Context Navigation

← Previous Changeset
Next Changeset →

Changeset 9557

Timestamp:

03/06/11 13:59:34 (2 years ago)

Author:

flop25

Message:

activation phase without include and global var
a guest can't be logged as 16 or 18 if the admin don't want (no acces to charte.php)
a guest can't access to charte_user.php and a user can't access to charte.php

Location:

extensions/adult_content

Files:

: 3 modified

charte.php (modified) (1 diff)
charte_user.php (modified) (5 diffs)
maintain.inc.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

extensions/adult_content/charte.php

r3331	r9557
2	2	define('PHPWG_ROOT_PATH','../../');
3	3	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
	4	$conf_ad_c = explode("," , $conf['ad_c_plugin']);
	5	if ( !is_a_guest() or $conf_ad_c[0]!='true')
	6	{
	7	redirect(make_index_url());
	8	}
	9
4	10
5	11	$adult_content = get_plugin_data('adult_content');

extensions/adult_content/charte_user.php

r9530	r9557
3	3	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
4	4	$adult_content = get_plugin_data('adult_content');
5
	5	if ( is_a_guest() )
	6	{
	7	redirect(make_index_url());
	8	}
6	9	if (!isset( $_POST['groupe'] ))
7	10	{
…	…
17	20	));
18	21
19		if (isset($_GET['etat']) and $_GET['etat'] == 'not_defined')
	22	if (isset($_GET['etat']) and $_GET['etat'] == 'not_defined' and !is_a_guest() )
20	23	{
21	24	$template->assign(
…	…
27	30	);
28	31	}
29		elseif (isset($_GET['etat']) and $_GET['etat'] == 'defined')
	32	elseif (isset($_GET['etat']) and $_GET['etat'] == 'defined' and !is_a_guest() )
30	33	{
31	34	$query = '
…	…
39	42	;';
40	43	$data_group_n = mysql_fetch_array(pwg_query($query));
41		if ($data_group_n['name'] == '+18')
42		{
43		$statut = $lang['ac_statut'].$lang['ac_user_text_18'];
44		}
45		if ($data_group_n['name'] == '16-17')
46		{
47		$statut = $lang['ac_statut'].$lang['ac_user_text_16'];
48		}
49		if ($data_group_n['name'] == 'nothing')
50		{
51		$statut = $lang['ac_user_no'];
52		}
	44	if ($data_group_n['name'] == '+18')
	45	{
	46	$statut = $lang['ac_statut'].$lang['ac_user_text_18'];
	47	}
	48	if ($data_group_n['name'] == '16-17')
	49	{
	50	$statut = $lang['ac_statut'].$lang['ac_user_text_16'];
	51	}
	52	if ($data_group_n['name'] == 'nothing')
	53	{
	54	$statut = $lang['ac_user_no'];
	55	}
53	56
54	57	$main = '<p>'.$statut.'</p>'
…	…
64	67	else
65	68	{
66		~~die('Hacking attempt!'~~);
	69	redirect(make_index_url());
67	70	}
68	71

extensions/adult_content/maintain.inc.php

r9530	r9557
55	55	function plugin_activate()
56	56	{
57		global $conf;
58		include_once(PHPWG_ROOT_PATH.'include/functions_user.inc.php');
59		///user exist ?///
60		$query = '
61		SELECT COUNT(*) AS result FROM '.USERS_TABLE.'
62		WHERE username IN (\'18\')
63		;';
64		$data_user = mysql_fetch_array(pwg_query($query));
65		$exist = $data_user['result'];
66		if ( $exist == 0 )
67		{
68		register_user('18', 'adult_content', '');
69		}
70
71		$query = '
72		SELECT COUNT(*) AS result FROM '.USERS_TABLE.'
73		WHERE username IN (\'16\')
74		;';
75		$data_user = mysql_fetch_array(pwg_query($query));
76		$exist = $data_user['result'];
77		if ( $exist == 0 )
78		{
79		register_user('16', 'adult_content', '');
80		}
81		///group exist ?///
82		$query = '
83		SELECT COUNT(*) AS result FROM '.GROUPS_TABLE.'
84		WHERE name IN (\'+18\')
85		;';
86		$data_user = mysql_fetch_array(pwg_query($query));
87		$exist = $data_user['result'];
88		if ( $exist == 0 )
89		{
90		$query = '
91		INSERT INTO '.GROUPS_TABLE.'
92		(name)
93		VALUES
94		(\'+18\')
95		;';
96		pwg_query($query);
97		////////////placer dans group 18////////////
98		$result = pwg_query('SELECT id FROM '.GROUPS_TABLE.' WHERE name IN (\'+18\') ;');
99		$data_group = mysql_fetch_array($result);
100		pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('18').'\', \''.$data_group['id'].'\' )' );
101		}
102
103		$query = '
104		SELECT COUNT(*) AS result FROM '.GROUPS_TABLE.'
105		WHERE name IN (\'16-17\')
106		;';
107		$data_user = mysql_fetch_array(pwg_query($query));
108		$exist = $data_user['result'];
109		if ( $exist == 0 )
110		{
111		$query = '
112		INSERT INTO '.GROUPS_TABLE.'
113		(name)
114		VALUES
115		(\'16-17\')
116		;';
117		pwg_query($query);
	57	///user exist ?///
	58	$query = '
	59	SELECT COUNT(*) AS result FROM '.USERS_TABLE.'
	60	WHERE username IN (\'18\')
	61	;';
	62	$data_user = mysql_fetch_array(pwg_query($query));
	63	$exist = $data_user['result'];
	64	if ( $exist == 0 )
	65	{
	66	register_user('18', 'adult_content', '');
	67	}
	68
	69	$query = '
	70	SELECT COUNT(*) AS result FROM '.USERS_TABLE.'
	71	WHERE username IN (\'16\')
	72	;';
	73	$data_user = mysql_fetch_array(pwg_query($query));
	74	$exist = $data_user['result'];
	75	if ( $exist == 0 )
	76	{
	77	register_user('16', 'adult_content', '');
	78	}
	79	///group exist ?///
	80	$query = '
	81	SELECT COUNT(*) AS result FROM '.GROUPS_TABLE.'
	82	WHERE name IN (\'+18\')
	83	;';
	84	$data_user = mysql_fetch_array(pwg_query($query));
	85	$exist = $data_user['result'];
	86	if ( $exist == 0 )
	87	{
	88	$query = 'INSERT INTO '.GROUPS_TABLE.'
	89	(name)
	90	VALUES
	91	(\'+18\')
	92	;';
	93	pwg_query($query);
	94	////////////placer dans group 18////////////
	95	$result = pwg_query('SELECT id FROM '.GROUPS_TABLE.' WHERE name IN (\'+18\') ;');
	96	$data_group = mysql_fetch_array($result);
	97	pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('18').'\', \''.$data_group['id'].'\' )' );
	98	}
	99
	100	$query = '
	101	SELECT COUNT(*) AS result FROM '.GROUPS_TABLE.'
	102	WHERE name IN (\'16-17\')
	103	;';
	104	$data_user = mysql_fetch_array(pwg_query($query));
	105	$exist = $data_user['result'];
	106	if ( $exist == 0 )
	107	{
	108	$query = '
	109	INSERT INTO '.GROUPS_TABLE.'
	110	(name)
	111	VALUES
	112	(\'16-17\')
	113	;';
	114	pwg_query($query);
118	115	////////////placer dans group 16////////////
119		$result = pwg_query('SELECT id FROM '.GROUPS_TABLE.' WHERE name IN (\'16-17\') ;');
120		$data_group = mysql_fetch_array($result);
121		pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('16').'\', \''.$data_group['id'].'\' )' );
122
123		}
124		//grp nothing
125		$query = '
126		SELECT COUNT(*) AS result FROM '.GROUPS_TABLE.'
127		WHERE name IN (\'nothing\')
128		;';
129		$data_user = mysql_fetch_array(pwg_query($query));
130		$exist = $data_user['result'];
131		if ( $exist == 0 )
132		{
133		$query = '
134		INSERT INTO '.GROUPS_TABLE.'
135		(name)
136		VALUES
137		(\'nothing\')
138		;';
139		pwg_query($query);
140		}
141
142		///assoc user/group exist ?///
143
144		$n_query = '
145		SELECT id FROM '.GROUPS_TABLE.'
146		WHERE name IN (\'16-17\')
147		;';
148		$data_group = mysql_fetch_array(pwg_query($n_query));
149		$query = '
150		SELECT COUNT(*) AS result FROM '.USER_GROUP_TABLE.'
151		WHERE group_id IN (\''.$data_group['id'].'\') AND user_id IN (\''.get_userid('16').'\')
152		;';
153		$data_user_group = mysql_fetch_array(pwg_query($query));
154		$exist = $data_user_group['result'];
155		if ( $exist == 0 )
156		{
157		pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('16').'\', \''.$data_group['id'].'\' )' );
158		}
159		$n_query = '
160		SELECT id FROM '.GROUPS_TABLE.'
161		WHERE name IN (\'+18\')
162		;';
163		$data_group = mysql_fetch_array(pwg_query($n_query));
164		$query = '
165		SELECT COUNT(*) AS result FROM '.USER_GROUP_TABLE.'
166		WHERE group_id IN (\''.$data_group['id'].'\') AND user_id IN (\''.get_userid('18').'\')
167		;';
168		$data_user_group = mysql_fetch_array(pwg_query($query));
169		$exist = $data_user_group['result'];
170		if ( $exist == 0 )
171		{
172		pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('18').'\', \''.$data_group['id'].'\' )' );
173		}
174
175		////////////mis en generic////////////
176		$query = '
177		UPDATE '.USER_INFOS_TABLE.'
178		SET status=\'generic\'
179		WHERE user_id IN (\''.get_userid('16').'\')
180		;';
	116	$result = pwg_query('SELECT id FROM '.GROUPS_TABLE.' WHERE name IN (\'16-17\') ;');
	117	$data_group = mysql_fetch_array($result);
	118	pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('16').'\', \''.$data_group['id'].'\' )' );
	119
	120	}
	121	//grp nothing
	122	$query = '
	123	SELECT COUNT(*) AS result FROM '.GROUPS_TABLE.'
	124	WHERE name IN (\'nothing\')
	125	;';
	126	$data_user = mysql_fetch_array(pwg_query($query));
	127	$exist = $data_user['result'];
	128	if ( $exist == 0 )
	129	{
	130	$query = '
	131	INSERT INTO '.GROUPS_TABLE.'
	132	(name)
	133	VALUES
	134	(\'nothing\')
	135	;';
	136	pwg_query($query);
	137	}
	138
	139	///assoc user/group exist ?///
	140
	141	$n_query = '
	142	SELECT id FROM '.GROUPS_TABLE.'
	143	WHERE name IN (\'16-17\')
	144	;';
	145	$data_group = mysql_fetch_array(pwg_query($n_query));
	146	$query = '
	147	SELECT COUNT(*) AS result FROM '.USER_GROUP_TABLE.'
	148	WHERE group_id IN (\''.$data_group['id'].'\') AND user_id IN (\''.get_userid('16').'\')
	149	;';
	150	$data_user_group = mysql_fetch_array(pwg_query($query));
	151	$exist = $data_user_group['result'];
	152	if ( $exist == 0 )
	153	{
	154	pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('16').'\', \''.$data_group['id'].'\' )' );
	155	}
	156	$n_query = '
	157	SELECT id FROM '.GROUPS_TABLE.'
	158	WHERE name IN (\'+18\')
	159	;';
	160	$data_group = mysql_fetch_array(pwg_query($n_query));
	161	$query = '
	162	SELECT COUNT(*) AS result FROM '.USER_GROUP_TABLE.'
	163	WHERE group_id IN (\''.$data_group['id'].'\') AND user_id IN (\''.get_userid('18').'\')
	164	;';
	165	$data_user_group = mysql_fetch_array(pwg_query($query));
	166	$exist = $data_user_group['result'];
	167	if ( $exist == 0 )
	168	{
	169	pwg_query('INSERT INTO '.USER_GROUP_TABLE.' VALUES(\''.get_userid('18').'\', \''.$data_group['id'].'\' )' );
	170	}
	171
	172	////////////mis en generic////////////
	173	$query = '
	174	UPDATE '.USER_INFOS_TABLE.'
	175	SET status=\'generic\'
	176	WHERE user_id IN (\''.get_userid('16').'\')
	177	;';
181	178	pwg_query($query);
182	179
183	180	$query = '
184		UPDATE '.USER_INFOS_TABLE.'
185		SET status=\'generic\'
186		WHERE user_id IN (\''.get_userid('18').'\')
187		;';
	181	UPDATE '.USER_INFOS_TABLE.'
	182	SET status=\'generic\'
	183	WHERE user_id IN (\''.get_userid('18').'\')
	184	;';
188	185	pwg_query($query);
189
190		//////////// Check Config
191		$query = '
192		SELECT COUNT(*) AS result FROM '.CONFIG_TABLE.'
193		WHERE param IN (\'ad_c_plugin\')
194		;';
195		$data_table = mysql_fetch_array(pwg_query($query));
196		$exist = $data_table['result'];
197		if ( $exist == 0 )
198		{
199		$q = '
200		INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment)
	186
	187	//////////// Check Config
	188	$query = '
	189	SELECT COUNT(*) AS result FROM '.CONFIG_TABLE.'
	190	WHERE param IN (\'ad_c_plugin\')
	191	;';
	192	$data_table = mysql_fetch_array(pwg_query($query));
	193	$exist = $data_table['result'];
	194	if ( $exist == 0 )
	195	{
	196	$q = '
	197	INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment)
201	198	VALUES
202	199	("ad_c_plugin" , "true,false" , "Plugin adult_content : menublock_for_guest, block_on_index");';
203		pwg_query($q);
204		}
205		else {
206		$query = '
207		SELECT value FROM '.CONFIG_TABLE.'
208		WHERE param IN (\'ad_c_plugin\')
209		;';
210		$data_conf = mysql_fetch_array(pwg_query($query));
211		$conf=explode(',', $data_conf['value']);
212		$nbr=count($conf);
213
214		if ($nbr!=2)
215		{
216		pwg_query('DELETE FROM '.CONFIG_TABLE.' WHERE param IN (\'ad_c_plugin\')');
217		pwg_query($q);
218		$q = '
219		INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment)
220		VALUES
221		("ad_c_plugin" , "true,false" , "Plugin adult_content : menublock_for_guest, block_on_index");';
222		pwg_query($q);
223		}
224		}
225
	200	pwg_query($q);
	201	}
	202	else {
	203	$query = '
	204	SELECT value FROM '.CONFIG_TABLE.'
	205	WHERE param IN (\'ad_c_plugin\')
	206	;';
	207	$data_conf = mysql_fetch_array(pwg_query($query));
	208	$conf=explode(',', $data_conf['value']);
	209	$nbr=count($conf);
	210
	211	if ($nbr!=2)
	212	{
	213	pwg_query('DELETE FROM '.CONFIG_TABLE.' WHERE param IN (\'ad_c_plugin\')');
	214	pwg_query($q);
	215	$q = '
	216	INSERT INTO ' . CONFIG_TABLE . ' (param,value,comment)
	217	VALUES
	218	("ad_c_plugin" , "true,false" , "Plugin adult_content : menublock_for_guest, block_on_index");';
	219	pwg_query($q);
	220	}
	221	}
	222
226	223	}//fin active
227	224