[Upcase-project-cvs] UpCase/lib uc_page.php,1.4,1.5

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/upcase-project/UpCase/lib
In directory sc8-pr-cvs1:/tmp/cvs-serv5470

Modified Files:
	uc_page.php 
Log Message:
some refactoring plus use of defines to set admins and all gid

Index: uc_page.php
===================================================================
RCS file: /cvsroot/upcase-project/UpCase/lib/uc_page.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** uc_page.php	22 Nov 2002 13:34:20 -0000	1.4
--- uc_page.php	28 Nov 2002 14:25:31 -0000	1.5
***************
*** 1,11 ****
  <?php
! include_once("uc_config.inc");
! include_once("lib/uc_sql.php");
! include_once("lib/uc_object.php");
! include_once("lib/uc_session.php");

  class UcPage
  {
! 	var $path;
  	var $oid;
  	var $object;
--- 1,10 ----
  <?php
! include_once("uc_sql.php");
! include_once("uc_object.php");
! include_once("uc_session.php");

  class UcPage
  {
! 	var $uri;
  	var $oid;
  	var $object;
***************
*** 15,19 ****
  	function UcPage($pageId = false)
  	{
- 		global $REQUEST_URI;
  		global $uc_info;
  		global $ucConfig;
--- 14,17 ----
***************
*** 22,33 ****

  		// keep the path to the page that we open
! 		$ar = parse_url($REQUEST_URI);
! 		$this->path = $ar["path"];
! 		$this->uri = $REQUEST_URI;

- 		// Open the session
- 		$this->session = new UcSession($this->uri);
- 		$this->session->lang = $ucConfig->defaultlang;
- 
  		if (!$pageId)
  		{
--- 20,27 ----

  		// keep the path to the page that we open
! 		$this->uri = $GLOBALS["REQUEST_URI"];
! 		
! 		$this->startSession();

  		if (!$pageId)
  		{
***************
*** 47,56 ****
  	}

  	// This function return true if access is granted.
  	// It never returns if access is not granted
  	function open($forceLogin = false)
  	{
- //		global $username;
- //		global $password;
  		global $uc_info;
  		global $uc_lang;
--- 41,55 ----
  	}

+ 	function startSession()
+ 	{
+ 		$cfg = $GLOBALS["ucConfig"];
+ 		$this->session = new UcSession($this->uri);
+ 		$this->session->lang = $cfg->defaultLang;
+ 	}
+ 	
  	// This function return true if access is granted.
  	// It never returns if access is not granted
  	function open($forceLogin = false)
  	{
  		global $uc_info;
  		global $uc_lang;
***************
*** 63,71 ****
  		// get permissions
  		$this->perms = $this->object->getPermissions();

  		// group _all_ don't need to go further, let the page display
  		// (if it is not visible only by admins of course)
! 		if (in_array(1, $this->perms)
! 			&& !in_array(0, $this->perms)
  			&& !$forceLogin)
  		{
--- 62,71 ----
  		// get permissions
  		$this->perms = $this->object->getPermissions();
+ 		//print_r($this->perms);

  		// group _all_ don't need to go further, let the page display
  		// (if it is not visible only by admins of course)
! 		if (in_array(ALL_GID, $this->perms)
! 			&& !in_array(ADMINS_GID, $this->perms)
  			&& !$forceLogin)
  		{
***************
*** 77,84 ****
  		$user = $this->session->getUser();
  		// get user's secondary groups gid
! 		$userGroups = $user->groups;

  		// add the user's primary group gid
  		$userGroups[] = $user->gid;

  		// set the lang for this user
--- 77,85 ----
  		$user = $this->session->getUser();
  		// get user's secondary groups gid
! 		$userGroups = $user->secGids;

  		// add the user's primary group gid
  		$userGroups[] = $user->gid;
+ 		//print_r($userGroups);

  		// set the lang for this user
***************
*** 86,90 ****
  		// is it an admin ?

! 		if (in_array(0, $userGroups))
  		{
  			// yes, acccess granted
--- 87,91 ----
  		// is it an admin ?

! 		if (in_array(ADMINS_GID, $userGroups))
  		{
  			// yes, acccess granted
***************
*** 93,100 ****

  		// is this page accessible only by admins ?
! 		if (in_array(0, $this->perms))
  		{
  			// yes, access denied
  			header("Location: " . $uc_info["adminsOnly"]);
  		}

--- 94,102 ----

  		// is this page accessible only by admins ?
! 		if (in_array(ADMINS_GID, $this->perms))
  		{
  			// yes, access denied
  			header("Location: " . $uc_info["adminsOnly"]);
+ 			exit();
  		}

***************
*** 102,106 ****
  		// or is the page accessible by everybody ?
  		if (count(array_intersect($userGroups, $this->perms)) > 0
! 			|| in_array(1, $this->perms))
  		{
  			// yes, access granted and user logged in
--- 104,108 ----
  		// or is the page accessible by everybody ?
  		if (count(array_intersect($userGroups, $this->perms)) > 0
! 			|| in_array(ALL_GID, $this->perms))
  		{
  			// yes, access granted and user logged in
***************
*** 110,113 ****
--- 112,116 ----
  		// No access has been granted
  		header("Location: " . $uc_info["accessDenied"]);
+ 		exit();
  	}