Revision 1782
Added by Dietmar about 12 years ago
class.login.php | ||
---|---|---|
3 | 3 |
* |
4 | 4 |
* @category framework |
5 | 5 |
* @package backend login |
6 |
* @author Ryan Djurovich, WebsiteBaker Project |
|
7 |
* @copyright 2009-2012, Website Baker Org. e.V.
|
|
6 |
* @author Ryan Djurovich (2004-2009), WebsiteBaker Project
|
|
7 |
* @copyright 2009-2012, WebsiteBaker Org. e.V. |
|
8 | 8 |
* @link http://www.websitebaker2.org/ |
9 | 9 |
* @license http://www.gnu.org/licenses/gpl.html |
10 | 10 |
* @platform WebsiteBaker 2.8.x |
... | ... | |
24 | 24 |
define('LOGIN_CLASS_LOADED', true); |
25 | 25 |
|
26 | 26 |
// Load the other required class files if they are not already loaded |
27 |
require_once(WB_PATH."/framework/class.admin.php");
|
|
27 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
|
|
28 | 28 |
// Get WB version |
29 | 29 |
require_once(ADMIN_PATH.'/interface/version.php'); |
30 | 30 |
|
... | ... | |
140 | 140 |
$sql = 'SELECT * FROM `'.$this->users_table.'` '; |
141 | 141 |
$sql .= 'WHERE `username`=\''.$loginname.'\' AND `password`=\''.$this->password.'\' AND `active`=1'; |
142 | 142 |
$results = $database->query($sql); |
143 |
$results_array = $results->fetchRow(); |
|
143 |
$results_array = $results->fetchRow(MYSQL_ASSOC);
|
|
144 | 144 |
$num_rows = $results->numRows(); |
145 | 145 |
if($num_rows == 1) { |
146 | 146 |
$user_id = $results_array['user_id']; |
... | ... | |
188 | 188 |
$_SESSION['TEMPLATE_PERMISSIONS'] = array(); |
189 | 189 |
$_SESSION['GROUP_NAME'] = array(); |
190 | 190 |
|
191 |
|
|
192 |
|
|
191 | 193 |
$first_group = true; |
192 | 194 |
foreach (explode(",", $this->get_session('GROUPS_ID')) as $cur_group_id) |
193 | 195 |
{ |
... | ... | |
196 | 198 |
$results_array = $results->fetchRow(); |
197 | 199 |
$_SESSION['GROUP_NAME'][$cur_group_id] = $results_array['name']; |
198 | 200 |
// Set system permissions |
199 |
if($results_array['system_permissions'] != '') {
|
|
201 |
if( $results_array['system_permissions'] != '' ) {
|
|
200 | 202 |
$_SESSION['SYSTEM_PERMISSIONS'] = array_merge($_SESSION['SYSTEM_PERMISSIONS'], explode(',', $results_array['system_permissions'])); |
201 | 203 |
} |
202 | 204 |
// Set module permissions |
203 |
if($results_array['module_permissions'] != '') {
|
|
205 |
if( $results_array['module_permissions'] != '' ) {
|
|
204 | 206 |
if ($first_group) { |
205 |
$_SESSION['MODULE_PERMISSIONS'] = explode(',', $results_array['module_permissions']); |
|
206 |
} else { |
|
207 |
$_SESSION['MODULE_PERMISSIONS'] = array_intersect($_SESSION['MODULE_PERMISSIONS'], explode(',', $results_array['module_permissions'])); |
|
207 |
$_SESSION['MODULE_PERMISSIONS'] = explode(',', $results_array['module_permissions']);
|
|
208 |
} else {
|
|
209 |
$_SESSION['MODULE_PERMISSIONS'] = array_intersect($_SESSION['MODULE_PERMISSIONS'], explode(',', $results_array['module_permissions']));
|
|
208 | 210 |
} |
209 | 211 |
} |
210 | 212 |
// Set template permissions |
211 | 213 |
if($results_array['template_permissions'] != '') { |
212 | 214 |
if ($first_group) { |
213 |
$_SESSION['TEMPLATE_PERMISSIONS'] = explode(',', $results_array['template_permissions']); |
|
214 |
} else { |
|
215 |
$_SESSION['TEMPLATE_PERMISSIONS'] = array_intersect($_SESSION['TEMPLATE_PERMISSIONS'], explode(',', $results_array['template_permissions'])); |
|
215 |
$_SESSION['TEMPLATE_PERMISSIONS'] = explode(',', $results_array['template_permissions']);
|
|
216 |
} else {
|
|
217 |
$_SESSION['TEMPLATE_PERMISSIONS'] = array_intersect($_SESSION['TEMPLATE_PERMISSIONS'], explode(',', $results_array['template_permissions']));
|
|
216 | 218 |
} |
217 | 219 |
} |
218 | 220 |
$first_group = false; |
219 | 221 |
} |
220 | 222 |
|
223 |
if( $this->ami_group_member('1')) { |
|
224 |
$_SESSION['MODULE_PERMISSIONS'] = array(); |
|
225 |
$_SESSION['TEMPLATE_PERMISSIONS'] = array(); |
|
226 |
} |
|
227 |
|
|
221 | 228 |
// Update the users table with current ip and timestamp |
222 | 229 |
$get_ts = time(); |
223 | 230 |
$get_ip = $_SERVER['REMOTE_ADDR']; |
Also available in: Unified diff
+ add maintance modus in backend