Changeset 12661 for extensions/UserAdvManager/trunk/include
- Timestamp:
- Nov 27, 2011, 4:27:10 PM (13 years ago)
- Location:
- extensions/UserAdvManager/trunk/include
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/UserAdvManager/trunk/include/functions.inc.php
r12314 r12661 380 380 global $conf, $user; 381 381 382 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 383 382 384 $conf_UAM = unserialize($conf['UserAdvManager']); 383 385 … … 396 398 } 397 399 398 // Performing redirection to profile page on first login 399 // ----------------------------------------------------- 400 if ((isset($conf_UAM[20]) and $conf_UAM[20] == 'true')) 401 { 402 $query =' 400 // Avoid login into public galleries until registration confirmation is done 401 if ((isset($conf_UAM[39]) and $conf_UAM[39] == 'false') or ((isset($conf_UAM[39]) and $conf_UAM[39] == 'true') and UAM_UsrReg_Verif($user['id']))) 402 { 403 // Performing redirection to profile page on first login 404 // ----------------------------------------------------- 405 if ((isset($conf_UAM[20]) and $conf_UAM[20] == 'true')) 406 { 407 $query =' 403 408 SELECT user_id, status 404 409 FROM '.USER_INFOS_TABLE.' 405 410 WHERE user_id = '.$user['id'].' 406 411 ;'; 407 $data = pwg_db_fetch_assoc(pwg_query($query));408 409 if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts410 {411 $user_idsOK = array();412 if (!UAM_check_profile($user['id'], $user_idsOK))413 redirect(PHPWG_ROOT_PATH.'profile.php');414 }415 }416 417 // Performing redirection to profile page for password reset418 // ---------------------------------------------------------419 if ((isset($conf_UAM[38]) and $conf_UAM[38] == 'true'))420 {421 $query ='412 $data = pwg_db_fetch_assoc(pwg_query($query)); 413 414 if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts 415 { 416 $user_idsOK = array(); 417 if (!UAM_check_profile($user['id'], $user_idsOK)) 418 redirect(PHPWG_ROOT_PATH.'profile.php'); 419 } 420 } 421 422 // Performing redirection to profile page for password reset 423 // --------------------------------------------------------- 424 if ((isset($conf_UAM[38]) and $conf_UAM[38] == 'true')) 425 { 426 $query =' 422 427 SELECT user_id, status 423 428 FROM '.USER_INFOS_TABLE.' 424 429 WHERE user_id = '.$user['id'].' 425 430 ;'; 426 $data = pwg_db_fetch_assoc(pwg_query($query)); 427 428 if ($data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts 429 { 430 if (UAM_check_pwgreset($user['id'])) 431 { 432 redirect(PHPWG_ROOT_PATH.'profile.php'); 431 $data = pwg_db_fetch_assoc(pwg_query($query)); 432 433 if ($data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts 434 { 435 if (UAM_check_pwgreset($user['id'])) 436 { 437 redirect(PHPWG_ROOT_PATH.'profile.php'); 438 } 433 439 } 434 440 } 441 } 442 elseif ((isset($conf_UAM[39]) and $conf_UAM[39] == 'true') and !UAM_UsrReg_Verif($user['id'])) 443 { 444 // Logged-in user cleanup, session destruction and redirected to custom page 445 // ------------------------------------------------------------------------- 446 invalidate_user_cache(); 447 logout_user(); 448 redirect(UAM_PATH.'rejected.php'); 435 449 } 436 450 } … … 2073 2087 2074 2088 /** 2075 * Function called from main.inc.php - Check if username matches forbidden caracters2089 * Function called from functions.inc.php - Check if username matches forbidden caracters 2076 2090 * 2077 2091 * @param : User login … … 2566 2580 2567 2581 /** 2568 * Function called from maintain.inc.php - to check if database upgrade is needed2569 *2570 * @param : table name2571 *2572 * @return : boolean2573 *2574 */2575 function table_exist($table)2576 {2577 $query = 'DESC '.$table.';';2578 return (bool)($res=pwg_query($query));2579 }2580 2581 2582 /**2583 * Function called from UAM_admin.php and main.inc.php to get the plugin version and name2584 *2585 * @param : plugin directory2586 *2587 * @return : plugin's version and name2588 *2589 */2590 function PluginInfos($dir)2591 {2592 $path = $dir;2593 2594 $plg_data = implode( '', file($path.'main.inc.php') );2595 if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) )2596 {2597 $plugin['name'] = trim( $val[1] );2598 }2599 if (preg_match("|Version: (.*)|", $plg_data, $val))2600 {2601 $plugin['version'] = trim($val[1]);2602 }2603 if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) )2604 {2605 $plugin['uri'] = trim($val[1]);2606 }2607 if ($desc = load_language('description.txt', $path.'/', array('return' => true)))2608 {2609 $plugin['description'] = trim($desc);2610 }2611 elseif ( preg_match("|Description: (.*)|", $plg_data, $val) )2612 {2613 $plugin['description'] = trim($val[1]);2614 }2615 if ( preg_match("|Author: (.*)|", $plg_data, $val) )2616 {2617 $plugin['author'] = trim($val[1]);2618 }2619 if ( preg_match("|Author URI: (.*)|", $plg_data, $val) )2620 {2621 $plugin['author uri'] = trim($val[1]);2622 }2623 if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))2624 {2625 list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);2626 if (is_numeric($extension)) $plugin['extension'] = $extension;2627 }2628 // IMPORTANT SECURITY !2629 // --------------------2630 $plugin = array_map('htmlspecialchars', $plugin);2631 2632 return $plugin ;2633 }2634 2635 2636 /**2637 * Delete obsolete files on plugin upgrade2638 * Obsolete files are listed in file obsolete.list2639 *2640 */2641 function clean_obsolete_files()2642 {2643 if (file_exists(UAM_PATH.'obsolete.list')2644 and $old_files = file(UAM_PATH.'obsolete.list', FILE_IGNORE_NEW_LINES)2645 and !empty($old_files))2646 {2647 array_push($old_files, 'obsolete.list');2648 foreach($old_files as $old_file)2649 {2650 $path = UAM_PATH.$old_file;2651 if (is_file($path))2652 {2653 @unlink($path);2654 }2655 elseif (is_dir($path))2656 {2657 @rmdir($path);2658 }2659 }2660 }2661 }2662 2663 2664 /**2665 2582 * UAM_check_profile - Thx to LucMorizur 2666 2583 * checks if a user id is registered as having already 2667 * visited his profile .phppage.2584 * visited his profile page. 2668 2585 * 2669 2586 * @uid : the user id … … 2699 2616 * UAM_check_pwdreset 2700 2617 * checks if a user id is registered as having already 2701 * changed theirpassword.2618 * changed his password. 2702 2619 * 2703 2620 * @uid : the user id … … 2722 2639 else return false; 2723 2640 } 2641 2642 2643 /** 2644 * UAM_UsrReg_Verif 2645 * Check if the user who logged-in have validate his registration 2646 * 2647 * @returns : True if validation is OK else False 2648 */ 2649 function UAM_UsrReg_Verif($user_id) 2650 { 2651 global $conf; 2652 2653 // Get UAM configuration 2654 // --------------------- 2655 $conf_UAM = unserialize($conf['UserAdvManager']); 2656 2657 $query = ' 2658 SELECT group_id 2659 FROM '.USER_GROUP_TABLE.' 2660 WHERE user_id = '.$user_id.' 2661 AND group_id = '.$conf_UAM[2].' 2662 ;'; 2663 2664 $count = pwg_db_num_rows(pwg_query($query)); 2665 2666 if ($count == 0) 2667 { 2668 return true; // User is not in a "Waiting" group 2669 } 2670 else 2671 { 2672 return false; // User is still in a "Waiting" group 2673 } 2674 } 2675 2724 2676 2725 2677 /** … … 3017 2969 3018 2970 2971 /** 2972 * Delete obsolete files on plugin upgrade 2973 * Obsolete files are listed in file obsolete.list 2974 * 2975 */ 2976 function clean_obsolete_files() 2977 { 2978 if (file_exists(UAM_PATH.'obsolete.list') 2979 and $old_files = file(UAM_PATH.'obsolete.list', FILE_IGNORE_NEW_LINES) 2980 and !empty($old_files)) 2981 { 2982 array_push($old_files, 'obsolete.list'); 2983 foreach($old_files as $old_file) 2984 { 2985 $path = UAM_PATH.$old_file; 2986 if (is_file($path)) 2987 { 2988 @unlink($path); 2989 } 2990 elseif (is_dir($path)) 2991 { 2992 @rmdir($path); 2993 } 2994 } 2995 } 2996 } 2997 2998 2999 /** 3000 * Function called from maintain.inc.php - to check if database upgrade is needed 3001 * 3002 * @param : table name 3003 * 3004 * @return : boolean 3005 * 3006 */ 3007 function table_exist($table) 3008 { 3009 $query = 'DESC '.$table.';'; 3010 return (bool)($res=pwg_query($query)); 3011 } 3012 3013 3014 /** 3015 * Function called from UAM_admin.php and main.inc.php to get the plugin version and name 3016 * 3017 * @param : plugin directory 3018 * 3019 * @return : plugin's version and name 3020 * 3021 */ 3022 function PluginInfos($dir) 3023 { 3024 $path = $dir; 3025 3026 $plg_data = implode( '', file($path.'main.inc.php') ); 3027 if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) ) 3028 { 3029 $plugin['name'] = trim( $val[1] ); 3030 } 3031 if (preg_match("|Version: (.*)|", $plg_data, $val)) 3032 { 3033 $plugin['version'] = trim($val[1]); 3034 } 3035 if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) ) 3036 { 3037 $plugin['uri'] = trim($val[1]); 3038 } 3039 if ($desc = load_language('description.txt', $path.'/', array('return' => true))) 3040 { 3041 $plugin['description'] = trim($desc); 3042 } 3043 elseif ( preg_match("|Description: (.*)|", $plg_data, $val) ) 3044 { 3045 $plugin['description'] = trim($val[1]); 3046 } 3047 if ( preg_match("|Author: (.*)|", $plg_data, $val) ) 3048 { 3049 $plugin['author'] = trim($val[1]); 3050 } 3051 if ( preg_match("|Author URI: (.*)|", $plg_data, $val) ) 3052 { 3053 $plugin['author uri'] = trim($val[1]); 3054 } 3055 if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid=')) 3056 { 3057 list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']); 3058 if (is_numeric($extension)) $plugin['extension'] = $extension; 3059 } 3060 // IMPORTANT SECURITY ! 3061 // -------------------- 3062 $plugin = array_map('htmlspecialchars', $plugin); 3063 3064 return $plugin ; 3065 } 3066 3019 3067 3020 3068 /** -
extensions/UserAdvManager/trunk/include/upgradedb.inc.php
r12271 r12661 559 559 } 560 560 } 561 562 563 /* upgrade from 2.30.x to 2.30.2 */ 564 /* ***************************** */ 565 function upgrade_2300_2302() 566 { 567 global $conf; 568 569 load_language('plugin.lang', UAM_PATH); 570 571 // Upgrading options 572 // ----------------- 573 $query = ' 574 SELECT value 575 FROM '.CONFIG_TABLE.' 576 WHERE param = "UserAdvManager" 577 ;'; 578 579 $result = pwg_query($query); 580 $conf_UAM = pwg_db_fetch_assoc($result); 581 582 $Newconf_UAM = unserialize($conf_UAM['value']); 583 584 $Newconf_UAM[39] = 'false'; 585 $Newconf_UAM[40] = l10n('UAM_Default_RejectConnexion_Txt'); 586 587 $update_conf = serialize($Newconf_UAM); 588 589 conf_update_param('UserAdvManager', pwg_db_real_escape_string($update_conf)); 590 } 561 591 ?>
Note: See TracChangeset
for help on using the changeset viewer.