[ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /*************************************************************************** 3 * auth.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * $Id: auth.php 5604 2006-03-06 17:28:51Z grahamje $ 10 * 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23 /* 24 $type's accepted (pre-pend with AUTH_): 25 VIEW, READ, POST, REPLY, EDIT, DELETE, STICKY, ANNOUNCE, VOTE, POLLCREATE 26 27 Possible options ($type/forum_id combinations): 28 29 * If you include a type and forum_id then a specific lookup will be done and 30 the single result returned 31 32 * If you set type to AUTH_ALL and specify a forum_id an array of all auth types 33 will be returned 34 35 * If you provide a forum_id a specific lookup on that forum will be done 36 37 * If you set forum_id to AUTH_LIST_ALL and specify a type an array listing the 38 results for all forums will be returned 39 40 * If you set forum_id to AUTH_LIST_ALL and type to AUTH_ALL a multidimensional 41 array containing the auth permissions for all types and all forums for that 42 user is returned 43 44 All results are returned as associative arrays, even when a single auth type is 45 specified. 46 47 If available you can send an array (either one or two dimensional) containing the 48 forum auth levels, this will prevent the auth function having to do its own 49 lookup 50 */ 51 function auth($type, $forum_id, $userdata, $f_access = '') 52 { 53 global $db, $lang; 54 55 switch( $type ) 56 { 57 case AUTH_ALL: 58 $a_sql = 'a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_delete, a.auth_sticky, a.auth_announce, a.auth_vote, a.auth_pollcreate'; 59 $auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate'); 60 break; 61 62 case AUTH_VIEW: 63 $a_sql = 'a.auth_view'; 64 $auth_fields = array('auth_view'); 65 break; 66 67 case AUTH_READ: 68 $a_sql = 'a.auth_read'; 69 $auth_fields = array('auth_read'); 70 break; 71 case AUTH_POST: 72 $a_sql = 'a.auth_post'; 73 $auth_fields = array('auth_post'); 74 break; 75 case AUTH_REPLY: 76 $a_sql = 'a.auth_reply'; 77 $auth_fields = array('auth_reply'); 78 break; 79 case AUTH_EDIT: 80 $a_sql = 'a.auth_edit'; 81 $auth_fields = array('auth_edit'); 82 break; 83 case AUTH_DELETE: 84 $a_sql = 'a.auth_delete'; 85 $auth_fields = array('auth_delete'); 86 break; 87 88 case AUTH_ANNOUNCE: 89 $a_sql = 'a.auth_announce'; 90 $auth_fields = array('auth_announce'); 91 break; 92 case AUTH_STICKY: 93 $a_sql = 'a.auth_sticky'; 94 $auth_fields = array('auth_sticky'); 95 break; 96 97 case AUTH_POLLCREATE: 98 $a_sql = 'a.auth_pollcreate'; 99 $auth_fields = array('auth_pollcreate'); 100 break; 101 case AUTH_VOTE: 102 $a_sql = 'a.auth_vote'; 103 $auth_fields = array('auth_vote'); 104 break; 105 case AUTH_ATTACH: 106 break; 107 108 default: 109 break; 110 } 111 112 // 113 // If f_access has been passed, or auth is needed to return an array of forums 114 // then we need to pull the auth information on the given forum (or all forums) 115 // 116 if ( empty($f_access) ) 117 { 118 $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "WHERE a.forum_id = $forum_id" : ''; 119 120 $sql = "SELECT a.forum_id, $a_sql 121 FROM " . FORUMS_TABLE . " a 122 $forum_match_sql"; 123 if ( !($result = $db->sql_query($sql)) ) 124 { 125 message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); 126 } 127 128 $sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset'; 129 130 if ( !($f_access = $db->$sql_fetchrow($result)) ) 131 { 132 $db->sql_freeresult($result); 133 return array(); 134 } 135 $db->sql_freeresult($result); 136 } 137 138 // 139 // If the user isn't logged on then all we need do is check if the forum 140 // has the type set to ALL, if yes they are good to go, if not then they 141 // are denied access 142 // 143 $u_access = array(); 144 if ( $userdata['session_logged_in'] ) 145 { 146 $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "AND a.forum_id = $forum_id" : ''; 147 148 $sql = "SELECT a.forum_id, $a_sql, a.auth_mod 149 FROM " . AUTH_ACCESS_TABLE . " a, " . USER_GROUP_TABLE . " ug 150 WHERE ug.user_id = ".$userdata['user_id']. " 151 AND ug.user_pending = 0 152 AND a.group_id = ug.group_id 153 $forum_match_sql"; 154 if ( !($result = $db->sql_query($sql)) ) 155 { 156 message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); 157 } 158 159 if ( $row = $db->sql_fetchrow($result) ) 160 { 161 do 162 { 163 if ( $forum_id != AUTH_LIST_ALL) 164 { 165 $u_access[] = $row; 166 } 167 else 168 { 169 $u_access[$row['forum_id']][] = $row; 170 } 171 } 172 while( $row = $db->sql_fetchrow($result) ); 173 } 174 $db->sql_freeresult($result); 175 } 176 177 $is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? TRUE : 0; 178 179 $auth_user = array(); 180 for($i = 0; $i < count($auth_fields); $i++) 181 { 182 $key = $auth_fields[$i]; 183 184 // 185 // If the user is logged on and the forum type is either ALL or REG then the user has access 186 // 187 // If the type if ACL, MOD or ADMIN then we need to see if the user has specific permissions 188 // to do whatever it is they want to do ... to do this we pull relevant information for the 189 // user (and any groups they belong to) 190 // 191 // Now we compare the users access level against the forums. We assume here that a moderator 192 // and admin automatically have access to an ACL forum, similarly we assume admins meet an 193 // auth requirement of MOD 194 // 195 if ( $forum_id != AUTH_LIST_ALL ) 196 { 197 $value = $f_access[$key]; 198 199 switch( $value ) 200 { 201 case AUTH_ALL: 202 $auth_user[$key] = TRUE; 203 $auth_user[$key . '_type'] = $lang['Auth_Anonymous_Users']; 204 break; 205 206 case AUTH_REG: 207 $auth_user[$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0; 208 $auth_user[$key . '_type'] = $lang['Auth_Registered_Users']; 209 break; 210 211 case AUTH_ACL: 212 $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0; 213 $auth_user[$key . '_type'] = $lang['Auth_Users_granted_access']; 214 break; 215 216 case AUTH_MOD: 217 $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; 218 $auth_user[$key . '_type'] = $lang['Auth_Moderators']; 219 break; 220 221 case AUTH_ADMIN: 222 $auth_user[$key] = $is_admin; 223 $auth_user[$key . '_type'] = $lang['Auth_Administrators']; 224 break; 225 226 default: 227 $auth_user[$key] = 0; 228 break; 229 } 230 } 231 else 232 { 233 for($k = 0; $k < count($f_access); $k++) 234 { 235 $value = $f_access[$k][$key]; 236 $f_forum_id = $f_access[$k]['forum_id']; 237 $u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array(); 238 239 switch( $value ) 240 { 241 case AUTH_ALL: 242 $auth_user[$f_forum_id][$key] = TRUE; 243 $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_Users']; 244 break; 245 246 case AUTH_REG: 247 $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0; 248 $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Registered_Users']; 249 break; 250 251 case AUTH_ACL: 252 $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin) : 0; 253 $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Users_granted_access']; 254 break; 255 256 case AUTH_MOD: 257 $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0; 258 $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Moderators']; 259 break; 260 261 case AUTH_ADMIN: 262 $auth_user[$f_forum_id][$key] = $is_admin; 263 $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Administrators']; 264 break; 265 266 default: 267 $auth_user[$f_forum_id][$key] = 0; 268 break; 269 } 270 } 271 } 272 } 273 274 // 275 // Is user a moderator? 276 // 277 if ( $forum_id != AUTH_LIST_ALL ) 278 { 279 $auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; 280 } 281 else 282 { 283 for($k = 0; $k < count($f_access); $k++) 284 { 285 $f_forum_id = $f_access[$k]['forum_id']; 286 $u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array(); 287 288 $auth_user[$f_forum_id]['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0; 289 } 290 } 291 292 return $auth_user; 293 } 294 295 function auth_check_user($type, $key, $u_access, $is_admin) 296 { 297 $auth_user = 0; 298 299 if ( count($u_access) ) 300 { 301 for($j = 0; $j < count($u_access); $j++) 302 { 303 $result = 0; 304 switch($type) 305 { 306 case AUTH_ACL: 307 $result = $u_access[$j][$key]; 308 309 case AUTH_MOD: 310 $result = $result || $u_access[$j]['auth_mod']; 311 312 case AUTH_ADMIN: 313 $result = $result || $is_admin; 314 break; 315 } 316 317 $auth_user = $auth_user || $result; 318 } 319 } 320 else 321 { 322 $auth_user = $is_admin; 323 } 324 325 return $auth_user; 326 } 327 328 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Mon Jan 14 19:21:40 2013 | Cross-referenced by PHPXref 0.7.1 |