Changeset 648

Timestamp:

Dec 20, 2004, 1:30:36 PM (20 years ago)

Author:

plg

Message:

• in picture.php, $usermaxwidth and $usermaxheight can be unset if NULL in database

• new table user_forbidden {user_id,need_update,forbidden_categories} and deletion of field users.forbidden_categories

• new function calculate_permissions to update table user_forbidden when needed

• simplification of include/user.inc.php

• in footer of each page, use "-" instead of "::" to separate page information

Location:

trunk

Files:

• include/constants.php (modified) (1 diff)
• include/functions_user.inc.php (modified) (1 diff)
• include/user.inc.php (modified) (3 diffs)
• install/dbscheme.txt (modified) (4 diffs)
• install/phpwebgallery_structure.sql (modified) (2 diffs)
• picture.php (modified) (1 diff)
• template/default/footer.tpl (modified) (2 diffs)

trunk/include/constants.php

@@ -58 +58 @@
 define('IMAGE_METADATA_TABLE', $table_prefix.'image_metadata');
 define('RATE_TABLE', $table_prefix.'rate');
+define('USER_FORBIDDEN_TABLE', $table_prefix.'user_forbidden');
 ?>

trunk/include/functions_user.inc.php

@@ -277 +277 @@
   }
 }
+
+/**
+ * update table user_forbidden for the given user
+ *
+ * table user_forbidden contains calculated data. Calculation is based on
+ * private categories minus categories authorized to the groups the user
+ * belongs to minus the categories directly authorized to the user
+ *
+ * @param int user_id
+ * @return string forbidden_categories
+ */
+function calculate_permissions($user_id)
+{
+  $private_array = array();
+  $authorized_array = array();
+
+  $query = '
+SELECT id
+  FROM '.CATEGORIES_TABLE.'
+  WHERE status = \'private\'
+;';
+  $result = pwg_query($query);
+  while ($row = mysql_fetch_array($result))
+  {
+    array_push($private_array, $row['id']);
+  }
+  
+  // retrieve category ids directly authorized to the user
+  $query = '
+SELECT cat_id
+  FROM '.USER_ACCESS_TABLE.'
+  WHERE user_id = '.$user_id.'
+;';
+  $result = pwg_query($query);
+  while ($row = mysql_fetch_array($result))
+  {
+    array_push($authorized_array, $row['cat_id']);
+  }
+
+  // retrieve category ids authorized to the groups the user belongs to
+  $query = '
+SELECT cat_id
+  FROM '.USER_GROUP_TABLE.' AS ug INNER JOIN '.GROUP_ACCESS_TABLE.' AS ga
+    ON ug.group_id = ga.group_id
+  WHERE ug.user_id = '.$user_id.'
+;';
+  $result = pwg_query($query);
+  while ($row = mysql_fetch_array($result))
+  {
+    array_push($authorized_array, $row['cat_id']);
+  }
+
+  // uniquify ids : some private categories might be authorized for the
+  // groups and for the user
+  $authorized_array = array_unique($authorized_array);
+
+  // only unauthorized private categories are forbidden
+  $forbidden_array = array_diff($private_array, $authorized_array);
+
+  $query = '
+DELETE FROM '.USER_FORBIDDEN_TABLE.'
+  WHERE user_id = '.$user_id.'
+;';
+  pwg_query($query);
+
+  $forbidden_categories = implode(',', $forbidden_array);
+  
+  $query = '
+INSERT INTO '.USER_FORBIDDEN_TABLE.'
+  (user_id,need_update,forbidden_categories)
+  VALUES
+  ('.$user_id.',\'false\',\''.$forbidden_categories.'\')
+;';
+  pwg_query($query);
+  
+  return $forbidden_categories;
+}
 ?>

trunk/include/user.inc.php

@@ -26 +26 @@
 // +-----------------------------------------------------------------------+
 
-// retrieving user informations
-// $infos array is used to know the fields to retrieve in the table "users"
-// Each field becomes an information of the array $user.
-// Example :
-//            status --> $user['status']
-$infos = array('id','username','mail_address','nb_image_line','nb_line_page',
-               'status','language','maxwidth','maxheight','expand',
-               'show_nb_comments','recent_period','template',
-               'forbidden_categories');
-
-$query_user = 'SELECT * FROM '.USERS_TABLE;
-$query_done = false;
-$user['is_the_guest'] = false;
+// retrieving connected user informations
 
 if (isset($_COOKIE['id']))
@@ -80 +68 @@
     else
     {
-      $query_user .= ' WHERE id = '.$row['user_id'];
-      $query_done = true;
+      $user['id'] = $row['user_id'];
+      $user['is_the_guest'] = false;
     }
   }
 }
-if (!$query_done)
+if (!isset($user['id']))
 {
-  $query_user .= ' WHERE id = 2';
+  $user['id'] = 2;
   $user['is_the_guest'] = true;
 }
-$query_user .= ';';
-$row = mysql_fetch_array(pwg_query($query_user));
 
-// affectation of each value retrieved in the users table into a variable
-// of the array $user.
-foreach ($infos as $info) {
-  if (isset($row[$info]))
+$query = '
+SELECT u.*, uf.*
+  FROM '.USERS_TABLE.' AS u LEFT JOIN '.USER_FORBIDDEN_TABLE.' AS uf
+    ON id = user_id
+  WHERE u.id = '.$user['id'].'
+;';
+$row = mysql_fetch_array(pwg_query($query));
+
+// affectation of each value retrieved in the users table into a variable of
+// the array $user.
+foreach ($row as $key => $value)
+{
+  if (!is_numeric($key))
   {
     // If the field is true or false, the variable is transformed into a
     // boolean value.
-    if ($row[$info] == 'true' or $row[$info] == 'false')
-      $user[$info] = get_boolean($row[$info]);
+    if ($value == 'true' or $value == 'false')
+    {
+      $user[$key] = get_boolean($value);
+    }
     else
-      $user[$info] = $row[$info];    
+    {
+      $user[$key] = $value;
+    }
   }
-  else
-  {
-    $user[$info] = '';
-  }
+}
+
+// if no information were found about user in user_forbidden table OR the
+// forbidden categories must be updated
+if (!isset($user['need_update'])
+    or !is_bool($user['need_update'])
+    or $user['need_update'] == true)
+{
+  $user['forbidden_categories'] = calculate_permissions($user['id']);
+}
+
+// forbidden_categories is a must be empty, at least
+if (!isset($user['forbidden_categories']))
+{
+  $user['forbidden_categories'] = '';
 }
 
@@ -121 +131 @@
 if ($user['status'] == 'admin')
 {
-  $isadmin =true;
+  $isadmin = true;
 }
 // calculation of the number of picture to display per page
 $user['nb_image_page'] = $user['nb_image_line'] * $user['nb_line_page'];
+
 init_userprefs($user);
 ?>

trunk/install/dbscheme.txt

@@ -13 +13 @@
 table:sites
 table:user_access
+table:user_forbidden
 table:user_group
 table:users
@@ -84 +85 @@
 column:user_id                   table:user_access    type:smallint                 nullable:N length:5   signed:N
 column:cat_id                    table:user_access    type:smallint                 nullable:N length:5   signed:N
+column:user_id                   table:user_forbidden type:smallint                 nullable:N length:5   signed:N
+column:need_update               table:user_forbidden type:enum('true','false')     nullable:N
+column:forbidden_categories      table:user_forbidden type:text                     nullable:Y
 column:user_id                   table:user_group     type:smallint                 nullable:N length:5   signed:N
 column:group_id                  table:user_group     type:smallint                 nullable:N length:5   signed:N
@@ -100 +104 @@
 column:recent_period             table:users          type:tinyint                  nullable:N length:3   signed:N
 column:template                  table:users          type:varchar                  nullable:N length:255 binary:N
-column:forbidden_categories      table:users          type:text                     nullable:Y
 column:id                        table:waiting        type:int                      nullable:N length:10  signed:N
 column:storage_category_id       table:waiting        type:smallint                 nullable:N length:5   signed:N
@@ -128 +131 @@
 PK:user_access_pk    table:user_access    column:user_id
 PK:user_access_pk    table:user_access    column:cat_id
+PK:user_forbidden_pk table:user_forbidden column:user_id
 PK:user_group_pk     table:user_group     column:group_id
 PK:user_group_pk     table:user_group     column:user_id

trunk/install/phpwebgallery_structure.sql

@@ -199 +199 @@
 
 --
+-- Table structure for table 'phpwebgallery_user_forbidden'
+--
+
+DROP TABLE IF EXISTS phpwebgallery_user_forbidden;
+CREATE TABLE phpwebgallery_user_forbidden (
+  user_id smallint(5) unsigned NOT NULL default '0',
+  need_update enum('true','false') NOT NULL default 'true',
+  forbidden_categories text,
+  PRIMARY KEY  (user_id)
+) TYPE=MyISAM;
+
+--
 -- Table structure for table 'phpwebgallery_user_group'
 --
@@ -229 +241 @@
   recent_period tinyint(3) unsigned NOT NULL default '7',
   template varchar(255) NOT NULL default 'default',
-  forbidden_categories text,
   PRIMARY KEY  (id),
   UNIQUE KEY users_ui1 (username)

trunk/picture.php

@@ -417 +417 @@
 }
 
-$picture_size = get_picture_size( $original_width, $original_height,
-                                  $user['maxwidth'], $user['maxheight'] );
+$picture_size = get_picture_size($original_width, $original_height,
+                                 @$user['maxwidth'], @$user['maxheight']);
 
 // metadata

trunk/template/default/footer.tpl

@@ -1 +1 @@
  <div class="copyright">
  <!-- BEGIN debug -->
- {L_GEN_TIME} {TIME} ::
+ {L_GEN_TIME} {TIME} -
  <!-- END debug -->
 
@@ -9 +9 @@
 
   Powered by <a href="http://www.phpwebgallery.net" class="back">PhpWebGallery</a>
-  {VERSION} :: 
+  {VERSION} - 
 
   {L_SEND_MAIL}