more.groupware

Bugfix for jumps to years like Y or YY (assumes the current century).

I would like this! And I think many office workers will like it too.

There is allready too much user/password hassle in this world..

Jarkko


  ----- Original Message -----=20
  From: Thomas Bley=20
  To: moregroupware-dev@...
  Sent: Monday, October 21, 2002 9:37 PM
  Subject: Re: [mgw-dev] NTLM & MGW


  Hi,

  NTLM offers windows users to get authenticated to a web server without =

  typing their password in.
  The client sents a hash of the password to the webserver, then the=20
  webserver sents it to the domain controller (WinNT or W2k).
  People don't need to type in their credentials when they log in to =
mgw.=20
  (and it's also secure)
  --> The users are authenticated by the domain controller, they don't=20
  even need to know their mgw-password.
  (Using ldap authentication requires the administrator-password of the=20
  active directory controller, this is bad.)

  line 75: this was only for the test, I attached a new index.php.

  index.php also needs a check to appconf (-> setup, e.g. =
$use_ntlm_auth) at:
  line 36: (isset($_SERVER["REMOTE_USER"])) -->=20
  (isset($_SERVER["REMOTE_USER"]) and $use_ntlm_auth)

  sql.inc:
  line 5:    global $conn,$_SERVER, $_POST; -->     global =
$conn,$_SERVER,=20
  $_POST, $use_ntlm_auth;
  line 7: (isset($_SERVER["REMOTE_USER"]) and -->=20
  (isset($_SERVER["REMOTE_USER"]) and $use_ntlm_auth and

  bye
  tom

  Karsten Dambekalns wrote:

  >On Mon, Okt 21, 2002 at 12:02:59 +0200, Thomas Bley wrote:
  > =20
  >
  >>Hi,
  >>
  >>Here are some patches using NTLM (or basic / digest auth) with MGW:
  >>look at the attachments:
  >>- mgw/index.php
  >>- mgw/modules/general/templates/default/html/login.tpl
  >>- mgw/include/Auth/sql.inc
  >>
  >>Perhaps we can make "authenticating by REMOTE_USER" configurable in =
setup ?
  >>   =20
  >>
  >
  >Ah, ok, now I understand what this checkbox on your screenshot
  >is... :)
  >
  >Well, do we need this? Why is this a Good Thing? To make mgw easier =
to
  >integrate in existing setups?
  >
  >BTW, is the false in the check on line 75 a left over thing from
  >testing? I guess so, no?
  >
  >Well, I don't care too much about this, but if there are no other
  >opinions, I am not against it, either, if we make it possible to
  >disable this.
  >
  >
  >Karsten
  > =20
  >




-------------------------------------------------------------------------=
-----


  Please run SETUP first."); // =
-------------------------------------------------------------------- =
$myEnv["module"] =3D "general"; $myEnv["output"] =3D "html"; =
$myEnv["translate"] =3D true; $myEnv["stdsmenu"] =3D false; =
$myEnv["auth"] =3D false; include('config.inc.php'); include(INCLUDEPATH =
."container.inc"); $num =3D 1; $conn =3D connect_database(); =
if($_SERVER["REQUEST_METHOD"] =3D=3D "POST"){ $loginlang =3D =
$_POST["language"]; $lsql =3D "SELECT charset FROM mgw_languages WHERE =
langcode=3D".$conn->quote($_POST["language"]); if (!$lres =3D =
$conn->Execute($lsql)) exit(showSQLerror($sql, $conn->ErrorMsg(), =
__LINE__, __FILE__)); $lrow =3D $lres->FetchRow(); $logincharset =3D =
$lrow["charset"]; } else{ $loginlang =3D $appconf["def_language"]; =
$logincharset =3D $appconf["def_charset"]; } =
setLocaledText($loginlang,"general"); =
$smarty->assign("charset",$logincharset); $login =3D =
(IsSet($_POST["login"]) ? $_POST["login"] : ""); $password =3D =
(IsSet($_POST["password"]) ? $_POST["password"] : ""); if =
(isset($_SERVER["REMOTE_USER"])) { $mylogin =3D =
substr($_SERVER["REMOTE_USER"],strpos($_SERVER["REMOTE_USER"],"\\")+1); =
$mylogin =3D str_replace("\\","",$mylogin); $smarty->assign("mylogin", =
$mylogin); if (isset($_POST["noautologin"])) { if =
($_POST["noautologin"]) {$smarty->assign("noautologin", "checked");} =
else {$smarty->assign("noautologin", "");} } if =
(!isset($_POST["noautologin"]) or !$_POST["noautologin"]) { $login =3D =
$mylogin; } } if(IsSet($_GET["view"]) && $_GET["view"]=3D=3D"logout"){ =
$_SESSION =3D array(); session_destroy(); } if =
(!isset($_POST["loginbutton"]) && (!isset($_SESSION["username"]))) { =
include(INCLUDEPATH . "mSelectBox.class.inc"); $lsb =3D new =
mSelectBox("language"); $lsb->setContentType("sql"); =
$lsb->setSQLvalue("langcode"); $lsb->setSQLcontent("description"); =
$lsb->addContent("SELECT langcode, description FROM mgw_languages ORDER =
BY description"); $smarty->assign("lsb", $lsb->draw($loginlang, =
'onchange=3D"document.f1.submit()"')); $smarty->display("login.tpl"); } =
else if (isset($_SESSION['MGW']) && !isset($_POST["loginbutton"])) { =
redirect("modules/".$_SESSION["MGW"]->settings["def_module"]."/index.php?=
".SID); } else if (isset($_POST["loginbutton"])) { // ATIF: first =
authentify the user via ldap or sql // no authentification, no access =
$sql =3D "SELECT is_ldap FROM mgw_users WHERE =
username=3D".$conn->quote($login); if (!$res =3D $conn->Execute($sql)) =
exit(showSQLerror($sql, $conn->ErrorMsg(), __LINE__, __FILE__)); $row =
=3D $res->FetchRow(); if ($res->RecordCount()=3D=3D0 and =
(!isset($_SERVER["REMOTE_USER"]) or (isset($_POST["noautologin"]) and =
$_POST["noautologin"]))) { //the username is not present in the database =
// if ($appconf["create_accounts_on_login"]) { //user does not exists, =
but was authentified //lets create an account for this user if =
create_accounts_on_login // is defined in the config =
create_user_account($login); if ($row=3Dget_user_info($login)) $num=3D1; =
} else { //the user is not allow to create a new account =
include(INCLUDEPATH . "mSelectBox.class.inc"); $lsb =3D new =
mSelectBox("language"); $lsb->setContentType("sql"); =
$lsb->setSQLvalue("langcode"); $lsb->setSQLcontent("description"); =
$lsb->addContent("SELECT langcode, description FROM mgw_languages ORDER =
BY description"); $smarty->assign("lsb", $lsb->draw($loginlang, =
'onchange=3D"document.f1.submit()"')); $smarty->assign('loginerrortext', =
getLanguageString("loginerror")); $smarty->display("login.tpl"); exit(); =
} } else { //the user is present in the database if =
($row["is_ldap"]=3D=3D0) { //the user is not an admin and so on =
include(INCLUDEPATH . "Auth/sql.inc"); }else {//he is =
include(INCLUDEPATH ."Auth/". $appconf["auth_method"] . ".inc"); } if =
(!authentify_user($login, $password)) { include(INCLUDEPATH . =
"mSelectBox.class.inc"); $lsb =3D new mSelectBox("language"); =
$lsb->setContentType("sql"); $lsb->setSQLvalue("langcode"); =
$lsb->setSQLcontent("description"); $lsb->addContent("SELECT langcode, =
description FROM mgw_languages ORDER BY description"); =
$smarty->assign("lsb", $lsb->draw($loginlang, =
'onchange=3D"document.f1.submit()"')); $smarty->assign('loginerrortext', =
getLanguageString("loginerror")); $smarty->display("login.tpl"); exit(); =
} if ($row=3Dget_user_info($login)) $num=3D1; } if ($num =3D=3D 1) { // =
Login successfull $_SESSION["checkip"] =3D $_POST["checkip"]; =
$_SESSION["remoteip"] =3D $_SERVER["REMOTE_ADDR"]; if($row["lang"] !=3D =
"login"){ $_SESSION["MGW"]->spkz =3D $row["lang"]; =
$_SESSION["MGW"]->charset =3D $row["charset"]; } else{ =
$_SESSION["MGW"]->spkz =3D $_POST["language"]; $lsql =3D "SELECT charset =
FROM mgw_languages WHERE langcode=3D".$conn->quote($_POST["language"]); =
if (!$lres =3D $conn->Execute($lsql)) exit(showSQLerror($sql, =
$conn->ErrorMsg(), __LINE__, __FILE__)); $lrow =3D $lres->FetchRow(); =
$_SESSION["MGW"]->charset =3D $lrow["charset"]; } =
$_SESSION["MGW"]->fullusername =3D $row["firstname"] . " " . =
$row["lastname"]; $_SESSION["MGW"]->username =3D $row["username"]; =
$_SESSION["MGW"]->userid =3D $row["id"]; $_SESSION["MGW"]->login =3D =
$login; $_SESSION["MGW"]->password =3D $password; =
$_SESSION["MGW"]->modules =3D array(); getInstalledModules(); =
$smarty->assign("charset", $_SESSION["MGW"]->charset); getUserRights(); =
getUserSettings(); =
redirect("modules/".$_SESSION["MGW"]->settings["def_module"]."/index.php?=
".SID); } else if ($num =3D=3D 0) { // Login not successfull =
include(INCLUDEPATH . "mSelectBox.class.inc"); $lsb =3D new =
mSelectBox("language"); $lsb->setContentType("sql"); =
$lsb->setSQLvalue("langcode"); $lsb->setSQLcontent("description"); =
$lsb->addContent("SELECT langcode, description FROM mgw_languages ORDER =
BY description"); $smarty->assign("lsb", $lsb->draw($loginlang, =
'onchange=3D"document.f1.submit()"')); unset($_SESSION['MGW']); =
$smarty->assign('loginerrortext', getLanguageString("loginerror")); =
$smarty->display("login.tpl"); } } ?>

Am Montag, 21. Oktober 2002 17:28 schrieb Karsten Dambekalns:
> On Mon, Okt 21, 2002 at 10:06:02 +0200, Andreas Daab wrote:
> > The birthdays from contacts are always 'null'. To fix this simply
> > delete the following line (twice) in contact.class.php:
> > $bday =3D ((int)$bday =3D=3D 0) ? "null" : $bday;
>
> Fixed. Thanks for the hint. But the line has not been deleted, but
> changed.
>
> It seems to be needed, to insert NULL into the database instead of
> 0000-00-00, as this gives trouble with some databases. Feel free to
> correct me if I'm wrong.
>
> Karsten

$bday =3D $conn->DBDate(sprintf("%04d-%02d-%02d",$byear,$bmonth,$bday));

returns NULL for illegal $byear, $bmonth, $bday values, not 0.  So the li=
ne

$bday =3D ((int)$bday =3D=3D 0) ? "null" : $bday;

is obsolete.

I'm currently bugfixing the projects module. What is the column 'contacts=
'=20
good for?=20
a) Should it show all contacts of the company associated with a project? =
Than=20
we don't need the database column contactid in mgw_projects.=20
b) Is it an external contact for a project? Than we need to change the=20
edit/details screen.
c) anything else?

Bugfixes for the project module (e.g. getRowAssoc -> FetchRow), some bugs=
 are=20
possible still left (GANTT Diagram).

Hi,

>> can we move the sync files somewhere else and delete the sync
>> folder?  Sync is not really a module and this will break my
>> translation programm which i am writing.

> He! If this thing really is about to see the light, I don't want to
> stop it...

i didnt say that it will see the light tommorrow, but it will...

> I'll move the sync folder to include for now, probably rename it to
> vcard, as there is nothing but this in it. I will fix the contact
> module as well, it's the only one that uses this.

> Or shall I move the stuff to the contacts folder instead?

the place doesnt matter to me, just not as a folder inside modules :)

> Either way, I see no good reason not to move it away, if it causes you
> trouble.

would take me unnecessary work if we leave it there, besides, its not
very logical to have it there. It will make sense if we fully implement
ML-Sync and this thing would become a module itself...

marc


Marc Logemann (Loge)

* @home and hacking away again.
check IRC: #moregroupware    on: irc.openprojects.net

> Anyway, the function you created to shorten this, should be put into
> userfunc.inc.php (or wherever more suitable).

There is also smarty modifier truncate, that should be used instead of this
function. It can truncate on word boundary or on exact letter and also add
some string at the end ( like '...' ). I found it more usefull and it should
speed up mgw code, if we will use smarty caching function...

from Smarty 2.3.0 docs:

This truncates a variable to a character length, default is 80. As an
optional second parameter,
you can specify a string of text to display at the end if the variable was
truncated.
The characters in the string are included with the original truncation
length.
By default, truncate will attempt to cut off at a word boundary. If you want
to cut off
at the exact character length, pass the optional third parameter of true.

Example 5-18. truncate

{$articleTitle}
{$articleTitle|truncate}
{$articleTitle|truncate:30}
{$articleTitle|truncate:30:""}
{$articleTitle|truncate:30:"---"}
{$articleTitle|truncate:30:"":true}
{$articleTitle|truncate:30:"...":true}

OUTPUT:

Two Sisters Reunite after Eighteen Years at Checkout Counter.
Two Sisters Reunite after Eighteen Years at Checkout Counter.
Two Sisters Reunite after...
Two Sisters Reunite after
Two Sisters Reunite after---
Two Sisters Reunite after Eigh
Two Sisters Reunite after E...

hondzik

Am Montag, 21. Oktober 2002 20:54 schrieb Ing. M=F3nico Brise=F1o C.:
> Hi everyone.
>
> I have a calendar question:
>
> Does exist a calendar option to avoid view others calendar file?
>
> Thanks in advance
>
> Monico
>
>
> _______________________________________________
> Moregroupware-dev mailing list
> Moregroupware-dev@...
> http://www.lists.morelogs.de/mailman/listinfo/moregroupware-dev

Use privat appointments, only you and the selected participians can see t=
hem.

Bugs item #626577, was opened at 2002-10-22 00:14
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=404018&aid=626577&group_id=32034

Category: TTS
Group: 0.6.x
Status: Open
Resolution: None
Priority: 5
Submitted By: Bjørn Roger Rasmussen (brreger)
Assigned to: Nobody/Anonymous (nobody)
Summary: Bug when I enter TTS

Initial Comment:
When I go into TTS I get:

select distinct a.id, a.name from mgw_projects a,
mgw_tts b where a.id=b.id_project 

I get the error in the heading. But everything seems to
work ok.

I run the latest CVS version (not snapshot) of MGW
downloaded 22/10/02. Windows XP, Apache 1.3.27 and
PHP/4.2.3.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=404018&aid=626577&group_id=32034

Bugs item #626579, was opened at 2002-10-22 00:21
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=404018&aid=626579&group_id=32034

Category: Headline
Group: 0.6.x
Status: Open
Resolution: None
Priority: 5
Submitted By: Bjørn Roger Rasmussen (brreger)
Assigned to: olivier bregeas (bregeras)
Summary: Not possible to add a channel 

Initial Comment:
Tried to add a channel. The result:

file1 : freshmeat.mcf file2 : 01net.mcf test : 
file1 : hardware-fr.mcf file2 : 01net.mcf test : 
file1 : bsdtoday.mcf file2 : 01net.mcf test : 
file1 : linuxfr.mcf file2 : 01net.mcf test : 
fichier ajoute : 01net.mcf
file1 : freshmeat.mcf file2 : bebits.mcf test : 
file1 : hardware-fr.mcf file2 : bebits.mcf test : 
file1 : bsdtoday.mcf file2 : bebits.mcf test : 
file1 : linuxfr.mcf file2 : bebits.mcf test : 
fichier ajoute : bebits.mcf
file1 : freshmeat.mcf file2 : bsdtoday.mcf test : 
file1 : hardware-fr.mcf file2 : bsdtoday.mcf test : 
file1 : bsdtoday.mcf file2 : bsdtoday.mcf test : 1
file1 : linuxfr.mcf file2 : bsdtoday.mcf test : 
file1 : freshmeat.mcf file2 : freshmeat.mcf test : 1
file1 : hardware-fr.mcf file2 : freshmeat.mcf test : 
file1 : bsdtoday.mcf file2 : freshmeat.mcf test : 
file1 : linuxfr.mcf file2 : freshmeat.mcf test : 
file1 : freshmeat.mcf file2 : hardware-fr.mcf test : 
file1 : hardware-fr.mcf file2 : hardware-fr.mcf test : 1
file1 : bsdtoday.mcf file2 : hardware-fr.mcf test : 
file1 : linuxfr.mcf file2 : hardware-fr.mcf test : 
file1 : freshmeat.mcf file2 : linuxfr.mcf test : 
file1 : hardware-fr.mcf file2 : linuxfr.mcf test : 
file1 : bsdtoday.mcf file2 : linuxfr.mcf test : 
file1 : linuxfr.mcf file2 : linuxfr.mcf test : 1
file1 : freshmeat.mcf file2 : lou_portail.mcf test : 
file1 : hardware-fr.mcf file2 : lou_portail.mcf test : 
file1 : bsdtoday.mcf file2 : lou_portail.mcf test : 
file1 : linuxfr.mcf file2 : lou_portail.mcf test : 
fichier ajoute : lou_portail.mcf
file1 : freshmeat.mcf file2 : mandrake-fr.mcf test : 
file1 : hardware-fr.mcf file2 : mandrake-fr.mcf test : 
file1 : bsdtoday.mcf file2 : mandrake-fr.mcf test : 
file1 : linuxfr.mcf file2 : mandrake-fr.mcf test : 
fichier ajoute : mandrake-fr.mcf
file1 : freshmeat.mcf file2 : mgwfr.mcf test : 
file1 : hardware-fr.mcf file2 : mgwfr.mcf test : 
file1 : bsdtoday.mcf file2 : mgwfr.mcf test : 
file1 : linuxfr.mcf file2 : mgwfr.mcf test : 
fichier ajoute : mgwfr.mcf
file1 : freshmeat.mcf file2 : moregroupware.mcf test : 
file1 : hardware-fr.mcf file2 : moregroupware.mcf test : 
file1 : bsdtoday.mcf file2 : moregroupware.mcf test : 
file1 : linuxfr.mcf file2 : moregroupware.mcf test : 
fichier ajoute : moregroupware.mcf
file1 : freshmeat.mcf file2 : namodro-cz.mcf test : 
file1 : hardware-fr.mcf file2 : namodro-cz.mcf test : 
file1 : bsdtoday.mcf file2 : namodro-cz.mcf test : 
file1 : linuxfr.mcf file2 : namodro-cz.mcf test : 
fichier ajoute : namodro-cz.mcf
file1 : freshmeat.mcf file2 : newsforge.mcf test : 
file1 : hardware-fr.mcf file2 : newsforge.mcf test : 
file1 : bsdtoday.mcf file2 : newsforge.mcf test : 
file1 : linuxfr.mcf file2 : newsforge.mcf test : 
fichier ajoute : newsforge.mcf
file1 : freshmeat.mcf file2 : osnews.mcf test : 
file1 : hardware-fr.mcf file2 : osnews.mcf test : 
file1 : bsdtoday.mcf file2 : osnews.mcf test : 
file1 : linuxfr.mcf file2 : osnews.mcf test : 
fichier ajoute : osnews.mcf
file1 : freshmeat.mcf file2 : phpindex.mcf test : 
file1 : hardware-fr.mcf file2 : phpindex.mcf test : 
file1 : bsdtoday.mcf file2 : phpindex.mcf test : 
file1 : linuxfr.mcf file2 : phpindex.mcf test : 
fichier ajoute : phpindex.mcf
file1 : freshmeat.mcf file2 : root-cz.mcf test : 
file1 : hardware-fr.mcf file2 : root-cz.mcf test : 
file1 : bsdtoday.mcf file2 : root-cz.mcf test : 
file1 : linuxfr.mcf file2 : root-cz.mcf test : 
fichier ajoute : root-cz.mcf
file1 : freshmeat.mcf file2 : slashdot.mcf test : 
file1 : hardware-fr.mcf file2 : slashdot.mcf test : 
file1 : bsdtoday.mcf file2 : slashdot.mcf test : 
file1 : linuxfr.mcf file2 : slashdot.mcf test : 
fichier ajoute : slashdot.mcf
file1 : freshmeat.mcf file2 : underground-cz.mcf test : 
file1 : hardware-fr.mcf file2 : underground-cz.mcf test : 
file1 : bsdtoday.mcf file2 : underground-cz.mcf test : 
file1 : linuxfr.mcf file2 : underground-cz.mcf test : 
fichier ajoute : underground-cz.mcf
file1 : freshmeat.mcf file2 : yahoodemi.mcf test : 
file1 : hardware-fr.mcf file2 : yahoodemi.mcf test : 
file1 : bsdtoday.mcf file2 : yahoodemi.mcf test : 
file1 : linuxfr.mcf file2 : yahoodemi.mcf test : 
fichier ajoute : yahoodemi.mcf
file1 : freshmeat.mcf file2 : yahoofrmi.mcf test : 
file1 : hardware-fr.mcf file2 : yahoofrmi.mcf test : 
file1 : bsdtoday.mcf file2 : yahoofrmi.mcf test : 
file1 : linuxfr.mcf file2 : yahoofrmi.mcf test : 
fichier ajoute : yahoofrmi.mcf

I get the channel to work, but I should not have got
all the "information" above?

I run the latest CVS - version of MGW 0.6.6. Downloaded
22/10/2002. Windows XP, Apache 1.3.27 and PHP 4.2.3 

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=404018&aid=626579&group_id=32034

For all those who are not aware: http://phpgacl.sourceforge.net

Hi All,

	Well, I spent the weekend re-tooling phpGACL to make application
integration much easier than it was before. I think my efforts paid off,
as it only took few hours this evening integrating the basics of phpGACL
in to MGW. It would have taken even less time had I been more familiar
with MGW inner workings, but thats life. ;)

I've done this in such a way that it should be 90% backwards compatible
(with the exception of module_level, whats the intended purpose of
module_level anyway?). Someone who knows more about the MGW code might
be able to tell me if my implementation is sound or not.

It's very simple right now, I tried to change as little code as possible
to get it working.

getUserRights() in userfunc.inc:
---
Original Code (formatted slightly):
---
$rights = new rights(
			$row["modulename"],
			$row["_read"],
			$row["_write"],
			$row["_delete"],
			$row["_delete_others"],
			$row["_modify"],
			$row["_modify_others"],
			$row["_module_level"]
			);

---
phpGACL enhanced code:
---
//acl_check() returns true/false of course.
$rights = new rights(
			$row["modulename"],
			acl_check($row["modulename"], 'read', 'users', $thisuserid),
			acl_check($row["modulename"], 'write', 'users', $thisuserid),
			acl_check($row["modulename"], 'delete', 'users', $thisuserid),
			acl_check($row["modulename"], 'delete_others', 'users', $thisuserid),
			acl_check($row["modulename"], 'modify', 'users', $thisuserid),
			acl_check($row["modulename"], 'modify_others', 'users', $thisuserid),
			$row["_module_level"]
			);

setRights() in mgw.class.inc
---
Original Code (again formatted for my sanity. ;):
---

if(!$this->rights[$modulename]->read) {
	$this->rights[$modulename]->read = $rightsobj->read;
}
if(!$this->rights[$modulename]->write) {
	$this->rights[$modulename]->write = $rightsobj->write;
}	
if(!$this->rights[$modulename]->delete) {
	$this->rights[$modulename]->delete = $rightsobj->delete;
}	
if(!$this->rights[$modulename]->delete_others) {
	$this->rights[$modulename]->delete_others = $rightsobj->delete_others;
}	
if(!$this->rights[$modulename]->modify) {
	$this->rights[$modulename]->modify = $rightsobj->modify;
}	
if(!$this->rights[$modulename]->modify_others) {
	$this->rights[$modulename]->modify_others = $rightsobj->modify_others;
}	
if($this->rights[$modulename]->module_level < $rightsobj->module_level)
{
	$this->rights[$modulename]->module_level = $rightsobj->module_level;
}	

---
phpGACL enhanced code:
---
	$this->rights[$modulename]->read = $rightsobj->read;
	$this->rights[$modulename]->write = $rightsobj->write;
	$this->rights[$modulename]->delete = $rightsobj->delete;
	$this->rights[$modulename]->delete_others = $rightsobj->delete_others;
	$this->rights[$modulename]->modify = $rightsobj->modify;
	$this->rights[$modulename]->modify_others = $rightsobj->modify_others;
	$this->rights[$modulename]->module_level = $rightsobj->module_level;

That's it, seems pretty straight forward and simple so far?

Questions I have:

1. I couldn't pin point exactly why those IF statements in setRights()
were there. Does the current security model default to or favor "ALLOW
ALL" rights? 

2. MGW currently seems to call setRights() for every module, at every
page load. Is there a specific reason for this, or would moving to
system such a phpGACL where it only processes/gets permissions as they
are needed cause problems? 

There aren't many advantages to using phpGACL over MGW's current rights
management system with the implementation I described above, however it
should provide a smooth, clean, backwards compatible migration if you so
choose. 

Where the real advantages come in to play is when the module developers
start making use of "custom" permissions that they can create/destroy on
the fly. Any type of permissions from "Email forgotten passwords" to
"Create Webmail Folders", and if you really want to get fancy, anyone
could easily program "ACL Hooks" for things like Webmail quotas,
appointment/contact limits, or even pricing for those companies which
offer MGW to customers.

I'm hoping to have phpGACL v2 out by early next week which should
implement complete "per item" permissions. For those that aren't aware,
this will allow MGW users the ability to set individual permission on
any "item" (Appointment, Contact, Note, Forum, ec..) they choose.

I think thats enough for tonight, hopefully most of my emails won't be
this long. ;)

Hi,

after some more wasted hours in playing counterstrike in finally deleted
the shit in order to complete the translation app.

I hate Valve for releasing this game years ago...

[just a short note] :)

Marc
---
Marc Logemann
(see him @ http://www.logemann.info)