|
From: Joe S. <joe...@us...> - 2002-05-23 20:38:47
|
Update of /cvsroot/phpslash/phpslash-ft/class
In directory usw-pr-cvs1:/tmp/cvs-serv26220/phpslash-ft/class
Modified Files:
Author.class slashAuthCR.class
Log Message:
preauth fix
Index: Author.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/Author.class,v
retrieving revision 1.20
retrieving revision 1.21
diff -C2 -d -r1.20 -r1.21
*** Author.class 23 May 2002 18:41:24 -0000 1.20
--- Author.class 23 May 2002 20:38:44 -0000 1.21
***************
*** 164,167 ****
--- 164,171 ----
}
+ $group_del = "DELETE FROM psl_author_group_lut
+ WHERE author_id='$ary[author_id]'";
+ $this->db->query($group_del);
+
$this->message = "Author Updated";
***************
*** 199,203 ****
if(is_array($ary['permission']) ) {
! while ( list( $key, $val ) = each( $ary['permission'] ) ) {
$lut_id = generateID("psl_author_group_lut_seq");
$lut_insert = "INSERT INTO psl_author_group_lut
--- 203,208 ----
if(is_array($ary['permission']) ) {
!
! while ( list( $key, $val ) = each( $ary['permission'] ) ) {
$lut_id = generateID("psl_author_group_lut_seq");
$lut_insert = "INSERT INTO psl_author_group_lut
***************
*** 327,330 ****
--- 332,340 ----
return false;
} else {
+
+ $q = "DELETE
+ FROM psl_author_group_lut
+ WHERE author_id = '$author_id_to_delete'";
+ $this->db->query($q);
$q = "DELETE
Index: slashAuthCR.class
===================================================================
RCS file: /cvsroot/phpslash/phpslash-ft/class/slashAuthCR.class,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** slashAuthCR.class 23 May 2002 18:41:24 -0000 1.11
--- slashAuthCR.class 23 May 2002 20:38:44 -0000 1.12
***************
*** 113,121 ****
// preauth successful
// debug("preauth", "successful");
! $this->auth["perm"] = $this->db->Record["perms"];
! return $this->db->Record["author_id"];
} else {
// preauth failed
! // debug("preauth", "failed");
return false;
}
--- 113,123 ----
// preauth successful
// debug("preauth", "successful");
! // $this->auth["perm"] = $this->db->Record["perms"];
! $uid = $this->db->Record["author_id"];
! $this->auth["perm"] = $this->get_userperms($uid);
! return $uid;
} else {
// preauth failed
! debug("preauth", "failed");
return false;
}
***************
*** 194,285 ****
return false;
} else {
! // may need to get legacy records
! // $this->auth["perm"] = $this->db->Record["perms"];
! /*
! * Get the group perms's for this author into an array
! */
! $q = "SELECT psl_permission.permission_name,
! psl_group.group_name,
! psl_group.group_id
! FROM psl_group,
! psl_author_group_lut,
! psl_group_permission_lut,
! psl_permission
! WHERE psl_group.group_id = psl_author_group_lut.group_id
! AND psl_group.group_id = psl_group_permission_lut.group_id
! AND psl_group_permission_lut.permission_id = psl_permission.permission_id
! AND psl_author_group_lut.author_id = '$uid' ";
! // debug("q", $q);
! $this->db->query($q);
!
! while ($this->db->next_record()) {
! $group_id = $this->db->Record[group_id];
! $this->auth["perm"][$this->db->Record['group_name']][$this->db->Record['permission_name']] = true;
! $q = "SELECT section_id
! FROM psl_group_section_lut
! WHERE group_id = '$group_id' ";
! $db2 = new slashDB;
! // debug("q", $q);
! $db2->query($q);
! while ($db2->next_record()) {
! $this->auth["perm"][$this->db->Record['group_name']][$db2->Record['section_id']] = true;
! }
!
!
! }
!
! /*
! * Get the group->group perm's for this author into an array
! */
!
! // first get all the group names in an array
! $q = "SELECT group_name,
! group_id
! FROM psl_group ";
! // debug("q", $q);
! $this->db->query($q);
!
! while ($this->db->next_record()) {
! $groups_ary[$this->db->Record['group_id']] = $this->db->Record['group_name'];
! }
!
! $q = "SELECT psl_group_group_lut.group_id,
! psl_group_group_lut.childgroup_id
! FROM psl_author_group_lut,
! psl_group_group_lut
! WHERE psl_group_group_lut.group_id = psl_author_group_lut.group_id
! AND psl_author_group_lut.author_id = '$uid' ";
! // debug("q", $q);
! $this->db->query($q);
!
! while ($this->db->next_record()) {
! $group_id = $this->db->Record['group_id'];
! $childgroup_id = $this->db->Record['childgroup_id'];
!
! $group_name = $groups_ary[$group_id];
! $childgroup_name = $groups_ary[$childgroup_id];
!
! if( is_array($this->auth['perm'][$childgroup_name])) {
! $this->auth['perm'][$group_name][$childgroup_name] = $this->auth['perm'][$childgroup_name];
! } else {
! // query to get group perms
! $q = "SELECT psl_permission.permission_name
! FROM psl_group_permission_lut,
! psl_permission
! WHERE psl_group_permission_lut.permission_id = psl_permission.permission_id
! AND psl_group_permission_lut.group_id = '$childgroup_id' ";
! // debug("q", $q);
! $db2 = new slashDB;
! $db2->query($q);
!
! while ($db2->next_record()) {
! $this->auth['perm'][$group_name][$childgroup_name][$db2->Record['permission_name']] = true;
! }
!
! }
!
! }
!
! if(isset($setcookie)){
$cookie_challenge = md5($this->magic .":". $this->psl['basedir']);
$md5_pw = $this->db->Record['password']; // this is the raw MD5ed user/pass combo
--- 196,200 ----
return false;
} else {
! if(isset($setcookie)){
$cookie_challenge = md5($this->magic .":". $this->psl['basedir']);
$md5_pw = $this->db->Record['password']; // this is the raw MD5ed user/pass combo
***************
*** 292,295 ****
--- 207,214 ----
setcookie( 'user_info', base64_encode(serialize($cookie_ary)), time()+31536000,$this->psl['rooturl'] , "" , "");
}
+ // may need to get legacy records
+ // $this->auth["perm"] = $this->db->Record["perms"];
+ $this->auth["perm"] = $this->get_userperms( $uid);
+
return $uid;
}
***************
*** 404,411 ****
$this->auth["uid"] = $this->db->f("author_id");
$this->auth["uname"] = $this->db->f("author_name");
! $this->auth["perm"] = $this->db->f("perms");
$this->auth["email"] = $this->db->f("email");
$this->auth["realname"] = $this->db->f("realname");
! return $uid;
}
## If user is present and password does not match,
--- 323,331 ----
$this->auth["uid"] = $this->db->f("author_id");
$this->auth["uname"] = $this->db->f("author_name");
! // $this->auth["perm"] = $this->db->f("perms");
$this->auth["email"] = $this->db->f("email");
$this->auth["realname"] = $this->db->f("realname");
! // $this->auth["perm"] = $this->get_userperms($uid);
! return $uid;
}
## If user is present and password does not match,
***************
*** 425,431 ****
$ary["author_realname"] = $realname;
$ary["seclev"] = $seclev;
! $perm_ary = array("nobody",
! "user");
!
$ary["permission"] = $perm_ary;
--- 345,351 ----
$ary["author_realname"] = $realname;
$ary["seclev"] = $seclev;
! // temporary kludge to fix registration
! $perm_ary['nobody'] = 20;
! $perm_ary['user'] = 21;
$ary["permission"] = $perm_ary;
***************
*** 449,454 ****
}
! }
}
--- 369,462 ----
}
! }
+
+ function get_userperms($uid) {
+
+ /*
+ * Get the group perms's for this author into an array
+ */
+ $q = "SELECT psl_permission.permission_name,
+ psl_group.group_name,
+ psl_group.group_id
+ FROM psl_group,
+ psl_author_group_lut,
+ psl_group_permission_lut,
+ psl_permission
+ WHERE psl_group.group_id = psl_author_group_lut.group_id
+ AND psl_group.group_id = psl_group_permission_lut.group_id
+ AND psl_group_permission_lut.permission_id = psl_permission.permission_id
+ AND psl_author_group_lut.author_id = '$uid' ";
+
+ // debug("q", $q);
+ $this->db->query($q);
+
+ while ($this->db->next_record()) {
+ $group_id = $this->db->Record[group_id];
+ $this->auth["perm"][$this->db->Record['group_name']][$this->db->Record['permission_name']] = true;
+ $q = "SELECT section_id
+ FROM psl_group_section_lut
+ WHERE group_id = '$group_id' ";
+ $db2 = new slashDB;
+ // debug("q", $q);
+ $db2->query($q);
+ while ($db2->next_record()) {
+ $this->auth["perm"][$this->db->Record['group_name']][$db2->Record['section_id']] = true;
+ }
+ }
+
+ /*
+ * Get the group->group perm's for this author into an array
+ */
+
+ // first get all the group names in an array
+ $q = "SELECT group_name,
+ group_id
+ FROM psl_group ";
+ // debug("q", $q);
+ $this->db->query($q);
+
+ while ($this->db->next_record()) {
+ $groups_ary[$this->db->Record['group_id']] = $this->db->Record['group_name'];
+ }
+
+ $q = "SELECT psl_group_group_lut.group_id,
+ psl_group_group_lut.childgroup_id
+ FROM psl_author_group_lut,
+ psl_group_group_lut
+ WHERE psl_group_group_lut.group_id = psl_author_group_lut.group_id
+ AND psl_author_group_lut.author_id = '$uid' ";
+ // debug("q", $q);
+ $this->db->query($q);
+
+ while ($this->db->next_record()) {
+ $group_id = $this->db->Record['group_id'];
+ $childgroup_id = $this->db->Record['childgroup_id'];
+
+ $group_name = $groups_ary[$group_id];
+ $childgroup_name = $groups_ary[$childgroup_id];
+
+ if( is_array($this->auth['perm'][$childgroup_name])) {
+ $this->auth['perm'][$group_name][$childgroup_name] = $this->auth['perm'][$childgroup_name];
+ } else {
+ // query to get group perms
+ $q = "SELECT psl_permission.permission_name
+ FROM psl_group_permission_lut,
+ psl_permission
+ WHERE psl_group_permission_lut.permission_id = psl_permission.permission_id
+ AND psl_group_permission_lut.group_id = '$childgroup_id' ";
+ // debug("q", $q);
+ $db2 = new slashDB;
+ $db2->query($q);
+
+ while ($db2->next_record()) {
+ $this->auth['perm'][$group_name][$childgroup_name][$db2->Record['permission_name']] = true;
+ }
+
+ } // endif
+
+ } //end while
+ return $this->auth['perm'];
+ } // end of function get_userperms()
}
|
