Update of /cvsroot/upcase-project/UpCase/lib
In directory sc8-pr-cvs1:/tmp/cvs-serv5470
Modified Files:
uc_page.php
Log Message:
some refactoring plus use of defines to set admins and all gid
Index: uc_page.php
===================================================================
RCS file: /cvsroot/upcase-project/UpCase/lib/uc_page.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** uc_page.php 22 Nov 2002 13:34:20 -0000 1.4
--- uc_page.php 28 Nov 2002 14:25:31 -0000 1.5
***************
*** 1,11 ****
<?php
! include_once("uc_config.inc");
! include_once("lib/uc_sql.php");
! include_once("lib/uc_object.php");
! include_once("lib/uc_session.php");
class UcPage
{
! var $path;
var $oid;
var $object;
--- 1,10 ----
<?php
! include_once("uc_sql.php");
! include_once("uc_object.php");
! include_once("uc_session.php");
class UcPage
{
! var $uri;
var $oid;
var $object;
***************
*** 15,19 ****
function UcPage($pageId = false)
{
- global $REQUEST_URI;
global $uc_info;
global $ucConfig;
--- 14,17 ----
***************
*** 22,33 ****
// keep the path to the page that we open
! $ar = parse_url($REQUEST_URI);
! $this->path = $ar["path"];
! $this->uri = $REQUEST_URI;
- // Open the session
- $this->session = new UcSession($this->uri);
- $this->session->lang = $ucConfig->defaultlang;
-
if (!$pageId)
{
--- 20,27 ----
// keep the path to the page that we open
! $this->uri = $GLOBALS["REQUEST_URI"];
!
! $this->startSession();
if (!$pageId)
{
***************
*** 47,56 ****
}
// This function return true if access is granted.
// It never returns if access is not granted
function open($forceLogin = false)
{
- // global $username;
- // global $password;
global $uc_info;
global $uc_lang;
--- 41,55 ----
}
+ function startSession()
+ {
+ $cfg = $GLOBALS["ucConfig"];
+ $this->session = new UcSession($this->uri);
+ $this->session->lang = $cfg->defaultLang;
+ }
+
// This function return true if access is granted.
// It never returns if access is not granted
function open($forceLogin = false)
{
global $uc_info;
global $uc_lang;
***************
*** 63,71 ****
// get permissions
$this->perms = $this->object->getPermissions();
// group _all_ don't need to go further, let the page display
// (if it is not visible only by admins of course)
! if (in_array(1, $this->perms)
! && !in_array(0, $this->perms)
&& !$forceLogin)
{
--- 62,71 ----
// get permissions
$this->perms = $this->object->getPermissions();
+ //print_r($this->perms);
// group _all_ don't need to go further, let the page display
// (if it is not visible only by admins of course)
! if (in_array(ALL_GID, $this->perms)
! && !in_array(ADMINS_GID, $this->perms)
&& !$forceLogin)
{
***************
*** 77,84 ****
$user = $this->session->getUser();
// get user's secondary groups gid
! $userGroups = $user->groups;
// add the user's primary group gid
$userGroups[] = $user->gid;
// set the lang for this user
--- 77,85 ----
$user = $this->session->getUser();
// get user's secondary groups gid
! $userGroups = $user->secGids;
// add the user's primary group gid
$userGroups[] = $user->gid;
+ //print_r($userGroups);
// set the lang for this user
***************
*** 86,90 ****
// is it an admin ?
! if (in_array(0, $userGroups))
{
// yes, acccess granted
--- 87,91 ----
// is it an admin ?
! if (in_array(ADMINS_GID, $userGroups))
{
// yes, acccess granted
***************
*** 93,100 ****
// is this page accessible only by admins ?
! if (in_array(0, $this->perms))
{
// yes, access denied
header("Location: " . $uc_info["adminsOnly"]);
}
--- 94,102 ----
// is this page accessible only by admins ?
! if (in_array(ADMINS_GID, $this->perms))
{
// yes, access denied
header("Location: " . $uc_info["adminsOnly"]);
+ exit();
}
***************
*** 102,106 ****
// or is the page accessible by everybody ?
if (count(array_intersect($userGroups, $this->perms)) > 0
! || in_array(1, $this->perms))
{
// yes, access granted and user logged in
--- 104,108 ----
// or is the page accessible by everybody ?
if (count(array_intersect($userGroups, $this->perms)) > 0
! || in_array(ALL_GID, $this->perms))
{
// yes, access granted and user logged in
***************
*** 110,113 ****
--- 112,116 ----
// No access has been granted
header("Location: " . $uc_info["accessDenied"]);
+ exit();
}
|
