From 6185e517923e4bc2e64cfc6bcd39c6df4b455316 Mon Sep 17 00:00:00 2001 From: neoraider Date: Thu, 19 Jan 2006 01:11:03 +0000 Subject: Cookie-Login aktiviert. Handler nochmal etwas ?berarbeitet. Seiten k?nnen jetzt bearbeitet werden. --- code/pages.inc.php | 37 ++++++++++++++++++++++++++++++------- code/user.inc.php | 8 ++++++++ 2 files changed, 38 insertions(+), 7 deletions(-) (limited to 'code') diff --git a/code/pages.inc.php b/code/pages.inc.php index 541b0ea..f24f283 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -9,7 +9,7 @@ class Pages { function Get($name, $type) { if(!$this->Exists($name, $type)) { - $message = $GLOBALS['handlers']['default']->HandleErrorMessage('PageNotFound', array('page' => $name)); + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -19,7 +19,7 @@ $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); if(!$this->HasAccess($name, $type)) { - $message = $GLOBALS['handlers'][$res->fields[0]]->HandleErrorMessage('Forbidden', array('page' => $name)); + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -30,7 +30,33 @@ $data = array_map('stripslashes', $data); $data['_page'] = $name; - return $GLOBALS['handlers'][$res->fields[0]]->HandleContentData($data); + return $GLOBALS['handlers'][$res->fields[0]]->Get($data); + } + + function Edit($name, $type) { + if(!$this->Exists($name, $type)) { + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); + + if(!$GLOBALS['user']->IsAdmin()) { + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + parse_str($res->fields[1], $data); + $data = array_map('stripslashes', $data); + $data['_page'] = $name; + + return $GLOBALS['handlers'][$res->fields[0]]->Edit($data); } function Exists($name, $type) { @@ -40,12 +66,9 @@ } function HasAccess($name, $type) { - $user = $GLOBALS['user']; - $res = DBQuery('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type)); - return ((($user->GetUid() != 0) && ($user->GetGid() == 0)) - || ($res->fields[0] & (1 << $user->GetGid())) != 0); + return ($GLOBALS['user']->IsAdmin() || ($res->fields[0] & (1 << $GLOBALS['user']->GetGid())) != 0); } } diff --git a/code/user.inc.php b/code/user.inc.php index 34b12f2..4899612 100644 --- a/code/user.inc.php +++ b/code/user.inc.php @@ -53,6 +53,8 @@ $this->type = 'url'; $this->key = $sid . $id; + setcookie('login', $this->key); + return $id; } @@ -67,6 +69,12 @@ $this->type = ''; $this->key = ''; + + setcookie('login'); + } + + function IsAdmin() { + return ($this->uid != 0 && $this->gid == 0); } function GetUid() { -- cgit v1.2.3