Changeset 1572

Timestamp:

Oct 21, 2006, 10:16:01 PM (18 years ago)

Author:

rvelices

Message:

merge -r1568 from trunk to branch-1_6 (auto_login/redirect corrections)

Location:

branches/branch-1_6

Files:

• identification.php (modified) (1 diff)
• include/common.inc.php (modified) (3 diffs)
• include/config_default.inc.php (modified) (1 diff)
• include/functions.inc.php (modified) (10 diffs)
• include/functions_user.inc.php (modified) (5 diffs)
• include/template.php (modified) (4 diffs)
• include/user.inc.php (modified) (3 diffs)

branches/branch-1_6/identification.php

@@ -72 +72 @@
   }
 }
-elseif (!empty($_COOKIE[$conf['remember_me_name']]))
-{
-  auto_login();
-}
+
 //----------------------------------------------------- template initialization
 //

branches/branch-1_6/include/common.inc.php

@@ -133 +133 @@
 or die ( "Could not connect to database" );
 
+//
+// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
+// since basic gallery information is not available
+//
+load_conf_from_db();
+
+include(PHPWG_ROOT_PATH.'include/user.inc.php');
+
+
+// language files
+include_once(get_language_filepath('common.lang.php'));
+if (defined('IN_ADMIN') and IN_ADMIN)
+{
+  include_once(get_language_filepath('admin.lang.php'));
+}
+
+// only now we can set the localized username of the guest user (and not in
+// include/user.inc.php)
+if ($user['is_the_guest'])
+{
+  $user['username'] = $lang['guest'];
+}
+
+// template instance
+$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme'] );
+
+if ($conf['gallery_locked'])
+{
+  $header_msgs[] = $lang['gallery_locked_message'];
+
+  if ( basename($_SERVER["SCRIPT_FILENAME"]) != 'identification.php'
+      and !is_admin() )
+  {
+    //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG
+    $page['root_path'] = cookie_path();
+    echo $lang['gallery_locked_message']
+      .'<a href="'.get_root_url().'identification.php">.</a>';
+    exit();
+  }
+}
+
+if ($user['is_the_guest'] and !$conf['guest_access']
+    and !in_array( basename($_SERVER['SCRIPT_FILENAME']),
+                      array('identification.php',
+                            'password.php',
+                            'register.php'
+                        )
+                  )
+    )
+{
+  //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG
+  $page['root_path'] = cookie_path();
+  redirect (get_root_url().'identification.php');
+}
+
 if ($conf['check_upgrade_feed']
     and defined('PHPWG_IN_UPGRADE')
@@ -150 +205 @@
   if (count(array_diff($existing, $applied)) > 0)
   {
+    //next line required if PATH_INFO (no ? in url) but won't work for scripts outside PWG
+    $page['root_path'] = cookie_path();
     $header_msgs[] = 'Some database upgrades are missing, '
-      .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>';
-  }
-}
-
-//
-// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
-// since basic gallery information is not available
-//
-load_conf_from_db();
-
-include(PHPWG_ROOT_PATH.'include/user.inc.php');
-
-// language files
-include_once(get_language_filepath('common.lang.php'));
-
-if (defined('IN_ADMIN') and IN_ADMIN)
-{
-  include_once(get_language_filepath('admin.lang.php'));
-}
-
-if ($conf['gallery_locked'])
-{
-  $header_msgs[] = $lang['gallery_locked_message']
-    . '<a href="'.PHPWG_ROOT_PATH.'identification.php">.</a>';
-
-  if ( basename($_SERVER["PHP_SELF"]) != 'identification.php'
-      and !is_admin() )
-  {
-    echo( $lang['gallery_locked_message'] );
-    exit();
-  }
-}
-
-// only now we can set the localized username of the guest user (and not in
-// include/user.inc.php)
-if ($user['is_the_guest'])
-{
-  $user['username'] = $lang['guest'];
-}
-
-// include template/theme configuration
-if (defined('IN_ADMIN') and IN_ADMIN)
-{
-  list($user['template'], $user['theme']) =
-    explode
-    (
-      '/',
-      isset($conf['default_admin_layout']) ? $conf['default_admin_layout']
-                                           : $user['template']
-    );
-// TODO : replace $conf['admin_layout'] by $user['admin_layout']
-}
-else
-{
-  list($user['template'], $user['theme']) = explode('/', $user['template']);
-}
-// TODO : replace initial $user['template'] by $user['layout']
-
-include(
-  PHPWG_ROOT_PATH
-  .'template/'.$user['template']
-  .'/theme/'.$user['theme']
-  .'/themeconf.inc.php'
-  );
+      .'<a href="'.get_root_url().'upgrade_feed.php">upgrade now</a>';
+  }
+}
+
 
 if (is_adviser())
@@ -220 +217 @@
   $header_msgs[] = $lang['adviser_mode_enabled'];
 }
-
-// template instance
-$template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template']);
 
 if (count($header_msgs) > 0)

branches/branch-1_6/include/config_default.inc.php

@@ -324 +324 @@
 // remember_me_length : time of validity for "remember me" cookies, in
 // seconds.
-$conf['remember_me_length'] = 31536000;
+$conf['remember_me_length'] = 5184000;
+
+// session_length : time of validity for normal session, in seconds.
+$conf['session_length'] = 3600;
 
 // +-----------------------------------------------------------------------+

branches/branch-1_6/include/functions.inc.php

@@ -461 +461 @@
 }
 
-function pwg_stripslashes($value) 
+function pwg_stripslashes($value)
 {
   if (get_magic_quotes_gpc())
@@ -470 +470 @@
 }
 
-function pwg_addslashes($value) 
+function pwg_addslashes($value)
 {
   if (!get_magic_quotes_gpc())
@@ -479 +479 @@
 }
 
-function pwg_quotemeta($value) 
+function pwg_quotemeta($value)
 {
   if (get_magic_quotes_gpc()) {
@@ -557 +557 @@
  * @return void
  */
-function redirect( $url , $msg = '', $refreh_time = 0)
+function redirect( $url , $msg = '', $refresh_time = 0)
 {
   global $user, $template, $lang_info, $conf, $lang, $t2, $page, $debug;
 
-  unset($template);
-  $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template']);
-  if (!isset($page['body_id'])) 
-  {
-    $page['body_id'] = 'adminPage';
-  }
-
-  // $redirect_msg, $refresh, $url_link and $title are required for creating an automated
-  // refresh page in header.tpl
-  if (!isset($msg) or ($msg == ''))
+  if (!isset($lang_info))
+  {
+    $user = build_user( $conf['guest_id'], true);
+    include_once(get_language_filepath('common.lang.php'));
+    list($tmpl, $thm) = explode('/', $conf['default_template']);
+    $template = new Template(PHPWG_ROOT_PATH.'template/'.$tmpl, $thm);
+  }
+  else
+  {
+    $template = new Template(PHPWG_ROOT_PATH.'template/'.$user['template'], $user['theme']);
+  }
+
+  if (empty($msg))
   {
     $redirect_msg = l10n('redirect_msg');
@@ -579 +582 @@
   }
   $redirect_msg = nl2br($redirect_msg);
-  $refresh = $refreh_time;
+
+  $refresh = $refresh_time;
   $url_link = $url;
   $title = 'redirection';
 
+  $template->set_filenames( array( 'redirect' => 'redirect.tpl' ) );
+
   include( PHPWG_ROOT_PATH.'include/page_header.php' );
 
@@ -592 +598 @@
   exit();
 }
-
 /**
  * returns $_SERVER['QUERY_STRING'] whitout keys given in parameters
@@ -694 +699 @@
 {
   global $conf;
-  
+
   $error = '<pre>';
   $error.= $header;
@@ -880 +885 @@
 function get_themeconf($key)
 {
-  global $themeconf;
-
-  return isset($themeconf[$key]) ? $themeconf[$key] : '';
+  global $template;
+
+  return $template->get_themeconf($key);
 }
 
@@ -939 +944 @@
 {
   global $conf;
-  
+
   $query = '
 SELECT param,value
@@ -954 +959 @@
   {
     $conf[ $row['param'] ] = isset($row['value']) ? $row['value'] : '';
-    
+
     // If the field is true or false, the variable is transformed into a
     // boolean value.

branches/branch-1_6/include/functions_user.inc.php

@@ -105 +105 @@
 }
 
+
+function build_user( $user_id, $use_cache )
+{
+  global $conf;
+  $user['id'] = $user_id;
+  $user = array_merge( $user, getuserdata($user_id, $use_cache) );
+  if ( $user['id'] == $conf['guest_id'])
+  {
+    $user['is_the_guest']=true;
+    $user['template'] = $conf['default_template'];
+    $user['nb_image_line'] = $conf['nb_image_line'];
+    $user['nb_line_page'] = $conf['nb_line_page'];
+    $user['language'] = $conf['default_language'];
+    $user['maxwidth'] = $conf['default_maxwidth'];
+    $user['maxheight'] = $conf['default_maxheight'];
+    $user['recent_period'] = $conf['recent_period'];
+    $user['expand'] = $conf['auto_expand'];
+    $user['show_nb_comments'] = $conf['show_nb_comments'];
+    $user['enabled_high'] = $conf['newuser_default_enabled_high'];
+  }
+  else
+  {
+    $user['is_the_guest']=false;
+  }
+  // calculation of the number of picture to display per page
+  $user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
+
+  // include template/theme configuration
+  if (defined('IN_ADMIN') and IN_ADMIN)
+  {
+    list($user['template'], $user['theme']) =
+      explode
+      (
+        '/',
+        isset($conf['default_admin_layout']) ? $conf['default_admin_layout']
+                                             : $user['template']
+      );
+    // TODO : replace $conf['admin_layout'] by $user['admin_layout']
+  }
+  else
+  {
+    list($user['template'], $user['theme']) = explode('/', $user['template']);
+  }
+
+  return $user;
+}
+
+
 /**
  * find informations related to the user identifier
@@ -459 +507 @@
     $status = 'normal';
   }
-  
+
   $insert =
     array(
@@ -557 +605 @@
     // search for an existing auto_login_key
     $query = '
-SELECT auto_login_key 
+SELECT auto_login_key
   FROM '.USERS_TABLE.'
   WHERE '.$conf['user_fields']['id'].' = '.$user_id.'
 ;';
- 
+
     $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
-    if (empty($auto_login_key)) 
+    if (empty($auto_login_key))
     {
       $auto_login_key = base64_encode(md5(uniqid(rand(), true)));
@@ -575 +623 @@
     $cookie = array('id' => $user_id, 'key' => $auto_login_key);
     setcookie($conf['remember_me_name'],
-              serialize($cookie), 
+              serialize($cookie),
               time()+$conf['remember_me_length'],
               cookie_path()
               );
   }
-  session_start();
+  else
+  { // make sure we clean any remember me ...
+    setcookie($conf['remember_me_name'], '', 0, cookie_path());
+  }
+  if ( session_id()!="" )
+  { // this can happpen when the session is expired and auto_login
+    session_regenerate_id();
+  }
+  else
+  {
+    session_start();
+  }
   $_SESSION['pwg_uid'] = $user_id;
 
   $user['id'] = $_SESSION['pwg_uid'];
-  $user['is_the_guest'] = false;
 }
 
 /*
  * Performs auto-connexion when cookie remember_me exists
- * @return void
+ * @return true/false
 */
-function auto_login() { 
+function auto_login() {
   global $conf;
 
-  // must remove slash added in include/common.inc.php
-  $cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
-
-  $query = '
+  if ( isset( $_COOKIE[$conf['remember_me_name']] ) )
+  {
+    // must remove slash added in include/common.inc.php
+    $cookie = unserialize(stripslashes($_COOKIE[$conf['remember_me_name']]));
+
+    $query = '
 SELECT auto_login_key
   FROM '.USERS_TABLE.'
@@ -603 +663 @@
 ;';
 
-  $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
-  if ($auto_login_key == $cookie['key'])
-  {
-    log_user($cookie['id'], false);
-    redirect(make_index_url());
-  }
-  else
-  {
-    setcookie($conf['remember_me_name'], '', 0, cookie_path());
-    redirect(make_index_url());
-  } 
+    $auto_login_key = current(mysql_fetch_assoc(pwg_query($query)));
+    if ($auto_login_key == $cookie['key'])
+    {
+      log_user($cookie['id'], true);
+      return true;
+    }
+    else
+    {
+      setcookie($conf['remember_me_name'], '', 0, cookie_path());
+    }
+  }
+  return false;
 }
 

branches/branch-1_6/include/template.php

@@ -60 +60 @@
   var $output = '';
 
+  var $themeconf = array();
+
   /**
    * Constructor. Simply sets the root dir.
    *
    */
-  function Template($root = ".")
-    {
-      $this->set_rootdir($root);
+  function Template($root = ".", $theme= "")
+    {
+      if ( $this->set_rootdir($root) )
+      {
+        if ( !empty( $theme ) )
+        {
+          include($root.'/theme/'.$theme.'/themeconf.inc.php');
+          $this->themeconf = $themeconf;
+        }
+      }
     }
 
@@ -312 +321 @@
         die("Template->loadfile(): File $filename for handle $handle is empty");
       }
-      
+
       $this->uncompiled_code[$handle] = $str;
-      
-      return true;
-    }
-  
-  
-  
+
+      return true;
+    }
+
+
+
   /**
    * Compiles the given string of code, and returns the result in a string.
@@ -332 +341 @@
       $code = preg_replace('/\{lang:([^}]+)\}/e', "l10n('$1')", $code);
       // PWG specific : expand themeconf.inc.php variables
-      $code = preg_replace('/\{themeconf:([^}]+)\}/e', "get_themeconf('$1')", $code);
+      $code = preg_replace('/\{themeconf:([^}]+)\}/e', '$this->get_themeconf(\'$1\')', $code);
       $code = preg_replace('/\{pwg_root\}/e', "get_root_url()", $code);
 
@@ -526 +535 @@
     }
 
+    function get_themeconf($key)
+    {
+      return isset($this->themeconf[$key]) ? $this->themeconf[$key] : '';
+    }
 }
 

branches/branch-1_6/include/user.inc.php

@@ -3 +3 @@
 // | PhpWebGallery - a PHP based picture gallery                           |
 // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
 // +-----------------------------------------------------------------------+
 // | branch        : BSF (Best So Far)
@@ -26 +26 @@
 // +-----------------------------------------------------------------------+
 
-if (isset($_COOKIE[session_name()])) 
+// by default we start with guest
+$user['id'] = $conf['guest_id'];
+
+if (isset($_COOKIE[session_name()]))
 {
   session_start();
   if (isset($_GET['act']) and $_GET['act'] == 'logout')
-  {
-    // logout
+  { // logout
     $_SESSION = array();
     session_unset();
     session_destroy();
     setcookie(session_name(),'',0,
-              ini_get('session.cookie_path'), 
-              ini_get('session.cookie_domain') 
-              );
+        ini_get('session.cookie_path'),
+        ini_get('session.cookie_domain')
+      );
     setcookie($conf['remember_me_name'], '', 0, cookie_path());
     redirect(make_index_url());
-  } 
-  elseif (empty($_SESSION['pwg_uid'])) 
-  {
-    // timeout
+  }
+  elseif (empty($_SESSION['pwg_uid']))
+  { // timeout
     setcookie(session_name(),'',0,
-              ini_get('session.cookie_path'), 
-              ini_get('session.cookie_domain') 
-              );
+        ini_get('session.cookie_path'),
+        ini_get('session.cookie_domain')
+      );
   }
   else
   {
     $user['id'] = $_SESSION['pwg_uid'];
-    $user['is_the_guest'] = false;
   }
 }
-elseif (!empty($_COOKIE[$conf['remember_me_name']]))
+
+
+// Now check the auto-login
+if ( $user['id']==$conf['guest_id'] )
 {
   auto_login();
-} 
-else
-{
-  $user['id'] = $conf['guest_id'];
-  $user['is_the_guest'] = true;
 }
 
-if ($user['is_the_guest'] and !$conf['guest_access'] 
-    and (basename($_SERVER['PHP_SELF'])!='identification.php')
-    and (basename($_SERVER['PHP_SELF'])!='password.php')
-    and (basename($_SERVER['PHP_SELF'])!='register.php'))
-{
-  redirect (get_root_url().'identification.php');
-}
 
 // using Apache authentication override the above user search
@@ -82 +73 @@
     $user['id'] = get_userid($_SERVER['REMOTE_USER']);
   }
-  
-  $user['is_the_guest'] = false;
 }
+$user = build_user( $user['id'],
+          ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
+         );
 
-$user = array_merge(
-  $user,
-  getuserdata(
-    $user['id'],
-    ( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
-    )
-  );
-
-// properties of user guest are found in the configuration
-if ($user['is_the_guest'])
-{
-  $user['template'] = $conf['default_template'];
-  $user['nb_image_line'] = $conf['nb_image_line'];
-  $user['nb_line_page'] = $conf['nb_line_page'];
-  $user['language'] = $conf['default_language'];
-  $user['maxwidth'] = $conf['default_maxwidth'];
-  $user['maxheight'] = $conf['default_maxheight'];
-  $user['recent_period'] = $conf['recent_period'];
-  $user['expand'] = $conf['auto_expand'];
-  $user['show_nb_comments'] = $conf['show_nb_comments'];
-  $user['enabled_high'] = $conf['newuser_default_enabled_high'];
-}
-
-// calculation of the number of picture to display per page
-$user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
 ?>