diff options
| author |   Preston Cody <codeman@gentoo.org> | 2007-04-02 01:34:35 +0000 |
|---|---|---|
| committer | Preston Cody <codeman@gentoo.org> | 2007-04-02 01:34:35 +0000 |
| commit | a13066e5f2be93b04bd0ee13dc11e75c562ddfe9 (patch) | |
| tree | 03d6f83405121ae22e1b193492ba6e8fe74ea573 /scire | |
| parent | simplifying code to take out double-queries for userid (diff) | |
| download | scire-a13066e5f2be93b04bd0ee13dc11e75c562ddfe9.tar.gz scire-a13066e5f2be93b04bd0ee13dc11e75c562ddfe9.tar.bz2 scire-a13066e5f2be93b04bd0ee13dc11e75c562ddfe9.zip | |
disable caching for the time being. don't think it works anyways.
removed some excess junk lines. removed extra include
added two access-checking functions. the first just returns true or false
the second will divert to an error page if access is not given.
svn path=/; revision=192
Diffstat (limited to 'scire')
| -rw-r--r-- | scire/.lib/phpGACL.php | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/scire/.lib/phpGACL.php b/scire/.lib/phpGACL.php index 3e37615..dfceebf 100644 --- a/scire/.lib/phpGACL.php +++ b/scire/.lib/phpGACL.php @@ -2,7 +2,6 @@ require_once($path . './phpgacl/gacl.class.php'); require_once($path . './phpgacl/gacl_api.class.php'); -require_once($path . './phpgacl/admin/gacl_admin_api.class.php'); #Not necessary. $gacl_options = array( 'db_type' => 'mysql', @@ -11,12 +10,38 @@ $gacl_options = array( 'db_password' => $db_password, 'db_name' => $db_name, 'db_table_prefix' => 'gacl_', - 'caching' => 'FALSE', +# 'caching' => 'FALSE', 'smarty_dir' => preg_replace('/\/$/', '', $smarty_dir), 'smarty_template_dir' => 'templates', 'smarty_compile_dir' => 'templates_c' ); -$acl = new gacl_admin_api($gacl_options); #can be gacl_api +$acl = new gacl_api($gacl_options); #can be gacl_api +function check_access($permname) { + global $acl; + global $scire_ui_section; + if ($_SESSION['username'] == "root") { return True; } #godmode + if ($acl->acl_check($scire_ui_section, $permname, "users", $_SESSION['username'],$scire_ui_section, $scire_ui_section) ) { + return True; + } else { + return False; + } + return False; +} + +function check_action_access($permname) { #Same as above but aborts the page for you. + global $acl; + global $scire_ui_section; + if ($_SESSION['username'] == "root") { return True; } #iddqd + $result = $acl->acl_check($scire_ui_section, $permname, "users", $_SESSION['username'],$scire_ui_section, $scire_ui_section); + if ($result) { + #print "Access Granted! $result"; + return True; + } else { + header('Location: ' . $baseurl . 'access_error.php?perm=' . urlencode($permname)); + exit(0); + #print "DENIED! " + $result; + } +} ?> |