includes/sessions.php
changeset 592 27377179fe58
parent 591 2529833a7731
child 593 4f9bec0d65c1
equal deleted inserted replaced
591:2529833a7731 592:27377179fe58
   584       $q = $this->sql('SELECT g.group_name,g.group_id,m.is_mod FROM '.table_prefix.'groups AS g' . "\n"
   584       $q = $this->sql('SELECT g.group_name,g.group_id,m.is_mod FROM '.table_prefix.'groups AS g' . "\n"
   585         . '  LEFT JOIN '.table_prefix.'group_members AS m' . "\n"
   585         . '  LEFT JOIN '.table_prefix.'group_members AS m' . "\n"
   586         . '    ON g.group_id=m.group_id' . "\n"
   586         . '    ON g.group_id=m.group_id' . "\n"
   587         . '  WHERE ( m.user_id='.$this->user_id.'' . "\n" 
   587         . '  WHERE ( m.user_id='.$this->user_id.'' . "\n" 
   588         . '    OR g.group_name=\'Everyone\')' . "\n"
   588         . '    OR g.group_name=\'Everyone\')' . "\n"
   589         . '    ' . ( enano_version() == '1.0RC1' ? '' : 'AND ( m.pending != 1 OR m.pending IS NULL )' ) . '' . "\n"
   589         . '    ' . ( /* quick hack for upgrade compatibility reasons */ enano_version() == '1.0RC1' ? '' : 'AND ( m.pending != 1 OR m.pending IS NULL )' ) . '' . "\n"
   590         . '  ORDER BY group_id ASC;'); // Make sure "Everyone" comes first so the permissions can be overridden
   590         . '  ORDER BY group_id ASC;'); // The ORDER BY is to make sure "Everyone" comes first so the permissions can be overridden
   591       if($row = $db->fetchrow())
   591       if($row = $db->fetchrow())
   592       {
   592       {
   593         do {
   593         do {
   594           $this->groups[$row['group_id']] = $row['group_name'];
   594           $this->groups[$row['group_id']] = $row['group_name'];
   595           $this->group_mod[$row['group_id']] = ( intval($row['is_mod']) == 1 );
   595           $this->group_mod[$row['group_id']] = ( intval($row['is_mod']) == 1 );
  2799     //}
  2799     //}
  2800     
  2800     
  2801     $objcache[$namespace][$page_id] = new Session_ACLPageInfo( $page_id, $namespace, $this->acl_types, $this->acl_descs, $this->acl_deps, $this->acl_base_cache );
  2801     $objcache[$namespace][$page_id] = new Session_ACLPageInfo( $page_id, $namespace, $this->acl_types, $this->acl_descs, $this->acl_deps, $this->acl_base_cache );
  2802     $object =& $objcache[$namespace][$page_id];
  2802     $object =& $objcache[$namespace][$page_id];
  2803     
  2803     
       
  2804     profiler_log("session: fetched ACLs for page {$namespace}:{$page_id}");
       
  2805     
  2804     return $object;
  2806     return $object;
  2805   }
  2807   }
  2806   
  2808   
  2807   /**
  2809   /**
  2808    * Fetch the permissions that apply to an arbitrary user for the page specified. The object you get will have the get_permissions method
  2810    * Fetch the permissions that apply to an arbitrary user for the page specified. The object you get will have the get_permissions method
  3018     }
  3020     }
  3019     
  3021     
  3020     // Cache the sitewide permissions for later use
  3022     // Cache the sitewide permissions for later use
  3021     $this->acl_base_cache = $this->perms;
  3023     $this->acl_base_cache = $this->perms;
  3022     
  3024     
  3023     // Eliminate types that don't apply to this namespace
  3025     profiler_log('session: base ACL set calculated');
  3024     foreach ( $this->perms AS $i => $perm )
  3026     
  3025     {
  3027     // Load and calculate permissions for the current page
  3026       if ( !in_array ( $paths->namespace, $this->acl_scope[$i] ) && !in_array('All', $this->acl_scope[$i]) )
  3028     $page_acl = $this->fetch_page_acl($paths->page_id, $paths->namespace);
  3027       {
  3029     $this->perms = $page_acl->perms;
  3028         unset($this->perms[$i]);
  3030     $this->acl_defaults_used = $page_acl->acl_defaults_used;
  3029       }
       
  3030     }
       
  3031     
       
  3032     // PAGE group info
       
  3033     $pg_list = $paths->get_page_groups($paths->page_id, $paths->namespace);
       
  3034     $pg_info = '';
       
  3035     foreach ( $pg_list as $g_id )
       
  3036     {
       
  3037       $pg_info .= ' ( page_id=\'' . $g_id . '\' AND namespace=\'__PageGroup\' ) OR';
       
  3038     }
       
  3039     
       
  3040     // Build a query to grab ACL info
       
  3041     $bs = 'SELECT rules,target_type,target_id FROM '.table_prefix.'acl WHERE ( ';
       
  3042     $q = Array();
       
  3043     $q[] = '( target_type='.ACL_TYPE_USER.' AND target_id='.$this->user_id.' )';
       
  3044     if(count($this->groups) > 0)
       
  3045     {
       
  3046       foreach($this->groups as $g_id => $g_name)
       
  3047       {
       
  3048         $q[] = '( target_type='.ACL_TYPE_GROUP.' AND target_id='.intval($g_id).' )';
       
  3049       }
       
  3050     }
       
  3051     // The reason we're using an ORDER BY statement here is because ACL_TYPE_GROUP is less than ACL_TYPE_USER, causing the user's individual
       
  3052     // permissions to override group permissions.
       
  3053     $bs .= implode(" OR\n    ", $q) . " )\n  AND (" . $pg_info . ' ( page_id=\''.$db->escape($paths->page_id).'\' AND namespace=\''.$db->escape($paths->namespace).'\' ) )     
       
  3054       ORDER BY target_type ASC, page_id ASC, namespace ASC;';
       
  3055     $q = $this->sql($bs);
       
  3056     if ( $row = $db->fetchrow() )
       
  3057     {
       
  3058       do {
       
  3059         $rules = $this->string_to_perm($row['rules']);
       
  3060         $is_everyone = ( $row['target_type'] == ACL_TYPE_GROUP && $row['target_id'] == 1 );
       
  3061         $this->acl_merge_with_current($rules, $is_everyone);
       
  3062       } while ( $row = $db->fetchrow() );
       
  3063     }
       
  3064     
       
  3065   }
  3031   }
  3066   
  3032   
  3067   /**
  3033   /**
  3068    * Extends the scope of a permission type.
  3034    * Extends the scope of a permission type.
  3069    * @param string The name of the permission type
  3035    * @param string The name of the permission type
  3556   function process_login_request($req)
  3522   function process_login_request($req)
  3557   {
  3523   {
  3558     global $db, $session, $paths, $template, $plugins; // Common objects
  3524     global $db, $session, $paths, $template, $plugins; // Common objects
  3559     
  3525     
  3560     // Setup EnanoMath and Diffie-Hellman
  3526     // Setup EnanoMath and Diffie-Hellman
       
  3527     require_once(ENANO_ROOT.'/includes/math.php');
       
  3528     
  3561     global $dh_supported;
  3529     global $dh_supported;
  3562     $dh_supported = true;
  3530     $dh_supported = true;
  3563     try
  3531     try
  3564     {
  3532     {
  3565       require_once(ENANO_ROOT . '/includes/diffiehellman.php');
  3533       require_once(ENANO_ROOT . '/includes/diffiehellman.php');