Mambo > Projects > Mambo CMS > SVN

Diff of /mambo/branches/4.6/administrator/includes/admin.php

-revision 116, Sat Jan  7 19:49:26 2006 UTC
+revision 117, Sat Jan  7 21:26:39 2006 UTC
 Line 29
  * @param int 0 = no style, 1 = tabbed
  */
  function mosLoadAdminModules( $position='left', $style=0 ) {
-         global $database, $acl, $my;
+         global $database, $my, $acl;
          $cache =& mosCache::getCache( 'com_content' );
 Line 46
                  echo "MA ".$database->stderr(true);
                  return;
          }
+         if (!$modules) $modules = array();
          switch ($style) {
              case 0:
-Line 67
+Line 68
                          foreach ($modules as $module) {
                                  $params =& new mosParameters( $module->params );
                                  $editAllComponents      = $acl->acl_check( 'administration', 'edit', 'users', $my->usertype, 'components', 'all' );
+ //                              $authoriser = new mosAuthoriser($database);
+ //                              $editAllComponents = $authoriser->checkPermission('mosUser', $my->id, 'edit', 'editAllComponents', 0);
                                  // special handling for components module
                                  if ( $module->module != 'mod_components' || ( $module->module == 'mod_components' && $editAllComponents ) ) {
                                          $tabs->startTab( $module->title, 'module' . $module->id );
-Line 101
+Line 104
  */
  function mosLoadAdminModule( $name, $params=NULL ) {
          global $mosConfig_absolute_path, $mosConfig_live_site;
-         global $database, $acl, $my, $mainframe, $option;
+         global $database, $my, $mainframe, $option, $acl;
          $task = mosGetParam( $_REQUEST, 'task', '' );
          // legacy support for $act
-Line 272
+Line 275
          return $ret;
  }
+ function &checkAdminSession (&$database) {
+         // restore some session variables
+         $my = new mosUser( $database );
+         $my->id = mosGetParam( $_SESSION, 'session_user_id', '' );
+         $my->username = mosGetParam( $_SESSION, 'session_username', '' );
+         $my->usertype = mosGetParam( $_SESSION, 'session_usertype', '' );
+         $my->gid = mosGetParam( $_SESSION, 'session_gid', '' );
+         $session_id = mosGetParam( $_SESSION, 'session_id', '' );
+         $logintime = mosGetParam( $_SESSION, 'session_logintime', '' );
+         // check against db record of session
+         if ($session_id == md5( $my->id.$my->username.$my->usertype.$logintime )) {
+                 $database->setQuery( "SELECT * FROM #__session"
+                 . "\nWHERE session_id='$session_id'"
+                 . " AND username = '" . $database->getEscaped( $my->username ) . "'"
+                 . " AND userid = " . intval( $my->id )
+                 );
+                 if (!$result = $database->query()) {
+                         echo $database->stderr();
+                 }
+                 if ($database->getNumRows( $result ) <> 1) $my = null;
+         }
+         else $my = null;
+         if ($my) {
+                 // update session timestamp
+                 $current_time = time();
+                 $database->setQuery("UPDATE #__session SET time='$current_time' WHERE session_id='$session_id'");
+                 $database->query();
+                 // timeout old sessions
+                 $past = time()-1800;
+                 $database->setQuery( "DELETE FROM #__session WHERE time < '$past'" );
+                 $database->query();
+         }
+         return $my;
+ }
  ?>

 Legend:



Removed from v.116
 


changed lines


 
Added in v.117
 Legend:



Removed from v.116
 


changed lines


 
Added in v.117
-Removed from v.116
+Added in v.117

	ViewVC Help
Powered by ViewVC 1.0.0

Web Hosting provided by Network Redux.

MyGforge Home

Mambo CMS

Diff of /mambo/branches/4.6/administrator/includes/admin.php