_of = get_destinations();
$sources_of = array();
-
+
foreach ($destinations_of as $source => $destinations)
{
foreach ($destinations as $destination)
@@ -1725,7 +1724,7 @@ function get_sources($categories = 'all')
array_push($sources_of[$destination], $source);
}
}
-
+
// eventually, filter
if (is_array($categories))
{
@@ -1737,7 +1736,7 @@ function get_sources($categories = 'all')
{
$filtered_sources_of[$category] = array();
}
-
+
foreach ($sources_of as $destination => $sources)
{
if (in_array($destination, $categories))
@@ -1783,7 +1782,7 @@ function check_links($destinations = 'all')
$images_of[$source] = array();
}
}
-
+
$query = '
SELECT image_id, category_id
FROM '.IMAGE_CATEGORY_TABLE.'
@@ -1802,12 +1801,12 @@ SELECT image_id, category_id
}
$inserts = array();
-
+
foreach ($sources_of as $destination => $sources)
{
// merge all images from the sources of this destination
$sources_images = array();
-
+
foreach ($sources as $source)
{
$sources_images = array_merge(
@@ -1874,7 +1873,7 @@ SELECT image_id, category_id
* associated manually to 9.
*
* Warning: only virtual links can be removed, physical links are protected.
- *
+ *
* @param int destination
* @param array sources
*/
@@ -1893,7 +1892,7 @@ DELETE
AND source IN ('.implode(',', $sources).')
;';
pwg_query($query);
-
+
// The strategy is the following:
//
// * first we brutally delete the image/category associations on
@@ -1927,7 +1926,7 @@ SELECT image_id
array($destination),
$destinations_of[$destination]
);
-
+
// unlink sources images from destinations
$query = '
DELETE
@@ -1948,7 +1947,7 @@ SELECT id, representative_picture_id
$result = pwg_query($query);
$request_random = array();
-
+
while ($row = mysql_fetch_array($result))
{
if (isset($row['representative_picture_id']))
@@ -1978,13 +1977,13 @@ SELECT id, representative_picture_id
function create_virtual_category($category_name, $parent_id=null)
{
global $conf;
-
+
// is the given category name only containing blank spaces ?
if (preg_match('/^\s*$/', $category_name))
{
return array('error' => l10n('cat_error_name'));
}
-
+
$parent_id = !empty($parent_id) ? $parent_id : 'NULL';
$query = '
@@ -1993,14 +1992,14 @@ SELECT MAX(rank)
WHERE id_uppercat '.(is_numeric($parent_id) ? '= '.$parent_id : 'IS NULL').'
;';
list($current_rank) = mysql_fetch_array(pwg_query($query));
-
+
$insert = array(
'name' => $category_name,
'rank' => ++$current_rank,
'commentable' => $conf['newcat_default_commentable'],
'uploadable' => 'false',
);
-
+
if ($parent_id != 'NULL')
{
$query = '
@@ -2012,7 +2011,7 @@ SELECT id, uppercats, global_rank, visible, status
$insert{'id_uppercat'} = $parent{'id'};
$insert{'global_rank'} = $parent{'global_rank'}.'.'.$insert{'rank'};
-
+
// at creation, must a category be visible or not ? Warning : if the
// parent category is invisible, the category is automatically create
// invisible. (invisible = locked)
@@ -2024,7 +2023,7 @@ SELECT id, uppercats, global_rank, visible, status
{
$insert{'visible'} = $conf['newcat_default_visible'];
}
-
+
// at creation, must a category be public or private ? Warning : if the
// parent category is private, the category is automatically create
// private.
@@ -2066,7 +2065,7 @@ UPDATE
WHERE id = '.$inserted_id.'
;';
pwg_query($query);
-
+
return array(
'info' => l10n('cat_virtual_added'),
'id' => $inserted_id,
diff --git a/identification.php b/identification.php
index ad270bc83..a5b14b825 100644
--- a/identification.php
+++ b/identification.php
@@ -56,16 +56,14 @@ SELECT '.$conf['user_fields']['id'].' AS id,
$row = mysql_fetch_array(pwg_query($query));
if ($row['password'] == $conf['pass_convert']($_POST['password']))
{
- $session_length = $conf['session_length'];
+ $remember_me = false;
if ($conf['authorize_remembering']
and isset($_POST['remember_me'])
and $_POST['remember_me'] == 1)
{
- $session_length = $conf['remember_me_length'];
+ $remember_me = true;
}
- session_set_cookie_params($session_length);
- session_start();
- $_SESSION['id'] = $row['id'];
+ log_user( $row['id'], $remember_me);
redirect(empty($redirect_to) ? 'category.php' : $redirect_to);
}
else
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index ec4480bfd..af695718a 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -82,7 +82,7 @@ SELECT MAX('.$conf['user_fields']['id'].') + 1
FROM '.USERS_TABLE.'
;';
list($next_id) = mysql_fetch_array(pwg_query($query));
-
+
$insert =
array(
$conf['user_fields']['id'] => $next_id,
@@ -93,7 +93,7 @@ SELECT MAX('.$conf['user_fields']['id'].') + 1
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
mass_inserts(USERS_TABLE, array_keys($insert), array($insert));
-
+
create_user_infos($next_id);
}
@@ -117,7 +117,7 @@ function getuserdata($user_id, $use_cache)
global $conf;
$userdata = array();
-
+
$query = '
SELECT ';
$is_first = true;
@@ -138,7 +138,7 @@ SELECT ';
FROM '.USERS_TABLE.'
WHERE '.$conf['user_fields']['id'].' = \''.$user_id.'\'
;';
-
+
$row = mysql_fetch_array(pwg_query($query));
while (true)
@@ -159,9 +159,9 @@ SELECT ui.*, uc.*
create_user_infos($user_id);
}
}
-
+
$row = array_merge($row, mysql_fetch_array($result));
-
+
foreach ($row as $key => $value)
{
if (!is_numeric($key))
@@ -194,7 +194,7 @@ DELETE FROM '.USER_CACHE_TABLE.'
WHERE user_id = '.$userdata['id'].'
;';
pwg_query($query);
-
+
$query = '
INSERT INTO '.USER_CACHE_TABLE.'
(user_id,need_update,forbidden_categories)
@@ -307,7 +307,7 @@ SELECT id
$private_array = array_unique($private_array);
}
-
+
// retrieve category ids directly authorized to the user
$query = '
SELECT cat_id
@@ -340,7 +340,7 @@ SELECT cat_id
// where clauses such as "WHERE category_id NOT IN(-1)" will always be
// true.
array_push($forbidden_array, '-1');
-
+
return implode(',', $forbidden_array);
}
@@ -353,7 +353,7 @@ SELECT cat_id
function get_username($user_id)
{
global $conf;
-
+
$query = '
SELECT '.$conf['user_fields']['username'].'
FROM '.USERS_TABLE.'
@@ -368,7 +368,7 @@ SELECT '.$conf['user_fields']['username'].'
{
return false;
}
-
+
return $username;
}
@@ -433,7 +433,7 @@ SELECT COUNT(*)
function create_user_infos($user_id)
{
global $conf;
-
+
list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
$insert =
@@ -479,7 +479,7 @@ SELECT name
{
return false;
}
-
+
return $groupname;
}
@@ -496,7 +496,7 @@ SELECT name
function get_language_filepath($filename)
{
global $user, $conf;
-
+
$directories =
array(
PHPWG_ROOT_PATH.'language/'.$user['language'],
@@ -507,13 +507,33 @@ function get_language_filepath($filename)
foreach ($directories as $directory)
{
$filepath = $directory.'/'.$filename;
-
+
if (file_exists($filepath))
{
return $filepath;
}
}
-
+
return false;
}
+
+/*
+ * Performs all required actions for user login
+ * @param int user_id
+ * @param bool remember_me
+ * @return void
+*/
+function log_user($user_id, $remember_me)
+{
+ global $conf;
+ $session_length = $conf['session_length'];
+ if ($remember_me)
+ {
+ $session_length = $conf['remember_me_length'];
+ }
+ session_set_cookie_params($session_length);
+ session_start();
+ $_SESSION['id'] = $user_id;
+}
+
?> \ No newline at end of file
diff --git a/register.php b/register.php
index 474b8a25b..d622d9bc4 100644
--- a/register.php
+++ b/register.php
@@ -36,7 +36,7 @@ if (isset($_POST['submit']))
{
array_push($errors, $lang['reg_err_pass']);
}
-
+
$errors =
array_merge(
$errors,
@@ -44,13 +44,12 @@ if (isset($_POST['submit']))
$_POST['password'],
$_POST['mail_address'])
);
-
+
if (count($errors) == 0)
{
$user_id = get_userid($_POST['login']);
- $session_id = session_create($user_id, $conf['session_length']);
- $url = 'category.php?id='.$session_id;
- redirect($url);
+ log_user( $user_id, false);
+ redirect('category.php');
}
}
@@ -76,7 +75,7 @@ $template->assign_vars(array(
'L_EMAIL' => $lang['mail_address'],
'U_HOME' => PHPWG_ROOT_PATH.'category.php',
-
+
'F_ACTION' => 'register.php',
'F_LOGIN' => $login,
'F_EMAIL' => $email