source: trunk/include/user.inc.php @ 808

Last change on this file since 808 was 808, checked in by plg, 19 years ago
  • new : external authentication in another users table. Previous users table is divided between users (common properties with any web application) and user_infos (phpwebgallery specific informations). External table and fields can be configured.
  • modification : profile.php is not reachable through administration anymore (not useful).
  • modification : in profile.php, current password is mandatory only if user tries to change his password. Username can't be changed.
  • deletion : of obsolete functions get_user_restrictions, update_user_restrictions, get_user_all_restrictions, is_user_allowed, update_user
  • modification : user_forbidden table becomes user_cache so that not only restriction informations can be stored in this table.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 4.3 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2005-08-08 20:52:19 +0000 (Mon, 08 Aug 2005) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 808 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// Dynamic change of language with database persistency
29//
30// FIXME : ce bout de code fait planter l'assignation d'un language a
31// plusieurs users simultanement dans la nouvelle page admin/user_list.php
32//
33// if (isset($_POST['language']))
34// {
35//   $query = "UPDATE ".USERS_TABLE." SET language = '";
36//   $query.= $_POST['language'];
37//   $query.= "' WHERE id = ".$_POST['userid'].";";
38//   pwg_query($query);
39// }
40
41// retrieving connected user informations
42if (isset($_COOKIE['id']))
43{
44  $session_id = $_COOKIE['id'];
45  $user['has_cookie'] = true;
46}
47else if (isset($_GET['id']))
48{
49  $session_id = $_GET['id'];
50  $user['has_cookie'] = false;
51}
52else
53{
54  $user['has_cookie'] = false;
55}
56
57if (isset($session_id)
58    and ereg("^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id))
59{
60  $page['session_id'] = $session_id;
61  $query = '
62SELECT user_id,expiration,NOW() AS now
63  FROM '.SESSIONS_TABLE.'
64  WHERE id = \''.$page['session_id'].'\'
65;';
66  $result = pwg_query($query);
67  if (mysql_num_rows($result) > 0)
68  {
69    $row = mysql_fetch_array($result);
70    if (strnatcmp($row['expiration'], $row['now']) < 0)
71    {
72      // deletion of the session from the database, because it is
73      // out-of-date
74      $delete_query = '
75DELETE FROM '.SESSIONS_TABLE.'
76  WHERE id = \''.$page['session_id'].'\'
77;';
78      pwg_query($delete_query);
79    }
80    else
81    {
82      $user['id'] = $row['user_id'];
83      $user['is_the_guest'] = false;
84    }
85  }
86}
87if (!isset($user['id']))
88{
89  $user['id'] = $conf['guest_id'];
90  $user['is_the_guest'] = true;
91}
92
93// using Apache authentication override the above user search
94if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
95{
96  if (!($user['id'] = get_userid($_SERVER['REMOTE_USER'])))
97  {
98    register_user($_SERVER['REMOTE_USER'], '', '');
99    $user['id'] = get_userid($_SERVER['REMOTE_USER']);
100  }
101 
102  $user['is_the_guest'] = false;
103}
104
105$use_cache = (defined('IN_ADMIN') and IN_ADMIN) ? false : true;
106$user = array_merge($user, getuserdata($user['id'], $use_cache));
107
108// properties of user guest are found in the configuration
109if ($user['is_the_guest'])
110{
111  $user['template'] = $conf['default_template'];
112  $user['nb_image_line'] = $conf['nb_image_line'];
113  $user['nb_line_page'] = $conf['nb_line_page'];
114  $user['language'] = $conf['default_language'];
115  $user['maxwidth'] = $conf['default_maxwidth'];
116  $user['maxheight'] = $conf['default_maxheight'];
117  $user['recent_period'] = $conf['recent_period'];
118  $user['expand'] = $conf['auto_expand'];
119  $user['show_nb_comments'] = $conf['show_nb_comments'];
120}
121
122// calculation of the number of picture to display per page
123$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
124?>
Note: See TracBrowser for help on using the repository browser.