diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/auth.php | 85 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 54 |
2 files changed, 68 insertions, 71 deletions
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 146711ee11..0dd68ae860 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -23,6 +23,9 @@ ***************************************************************************/ /* + $type's accepted (eventually!): + VIEW, READ, POST, REPLY, EDIT, DELETE, VOTE, VOTECREATE, MOD, ADMIN + Possible options to send to auth (not all are functional yet!): * If you include a type then a specific lookup will @@ -56,40 +59,40 @@ function auth($type, $forum_id, $userdata, $f_access = -1) switch($type) { - case ALL: - $a_sql = "auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_votecreate, auth_vote"; + case AUTH_ALL: + $a_sql = "aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote"; $auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_votecreate", "auth_vote"); break; - case VIEW: - $a_sql = "auth_view"; + case AUTH_VIEW: + $a_sql = "aa.auth_view"; $auth_fields = array("auth_view"); break; - case READ: - $a_sql = "auth_read"; + case AUTH_READ: + $a_sql = "aa.auth_read"; $auth_fields = array("auth_read"); break; - case POST: - $a_sql = "auth_post"; + case AUTH_POST: + $a_sql = "aa.auth_post"; $auth_fields = array("auth_post"); break; - case REPLY: - $a_sql = "auth_reply"; + case AUTH_REPLY: + $a_sql = "aa.auth_reply"; $auth_fields = array("auth_reply"); break; - case EDIT: - $a_sql = "auth_edit"; + case AUTH_EDIT: + $a_sql = "aa.auth_edit"; $auth_fields = array("auth_edit"); break; - case DELETE: - $a_sql = "auth_delete"; + case AUTH_DELETE: + $a_sql = "aa.auth_delete"; $auth_fields = array("auth_delete"); break; - case VOTECREATE: - $a_sql = "auth_votecreate"; + case AUTH_VOTECREATE: + $a_sql = "aa.auth_votecreate"; $auth_fields = array("auth_votecreate"); break; - case VOTE: - $a_sql = "auth_vote"; + case AUTH_VOTE: + $a_sql = "aa.auth_vote"; $auth_fields = array("auth_vote"); break; default: @@ -102,15 +105,15 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // then we need to pull the auth information // on the given forum (or all forums) // - if($f_access == -1 || $forum_id == LIST_ALL) + if(($f_access == -1 && $type != AUTH_MOD) || $forum_id == AUTH_LIST_ALL) { - $forum_match_sql = ($forum_id != LIST_ALL) ? "WHERE forum_id = $forum_id" : ""; + $forum_match_sql = ($forum_id != LIST_ALL) ? "WHERE aa.forum_id = $forum_id" : ""; $sql = "SELECT $a_sql - FROM ".AUTH_FORUMS_TABLE." + FROM ".AUTH_FORUMS_TABLE." aa $forum_match_sql"; $af_result = $db->sql_query($sql); - if($forum_id != LIST_ALL) + if($forum_id != AUTH_LIST_ALL) { $f_access = $db->sql_fetchrow($af_result); } @@ -128,13 +131,13 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // they're good to go, if not then they // are denied access // - if(!$userdata['session_logged_in']) + if(!$userdata['session_logged_in'] && $type != AUTH_MOD) { - if($forum_id != LIST_ALL) + if($forum_id != AUTH_LIST_ALL) { for($i = 0; $i < count($f_access); $i++) { - $auth_user[$auth_fields[$i]] = ($f_access[$auth_fields[$i]] == ALL) ? true : false; + $auth_user[$auth_fields[$i]] = ($f_access[$auth_fields[$i]] == AUTH_ALL) ? true : false; } } else @@ -144,7 +147,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) { for($j = 0; $j < count($f_access); $j++) { - $auth_user_list[][$auth_fields[$j]] = ($f_access_rows[$i][$auth_fields[$j]] == ALL) ? true : false; + $auth_user_list[][$auth_fields[$j]] = ($f_access_rows[$i][$auth_fields[$j]] == AUTH_ALL) ? true : false; } } } @@ -152,13 +155,13 @@ function auth($type, $forum_id, $userdata, $f_access = -1) } else { - - $forum_match_sql = ($forum_id != LIST_ALL) ? "AND ( aa.forum_id = $forum_id OR aa.forum_id = " . ALL . ")" : ""; - $sql = "SELECT $a_sql, auth_mod, auth_admin, g.single_user - FROM ".AUTH_ACCESS_TABLE." aa, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g + $forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND aa.forum_id = $forum_id" : ""; + $sql = "SELECT aa.forum_id, $a_sql, aa.auth_mod, g.single_user, u.user_level + FROM ".AUTH_ACCESS_TABLE." aa, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g, " . USERS_TABLE . " u WHERE ug.user_id = ".$userdata['user_id']. " AND g.group_id = ug.group_id AND aa.group_id = ug.group_id + AND u.user_id = ug.user_id $forum_match_sql"; $au_result = $db->sql_query($sql); @@ -174,7 +177,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // type is either ALL or REG then the user // has access // - if($value == ALL || $value == REG) + if($value == AUTH_ALL || $value == AUTH_REG) { $auth_user[$key] = true; } @@ -188,7 +191,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // we pull relevant information for the user // (and any groups they belong to) // - + $single_user = false; // @@ -209,7 +212,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // switch($value) { - case ACL: + case AUTH_ACL: for($j = 0; $j < count($u_access); $j++) { if(!$single_user) @@ -219,8 +222,8 @@ function auth($type, $forum_id, $userdata, $f_access = -1) } } break; - - case MOD: + + case AUTH_MOD: for($j = 0; $j < count($u_access); $j++) { if(!$single_user) @@ -230,13 +233,13 @@ function auth($type, $forum_id, $userdata, $f_access = -1) } } break; - - case ADMIN: + + case AUTH_ADMIN: for($j = 0; $j < count($u_access); $j++) { - if(!$single_user) + if($single_user) { - $auth_user[$key] = $auth_user[$key] || $u_access[$j]['auth_admin']; + $auth_user[$key] = ($u_access[$j]['group_type'] == ADMIN) ? true : false; $single_user = $u_access[$j]['single_user']; } } @@ -261,9 +264,9 @@ function auth($type, $forum_id, $userdata, $f_access = -1) $single_user = false; for($j = 0; $j < count($u_access); $j++) { - if(!$single_user) + if($single_user) { - $auth_user['auth_admin'] = $auth_user['auth_admin'] || $u_access[$j]['auth_admin']; + $auth_user['auth_admin'] = ($u_access[$j]['group_type'] == ADMIN) ? true : false; $single_user = $u_access[$j]['single_user']; } } diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 315e95d072..63ae8710e2 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -22,27 +22,19 @@ * ***************************************************************************/ +// // Constants +// + // Debug Level define(DEBUG, 1); // Debugging on //define(DEBUG, 0); // Debugging off -// User Levels -//define(ADMIN, 4); -//define(SUPERMOD, 3); -//define(MODERATOR, 2); -define(USER, 1); +// User Levels <- Do not change the values of USER or ADMIN define(DELETED, -1); define(ANONYMOUS, -1); - -// Forum access levels -define(PUBLIC, 1); -define(PRIVATE, 2); - -// Forum posting levels -define(ANONALLOWED, 2); -define(REGONLY, 1); -define(MODONLY, 3); +define(USER, 0); +define(ADMIN, 1); // Topic state define(UNLOCKED, 0); @@ -86,22 +78,24 @@ define(PAGE_FAQ, -8); define(PAGE_POSTING, -9); // Auth settings -define(ALL, 0); -define(REG, 1); -define(ACL, 2); -define(MOD, 3); -define(SUPERMOD, 4); -define(ADMIN, 5); - -define(VIEW, 0); -define(READ, 1); -define(POST, 2); -define(REPLY, 3); -define(EDIT, 4); -define(DELETE, 5); -define(VOTECREATE, 6); -define(VOTE, 7); -define(LIST_ALL, 10); +define(AUTH_ALL, 0); + +define(AUTH_REG, 1); +define(AUTH_ACL, 2); +define(AUTH_MOD, 3); +define(AUTH_SUPERMOD, 4); +define(AUTH_ADMIN, 5); + +define(AUTH_VIEW, 0); +define(AUTH_READ, 1); +define(AUTH_POST, 2); +define(AUTH_REPLY, 3); +define(AUTH_EDIT, 4); +define(AUTH_DELETE, 5); +define(AUTH_VOTECREATE, 6); +define(AUTH_VOTE, 7); +define(AUTH_ATTACH, 8); +define(AUTH_LIST_ALL, 10); // Table names define('BANLIST_TABLE', $table_prefix.'banlist'); |