From ade00c95c26eefbd60b5f9f3efc2f848a196cf3e Mon Sep 17 00:00:00 2001 From: rub Date: Fri, 10 Mar 2006 20:17:18 +0000 Subject: Step 4 improvement issue 0000301: o Correction lock categories and is_admin (functions with parameters now) o Cannot use check_status with upgrade.php and upgrade_feed.php => New function check_upgrade use in upgrade*.php (new functionality for upgrade_feed.php) o upgrade_feed.php is showed only for administrator user git-svn-id: http://piwigo.org/svn/trunk@1075 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/common.inc.php | 52 +++++++++++++++++----------------- include/functions_user.inc.php | 64 ++++++++++++++++++++++-------------------- 2 files changed, 60 insertions(+), 56 deletions(-) (limited to 'include') diff --git a/include/common.inc.php b/include/common.inc.php index e2204cc8e..19af297e6 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -2,7 +2,7 @@ // +-----------------------------------------------------------------------+ // | PhpWebGallery - a PHP based picture gallery | // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | -// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | +// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) // | file : $RCSfile$ @@ -132,31 +132,6 @@ or die ( "Could not connect to database server" ); mysql_select_db( $cfgBase ) or die ( "Could not connect to database" ); -if ($conf['check_upgrade_feed']) -{ - // retrieve already applied upgrades - $query = ' -SELECT id - FROM '.UPGRADE_TABLE.' -;'; - $applied = array_from_query($query, 'id'); - - // retrieve existing upgrades - $existing = get_available_upgrade_ids(); - - // which upgrades need to be applied? - if (count(array_diff($existing, $applied)) > 0) - { - ob_start();// buffer output so that cookies work - echo - '

' - .'Some database upgrades are missing, ' - .'upgrade now' - .'

' - ; - } -} - // // Setup gallery wide options, if this fails then we output a CRITICAL_ERROR // since basic gallery information is not available @@ -190,6 +165,31 @@ while ( $row =mysql_fetch_array( $result ) ) include(PHPWG_ROOT_PATH.'include/user.inc.php'); +if (is_admin() and $conf['check_upgrade_feed']) +{ + // retrieve already applied upgrades + $query = ' +SELECT id + FROM '.UPGRADE_TABLE.' +;'; + $applied = array_from_query($query, 'id'); + + // retrieve existing upgrades + $existing = get_available_upgrade_ids(); + + // which upgrades need to be applied? + if (count(array_diff($existing, $applied)) > 0) + { + ob_start();// buffer output so that cookies work + echo + '

' + .'Some database upgrades are missing, ' + .'upgrade now' + .'

' + ; + } +} + // language files include_once(get_language_filepath('common.lang.php')); diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index aa60ab64c..9e4a83b94 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -2,7 +2,7 @@ // +-----------------------------------------------------------------------+ // | PhpWebGallery - a PHP based picture gallery | // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | -// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | +// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net | // +-----------------------------------------------------------------------+ // | branch : BSF (Best So Far) // | file : $RCSfile$ @@ -277,6 +277,8 @@ DELETE FROM '.FAVORITES_TABLE.' */ function calculate_permissions($user_id, $user_status) { + global $user; + $private_array = array(); $authorized_array = array(); @@ -292,7 +294,7 @@ SELECT id } // if user is not an admin, locked categories can be considered as private$ - if (!is_admin()) + if (!is_admin($user_status)) { $query = ' SELECT id @@ -541,36 +543,38 @@ function log_user($user_id, $remember_me) * Test does with user status * @return bool */ -function is_autorize_status($access_type) +function is_autorize_status($access_type, $user_status = '') { global $user; + if (($user_status == '') and isset($user['status'])) + { + $user_status = $user['status']; + } + $access_type_status = ACCESS_NONE; - if (isset($user['status'])) + switch ($user_status) { - switch ($user['status']) + case 'guest': + case 'generic': { - case 'guest': - case 'generic': - { - $access_type_status = ACCESS_GUEST; - break; - } - case 'normal': - { - $access_type_status = ACCESS_CLASSIC; - break; - } - case 'admin': - { - $access_type_status = ACCESS_ADMINISTRATOR; - break; - } - case 'webmaster': - { - $access_type_status = ACCESS_WEBMASTER; - break; - } + $access_type_status = ACCESS_GUEST; + break; + } + case 'normal': + { + $access_type_status = ACCESS_CLASSIC; + break; + } + case 'admin': + { + $access_type_status = ACCESS_ADMINISTRATOR; + break; + } + case 'webmaster': + { + $access_type_status = ACCESS_WEBMASTER; + break; } } @@ -583,11 +587,11 @@ function is_autorize_status($access_type) * Test does with user status * @return none */ -function check_status($access_type) +function check_status($access_type, $user_status = '') { global $lang; - if (!is_autorize_status($access_type)) + if (!is_autorize_status($access_type, $user_status)) { echo '
'.$lang['access_forbiden'].'
'; echo ''.$lang['identification'].'
'; @@ -599,9 +603,9 @@ function check_status($access_type) * Return if current user is an administrator * @return bool */ -function is_admin() +function is_admin($user_status = '') { - return is_autorize_status(ACCESS_ADMINISTRATOR); + return is_autorize_status(ACCESS_ADMINISTRATOR, $user_status); } ?> \ No newline at end of file -- cgit v1.2.3