diff options
-rw-r--r-- | admin/include/functions.php | 53 | ||||
-rw-r--r-- | identification.php | 8 | ||||
-rw-r--r-- | include/functions_user.inc.php | 52 | ||||
-rw-r--r-- | register.php | 11 |
4 files changed, 70 insertions, 54 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php index a1c13cd05..f40b0e52f 100644 --- a/admin/include/functions.php +++ b/admin/include/functions.php @@ -1,4 +1,3 @@ - <?php // +-----------------------------------------------------------------------+ // | PhpWebGallery - a PHP based picture gallery | @@ -187,7 +186,7 @@ DELETE FROM '.USER_ACCESS_TABLE.' '.wordwrap(implode(', ', $ids), 80, "\n").') ;'; pwg_query($query); - + $query = ' DELETE FROM '.GROUP_ACCESS_TABLE.' WHERE cat_id IN ( @@ -205,7 +204,7 @@ SELECT destination, source $result = pwg_query($query); $sources_of = array(); - + while ($row = mysql_fetch_array($result)) { if (!isset($sources_of[ $row['destination'] ])) @@ -445,7 +444,7 @@ SELECT category_id, while ($row = mysql_fetch_array($result)) { array_push($query_ids, $row['category_id']); - + array_push( $datas, array( @@ -1349,7 +1348,7 @@ SELECT id, id_uppercat function update_path() { $images_of = array(); - + $query = ' SELECT category_id, image_id FROM '.IMAGE_CATEGORY_TABLE.' @@ -1368,7 +1367,7 @@ SELECT category_id, image_id $row['image_id'] ); } - + $fulldirs = get_fulldirs( array_keys($images_of) ); @@ -1618,7 +1617,7 @@ SELECT source, destination $result = pwg_query($query); $destinations_of = array(); - + while ($row = mysql_fetch_array($result)) { if (!isset($destinations_of[ $row['source'] ])) @@ -1638,7 +1637,7 @@ SELECT source, destination { // let's suppose we only need a single turn $need_new_turn = false; - + foreach ($destinations_of as $source => $destinations) { foreach ($destinations as $destination) @@ -1655,7 +1654,7 @@ SELECT source, destination $destinations, array($source) // no cyclic link ); - + if (count($missing_destinations) > 0) { $destinations_of[$source] = array_unique( @@ -1684,7 +1683,7 @@ SELECT source, destination { $filtered_destinations_of[$category] = array(); } - + foreach ($destinations_of as $source => $destinations) { if (in_array($source, $categories)) @@ -1712,7 +1711,7 @@ function get_sources($categories = 'all') $destinations_of = get_destinations(); $sources_of = array(); - + foreach ($destinations_of as $source => $destinations) { foreach ($destinations as $destination) @@ -1725,7 +1724,7 @@ function get_sources($categories = 'all') array_push($sources_of[$destination], $source); } } - + // eventually, filter if (is_array($categories)) { @@ -1737,7 +1736,7 @@ function get_sources($categories = 'all') { $filtered_sources_of[$category] = array(); } - + foreach ($sources_of as $destination => $sources) { if (in_array($destination, $categories)) @@ -1783,7 +1782,7 @@ function check_links($destinations = 'all') $images_of[$source] = array(); } } - + $query = ' SELECT image_id, category_id FROM '.IMAGE_CATEGORY_TABLE.' @@ -1802,12 +1801,12 @@ SELECT image_id, category_id } $inserts = array(); - + foreach ($sources_of as $destination => $sources) { // merge all images from the sources of this destination $sources_images = array(); - + foreach ($sources as $source) { $sources_images = array_merge( @@ -1874,7 +1873,7 @@ SELECT image_id, category_id * associated manually to 9. * * Warning: only virtual links can be removed, physical links are protected. - * + * * @param int destination * @param array sources */ @@ -1893,7 +1892,7 @@ DELETE AND source IN ('.implode(',', $sources).') ;'; pwg_query($query); - + // The strategy is the following: // // * first we brutally delete the image/category associations on @@ -1927,7 +1926,7 @@ SELECT image_id array($destination), $destinations_of[$destination] ); - + // unlink sources images from destinations $query = ' DELETE @@ -1948,7 +1947,7 @@ SELECT id, representative_picture_id $result = pwg_query($query); $request_random = array(); - + while ($row = mysql_fetch_array($result)) { if (isset($row['representative_picture_id'])) @@ -1978,13 +1977,13 @@ SELECT id, representative_picture_id function create_virtual_category($category_name, $parent_id=null) { global $conf; - + // is the given category name only containing blank spaces ? if (preg_match('/^\s*$/', $category_name)) { return array('error' => l10n('cat_error_name')); } - + $parent_id = !empty($parent_id) ? $parent_id : 'NULL'; $query = ' @@ -1993,14 +1992,14 @@ SELECT MAX(rank) WHERE id_uppercat '.(is_numeric($parent_id) ? '= '.$parent_id : 'IS NULL').' ;'; list($current_rank) = mysql_fetch_array(pwg_query($query)); - + $insert = array( 'name' => $category_name, 'rank' => ++$current_rank, 'commentable' => $conf['newcat_default_commentable'], 'uploadable' => 'false', ); - + if ($parent_id != 'NULL') { $query = ' @@ -2012,7 +2011,7 @@ SELECT id, uppercats, global_rank, visible, status $insert{'id_uppercat'} = $parent{'id'}; $insert{'global_rank'} = $parent{'global_rank'}.'.'.$insert{'rank'}; - + // at creation, must a category be visible or not ? Warning : if the // parent category is invisible, the category is automatically create // invisible. (invisible = locked) @@ -2024,7 +2023,7 @@ SELECT id, uppercats, global_rank, visible, status { $insert{'visible'} = $conf['newcat_default_visible']; } - + // at creation, must a category be public or private ? Warning : if the // parent category is private, the category is automatically create // private. @@ -2066,7 +2065,7 @@ UPDATE WHERE id = '.$inserted_id.' ;'; pwg_query($query); - + return array( 'info' => l10n('cat_virtual_added'), 'id' => $inserted_id, diff --git a/identification.php b/identification.php index ad270bc83..a5b14b825 100644 --- a/identification.php +++ b/identification.php @@ -56,16 +56,14 @@ SELECT '.$conf['user_fields']['id'].' AS id, $row = mysql_fetch_array(pwg_query($query)); if ($row['password'] == $conf['pass_convert']($_POST['password'])) { - $session_length = $conf['session_length']; + $remember_me = false; if ($conf['authorize_remembering'] and isset($_POST['remember_me']) and $_POST['remember_me'] == 1) { - $session_length = $conf['remember_me_length']; + $remember_me = true; } - session_set_cookie_params($session_length); - session_start(); - $_SESSION['id'] = $row['id']; + log_user( $row['id'], $remember_me); redirect(empty($redirect_to) ? 'category.php' : $redirect_to); } else diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index ec4480bfd..af695718a 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -82,7 +82,7 @@ SELECT MAX('.$conf['user_fields']['id'].') + 1 FROM '.USERS_TABLE.' ;'; list($next_id) = mysql_fetch_array(pwg_query($query)); - + $insert = array( $conf['user_fields']['id'] => $next_id, @@ -93,7 +93,7 @@ SELECT MAX('.$conf['user_fields']['id'].') + 1 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); mass_inserts(USERS_TABLE, array_keys($insert), array($insert)); - + create_user_infos($next_id); } @@ -117,7 +117,7 @@ function getuserdata($user_id, $use_cache) global $conf; $userdata = array(); - + $query = ' SELECT '; $is_first = true; @@ -138,7 +138,7 @@ SELECT '; FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['id'].' = \''.$user_id.'\' ;'; - + $row = mysql_fetch_array(pwg_query($query)); while (true) @@ -159,9 +159,9 @@ SELECT ui.*, uc.* create_user_infos($user_id); } } - + $row = array_merge($row, mysql_fetch_array($result)); - + foreach ($row as $key => $value) { if (!is_numeric($key)) @@ -194,7 +194,7 @@ DELETE FROM '.USER_CACHE_TABLE.' WHERE user_id = '.$userdata['id'].' ;'; pwg_query($query); - + $query = ' INSERT INTO '.USER_CACHE_TABLE.' (user_id,need_update,forbidden_categories) @@ -307,7 +307,7 @@ SELECT id $private_array = array_unique($private_array); } - + // retrieve category ids directly authorized to the user $query = ' SELECT cat_id @@ -340,7 +340,7 @@ SELECT cat_id // where clauses such as "WHERE category_id NOT IN(-1)" will always be // true. array_push($forbidden_array, '-1'); - + return implode(',', $forbidden_array); } @@ -353,7 +353,7 @@ SELECT cat_id function get_username($user_id) { global $conf; - + $query = ' SELECT '.$conf['user_fields']['username'].' FROM '.USERS_TABLE.' @@ -368,7 +368,7 @@ SELECT '.$conf['user_fields']['username'].' { return false; } - + return $username; } @@ -433,7 +433,7 @@ SELECT COUNT(*) function create_user_infos($user_id) { global $conf; - + list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();')); $insert = @@ -479,7 +479,7 @@ SELECT name { return false; } - + return $groupname; } @@ -496,7 +496,7 @@ SELECT name function get_language_filepath($filename) { global $user, $conf; - + $directories = array( PHPWG_ROOT_PATH.'language/'.$user['language'], @@ -507,13 +507,33 @@ function get_language_filepath($filename) foreach ($directories as $directory) { $filepath = $directory.'/'.$filename; - + if (file_exists($filepath)) { return $filepath; } } - + return false; } + +/* + * Performs all required actions for user login + * @param int user_id + * @param bool remember_me + * @return void +*/ +function log_user($user_id, $remember_me) +{ + global $conf; + $session_length = $conf['session_length']; + if ($remember_me) + { + $session_length = $conf['remember_me_length']; + } + session_set_cookie_params($session_length); + session_start(); + $_SESSION['id'] = $user_id; +} + ?>
\ No newline at end of file diff --git a/register.php b/register.php index 474b8a25b..d622d9bc4 100644 --- a/register.php +++ b/register.php @@ -36,7 +36,7 @@ if (isset($_POST['submit'])) { array_push($errors, $lang['reg_err_pass']); } - + $errors = array_merge( $errors, @@ -44,13 +44,12 @@ if (isset($_POST['submit'])) $_POST['password'], $_POST['mail_address']) ); - + if (count($errors) == 0) { $user_id = get_userid($_POST['login']); - $session_id = session_create($user_id, $conf['session_length']); - $url = 'category.php?id='.$session_id; - redirect($url); + log_user( $user_id, false); + redirect('category.php'); } } @@ -76,7 +75,7 @@ $template->assign_vars(array( 'L_EMAIL' => $lang['mail_address'], 'U_HOME' => PHPWG_ROOT_PATH.'category.php', - + 'F_ACTION' => 'register.php', 'F_LOGIN' => $login, 'F_EMAIL' => $email |