Changeset 808 for trunk/admin/include/functions.php
- Timestamp:
- Aug 8, 2005, 10:52:19 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/include/functions.php
r764 r808 333 333 function delete_user($user_id) 334 334 { 335 global $conf; 336 335 337 // destruction of the access linked to the user 336 338 $query = ' … … 368 370 pwg_query($query); 369 371 372 // deletion of phpwebgallery specific informations 373 $query = ' 374 DELETE FROM '.USER_INFOS_TABLE.' 375 WHERE user_id = '.$user_id.' 376 ;'; 377 pwg_query($query); 378 370 379 // destruction of the user 371 380 $query = ' 372 381 DELETE FROM '.USERS_TABLE.' 373 WHERE id= '.$user_id.'382 WHERE '.$conf['user_fields']['id'].' = '.$user_id.' 374 383 ;'; 375 384 pwg_query($query); … … 551 560 552 561 return array_unique( $keywords ); 553 }554 555 /**556 * returns an array with the ids of the restricted categories for the user557 *558 * Returns an array with the ids of the restricted categories for the559 * user. If the $check_invisible parameter is set to true, invisible560 * categorie are added to the restricted one in the array.561 *562 * @param int $user_id563 * @param string $user_status564 * @param bool $check_invisible565 * @param bool $use_groups566 * @return array567 */568 function get_user_restrictions( $user_id, $user_status,569 $check_invisible, $use_groups = true )570 {571 // 1. retrieving ids of private categories572 $query = 'SELECT id FROM '.CATEGORIES_TABLE;573 $query.= " WHERE status = 'private'";574 $query.= ';';575 $result = pwg_query( $query );576 $privates = array();577 while ( $row = mysql_fetch_array( $result ) )578 {579 array_push( $privates, $row['id'] );580 }581 // 2. retrieving all authorized categories for the user582 $authorized = array();583 // 2.1. retrieving authorized categories thanks to personnal user584 // authorization585 $query = 'SELECT cat_id FROM '.USER_ACCESS_TABLE;586 $query.= ' WHERE user_id = '.$user_id;587 $query.= ';';588 $result = pwg_query( $query );589 while ( $row = mysql_fetch_array( $result ) )590 {591 array_push( $authorized, $row['cat_id'] );592 }593 // 2.2. retrieving authorized categories thanks to group authorization to594 // which the user is a member595 if ( $use_groups )596 {597 $query = 'SELECT ga.cat_id';598 $query.= ' FROM '.USER_GROUP_TABLE.' as ug';599 $query.= ', '.GROUP_ACCESS_TABLE.' as ga';600 $query.= ' WHERE ug.group_id = ga.group_id';601 $query.= ' AND ug.user_id = '.$user_id;602 $query.= ';';603 $result = pwg_query( $query );604 while ( $row = mysql_fetch_array( $result ) )605 {606 array_push( $authorized, $row['cat_id'] );607 }608 $authorized = array_unique( $authorized );609 }610 611 $forbidden = array();612 foreach ( $privates as $private ) {613 if ( !in_array( $private, $authorized ) )614 {615 array_push( $forbidden, $private );616 }617 }618 619 if ( $check_invisible )620 {621 // 3. adding to the restricted categories, the invisible ones622 if ( $user_status != 'admin' )623 {624 $query = 'SELECT id FROM '.CATEGORIES_TABLE;625 $query.= " WHERE visible = 'false';";626 $result = pwg_query( $query );627 while ( $row = mysql_fetch_array( $result ) )628 {629 array_push( $forbidden, $row['id'] );630 }631 }632 }633 return array_unique( $forbidden );634 }635 636 /**637 * updates the calculated data users.forbidden_categories, it includes638 * sub-categories of the direct forbidden categories639 *640 * @param nt $user_id641 * @return array642 */643 function update_user_restrictions( $user_id )644 {645 $restrictions = get_user_all_restrictions( $user_id );646 647 // update the users.forbidden_categories in database648 $query = 'UPDATE '.USERS_TABLE;649 $query.= ' SET forbidden_categories = ';650 if ( count( $restrictions ) > 0 )651 $query.= "'".implode( ',', $restrictions )."'";652 else653 $query.= 'NULL';654 $query .= ' WHERE id = '.$user_id;655 $query.= ';';656 pwg_query( $query );657 658 return $restrictions;659 }660 661 /**662 * returns all the restricted categories ids including sub-categories663 *664 * @param int $user_id665 * @return array666 */667 function get_user_all_restrictions( $user_id )668 {669 global $page;670 671 $query = 'SELECT status';672 $query.= ' FROM '.USERS_TABLE;673 $query.= ' WHERE id = '.$user_id;674 $query.= ';';675 $row = mysql_fetch_array( pwg_query( $query ) );676 677 $base_restrictions=get_user_restrictions($user_id,$row['status'],true,true);678 679 $restrictions = $base_restrictions;680 foreach ( $base_restrictions as $category_id ) {681 echo $category_id.' is forbidden to user '.$user_id.'<br />';682 $restrictions =683 array_merge( $restrictions,684 $page['plain_structure'][$category_id]['all_subcats_ids'] );685 }686 687 return array_unique( $restrictions );688 }689 690 // The function is_user_allowed returns :691 // - 0 : if the category is allowed with this $restrictions array692 // - 1 : if this category is not allowed693 // - 2 : if an uppercat category is not allowed694 // Note : the restrictions array must represent ONLY direct forbidden695 // categories, not all forbidden categories696 function is_user_allowed( $category_id, $restrictions )697 {698 if ( in_array( $category_id, $restrictions ) ) return 1;699 700 $query = 'SELECT uppercats';701 $query.= ' FROM '.CATEGORIES_TABLE;702 $query.= ' WHERE id = '.$category_id;703 $query.= ';';704 $row = mysql_fetch_array( pwg_query( $query ) );705 $uppercats = explode( ',', $row['uppercats'] );706 foreach ( $uppercats as $category_id ) {707 if ( in_array( $category_id, $restrictions ) ) return 2;708 }709 710 // no restriction found : the user is allowed to access this category711 return 0;712 562 } 713 563 … … 843 693 // update queries 844 694 $query = 'SELECT VERSION() AS version;'; 845 $row= mysql_fetch_array(pwg_query($query));846 if (count($datas) < 10 or version_compare($ row['version'],'4.0.4') < 0)695 list($mysql_version) = mysql_fetch_array(pwg_query($query)); 696 if (count($datas) < 10 or version_compare($mysql_version, '4.0.4') < 0) 847 697 { 848 698 // MySQL is prior to version 4.0.4, multi table update feature is not … … 1335 1185 return $t2; 1336 1186 } 1187 1188 /** 1189 * compares and synchronizes USERS_TABLE and USER_INFOS_TABLE : each user in 1190 * USERS_TABLE must be present in USER_INFOS_TABLE. 1191 */ 1192 function sync_users() 1193 { 1194 global $conf; 1195 1196 $query = ' 1197 SELECT '.$conf['user_fields']['id'].' AS id 1198 FROM '.USERS_TABLE.' 1199 ;'; 1200 $base_users = array_from_query($query, 'id'); 1201 1202 $query = ' 1203 SELECT user_id 1204 FROM '.USER_INFOS_TABLE.' 1205 ;'; 1206 $infos_users = array_from_query($query, 'user_id'); 1207 1208 // users present in $base_users and not in $infos_users must be added 1209 $to_create = array_diff($base_users, $infos_users); 1210 1211 if (count($to_create) > 0) 1212 { 1213 $inserts = array(); 1214 1215 list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();')); 1216 1217 foreach ($to_create as $user_id) 1218 { 1219 $insert = array(); 1220 $insert['user_id'] = $user_id; 1221 $insert['status'] = 'guest'; 1222 $insert['template'] = $conf['default_template']; 1223 $insert['nb_image_line'] = $conf['nb_image_line']; 1224 $insert['nb_line_page'] = $conf['nb_line_page']; 1225 $insert['language'] = $conf['default_language']; 1226 $insert['recent_period'] = $conf['recent_period']; 1227 $insert['feed_id'] = find_available_feed_id(); 1228 $insert['expand'] = boolean_to_string($conf['auto_expand']); 1229 $insert['show_nb_comments'] = 1230 boolean_to_string($conf['show_nb_comments']); 1231 $insert['maxwidth'] = $conf['default_maxwidth']; 1232 $insert['maxheight'] = $conf['default_maxheight']; 1233 $insert['registration_date'] = $dbnow; 1234 1235 array_push($inserts, $insert); 1236 } 1237 1238 mass_inserts(USER_INFOS_TABLE, 1239 array_keys($inserts[0]), 1240 $inserts); 1241 } 1242 1243 // users present in $infos_users and not in $base_users must be deleted 1244 $to_delete = array_diff($infos_users, $base_users); 1245 1246 if (count($to_delete) > 0) 1247 { 1248 $query = ' 1249 DELETE 1250 FROM '.USER_INFOS_TABLE.' 1251 WHERE user_id in ('.implode(',', $to_delete).') 1252 ;'; 1253 pwg_query($query); 1254 } 1255 } 1337 1256 ?>
Note: See TracChangeset
for help on using the changeset viewer.