584 $q = $this->sql('SELECT g.group_name,g.group_id,m.is_mod FROM '.table_prefix.'groups AS g' . "\n" |
584 $q = $this->sql('SELECT g.group_name,g.group_id,m.is_mod FROM '.table_prefix.'groups AS g' . "\n" |
585 . ' LEFT JOIN '.table_prefix.'group_members AS m' . "\n" |
585 . ' LEFT JOIN '.table_prefix.'group_members AS m' . "\n" |
586 . ' ON g.group_id=m.group_id' . "\n" |
586 . ' ON g.group_id=m.group_id' . "\n" |
587 . ' WHERE ( m.user_id='.$this->user_id.'' . "\n" |
587 . ' WHERE ( m.user_id='.$this->user_id.'' . "\n" |
588 . ' OR g.group_name=\'Everyone\')' . "\n" |
588 . ' OR g.group_name=\'Everyone\')' . "\n" |
589 . ' ' . ( enano_version() == '1.0RC1' ? '' : 'AND ( m.pending != 1 OR m.pending IS NULL )' ) . '' . "\n" |
589 . ' ' . ( /* quick hack for upgrade compatibility reasons */ enano_version() == '1.0RC1' ? '' : 'AND ( m.pending != 1 OR m.pending IS NULL )' ) . '' . "\n" |
590 . ' ORDER BY group_id ASC;'); // Make sure "Everyone" comes first so the permissions can be overridden |
590 . ' ORDER BY group_id ASC;'); // The ORDER BY is to make sure "Everyone" comes first so the permissions can be overridden |
591 if($row = $db->fetchrow()) |
591 if($row = $db->fetchrow()) |
592 { |
592 { |
593 do { |
593 do { |
594 $this->groups[$row['group_id']] = $row['group_name']; |
594 $this->groups[$row['group_id']] = $row['group_name']; |
595 $this->group_mod[$row['group_id']] = ( intval($row['is_mod']) == 1 ); |
595 $this->group_mod[$row['group_id']] = ( intval($row['is_mod']) == 1 ); |
2799 //} |
2799 //} |
2800 |
2800 |
2801 $objcache[$namespace][$page_id] = new Session_ACLPageInfo( $page_id, $namespace, $this->acl_types, $this->acl_descs, $this->acl_deps, $this->acl_base_cache ); |
2801 $objcache[$namespace][$page_id] = new Session_ACLPageInfo( $page_id, $namespace, $this->acl_types, $this->acl_descs, $this->acl_deps, $this->acl_base_cache ); |
2802 $object =& $objcache[$namespace][$page_id]; |
2802 $object =& $objcache[$namespace][$page_id]; |
2803 |
2803 |
|
2804 profiler_log("session: fetched ACLs for page {$namespace}:{$page_id}"); |
|
2805 |
2804 return $object; |
2806 return $object; |
2805 } |
2807 } |
2806 |
2808 |
2807 /** |
2809 /** |
2808 * Fetch the permissions that apply to an arbitrary user for the page specified. The object you get will have the get_permissions method |
2810 * Fetch the permissions that apply to an arbitrary user for the page specified. The object you get will have the get_permissions method |
3018 } |
3020 } |
3019 |
3021 |
3020 // Cache the sitewide permissions for later use |
3022 // Cache the sitewide permissions for later use |
3021 $this->acl_base_cache = $this->perms; |
3023 $this->acl_base_cache = $this->perms; |
3022 |
3024 |
3023 // Eliminate types that don't apply to this namespace |
3025 profiler_log('session: base ACL set calculated'); |
3024 foreach ( $this->perms AS $i => $perm ) |
3026 |
3025 { |
3027 // Load and calculate permissions for the current page |
3026 if ( !in_array ( $paths->namespace, $this->acl_scope[$i] ) && !in_array('All', $this->acl_scope[$i]) ) |
3028 $page_acl = $this->fetch_page_acl($paths->page_id, $paths->namespace); |
3027 { |
3029 $this->perms = $page_acl->perms; |
3028 unset($this->perms[$i]); |
3030 $this->acl_defaults_used = $page_acl->acl_defaults_used; |
3029 } |
|
3030 } |
|
3031 |
|
3032 // PAGE group info |
|
3033 $pg_list = $paths->get_page_groups($paths->page_id, $paths->namespace); |
|
3034 $pg_info = ''; |
|
3035 foreach ( $pg_list as $g_id ) |
|
3036 { |
|
3037 $pg_info .= ' ( page_id=\'' . $g_id . '\' AND namespace=\'__PageGroup\' ) OR'; |
|
3038 } |
|
3039 |
|
3040 // Build a query to grab ACL info |
|
3041 $bs = 'SELECT rules,target_type,target_id FROM '.table_prefix.'acl WHERE ( '; |
|
3042 $q = Array(); |
|
3043 $q[] = '( target_type='.ACL_TYPE_USER.' AND target_id='.$this->user_id.' )'; |
|
3044 if(count($this->groups) > 0) |
|
3045 { |
|
3046 foreach($this->groups as $g_id => $g_name) |
|
3047 { |
|
3048 $q[] = '( target_type='.ACL_TYPE_GROUP.' AND target_id='.intval($g_id).' )'; |
|
3049 } |
|
3050 } |
|
3051 // The reason we're using an ORDER BY statement here is because ACL_TYPE_GROUP is less than ACL_TYPE_USER, causing the user's individual |
|
3052 // permissions to override group permissions. |
|
3053 $bs .= implode(" OR\n ", $q) . " )\n AND (" . $pg_info . ' ( page_id=\''.$db->escape($paths->page_id).'\' AND namespace=\''.$db->escape($paths->namespace).'\' ) ) |
|
3054 ORDER BY target_type ASC, page_id ASC, namespace ASC;'; |
|
3055 $q = $this->sql($bs); |
|
3056 if ( $row = $db->fetchrow() ) |
|
3057 { |
|
3058 do { |
|
3059 $rules = $this->string_to_perm($row['rules']); |
|
3060 $is_everyone = ( $row['target_type'] == ACL_TYPE_GROUP && $row['target_id'] == 1 ); |
|
3061 $this->acl_merge_with_current($rules, $is_everyone); |
|
3062 } while ( $row = $db->fetchrow() ); |
|
3063 } |
|
3064 |
|
3065 } |
3031 } |
3066 |
3032 |
3067 /** |
3033 /** |
3068 * Extends the scope of a permission type. |
3034 * Extends the scope of a permission type. |
3069 * @param string The name of the permission type |
3035 * @param string The name of the permission type |
3556 function process_login_request($req) |
3522 function process_login_request($req) |
3557 { |
3523 { |
3558 global $db, $session, $paths, $template, $plugins; // Common objects |
3524 global $db, $session, $paths, $template, $plugins; // Common objects |
3559 |
3525 |
3560 // Setup EnanoMath and Diffie-Hellman |
3526 // Setup EnanoMath and Diffie-Hellman |
|
3527 require_once(ENANO_ROOT.'/includes/math.php'); |
|
3528 |
3561 global $dh_supported; |
3529 global $dh_supported; |
3562 $dh_supported = true; |
3530 $dh_supported = true; |
3563 try |
3531 try |
3564 { |
3532 { |
3565 require_once(ENANO_ROOT . '/includes/diffiehellman.php'); |
3533 require_once(ENANO_ROOT . '/includes/diffiehellman.php'); |