[Phpbb-checkins] CVS: phpBB2/includes auth.php,1.36,1.37

[Paul S. O. <ps...@us...>]

Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv18508/includes

Modified Files:
	auth.php 
Log Message:
Small cleanups

Index: auth.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/auth.php,v
retrieving revision 1.36
retrieving revision 1.37
diff -C2 -r1.36 -r1.37
*** auth.php	18 Mar 2002 23:53:12 -0000	1.36
--- auth.php	2 Apr 2002 14:03:58 -0000	1.37
***************
*** 23,31 ****
  /*
  	$type's accepted (pre-pend with AUTH_):
! 	VIEW, READ, POST, REPLY, EDIT, DELETE, STICKY, ANNOUNCE, VOTE, VOTECREATE,
! 	ATTACH
! 
! 	$types pending (for future versions, pre-pend with AUTH_):
! 	ALLOW_HTML, ALLOW_BBCODE, ALLOW_SMILIES
  
  	Possible options ($type/forum_id combinations):
--- 23,27 ----
  /*
  	$type's accepted (pre-pend with AUTH_):
! 	VIEW, READ, POST, REPLY, EDIT, DELETE, STICKY, ANNOUNCE, VOTE, POLLCREATE
  
  	Possible options ($type/forum_id combinations):
***************
*** 53,57 ****
  	lookup
  */
! function auth($type, $forum_id, $userdata, $f_access = -1)
  {
  	global $db, $lang;
--- 49,53 ----
  	lookup
  */
! function auth($type, $forum_id, $userdata, $f_access = '')
  {
  	global $db, $lang;
***************
*** 60,120 ****
  	{
  		case AUTH_ALL:
! 			$a_sql = "a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_delete, a.auth_sticky, a.auth_announce, a.auth_vote, a.auth_pollcreate";
! 			$auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_vote", "auth_pollcreate");
  			break;
  
  		case AUTH_VIEW:
! 			$a_sql = "a.auth_view";
! 			$auth_fields = array("auth_view");
  			break;
  
  		case AUTH_READ:
! 			$a_sql = "a.auth_read";
! 			$auth_fields = array("auth_read");
  			break;
  		case AUTH_POST:
! 			$a_sql = "a.auth_post";
! 			$auth_fields = array("auth_post");
  			break;
  		case AUTH_REPLY:
! 			$a_sql = "a.auth_reply";
! 			$auth_fields = array("auth_reply");
  			break;
  		case AUTH_EDIT:
! 			$a_sql = "a.auth_edit";
! 			$auth_fields = array("auth_edit");
  			break;
  		case AUTH_DELETE:
! 			$a_sql = "a.auth_delete";
! 			$auth_fields = array("auth_delete");
  			break;
  
  		case AUTH_ANNOUNCE:
! 			$a_sql = "a.auth_announce";
! 			$auth_fields = array("auth_announce");
  			break;
  		case AUTH_STICKY:
! 			$a_sql = "a.auth_sticky";
! 			$auth_fields = array("auth_sticky");
  			break;
  
  		case AUTH_POLLCREATE:
! 			$a_sql = "a.auth_pollcreate";
! 			$auth_fields = array("auth_pollcreate");
  			break;
  		case AUTH_VOTE:
! 			$a_sql = "a.auth_vote";
! 			$auth_fields = array("auth_vote");
  			break;
  		case AUTH_ATTACH:
  			break;
  
- 		case AUTH_ALLOW_HTML:
- 			break;
- 		case AUTH_ALLOW_BBCODE:
- 			break;
- 		case AUTH_ALLOW_SMILIES:
- 			break;
- 
  		default:
  			break;
--- 56,109 ----
  	{
  		case AUTH_ALL:
! 			$a_sql = 'a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_delete, a.auth_sticky, a.auth_announce, a.auth_vote, a.auth_pollcreate';
! 			$auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
  			break;
  
  		case AUTH_VIEW:
! 			$a_sql = 'a.auth_view';
! 			$auth_fields = array('auth_view');
  			break;
  
  		case AUTH_READ:
! 			$a_sql = 'a.auth_read';
! 			$auth_fields = array('auth_read');
  			break;
  		case AUTH_POST:
! 			$a_sql = 'a.auth_post';
! 			$auth_fields = array('auth_post');
  			break;
  		case AUTH_REPLY:
! 			$a_sql = 'a.auth_reply';
! 			$auth_fields = array('auth_reply');
  			break;
  		case AUTH_EDIT:
! 			$a_sql = 'a.auth_edit';
! 			$auth_fields = array('auth_edit');
  			break;
  		case AUTH_DELETE:
! 			$a_sql = 'a.auth_delete';
! 			$auth_fields = array('auth_delete');
  			break;
  
  		case AUTH_ANNOUNCE:
! 			$a_sql = 'a.auth_announce';
! 			$auth_fields = array('auth_announce');
  			break;
  		case AUTH_STICKY:
! 			$a_sql = 'a.auth_sticky';
! 			$auth_fields = array('auth_sticky');
  			break;
  
  		case AUTH_POLLCREATE:
! 			$a_sql = 'a.auth_pollcreate';
! 			$auth_fields = array('auth_pollcreate');
  			break;
  		case AUTH_VOTE:
! 			$a_sql = 'a.auth_vote';
! 			$auth_fields = array('auth_vote');
  			break;
  		case AUTH_ATTACH:
  			break;
  
  		default:
  			break;
***************
*** 125,152 ****
  	// then we need to pull the auth information on the given forum (or all forums)
  	//
! 	if( $f_access == -1 )
  	{
! 		$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "WHERE a.forum_id = $forum_id" : "";
  
  		$sql = "SELECT a.forum_id, $a_sql
  			FROM " . FORUMS_TABLE . " a
  			$forum_match_sql";
! 		$af_result = $db->sql_query($sql);
! 
! 		if(!$af_result)
  		{
! 			message_die(GENERAL_ERROR, "Failed obtaining forum access control lists", "", __LINE__, __FILE__, $sql);
  		}
! 		else
  		{
! 			if( !$db->sql_numrows($af_result) )
! 			{
! 				message_die(GENERAL_ERROR, "No forum access control lists exist!", "", __LINE__, __FILE__, $sql);
! 			}
! 			else
! 			{
! 				$f_access = ($forum_id != AUTH_LIST_ALL) ? $db->sql_fetchrow($af_result) : $db->sql_fetchrowset($af_result);
! 			}
  		}
  	}
  
--- 114,137 ----
  	// then we need to pull the auth information on the given forum (or all forums)
  	//
! 	if ( empty($f_access) )
  	{
! 		$forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "WHERE a.forum_id = $forum_id" : '';
  
  		$sql = "SELECT a.forum_id, $a_sql
  			FROM " . FORUMS_TABLE . " a
  			$forum_match_sql";
! 		if ( !($result = $db->sql_query($sql)) )
  		{
! 			message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql);
  		}
! 
! 		$sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset';
! 
! 		if ( !($f_access = $db->$sql_fetchrow($result)) )
  		{
! 			message_die(GENERAL_ERROR, 'No forum access control lists exist', '', __LINE__, __FILE__, $sql);
  		}
+ 
+ 		$db->sql_freeresult($result);
  	}
  
***************
*** 156,164 ****
  	// are denied access
  	//
! 	$auth_user = array();
! 
! 	if( $userdata['session_logged_in'] )
  	{
! 		$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND a.forum_id = $forum_id" : "";
  
  		$sql = "SELECT a.forum_id, $a_sql, a.auth_mod 
--- 141,148 ----
  	// are denied access
  	//
! 	$u_access = array();
! 	if ( $userdata['session_logged_in'] )
  	{
! 		$forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "AND a.forum_id = $forum_id" : '';
  
  		$sql = "SELECT a.forum_id, $a_sql, a.auth_mod 
***************
*** 168,190 ****
  				AND a.group_id = ug.group_id
  				$forum_match_sql";
! 		$a_result = $db->sql_query($sql);
! 		if( !$a_result )
  		{
! 			message_die(GENERAL_ERROR, "Failed obtaining forum access control lists", "", __LINE__, __FILE__, $sql);
  		}
  
! 		$num_u_access = $db->sql_numrows($a_result);
! 		if( $num_u_access )
  		{
! 			if($forum_id != AUTH_LIST_ALL)
  			{
! 				$u_access = $db->sql_fetchrowset($a_result);
  			}
  			else
  			{
! 				while( $u_row = $db->sql_fetchrow($a_result) )
  				{
! 					$u_access[$u_row['forum_id']][] = $u_row;
  				}
  			}
  		}
--- 152,173 ----
  				AND a.group_id = ug.group_id
  				$forum_match_sql";
! 		if ( !($result = $db->sql_query($sql)) )
  		{
! 			message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql);
  		}
  
! 		if ( $row = $db->sql_fetchrow($result) )
  		{
! 			if ( $forum_id != AUTH_LIST_ALL)
  			{
! 				$u_access[] = $row;
  			}
  			else
  			{
! 				do
  				{
! 					$u_access[$row['forum_id']][] = $row;
  				}
+ 				while( $row = $db->sql_fetchrow($result) );
  			}
  		}
***************
*** 194,198 ****
  
  	$auth_user = array();
- 
  	for($i = 0; $i < count($auth_fields); $i++)
  	{
--- 177,180 ----
***************
*** 210,225 ****
  		// auth requirement of MOD
  		//
! 		// The access level assigned to a single user automatically takes precedence over any levels
! 		// granted by that user being a member of a multi-user usergroup, eg. a user who is banned
! 		// from a forum won't gain access to it even if they belong to a group which has access (and
! 		// vice versa). This check is done via the single_user check
! 		//
! 		// PS : I appologise for the fantastically clear and hugely readable code here ;) Simple gist
! 		// is, if this row of auth_access doesn't represent a single user then OR the  contents of
! 		// relevant auth_access levels against the current level (allows maximum group privileges to
! 		// be assigned). If the row does represent a single user then forget any previous group results
! 		// and instead set the auth to whatever the OR'd contents of the access levels are.
! 		//
! 		if( $forum_id != AUTH_LIST_ALL )
  		{
  			$value = $f_access[$key];
--- 192,196 ----
  		// auth requirement of MOD
  		//
! 		if ( $forum_id != AUTH_LIST_ALL )
  		{
  			$value = $f_access[$key];
***************
*** 302,306 ****
  	// Is user a moderator?
  	//
! 	if( $forum_id != AUTH_LIST_ALL )
  	{
  		$auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
--- 273,277 ----
  	// Is user a moderator?
  	//
! 	if ( $forum_id != AUTH_LIST_ALL )
  	{
  		$auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
***************
*** 323,327 ****
  	$auth_user = 0;
  
! 	if( count($u_access) )
  	{
  		for($j = 0; $j < count($u_access); $j++)
--- 294,298 ----
  	$auth_user = 0;
  
! 	if ( count($u_access) )
  	{
  		for($j = 0; $j < count($u_access); $j++)