source: trunk/include/user.inc.php @ 657

Last change on this file since 657 was 657, checked in by plg, 19 years ago
  • user permissions ask update at each admin page generation. Table user_forbidden must be updated only if current user is not in administrative section
  • bug fixed : category.php, error on page title when non category selected
  • admin/search : bug on variable $PHP_SELF, replaced by $_SERVERPHP_SELF
  • admin/user_perm : inheritence management. When a category become authorized, all parent categories become authorized, when a category become forbidden, all child category become forbidden
  • no more recursivity in delete_categories function
  • new function get_fs_directories for future new method of synchronization
  • new function get_uppercat_ids replacing several pieces of code doing the same
  • new function get_fulldirs used for metadata function get_filelist and future new method of synchronization
  • new function get_fs for future new method of synchronization
  • typo correction on lang item "about_message"
  • no link to category privacy status management on user permission anymore (giving the menu item instead)
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 5.6 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2004 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2004-12-25 19:33:36 +0000 (Sat, 25 Dec 2004) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 657 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28// retrieving connected user informations
29
30if (isset($_COOKIE['id']))
31{
32  $session_id = $_COOKIE['id'];
33  $user['has_cookie'] = true;
34}
35else if (isset($_GET['id']))
36{
37  $session_id = $_GET['id'];
38  $user['has_cookie'] = false;
39}
40else
41{
42  $user['has_cookie'] = false;
43}
44
45if (isset($session_id)
46    and ereg("^[0-9a-zA-Z]{".$conf['session_id_size']."}$", $session_id))
47{
48  $page['session_id'] = $session_id;
49  $query = '
50SELECT user_id,expiration,NOW() AS now
51  FROM '.SESSIONS_TABLE.'
52  WHERE id = \''.$page['session_id'].'\'
53;';
54  $result = pwg_query($query);
55  if (mysql_num_rows($result) > 0)
56  {
57    $row = mysql_fetch_array($result);
58    if (strnatcmp($row['expiration'], $row['now']) < 0)
59    {
60      // deletion of the session from the database, because it is
61      // out-of-date
62      $delete_query = '
63DELETE FROM '.SESSIONS_TABLE.'
64  WHERE id = \''.$page['session_id'].'\'
65;';
66      pwg_query($delete_query);
67    }
68    else
69    {
70      $user['id'] = $row['user_id'];
71      $user['is_the_guest'] = false;
72    }
73  }
74}
75if (!isset($user['id']))
76{
77  $user['id'] = 2;
78  $user['is_the_guest'] = true;
79}
80
81$query = '
82SELECT u.*, uf.*
83  FROM '.USERS_TABLE.' AS u LEFT JOIN '.USER_FORBIDDEN_TABLE.' AS uf
84    ON id = user_id
85  WHERE u.id = '.$user['id'].'
86;';
87$row = mysql_fetch_array(pwg_query($query));
88
89// affectation of each value retrieved in the users table into a variable of
90// the array $user.
91foreach ($row as $key => $value)
92{
93  if (!is_numeric($key))
94  {
95    // If the field is true or false, the variable is transformed into a
96    // boolean value.
97    if ($value == 'true' or $value == 'false')
98    {
99      $user[$key] = get_boolean($value);
100    }
101    else
102    {
103      $user[$key] = $value;
104    }
105  }
106}
107
108// properties of user guest are found in the configuration
109if ($user['is_the_guest'])
110{
111  $user['template'] = $conf['default_template'];
112  $user['nb_image_line'] = $conf['nb_image_line'];
113  $user['nb_line_page'] = $conf['nb_line_page'];
114  $user['language'] = $conf['default_language'];
115  $user['maxwidth'] = $conf['default_maxwidth'];
116  $user['maxheight'] = $conf['default_maxheight'];
117  $user['recent_period'] = $conf['recent_period'];
118  $user['expand'] = $conf['auto_expand'];
119  $user['show_nb_comments'] = $conf['show_nb_comments'];
120}
121
122// if no information were found about user in user_forbidden table OR the
123// forbidden categories must be updated : only if current user is in public
124// part
125if (!defined('IN_ADMIN') or !IN_ADMIN)
126{
127  if (!isset($user['need_update'])
128      or !is_bool($user['need_update'])
129      or $user['need_update'] == true)
130  {
131    $user['forbidden_categories'] = calculate_permissions($user['id']);
132  }
133}
134
135// forbidden_categories is a must be empty, at least
136if (!isset($user['forbidden_categories']))
137{
138  $user['forbidden_categories'] = '';
139}
140
141// special for $user['restrictions'] array
142$user['restrictions'] = explode(',', $user['forbidden_categories']);
143if ($user['restrictions'][0] == '')
144{
145  $user['restrictions'] = array();
146}
147
148// calculation of the number of picture to display per page
149$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
150
151if (empty($user['language'])
152    or !file_exists(PHPWG_ROOT_PATH.'language/'.
153                    $user['language'].'/common.lang.php'))
154{
155  $user['language'] = $conf['default_language'];
156}
157include_once(PHPWG_ROOT_PATH.'language/'.$user['language'].'/common.lang.php');
158
159// displaying the username in the language of the connected user, instead of
160// "guest" as you can find in the database
161if ($user['is_the_guest'])
162{
163  $user['username'] = $lang['guest'];
164}
165
166// only if we are in the administration section
167if (defined('IN_ADMIN') and IN_ADMIN)
168{
169  $langdir = PHPWG_ROOT_PATH.'language/'.$user['language'];
170  if (!file_exists($langdir.'/admin.lang.php'))
171  {
172    $langdir = PHPWG_ROOT_PATH.'language/'.$conf['default_language'];
173  }
174  include_once($langdir.'/admin.lang.php');
175  include_once($langdir.'/faq.lang.php');
176}
177
178if (empty($user['template']))
179{
180  $user['template'] = $conf['default_template'];
181}
182$template = setup_style($user['template']);
183?>
Note: See TracBrowser for help on using the repository browser.