From 20ba76b753f53c00fece9cc727e60414c7e95570 Mon Sep 17 00:00:00 2001 From: rvelices Date: Thu, 22 Feb 2007 05:31:08 +0000 Subject: - change the way conf['guest_access'] is handled so that web services work correctly (and also nbm.php and feed.php) git-svn-id: http://piwigo.org/svn/trunk@1850 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions_user.inc.php | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) (limited to 'include/functions_user.inc.php') diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index b1ddddf0f..57e609eab 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -392,8 +392,6 @@ DELETE FROM '.FAVORITES_TABLE.' */ function calculate_permissions($user_id, $user_status) { - global $user; - $private_array = array(); $authorized_array = array(); @@ -437,7 +435,7 @@ SELECT cat_id $forbidden_array = array_diff($private_array, $authorized_array); // if user is not an admin, locked categories are forbidden - if (!is_admin($user_status)) + if ( $user_status!='administrator' and $user_status!='webmaster' ) { $query = ' SELECT id @@ -981,11 +979,11 @@ SELECT '.$conf['user_fields']['id'].' AS id, * Test does with user status * @return bool */ -function get_access_type_status($user_status = '') +function get_access_type_status($user_status='') { global $user; - if (($user_status == '') and isset($user['status'])) + if ($user_status == '' and isset($user['status']) ) { $user_status = $user['status']; } @@ -1024,9 +1022,18 @@ function get_access_type_status($user_status = '') * Test does with user status * @return bool */ -function is_autorize_status($access_type, $user_status = '') +function is_autorize_status($access_type) { - return (get_access_type_status($user_status) >= $access_type); + global $user, $conf; + if ( + !isset($user) or + ($user['id']==$conf['guest_id'] and $conf['guest_access']==false) + ) + { + return ACCESS_NONE>=$access_type; + } + + return (get_access_type_status() >= $access_type); } /* @@ -1035,9 +1042,9 @@ function is_autorize_status($access_type, $user_status = '') * Test does with user status * @return none */ -function check_status($access_type, $user_status = '') +function check_status( $access_type ) { - if (!is_autorize_status($access_type, $user_status)) + if (!is_autorize_status($access_type) ) { access_denied(); } @@ -1047,9 +1054,9 @@ function check_status($access_type, $user_status = '') * Return if user is an administrator * @return bool */ -function is_admin($user_status = '') +function is_admin() { - return is_autorize_status(ACCESS_ADMINISTRATOR, $user_status); + return is_autorize_status(ACCESS_ADMINISTRATOR); } /* -- cgit v1.2.3