diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/common.inc.php | 13 | ||||
-rw-r--r-- | include/functions_user.inc.php | 29 |
2 files changed, 18 insertions, 24 deletions
diff --git a/include/common.inc.php b/include/common.inc.php index a691f6cb5..bc24905bc 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -185,19 +185,6 @@ if ($conf['gallery_locked']) } } -if ($user['is_the_guest'] and !$conf['guest_access'] - and !in_array( script_basename(), - // Array of basename without file extention - array('identification', - 'password', - 'register' - ) - ) - ) -{ - redirect (get_absolute_root_url(false).'identification.php'); -} - if ($conf['check_upgrade_feed'] and defined('PHPWG_IN_UPGRADE') and PHPWG_IN_UPGRADE) diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index b1ddddf0f..57e609eab 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -392,8 +392,6 @@ DELETE FROM '.FAVORITES_TABLE.' */ function calculate_permissions($user_id, $user_status) { - global $user; - $private_array = array(); $authorized_array = array(); @@ -437,7 +435,7 @@ SELECT cat_id $forbidden_array = array_diff($private_array, $authorized_array); // if user is not an admin, locked categories are forbidden - if (!is_admin($user_status)) + if ( $user_status!='administrator' and $user_status!='webmaster' ) { $query = ' SELECT id @@ -981,11 +979,11 @@ SELECT '.$conf['user_fields']['id'].' AS id, * Test does with user status * @return bool */ -function get_access_type_status($user_status = '') +function get_access_type_status($user_status='') { global $user; - if (($user_status == '') and isset($user['status'])) + if ($user_status == '' and isset($user['status']) ) { $user_status = $user['status']; } @@ -1024,9 +1022,18 @@ function get_access_type_status($user_status = '') * Test does with user status * @return bool */ -function is_autorize_status($access_type, $user_status = '') +function is_autorize_status($access_type) { - return (get_access_type_status($user_status) >= $access_type); + global $user, $conf; + if ( + !isset($user) or + ($user['id']==$conf['guest_id'] and $conf['guest_access']==false) + ) + { + return ACCESS_NONE>=$access_type; + } + + return (get_access_type_status() >= $access_type); } /* @@ -1035,9 +1042,9 @@ function is_autorize_status($access_type, $user_status = '') * Test does with user status * @return none */ -function check_status($access_type, $user_status = '') +function check_status( $access_type ) { - if (!is_autorize_status($access_type, $user_status)) + if (!is_autorize_status($access_type) ) { access_denied(); } @@ -1047,9 +1054,9 @@ function check_status($access_type, $user_status = '') * Return if user is an administrator * @return bool */ -function is_admin($user_status = '') +function is_admin() { - return is_autorize_status(ACCESS_ADMINISTRATOR, $user_status); + return is_autorize_status(ACCESS_ADMINISTRATOR); } /* |