Revision 1475
Added by Dietmar almost 13 years ago
| LoginBox.php | ||
|---|---|---|
| 1 | 1 |
//:Puts a Login / Logout box on your page. |
| 2 |
//:Use: [[LoginBox?redirect=url]] - Absolute or relative url possible - Remember to enable frontend login in your website settings. +//:Use: [[LoginBox?redirect=url]] |
|
| 2 |
Absolute or relative url possible |
|
| 3 |
Remember to enable frontend login in your website settings. |
|
| 3 | 4 |
|
| 4 |
global $wb,$page_id,$TEXT, $MENU, $HEADING; |
|
| 5 |
|
|
| 6 |
$return_value = '<div class="login-box">'."\n"; |
|
| 7 |
$return_admin = ' '; |
|
| 8 |
// Return a system permission |
|
| 9 |
function get_permission($name, $type = 'system') |
|
| 10 |
{
|
|
| 11 |
global $wb; |
|
| 12 |
// Append to permission type |
|
| 13 |
$type .= '_permissions'; |
|
| 14 |
// Check if we have a section to check for |
|
| 15 |
if($name == 'start') {
|
|
| 16 |
return true; |
|
| 17 |
} else {
|
|
| 18 |
// Set system permissions var |
|
| 19 |
$system_permissions = $wb->get_session('SYSTEM_PERMISSIONS');
|
|
| 20 |
// Set module permissions var |
|
| 21 |
$module_permissions = $wb->get_session('MODULE_PERMISSIONS');
|
|
| 22 |
// Set template permissions var |
|
| 23 |
$template_permissions = $wb->get_session('TEMPLATE_PERMISSIONS');
|
|
| 24 |
// Return true if system perm = 1 |
|
| 25 |
if (isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) {
|
|
| 26 |
if($type == 'system_permissions') {
|
|
| 27 |
return true; |
|
| 28 |
} else {
|
|
| 29 |
return false; |
|
| 30 |
} |
|
| 31 |
} else {
|
|
| 32 |
if($type == 'system_permissions') {
|
|
| 33 |
return false; |
|
| 34 |
} else {
|
|
| 35 |
return true; |
|
| 36 |
} |
|
| 37 |
} |
|
| 38 |
} |
|
| 39 |
} |
|
| 40 |
|
|
| 41 |
function get_page_permission($page, $action='admin') {
|
|
| 42 |
if ($action!='viewing'){ $action='admin';}
|
|
| 43 |
$action_groups=$action.'_groups'; |
|
| 44 |
$action_users=$action.'_users'; |
|
| 45 |
if (is_array($page)) {
|
|
| 46 |
$groups=$page[$action_groups]; |
|
| 47 |
$users=$page[$action_users]; |
|
| 48 |
} else {
|
|
| 49 |
global $database,$wb; |
|
| 50 |
$results = $database->query("SELECT $action_groups,$action_users FROM ".TABLE_PREFIX."pages WHERE page_id = '$page'");
|
|
| 51 |
$result = $results->fetchRow(); |
|
| 52 |
$groups = explode(',', str_replace('_', '', $result[$action_groups]));
|
|
| 53 |
$users = explode(',', str_replace('_', '', $result[$action_users]));
|
|
| 54 |
} |
|
| 55 |
|
|
| 56 |
$in_group = FALSE; |
|
| 57 |
foreach($wb->get_groups_id() as $cur_gid){
|
|
| 58 |
if (in_array($cur_gid, $groups)) {
|
|
| 59 |
$in_group = TRUE; |
|
| 60 |
} |
|
| 61 |
} |
|
| 62 |
if((!$in_group) AND !is_numeric(array_search($wb->get_user_id(), $users))) {
|
|
| 63 |
return false; |
|
| 64 |
} |
|
| 65 |
return true; |
|
| 66 |
} |
|
| 67 |
|
|
| 68 |
// Get redirect |
|
| 69 |
$redirect_url = ''; |
|
| 70 |
$redirect_url = isset($redirect)&&($redirect!='') ? '<input type="hidden" name="url" value="'.$redirect.'" />'."\n" : $redirect_url; |
|
| 71 |
$redirect_url = (isset($_SERVER['HTTP_REFERER']) && ($redirect_url=='') ? '<input type="hidden" name="url" value="'.$_SERVER['HTTP_REFERER'].'" />'."\n" : $redirect_url ); |
|
| 72 |
|
|
| 73 |
if ( ( FRONTEND_LOGIN == 'enabled') && |
|
| 74 |
( VISIBILITY != 'private') && |
|
| 75 |
( $wb->get_session('USER_ID') == '') )
|
|
| 76 |
{
|
|
| 77 |
$return_value .= '<form action="'.LOGIN_URL.'" method="post">'."\n"; |
|
| 78 |
$return_value .= $redirect_url."\n"; |
|
| 79 |
$return_value .= '<fieldset>'."\n"; |
|
| 80 |
$return_value .= '<h1>'.$TEXT['LOGIN'].'</h1>'."\n"; |
|
| 81 |
$return_value .= '<label for="username">'.$TEXT['USERNAME'].':</label>'."\n"; |
|
| 82 |
$return_value .= '<p><input type="text" name="username" id="username" /></p>'."\n"; |
|
| 83 |
$return_value .= '<label for="password">'.$TEXT['PASSWORD'].':</label>'."\n"; |
|
| 84 |
$return_value .= '<p><input type="password" name="password" id="password"/></p>'."\n"; |
|
| 85 |
$return_value .= '<p><input type="submit" id="submit" value="'.$TEXT['LOGIN'].'" class="dbutton" /></p>'."\n"; |
|
| 86 |
$return_value .= '<ul class="login-advance">'."\n"; |
|
| 87 |
$return_value .= '<li class="forgot"><a href="'.FORGOT_URL.'"><span>'.$TEXT['FORGOT_DETAILS'].'</span></a></li>'."\n"; |
|
| 88 |
|
|
| 89 |
if (intval(FRONTEND_SIGNUP) > 0) |
|
| 90 |
{
|
|
| 91 |
$return_value .= '<li class="sign"><a href="'.SIGNUP_URL.'">'.$TEXT['SIGNUP'].'</a></li>'."\n"; |
|
| 92 |
} |
|
| 93 |
$return_value .= '</ul>'."\n"; |
|
| 94 |
$return_value .= '</fieldset>'."\n"; |
|
| 95 |
$return_value .= '</form>'."\n"; |
|
| 96 |
|
|
| 97 |
} elseif( (FRONTEND_LOGIN == 'enabled') && |
|
| 98 |
(is_numeric($wb->get_session('USER_ID'))) )
|
|
| 99 |
{
|
|
| 100 |
$return_value .= '<form action="'.LOGOUT_URL.'" method="post" class="login-table">'."\n"; |
|
| 101 |
$return_value .= '<fieldset>'."\n"; |
|
| 102 |
$return_value .= '<h1>'.$TEXT["LOGGED_IN"].'</h1>'."\n"; |
|
| 103 |
$return_value .= '<label>'.$TEXT['WELCOME_BACK'].', '.$wb->get_display_name().'</label>'."\n"; |
|
| 104 |
$return_value .= '<p><input type="submit" name="submit" value="'.$MENU['LOGOUT'].'" class="dbutton" /></p>'."\n"; |
|
| 105 |
$return_value .= '<ul class="logout-advance">'."\n"; |
|
| 106 |
$return_value .= '<li class="preference"><a href="'.PREFERENCES_URL.'" title="'.$MENU['PREFERENCES'].'">'.$MENU['PREFERENCES'].'</a></li>'."\n"; |
|
| 107 |
|
|
| 108 |
if ($wb->ami_group_member('1')) //change ot the group that should get special links
|
|
| 109 |
{
|
|
| 110 |
$return_admin .= '<li class="admin"><a target="_blank" href="'.ADMIN_URL.'/index.php" title="'.$TEXT['ADMINISTRATION'].'" class="blank_target">'.$TEXT["ADMINISTRATION"].'</a></li>'."\n"; |
|
| 111 |
//you can add more links for your users like userpage, lastchangedpages or something |
|
| 112 |
$return_value .= $return_admin; |
|
| 113 |
} |
|
| 114 |
//change ot the group that should get special links |
|
| 115 |
if( get_permission('pages_modify') && get_page_permission( PAGE_ID ) )
|
|
| 116 |
{
|
|
| 117 |
$return_value .= '<li class="modify"><a target="_blank" href="'.ADMIN_URL.'/pages/modify.php?page_id='.PAGE_ID.'" title="'.$HEADING['MODIFY_PAGE'].'" class="blank_target">'.$HEADING['MODIFY_PAGE'].'</a></li>'."\n"; |
|
| 118 |
} |
|
| 119 |
$return_value .= '</ul>'."\n"; |
|
| 120 |
$return_value .= '</fieldset>'."\n"; |
|
| 121 |
$return_value .= '</form>'."\n"; |
|
| 122 |
} |
|
| 123 |
$return_value .= '</div>'."\n"; |
|
| 124 |
return $return_value; |
|
| 5 |
global $wb,$page_id,$TEXT, $MENU, $HEADING; |
|
| 6 |
|
|
| 7 |
$return_value = '<div class="login-box">'."\n"; |
|
| 8 |
$return_admin = ' '; |
|
| 9 |
// Return a system permission |
|
| 10 |
function get_permission($name, $type = 'system') |
|
| 11 |
{
|
|
| 12 |
global $wb; |
|
| 13 |
// Append to permission type |
|
| 14 |
$type .= '_permissions'; |
|
| 15 |
// Check if we have a section to check for |
|
| 16 |
if($name == 'start') {
|
|
| 17 |
return true; |
|
| 18 |
} else {
|
|
| 19 |
// Set system permissions var |
|
| 20 |
$system_permissions = $wb->get_session('SYSTEM_PERMISSIONS');
|
|
| 21 |
// Set module permissions var |
|
| 22 |
$module_permissions = $wb->get_session('MODULE_PERMISSIONS');
|
|
| 23 |
// Set template permissions var |
|
| 24 |
$template_permissions = $wb->get_session('TEMPLATE_PERMISSIONS');
|
|
| 25 |
// Return true if system perm = 1 |
|
| 26 |
if (isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) {
|
|
| 27 |
if($type == 'system_permissions') {
|
|
| 28 |
return true; |
|
| 29 |
} else {
|
|
| 30 |
return false; |
|
| 31 |
} |
|
| 32 |
} else {
|
|
| 33 |
if($type == 'system_permissions') {
|
|
| 34 |
return false; |
|
| 35 |
} else {
|
|
| 36 |
return true; |
|
| 37 |
} |
|
| 38 |
} |
|
| 39 |
} |
|
| 40 |
} |
|
| 41 |
|
|
| 42 |
function get_page_permission($page, $action='admin') {
|
|
| 43 |
if ($action!='viewing'){ $action='admin';}
|
|
| 44 |
$action_groups=$action.'_groups'; |
|
| 45 |
$action_users=$action.'_users'; |
|
| 46 |
if (is_array($page)) {
|
|
| 47 |
$groups=$page[$action_groups]; |
|
| 48 |
$users=$page[$action_users]; |
|
| 49 |
} else {
|
|
| 50 |
global $database,$wb; |
|
| 51 |
$results = $database->query("SELECT $action_groups,$action_users FROM ".TABLE_PREFIX."pages WHERE page_id = '$page'");
|
|
| 52 |
$result = $results->fetchRow(); |
|
| 53 |
$groups = explode(',', str_replace('_', '', $result[$action_groups]));
|
|
| 54 |
$users = explode(',', str_replace('_', '', $result[$action_users]));
|
|
| 55 |
} |
|
| 56 |
|
|
| 57 |
$in_group = FALSE; |
|
| 58 |
foreach($wb->get_groups_id() as $cur_gid){
|
|
| 59 |
if (in_array($cur_gid, $groups)) {
|
|
| 60 |
$in_group = TRUE; |
|
| 61 |
} |
|
| 62 |
} |
|
| 63 |
if((!$in_group) AND !is_numeric(array_search($wb->get_user_id(), $users))) {
|
|
| 64 |
return false; |
|
| 65 |
} |
|
| 66 |
return true; |
|
| 67 |
} |
|
| 68 |
|
|
| 69 |
// Get redirect |
|
| 70 |
$redirect_url = ''; |
|
| 71 |
$redirect_url = (isset($_SERVER['HTTP_REFERER']) && ($redirect_url=='') ? '<input type="hidden" name="url" value="'.$_SERVER['HTTP_REFERER'].'" />'."\n" : $redirect_url ); |
|
| 72 |
$redirect_url = isset($redirect)&&($redirect!='') ? '<input type="hidden" name="url" value="'.$redirect.'" />'."\n" : $redirect_url; |
|
| 73 |
|
|
| 74 |
if ( ( FRONTEND_LOGIN == 'enabled') && |
|
| 75 |
( VISIBILITY != 'private') && |
|
| 76 |
( $wb->get_session('USER_ID') == '') )
|
|
| 77 |
{
|
|
| 78 |
$return_value .= '<form action="'.LOGIN_URL.'" method="post">'."\n"; |
|
| 79 |
$return_value .= $redirect_url."\n"; |
|
| 80 |
$return_value .= '<fieldset>'."\n"; |
|
| 81 |
$return_value .= '<h1>'.$TEXT['LOGIN'].'</h1>'."\n"; |
|
| 82 |
$return_value .= '<label for="username">'.$TEXT['USERNAME'].':</label>'."\n"; |
|
| 83 |
$return_value .= '<p><input type="text" name="username" id="username" /></p>'."\n"; |
|
| 84 |
$return_value .= '<label for="password">'.$TEXT['PASSWORD'].':</label>'."\n"; |
|
| 85 |
$return_value .= '<p><input type="password" name="password" id="password"/></p>'."\n"; |
|
| 86 |
$return_value .= '<p><input type="submit" id="submit" value="'.$TEXT['LOGIN'].'" class="dbutton" /></p>'."\n"; |
|
| 87 |
$return_value .= '<ul class="login-advance">'."\n"; |
|
| 88 |
$return_value .= '<li class="forgot"><a href="'.FORGOT_URL.'"><span>'.$TEXT['FORGOT_DETAILS'].'</span></a></li>'."\n"; |
|
| 89 |
|
|
| 90 |
if (intval(FRONTEND_SIGNUP) > 0) |
|
| 91 |
{
|
|
| 92 |
$return_value .= '<li class="sign"><a href="'.SIGNUP_URL.'">'.$TEXT['SIGNUP'].'</a></li>'."\n"; |
|
| 93 |
} |
|
| 94 |
$return_value .= '</ul>'."\n"; |
|
| 95 |
$return_value .= '</fieldset>'."\n"; |
|
| 96 |
$return_value .= '</form>'."\n"; |
|
| 97 |
|
|
| 98 |
} elseif( (FRONTEND_LOGIN == 'enabled') && |
|
| 99 |
(is_numeric($wb->get_session('USER_ID'))) )
|
|
| 100 |
{
|
|
| 101 |
$return_value .= '<form action="'.LOGOUT_URL.'" method="post" class="login-table">'."\n"; |
|
| 102 |
$return_value .= '<fieldset>'."\n"; |
|
| 103 |
$return_value .= '<h1>'.$TEXT["LOGGED_IN"].'</h1>'."\n"; |
|
| 104 |
$return_value .= '<label>'.$TEXT['WELCOME_BACK'].', '.$wb->get_display_name().'</label>'."\n"; |
|
| 105 |
$return_value .= '<p><input type="submit" name="submit" value="'.$MENU['LOGOUT'].'" class="dbutton" /></p>'."\n"; |
|
| 106 |
$return_value .= '<ul class="logout-advance">'."\n"; |
|
| 107 |
$return_value .= '<li class="preference"><a href="'.PREFERENCES_URL.'" title="'.$MENU['PREFERENCES'].'">'.$MENU['PREFERENCES'].'</a></li>'."\n"; |
|
| 108 |
|
|
| 109 |
if ($wb->ami_group_member('1')) //change ot the group that should get special links
|
|
| 110 |
{
|
|
| 111 |
$return_admin .= '<li class="admin"><a target="_blank" href="'.ADMIN_URL.'/index.php" title="'.$TEXT['ADMINISTRATION'].'" class="blank_target">'.$TEXT["ADMINISTRATION"].'</a></li>'."\n"; |
|
| 112 |
//you can add more links for your users like userpage, lastchangedpages or something |
|
| 113 |
$return_value .= $return_admin; |
|
| 114 |
} |
|
| 115 |
//change ot the group that should get special links |
|
| 116 |
if( get_permission('pages_modify') && get_page_permission( PAGE_ID ) )
|
|
| 117 |
{
|
|
| 118 |
$return_value .= '<li class="modify"><a target="_blank" href="'.ADMIN_URL.'/pages/modify.php?page_id='.PAGE_ID.'" title="'.$HEADING['MODIFY_PAGE'].'" class="blank_target">'.$HEADING['MODIFY_PAGE'].'</a></li>'."\n"; |
|
| 119 |
} |
|
| 120 |
$return_value .= '</ul>'."\n"; |
|
| 121 |
$return_value .= '</fieldset>'."\n"; |
|
| 122 |
$return_value .= '</form>'."\n"; |
|
| 123 |
} |
|
| 124 |
$return_value .= '</div>'."\n"; |
|
| 125 |
return $return_value; |
|
Also available in: Unified diff
! security fixes media, groups, users, sections
! reworked add sections in pages
! fix set empty href in show_menu2
! set show_menu2 version to 4.9.6
! reworked Droplet LoginBox, add redirect query
- remove unneeded folder js
! set Droplet to version 1.1.0
+ add checkboxes to change frontend absolute url to relative urls
! set output_filter version to 0.2