diff options
author | neoraider <devnull@localhost> | 2006-01-19 02:11:03 +0100 |
---|---|---|
committer | neoraider <devnull@localhost> | 2006-01-19 02:11:03 +0100 |
commit | 6185e517923e4bc2e64cfc6bcd39c6df4b455316 (patch) | |
tree | 16fbed1bb2fee5940ed08a91e69dd0604dc8bda3 /code | |
parent | c630a2d50349c57660cfc98eb13ec71444b27610 (diff) | |
download | neon-6185e517923e4bc2e64cfc6bcd39c6df4b455316.tar neon-6185e517923e4bc2e64cfc6bcd39c6df4b455316.zip |
Cookie-Login aktiviert. Handler nochmal etwas ?berarbeitet. Seiten k?nnen jetzt bearbeitet werden.
Diffstat (limited to 'code')
-rw-r--r-- | code/pages.inc.php | 37 | ||||
-rw-r--r-- | code/user.inc.php | 8 |
2 files changed, 38 insertions, 7 deletions
diff --git a/code/pages.inc.php b/code/pages.inc.php index 541b0ea..f24f283 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -9,7 +9,7 @@ class Pages { function Get($name, $type) { if(!$this->Exists($name, $type)) { - $message = $GLOBALS['handlers']['default']->HandleErrorMessage('PageNotFound', array('page' => $name)); + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -19,7 +19,7 @@ $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); if(!$this->HasAccess($name, $type)) { - $message = $GLOBALS['handlers'][$res->fields[0]]->HandleErrorMessage('Forbidden', array('page' => $name)); + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -30,7 +30,33 @@ $data = array_map('stripslashes', $data); $data['_page'] = $name; - return $GLOBALS['handlers'][$res->fields[0]]->HandleContentData($data); + return $GLOBALS['handlers'][$res->fields[0]]->Get($data); + } + + function Edit($name, $type) { + if(!$this->Exists($name, $type)) { + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); + + if(!$GLOBALS['user']->IsAdmin()) { + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + parse_str($res->fields[1], $data); + $data = array_map('stripslashes', $data); + $data['_page'] = $name; + + return $GLOBALS['handlers'][$res->fields[0]]->Edit($data); } function Exists($name, $type) { @@ -40,12 +66,9 @@ } function HasAccess($name, $type) { - $user = $GLOBALS['user']; - $res = DBQuery('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type)); - return ((($user->GetUid() != 0) && ($user->GetGid() == 0)) - || ($res->fields[0] & (1 << $user->GetGid())) != 0); + return ($GLOBALS['user']->IsAdmin() || ($res->fields[0] & (1 << $GLOBALS['user']->GetGid())) != 0); } } diff --git a/code/user.inc.php b/code/user.inc.php index 34b12f2..4899612 100644 --- a/code/user.inc.php +++ b/code/user.inc.php @@ -53,6 +53,8 @@ $this->type = 'url'; $this->key = $sid . $id; + setcookie('login', $this->key); + return $id; } @@ -67,6 +69,12 @@ $this->type = ''; $this->key = ''; + + setcookie('login'); + } + + function IsAdmin() { + return ($this->uid != 0 && $this->gid == 0); } function GetUid() { |