+++ /dev/null
-<?php
-/***************************************************************************
- * auth.php
- * -------------------
- * begin : Saturday, Feb 13, 2001
- * copyright : (C) 2001 The phpBB Group
- * email : support@phpbb.com
- *
- * $Id: auth.php,v 1.37.2.5 2004/03/01 16:49:03 psotfx Exp $
- *
- *
- ***************************************************************************/
-
-/***************************************************************************
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- ***************************************************************************/
-
-/*
- $type's accepted (pre-pend with AUTH_):
- VIEW, READ, POST, REPLY, EDIT, DELETE, STICKY, ANNOUNCE, VOTE, POLLCREATE
-
- Possible options ($type/forum_id combinations):
-
- * If you include a type and forum_id then a specific lookup will be done and
- the single result returned
-
- * If you set type to AUTH_ALL and specify a forum_id an array of all auth types
- will be returned
-
- * If you provide a forum_id a specific lookup on that forum will be done
-
- * If you set forum_id to AUTH_LIST_ALL and specify a type an array listing the
- results for all forums will be returned
-
- * If you set forum_id to AUTH_LIST_ALL and type to AUTH_ALL a multidimensional
- array containing the auth permissions for all types and all forums for that
- user is returned
-
- All results are returned as associative arrays, even when a single auth type is
- specified.
-
- If available you can send an array (either one or two dimensional) containing the
- forum auth levels, this will prevent the auth function having to do its own
- lookup
-*/
-function auth($type, $forum_id, $userdata, $f_access = '')
-{
- global $db, $lang;
-
- switch( $type )
- {
- case AUTH_ALL:
- $a_sql = 'a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_delete, a.auth_sticky, a.auth_announce, a.auth_vote, a.auth_pollcreate';
- $auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
- break;
-
- case AUTH_VIEW:
- $a_sql = 'a.auth_view';
- $auth_fields = array('auth_view');
- break;
-
- case AUTH_READ:
- $a_sql = 'a.auth_read';
- $auth_fields = array('auth_read');
- break;
- case AUTH_POST:
- $a_sql = 'a.auth_post';
- $auth_fields = array('auth_post');
- break;
- case AUTH_REPLY:
- $a_sql = 'a.auth_reply';
- $auth_fields = array('auth_reply');
- break;
- case AUTH_EDIT:
- $a_sql = 'a.auth_edit';
- $auth_fields = array('auth_edit');
- break;
- case AUTH_DELETE:
- $a_sql = 'a.auth_delete';
- $auth_fields = array('auth_delete');
- break;
-
- case AUTH_ANNOUNCE:
- $a_sql = 'a.auth_announce';
- $auth_fields = array('auth_announce');
- break;
- case AUTH_STICKY:
- $a_sql = 'a.auth_sticky';
- $auth_fields = array('auth_sticky');
- break;
-
- case AUTH_POLLCREATE:
- $a_sql = 'a.auth_pollcreate';
- $auth_fields = array('auth_pollcreate');
- break;
- case AUTH_VOTE:
- $a_sql = 'a.auth_vote';
- $auth_fields = array('auth_vote');
- break;
- case AUTH_ATTACH:
- break;
-
- default:
- break;
- }
-
- //
- // If f_access has been passed, or auth is needed to return an array of forums
- // then we need to pull the auth information on the given forum (or all forums)
- //
- if ( empty($f_access) )
- {
- $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "WHERE a.forum_id = $forum_id" : '';
-
- $sql = "SELECT a.forum_id, $a_sql
- FROM " . FORUMS_TABLE . " a
- $forum_match_sql";
- if ( !($result = $db->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql);
- }
-
- $sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset';
-
- if ( !($f_access = $db->$sql_fetchrow($result)) )
- {
- $db->sql_freeresult($result);
- return array();
- }
- $db->sql_freeresult($result);
- }
-
- //
- // If the user isn't logged on then all we need do is check if the forum
- // has the type set to ALL, if yes they are good to go, if not then they
- // are denied access
- //
- $u_access = array();
- if ( $userdata['session_logged_in'] )
- {
- $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "AND a.forum_id = $forum_id" : '';
-
- $sql = "SELECT a.forum_id, $a_sql, a.auth_mod
- FROM " . AUTH_ACCESS_TABLE . " a, " . USER_GROUP_TABLE . " ug
- WHERE ug.user_id = ".$userdata['user_id']. "
- AND ug.user_pending = 0
- AND a.group_id = ug.group_id
- $forum_match_sql";
- if ( !($result = $db->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql);
- }
-
- if ( $row = $db->sql_fetchrow($result) )
- {
- do
- {
- if ( $forum_id != AUTH_LIST_ALL)
- {
- $u_access[] = $row;
- }
- else
- {
- $u_access[$row['forum_id']][] = $row;
- }
- }
- while( $row = $db->sql_fetchrow($result) );
- }
- $db->sql_freeresult($result);
- }
-
- $is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? TRUE : 0;
-
- $auth_user = array();
- for($i = 0; $i < count($auth_fields); $i++)
- {
- $key = $auth_fields[$i];
-
- //
- // If the user is logged on and the forum type is either ALL or REG then the user has access
- //
- // If the type if ACL, MOD or ADMIN then we need to see if the user has specific permissions
- // to do whatever it is they want to do ... to do this we pull relevant information for the
- // user (and any groups they belong to)
- //
- // Now we compare the users access level against the forums. We assume here that a moderator
- // and admin automatically have access to an ACL forum, similarly we assume admins meet an
- // auth requirement of MOD
- //
- if ( $forum_id != AUTH_LIST_ALL )
- {
- $value = $f_access[$key];
-
- switch( $value )
- {
- case AUTH_ALL:
- $auth_user[$key] = TRUE;
- $auth_user[$key . '_type'] = $lang['Auth_Anonymous_Users'];
- break;
-
- case AUTH_REG:
- $auth_user[$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0;
- $auth_user[$key . '_type'] = $lang['Auth_Registered_Users'];
- break;
-
- case AUTH_ACL:
- $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0;
- $auth_user[$key . '_type'] = $lang['Auth_Users_granted_access'];
- break;
-
- case AUTH_MOD:
- $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
- $auth_user[$key . '_type'] = $lang['Auth_Moderators'];
- break;
-
- case AUTH_ADMIN:
- $auth_user[$key] = $is_admin;
- $auth_user[$key . '_type'] = $lang['Auth_Administrators'];
- break;
-
- default:
- $auth_user[$key] = 0;
- break;
- }
- }
- else
- {
- for($k = 0; $k < count($f_access); $k++)
- {
- $value = $f_access[$k][$key];
- $f_forum_id = $f_access[$k]['forum_id'];
-
- switch( $value )
- {
- case AUTH_ALL:
- $auth_user[$f_forum_id][$key] = TRUE;
- $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_Users'];
- break;
-
- case AUTH_REG:
- $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0;
- $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Registered_Users'];
- break;
-
- case AUTH_ACL:
- $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin) : 0;
- $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Users_granted_access'];
- break;
-
- case AUTH_MOD:
- $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0;
- $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Moderators'];
- break;
-
- case AUTH_ADMIN:
- $auth_user[$f_forum_id][$key] = $is_admin;
- $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Administrators'];
- break;
-
- default:
- $auth_user[$f_forum_id][$key] = 0;
- break;
- }
- }
- }
- }
-
- //
- // Is user a moderator?
- //
- if ( $forum_id != AUTH_LIST_ALL )
- {
- $auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
- }
- else
- {
- for($k = 0; $k < count($f_access); $k++)
- {
- $f_forum_id = $f_access[$k]['forum_id'];
-
- $auth_user[$f_forum_id]['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0;
- }
- }
-
- return $auth_user;
-}
-
-function auth_check_user($type, $key, $u_access, $is_admin)
-{
- $auth_user = 0;
-
- if ( count($u_access) )
- {
- for($j = 0; $j < count($u_access); $j++)
- {
- $result = 0;
- switch($type)
- {
- case AUTH_ACL:
- $result = $u_access[$j][$key];
-
- case AUTH_MOD:
- $result = $result || $u_access[$j]['auth_mod'];
-
- case AUTH_ADMIN:
- $result = $result || $is_admin;
- break;
- }
-
- $auth_user = $auth_user || $result;
- }
- }
- else
- {
- $auth_user = $is_admin;
- }
-
- return $auth_user;
-}
-
-?>
\ No newline at end of file