diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2006-03-12 23:19:55 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-03-12 23:19:55 +0000 |
| commit | 9988679d567a8bba9bade92dd9524bb012a1fe43 (patch) | |
| tree | 72da21e7465fed3ca99f20bd809a3df9c020530d /phpBB/includes/auth.php | |
| parent | f4cfd3665f7cf1ed96ce4c2eca03ac6854aae258 (diff) | |
| download | forums-9988679d567a8bba9bade92dd9524bb012a1fe43.tar forums-9988679d567a8bba9bade92dd9524bb012a1fe43.tar.gz forums-9988679d567a8bba9bade92dd9524bb012a1fe43.tar.bz2 forums-9988679d567a8bba9bade92dd9524bb012a1fe43.tar.xz forums-9988679d567a8bba9bade92dd9524bb012a1fe43.zip | |
- streamlined reports to consist of the feature set we decided upon (Nils, your turn now)
- use getenv instead of $_ENV (with $_ENV the case could be wrong)
- permission fixes (there was a bug arising with getting permission flags - re-added them and handled roles deletion differently)
- implemented max login attempts
- changed the expected return parameters for logins/sessions
- added acp page for editing report/denial reasons
- other fixes here and there
git-svn-id: file:///svn/phpbb/trunk@5622 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth.php')
| -rw-r--r-- | phpBB/includes/auth.php | 49 |
1 files changed, 39 insertions, 10 deletions
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 80e57f1254..fa2cc160b0 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -371,9 +371,9 @@ class auth // If one option is allowed, the global permission for this option has to be allowed too // example: if the user has the a_ permission this means he has one or more a_* permissions - if ($auth_ary[$opt] == ACL_YES && !isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || !$bitstring[$this->acl_options[$ary_key][$option_key]]) + if ($auth_ary[$opt] == ACL_YES && (!isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || $bitstring[$this->acl_options[$ary_key][$option_key]] == ACL_NO)) { - $bitstring[$this->acl_options[$ary_key][$option_key]] = 1; + $bitstring[$this->acl_options[$ary_key][$option_key]] = ACL_YES; } } else @@ -523,6 +523,22 @@ class auth { $setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting']; $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting; + + // Check for existence of ACL_YES if an option got set to NO + if ($setting == ACL_NO) + { + $flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1); + + if (isset($hold_ary[$row['user_id']][$row['forum_id']][$flag]) && $hold_ary[$row['user_id']][$row['forum_id']][$flag] == ACL_YES) + { + unset($hold_ary[$row['user_id']][$row['forum_id']][$flag]); + + if (in_array(ACL_YES, $hold_ary[$row['user_id']][$row['forum_id']])) + { + $hold_ary[$row['user_id']][$row['forum_id']][$flag] = ACL_YES; + } + } + } } } $db->sql_freeresult($result); @@ -641,16 +657,29 @@ class auth { $login = $method($username, $password); - // If login returned anything other than an array there was an error - if (!is_array($login)) + // If login succeeded, we will log the user in... else we pass the login array through... + if ($login['status'] == LOGIN_SUCCESS) { - /** - * @todo Login Attempt++ - */ - return $login; + $result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline); + + // Successful session creation + if ($result === true) + { + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $login['user_row'], + ); + } + + return array( + 'status' => LOGIN_BREAK, + 'error_msg' => $result, + 'user_row' => $login['user_row'], + ); } - - return $user->session_create($login['user_id'], $admin, $autologin, $viewonline); + + return $login; } } |