source: trunk/include/user.inc.php @ 1524

Last change on this file since 1524 was 1524, checked in by nikrou, 18 years ago

fix bug 451:
password.php and register.php must be accessible when user is guest
even if guest user is not allowed.
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 4.0 KB
RevLine 
[2]1<?php
[362]2// +-----------------------------------------------------------------------+
[593]3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
[675]5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
[362]6// +-----------------------------------------------------------------------+
[593]7// | branch        : BSF (Best So Far)
[362]8// | file          : $RCSfile$
9// | last update   : $Date: 2006-08-02 21:19:15 +0000 (Wed, 02 Aug 2006) $
10// | last modifier : $Author: nikrou $
11// | revision      : $Revision: 1524 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
[2]27
[1231]28if (isset($_COOKIE[session_name()]))
[2]29{
[1511]30  session_start();
31  if (isset($_GET['act']) and $_GET['act'] == 'logout')
32  {
33    // logout
34    $_SESSION = array();
35    session_unset();
36    session_destroy();
37    setcookie(session_name(),'',0,
38              ini_get('session.cookie_path'), 
39              ini_get('session.cookie_domain') 
40              );
41    setcookie($conf['remember_me_name'], '', 0, cookie_path());
42    redirect(make_index_url());
43  } 
44  elseif (empty($_SESSION['pwg_uid'])) 
45  {
46    // timeout
47    setcookie(session_name(),'',0,
48              ini_get('session.cookie_path'), 
49              ini_get('session.cookie_domain') 
50              );
51  }
52  else
53  {
54    $user['id'] = $_SESSION['pwg_uid'];
55    $user['is_the_guest'] = false;
56  }
[1231]57}
[1511]58elseif (!empty($_COOKIE[$conf['remember_me_name']]))
59{
60  auto_login();
61} 
[1231]62else
[45]63{
[1511]64  $user['id'] = $conf['guest_id'];
65  $user['is_the_guest'] = true;
[541]66}
[45]67
[1522]68if ($user['is_the_guest'] and !$conf['guest_access'] 
[1524]69    and (basename($_SERVER['PHP_SELF'])!='identification.php')
70    and (basename($_SERVER['PHP_SELF'])!='password.php')
71    and (basename($_SERVER['PHP_SELF'])!='register.php'))
[1511]72{
73  redirect (get_root_url().'identification.php');
74}
75
[804]76// using Apache authentication override the above user search
77if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
78{
[808]79  if (!($user['id'] = get_userid($_SERVER['REMOTE_USER'])))
[804]80  {
[808]81    register_user($_SERVER['REMOTE_USER'], '', '');
82    $user['id'] = get_userid($_SERVER['REMOTE_USER']);
[804]83  }
[1231]84
[804]85  $user['is_the_guest'] = false;
86}
[1511]87
[1036]88$user = array_merge(
89  $user,
90  getuserdata(
91    $user['id'],
[1052]92    ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
[1036]93    )
94  );
[648]95
[653]96// properties of user guest are found in the configuration
97if ($user['is_the_guest'])
98{
99  $user['template'] = $conf['default_template'];
100  $user['nb_image_line'] = $conf['nb_image_line'];
101  $user['nb_line_page'] = $conf['nb_line_page'];
102  $user['language'] = $conf['default_language'];
103  $user['maxwidth'] = $conf['default_maxwidth'];
104  $user['maxheight'] = $conf['default_maxheight'];
105  $user['recent_period'] = $conf['recent_period'];
106  $user['expand'] = $conf['auto_expand'];
107  $user['show_nb_comments'] = $conf['show_nb_comments'];
[1106]108  $user['enabled_high'] = $conf['newuser_default_enabled_high'];
[653]109}
110
[351]111// calculation of the number of picture to display per page
112$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
[362]113?>
Note: See TracBrowser for help on using the repository browser.