| 0,0 → 1,328 |
|---|
| <?php |
| /*************************************************************************** |
| * auth.php |
| * ------------------- |
| * begin : Saturday, Feb 13, 2001 |
| * copyright : (C) 2001 The phpBB Group |
| * email : support@phpbb.com |
| * |
| * $Id: auth.php,v 1.37.2.7 2006/03/06 17:28:51 grahamje Exp $ |
| * |
| * |
| ***************************************************************************/ |
| |
| /*************************************************************************** |
| * |
| * This program is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License as published by |
| * the Free Software Foundation; either version 2 of the License, or |
| * (at your option) any later version. |
| * |
| ***************************************************************************/ |
| |
| /* |
| $type's accepted (pre-pend with AUTH_): |
| VIEW, READ, POST, REPLY, EDIT, DELETE, STICKY, ANNOUNCE, VOTE, POLLCREATE |
| |
| Possible options ($type/forum_id combinations): |
| |
| * If you include a type and forum_id then a specific lookup will be done and |
| the single result returned |
| |
| * If you set type to AUTH_ALL and specify a forum_id an array of all auth types |
| will be returned |
| |
| * If you provide a forum_id a specific lookup on that forum will be done |
| |
| * If you set forum_id to AUTH_LIST_ALL and specify a type an array listing the |
| results for all forums will be returned |
| |
| * If you set forum_id to AUTH_LIST_ALL and type to AUTH_ALL a multidimensional |
| array containing the auth permissions for all types and all forums for that |
| user is returned |
| |
| All results are returned as associative arrays, even when a single auth type is |
| specified. |
| |
| If available you can send an array (either one or two dimensional) containing the |
| forum auth levels, this will prevent the auth function having to do its own |
| lookup |
| */ |
| function auth($type, $forum_id, $userdata, $f_access = '') |
| { |
| global $db, $lang; |
| |
| switch( $type ) |
| { |
| case AUTH_ALL: |
| $a_sql = 'a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_delete, a.auth_sticky, a.auth_announce, a.auth_vote, a.auth_pollcreate'; |
| $auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate'); |
| break; |
| |
| case AUTH_VIEW: |
| $a_sql = 'a.auth_view'; |
| $auth_fields = array('auth_view'); |
| break; |
| |
| case AUTH_READ: |
| $a_sql = 'a.auth_read'; |
| $auth_fields = array('auth_read'); |
| break; |
| case AUTH_POST: |
| $a_sql = 'a.auth_post'; |
| $auth_fields = array('auth_post'); |
| break; |
| case AUTH_REPLY: |
| $a_sql = 'a.auth_reply'; |
| $auth_fields = array('auth_reply'); |
| break; |
| case AUTH_EDIT: |
| $a_sql = 'a.auth_edit'; |
| $auth_fields = array('auth_edit'); |
| break; |
| case AUTH_DELETE: |
| $a_sql = 'a.auth_delete'; |
| $auth_fields = array('auth_delete'); |
| break; |
| |
| case AUTH_ANNOUNCE: |
| $a_sql = 'a.auth_announce'; |
| $auth_fields = array('auth_announce'); |
| break; |
| case AUTH_STICKY: |
| $a_sql = 'a.auth_sticky'; |
| $auth_fields = array('auth_sticky'); |
| break; |
| |
| case AUTH_POLLCREATE: |
| $a_sql = 'a.auth_pollcreate'; |
| $auth_fields = array('auth_pollcreate'); |
| break; |
| case AUTH_VOTE: |
| $a_sql = 'a.auth_vote'; |
| $auth_fields = array('auth_vote'); |
| break; |
| case AUTH_ATTACH: |
| break; |
| |
| default: |
| break; |
| } |
| |
| // |
| // If f_access has been passed, or auth is needed to return an array of forums |
| // then we need to pull the auth information on the given forum (or all forums) |
| // |
| if ( empty($f_access) ) |
| { |
| $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "WHERE a.forum_id = $forum_id" : ''; |
| |
| $sql = "SELECT a.forum_id, $a_sql |
| FROM " . FORUMS_TABLE . " a |
| $forum_match_sql"; |
| if ( !($result = $db->sql_query($sql)) ) |
| { |
| message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); |
| } |
| |
| $sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset'; |
| |
| if ( !($f_access = $db->$sql_fetchrow($result)) ) |
| { |
| $db->sql_freeresult($result); |
| return array(); |
| } |
| $db->sql_freeresult($result); |
| } |
| |
| // |
| // If the user isn't logged on then all we need do is check if the forum |
| // has the type set to ALL, if yes they are good to go, if not then they |
| // are denied access |
| // |
| $u_access = array(); |
| if ( $userdata['session_logged_in'] ) |
| { |
| $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "AND a.forum_id = $forum_id" : ''; |
| |
| $sql = "SELECT a.forum_id, $a_sql, a.auth_mod |
| FROM " . AUTH_ACCESS_TABLE . " a, " . USER_GROUP_TABLE . " ug |
| WHERE ug.user_id = ".$userdata['user_id']. " |
| AND ug.user_pending = 0 |
| AND a.group_id = ug.group_id |
| $forum_match_sql"; |
| if ( !($result = $db->sql_query($sql)) ) |
| { |
| message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); |
| } |
| |
| if ( $row = $db->sql_fetchrow($result) ) |
| { |
| do |
| { |
| if ( $forum_id != AUTH_LIST_ALL) |
| { |
| $u_access[] = $row; |
| } |
| else |
| { |
| $u_access[$row['forum_id']][] = $row; |
| } |
| } |
| while( $row = $db->sql_fetchrow($result) ); |
| } |
| $db->sql_freeresult($result); |
| } |
| |
| $is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? TRUE : 0; |
| |
| $auth_user = array(); |
| for($i = 0; $i < count($auth_fields); $i++) |
| { |
| $key = $auth_fields[$i]; |
| |
| // |
| // If the user is logged on and the forum type is either ALL or REG then the user has access |
| // |
| // If the type if ACL, MOD or ADMIN then we need to see if the user has specific permissions |
| // to do whatever it is they want to do ... to do this we pull relevant information for the |
| // user (and any groups they belong to) |
| // |
| // Now we compare the users access level against the forums. We assume here that a moderator |
| // and admin automatically have access to an ACL forum, similarly we assume admins meet an |
| // auth requirement of MOD |
| // |
| if ( $forum_id != AUTH_LIST_ALL ) |
| { |
| $value = $f_access[$key]; |
| |
| switch( $value ) |
| { |
| case AUTH_ALL: |
| $auth_user[$key] = TRUE; |
| $auth_user[$key . '_type'] = $lang['Auth_Anonymous_Users']; |
| break; |
| |
| case AUTH_REG: |
| $auth_user[$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0; |
| $auth_user[$key . '_type'] = $lang['Auth_Registered_Users']; |
| break; |
| |
| case AUTH_ACL: |
| $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0; |
| $auth_user[$key . '_type'] = $lang['Auth_Users_granted_access']; |
| break; |
| |
| case AUTH_MOD: |
| $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; |
| $auth_user[$key . '_type'] = $lang['Auth_Moderators']; |
| break; |
| |
| case AUTH_ADMIN: |
| $auth_user[$key] = $is_admin; |
| $auth_user[$key . '_type'] = $lang['Auth_Administrators']; |
| break; |
| |
| default: |
| $auth_user[$key] = 0; |
| break; |
| } |
| } |
| else |
| { |
| for($k = 0; $k < count($f_access); $k++) |
| { |
| $value = $f_access[$k][$key]; |
| $f_forum_id = $f_access[$k]['forum_id']; |
| $u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array(); |
| |
| switch( $value ) |
| { |
| case AUTH_ALL: |
| $auth_user[$f_forum_id][$key] = TRUE; |
| $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_Users']; |
| break; |
| |
| case AUTH_REG: |
| $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0; |
| $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Registered_Users']; |
| break; |
| |
| case AUTH_ACL: |
| $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin) : 0; |
| $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Users_granted_access']; |
| break; |
| |
| case AUTH_MOD: |
| $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0; |
| $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Moderators']; |
| break; |
| |
| case AUTH_ADMIN: |
| $auth_user[$f_forum_id][$key] = $is_admin; |
| $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Administrators']; |
| break; |
| |
| default: |
| $auth_user[$f_forum_id][$key] = 0; |
| break; |
| } |
| } |
| } |
| } |
| |
| // |
| // Is user a moderator? |
| // |
| if ( $forum_id != AUTH_LIST_ALL ) |
| { |
| $auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; |
| } |
| else |
| { |
| for($k = 0; $k < count($f_access); $k++) |
| { |
| $f_forum_id = $f_access[$k]['forum_id']; |
| $u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array(); |
| |
| $auth_user[$f_forum_id]['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0; |
| } |
| } |
| |
| return $auth_user; |
| } |
| |
| function auth_check_user($type, $key, $u_access, $is_admin) |
| { |
| $auth_user = 0; |
| |
| if ( count($u_access) ) |
| { |
| for($j = 0; $j < count($u_access); $j++) |
| { |
| $result = 0; |
| switch($type) |
| { |
| case AUTH_ACL: |
| $result = $u_access[$j][$key]; |
| |
| case AUTH_MOD: |
| $result = $result || $u_access[$j]['auth_mod']; |
| |
| case AUTH_ADMIN: |
| $result = $result || $is_admin; |
| break; |
| } |
| |
| $auth_user = $auth_user || $result; |
| } |
| } |
| else |
| { |
| $auth_user = $is_admin; |
| } |
| |
| return $auth_user; |
| } |
| |
| ?> |