Changeset 1052

Timestamp:

Feb 23, 2006, 6:12:32 AM (18 years ago)

Author:

rvelices

Message:

fix: permissioning not working (2 bugs)

fix: locked gallery cannot be unlocked (impossible to login)

improvement: nicer display in redirect.tpl

improvement: when a page is not accessible because of permissions (accessed
through bookmark or email), redirect to identification.php and after
identification to the initially requested page

Location:

trunk

Files:

• identification.php (modified) (3 diffs)
• include/common.inc.php (modified) (1 diff)
• include/functions_category.inc.php (modified) (1 diff)
• include/user.inc.php (modified) (1 diff)
• language/en_UK.iso-8859-1/common.lang.php (modified) (2 diffs)
• language/fr_FR.iso-8859-1/common.lang.php (modified) (2 diffs)
• picture.php (modified) (2 diffs)
• template/yoga/identification.tpl (modified) (1 diff)
• template/yoga/redirect.tpl (modified) (1 diff)

trunk/identification.php

@@ -32 +32 @@
 //-------------------------------------------------------------- identification
 $errors = array();
+
+$redirect_to = '';
+if ( !empty($_GET['redirect']) )
+{
+  $redirect_to = $_GET['redirect'];
+  if ( $user['is_the_guest'] )
+  {
+    array_push($errors, $lang['access_forbiden']);
+  }
+}
+
 if (isset($_POST['login']))
 {
+  $redirect_to = $_POST['redirect'];
   $username = mysql_escape_string($_POST['username']);
   // retrieving the encrypted password of the login submitted
@@ -55 +67 @@
     session_start();
     $_SESSION['id'] = $row['id'];
-    redirect('category.php');
+    redirect(empty($redirect_to) ? 'category.php' : $redirect_to);
   }
   else
@@ -86 +98 @@
     'U_LOST_PASSWORD' => PHPWG_ROOT_PATH.'password.php',
     'U_HOME' => PHPWG_ROOT_PATH.'category.php',
+    'U_REDIRECT' => $redirect_to,
     
     'F_LOGIN_ACTION' => PHPWG_ROOT_PATH.'identification.php'

trunk/include/common.inc.php

@@ -201 +201 @@
 if ($conf['gallery_locked'])
 {
+  ob_start(); // make sure we can send cookies
   echo
     '<div style="text-align:center;">'
-    .$lang['gallery_locked_message']
-    .'</div>';
-
-  if ($user['status'] != 'admin')
+    .$lang['gallery_locked_message'];
+  echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">.</a>';
+  echo '</div>';
+
+  if ( basename($_SERVER["PHP_SELF"]) != 'identification.php'
+      and $user['status'] != 'admin' )
   {
     exit();

trunk/include/functions_category.inc.php

@@ -47 +47 @@
   if (in_array($category_id, explode(',', $user['forbidden_categories'])))
   {
-    echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
-    echo '<a href="./category.php">';
-    echo $lang['thumbnails'].'</a></div>';
-    exit();
+    $login_url = './identification.php?redirect='.
+                  htmlentities(htmlentities($_SERVER['REQUEST_URI']));
+    if ( ! $user['is_the_guest'] )
+    {
+      echo '<div style="text-align:center;">';
+      echo $lang['hello'].' '.$user['username'].'! ';
+      echo $lang['access_forbiden'].'<br />';
+      echo '<a href="./category.php">'.$lang['thumbnails'].'</a> ';
+      echo '</div>';
+      exit();
+    }
+    else
+    {
+      redirect($login_url);
+    }
   }
 }

trunk/include/user.inc.php

@@ -59 +59 @@
   $user['is_the_guest'] = false;
 }
-
 $user = array_merge(
   $user,
   getuserdata(
     $user['id'],
-    defined('IN_ADMIN') and IN_ADMIN ? false : true // use cache ?
+    ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
     )
   );

trunk/language/en_UK.iso-8859-1/common.lang.php

@@ -114 +114 @@
 $lang['Weekly'] = 'Weekly';
 $lang['about_page_title'] = 'About PhpWebGallery';
-$lang['access_forbiden'] = 'You are not authorized to access this page';
+$lang['access_forbiden'] = 'You are not authorized to access the requested page';
 $lang['add to caddie'] = 'add to caddie';
 $lang['add_favorites_alt'] = 'Add to favorites';
@@ -137 +137 @@
 $lang['calendar_picture_hint'] = 'displays pictures added on ';
 $lang['categories'] = 'Categories';
+$lang['click_to_redirect'] = 'Click here if your browser does not automatically forward you';
 $lang['comment date'] = 'comment date';
 $lang['comment'] = 'Comment';

trunk/language/fr_FR.iso-8859-1/common.lang.php

@@ -113 +113 @@
 $lang['Weekly'] = 'Hebdomadaire';
 $lang['about_page_title'] = 'À propos de PhpWebGallery';
-$lang['access_forbiden'] = 'Vous n\'êtes pas autorisé sur cette page';
+$lang['access_forbiden'] = 'Vous n\'êtes pas autorisé sur la page demandée';
 $lang['add to caddie'] = 'ajouter au panier';
 $lang['add_favorites_alt'] = 'Ajouter aux favoris';
@@ -136 +136 @@
 $lang['calendar_picture_hint'] = 'affiche les images du ';
 $lang['categories'] = 'Catégories';
+$lang['click_to_redirect'] = 'Cliquez ici si votre navigateur ne vous redirige pas.';
 $lang['comment date'] = 'date du commentaire';
 $lang['comment'] = 'Commentaire';

trunk/picture.php

@@ -30 +30 @@
 define('PHPWG_ROOT_PATH','./');
 include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
+
+include(PHPWG_ROOT_PATH.'include/section_init.inc.php');
 //-------------------------------------------------- access authorization check
 if (isset($page['cat']) and is_numeric($page['cat']))
@@ -36 +38 @@
 }
 //-------------------------------------------------------------- initialization
-include(PHPWG_ROOT_PATH.'include/section_init.inc.php');
-
 // if this image_id doesn't correspond to this category, an error message is
 // displayed, and execution is stopped

trunk/template/yoga/identification.tpl

@@ -24 +24 @@
   <fieldset>
     <legend>{lang:Connection settings}</legend>
-
+     <input type="hidden" name="redirect" value="{U_REDIRECT}">
     <ul>
       <li> 

trunk/template/yoga/redirect.tpl

@@ -1 @@
-redirection<br/>
-<a href="{U_REFRESH}">{U_REFRESH}</a>
+<p>Redirection...</p>
+<p><a href="{U_REFRESH}">{lang:click_to_redirect}</a></p>