[ros-diffs] [dgoette] 37569: * moved login.php -> Login::required() * use new class ThisUser to reference the logged in user * use new class to get rid of more global vars * fix minor bugs

Author: dgoette Date: Sat Nov 22 17:51:18 2008 New Revision: 37569

URL: http://svn.reactos.org/svn/reactos?rev=37569&view=rev Log: * moved login.php -> Login::required() * use new class ThisUser to reference the logged in user * use new class to get rid of more global vars * fix minor bugs

Added: branches/danny-web/reactos.org/htdocs/roscms/lib/ThisUser.class.php Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Date.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Editor.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_HTML.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Maintain.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_QuickInfo.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Maintain.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Welcome.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Log.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/ROSUser.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php

Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -46,10 +46,6 @@ // Global Vars: $rpm_page=""; $rpm_lang=""; - - - // this vars will be removed soon - $roscms_intern_login_check_username="";

if (array_key_exists("page", $_GET)) $rpm_page=htmlspecialchars($_GET["page"]); if (array_key_exists("lang", $_GET)) $rpm_lang=htmlspecialchars($_GET["lang"]); @@ -112,7 +108,7 @@ $text = str_replace(' ','',$text); $text = str_replace("\t",'',$text); $text = str_replace("\n",'',$text); - echo str_replace("\n",'',$text); + echo str_replace("\r",'',$text); }

Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -20,8 +20,7 @@

define('ROSCMS_PATH', '../'); require('../lib/RosCMS_Autoloader.class.php'); - require('../login.php'); - global $roscms_intern_account_id; + Login::required(); ?> function filtpopulatehelper(objidval, objidval2, filterid) { var filtentryselstr = ''; @@ -72,7 +71,7 @@ filtentryselstrs1 = '<select id="sfb'+filterid+'"><option value="is">is</option><option value="no">is not</option></select>'; filtentryselstrs2 = '<select id="sfc'+filterid+'"><?php

- $user_lang = ROSUser::getLanguage($roscms_intern_account_id, true); + $user_lang = ROSUser::getLanguage(ThisUser::getInstance()->id(), true);

$stmt=DBConnection::getInstance()->prepare("SELECT lang_id, lang_name FROM languages WHERE lang_level > '0' ORDER BY lang_name ASC"); $stmt->execute();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -30,9 +30,8 @@

public function __construct( ) { - require('login.php'); - - + Login::required(); + $this->manage(); } // end of member function __construct

@@ -49,7 +48,7 @@ */ private function manage( ) { - global $roscms_intern_account_id; + $thisuser = &ThisUser::getInstance();

// they need some standard values $action = (isset($_GET['d_val']) ? $_GET['d_val'] : ''); @@ -66,7 +65,7 @@

// check if filter already exists $stmt=DBConnection::getInstance()->prepare("SELECT 1 FROM data_user_filter WHERE filt_usrid = :user_id AND filt_title = :title AND filt_type = :type LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->bindParam('title',$filter_title,PDO::PARAM_STR); $stmt->bindParam('type',$this->type_num,PDO::PARAM_INT); $stmt->execute(); @@ -74,7 +73,7 @@

// insert new filter $stmt=DBConnection::getInstance()->prepare("INSERT INTO data_user_filter ( filt_id , filt_usrid , filt_title , filt_type , filt_string , filt_datetime , filt_usage , filt_usagedate ) VALUES ( NULL, :user_id, :title, :type, :string, NOW(), 1, NOW() )"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->bindParam('title',$filter_title,PDO::PARAM_STR); $stmt->bindParam('type',$this->type_num,PDO::PARAM_INT); $stmt->bindParam('string',$filter_string,PDO::PARAM_STR); @@ -85,13 +84,13 @@ // delete a label $stmt=DBConnection::getInstance()->prepare("DELETE FROM data_user_filter WHERE filt_id = :filter_id AND filt_usrid = :user_id LIMIT 1"); $stmt->bindParam('filter_id',$filter_title,PDO::PARAM_INT); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); }

// echo current list of filters $stmt=DBConnection::getInstance()->prepare("SELECT filt_id, filt_title, filt_string FROM data_user_filter WHERE filt_usrid = :user_id AND filt_type = :type ORDER BY filt_title ASC"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->bindParam('type',$this->type_num,PDO::PARAM_INT); $stmt->execute(); while ($filter = $stmt->fetch(PDO::FETCH_ASSOC)) {

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -28,8 +28,8 @@

public function __construct() { - require('login.php'); - + Login::required(); + if (!isset($_GET['d_id']) || !isset($_GET['d_r_lang'])){ echo 'Missing params'; return; @@ -51,7 +51,7 @@ */ private function save( $tag_value = 'no' ) { - global $roscms_intern_account_id; + $thisuser = &ThisUser::getInstance();

$type = (isset($_GET['d_val3']) ? $_GET['d_val3'] : ''); $tag_value = (isset($_GET['d_val4']) ? $_GET['d_val4'] : 'no'); @@ -68,7 +68,7 @@ $stmt=DBConnection::getInstance()->prepare("SELECT rev_id FROM data_revision WHERE data_id = :data_id AND rev_usrid = :user_id AND rev_date = :date AND rev_language = :lang ORDER BY rev_id DESC LIMIT 1"); } $stmt->bindParam('data_id',$_GET['d_id'],PDO::PARAM_INT); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->bindValue('date',date("Y-m-d"),PDO::PARAM_STR); $stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_STR); $stmt->execute(); @@ -87,14 +87,14 @@ $stmt=DBConnection::getInstance()->prepare("INSERT INTO data_revision ( rev_id , data_id , rev_version , rev_language , rev_usrid , rev_datetime , rev_date , rev_time ) VALUES ( NULL, :data_id, 0, :lang, :user_id, NOW(), CURDATE(), CURTIME() )"); $stmt->bindParam('data_id',$_GET['d_id'],PDO::PARAM_INT); $stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_STR); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute();

// get inserted rev_id $stmt=DBConnection::getInstance()->prepare("SELECT rev_id FROM data_revision WHERE data_id = :data_id AND rev_version = 0 AND rev_language = :lang AND rev_usrid = :user_id ORDER BY rev_datetime DESC;"); $stmt->bindParam('data_id',$_GET['d_id'],PDO::PARAM_INT); $stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_STR); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); $rev_id = $stmt->fetchColumn();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -239,9 +239,8 @@ */ public static function deleteFile( $rev_id ) { - global $roscms_security_level; // only for admins - if ($roscms_security_level < 3) { + if (ThisUser::getInstance()->securityLevel() < 3) { return; }

@@ -594,7 +593,7 @@ */ public static function add($data_type = null, $lang = null, $show_output = false, $dynamic_content = false, $entry_status = 'draft', $layout_template = '') { - global $roscms_intern_account_id; + $thisuser = &ThisUser::getInstance();

$data_name = @htmlspecialchars($_GET['d_name']);

@@ -628,13 +627,13 @@ $stmt=DBConnection::getInstance()->prepare("INSERT INTO data_revision ( rev_id , data_id , rev_version , rev_language , rev_usrid , rev_datetime , rev_date , rev_time ) VALUES ( NULL, :data_id, 0, :lang, :user_id, NOW(), CURDATE(), CURTIME() )"); $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT); $stmt->bindParam('lang',$lang,PDO::PARAM_STR); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute();

$stmt=DBConnection::getInstance()->prepare("SELECT rev_id FROM data_revision WHERE data_id = :data_id AND rev_version = '0' AND rev_language = :lang AND rev_usrid = :user_id ORDER BY rev_datetime DESC"); $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT); $stmt->bindParam('lang',$lang,PDO::PARAM_STR); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); $rev_id = $stmt->fetchColumn();

@@ -695,7 +694,7 @@ Tag::add($data_id, $rev_id, 'number', $dynamic_number, -1); Tag::add($data_id, $rev_id, 'number_sort', str_pad($dynamic_number, 5, '0', STR_PAD_LEFT), -1); // padding with '0' Tag::add($data_id, $rev_id, 'pub_date', date('Y-m-d'), -1); - Tag::add($data_id, $rev_id, 'pub_user', $roscms_intern_account_id, -1); + Tag::add($data_id, $rev_id, 'pub_user', $thisuser->id(), -1); }

if ($data_type == 'page') { @@ -716,8 +715,8 @@ */ public static function evalAction( $id_list, $action, $lang = null, $label_name = null ) { - global $roscms_intern_account_id; - global $roscms_security_level; + $thisuser = &ThisUser::getInstance(); + global $roscms_standard_language;

$id_list = preg_replace('/(^|-)[0-9]+_([0-9]+)/','$2|',$id_list); @@ -740,7 +739,7 @@

// get user language $stmt_lang=DBConnection::getInstance()->prepare("SELECT user_language FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt_lang->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt_lang->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt_lang->execute(); $user_lang = $stmt_lang->fetchColumn();

@@ -762,7 +761,7 @@

// mark as stable case 'ms': - if ($roscms_security_level > 1 && ROSUser::isMemberOfGroup('transmaint')) { + if ($thisuser->securityLevel() > 1 && $thisuser->isMemberOfGroup('transmaint')) {

// check for user language if ($user_lang == '') { @@ -779,7 +778,7 @@ // renew tag $tag_id = Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'status', -1); if ($tag_id > 0) { - Tag::deleteById($tag_id, $roscms_intern_account_id); + Tag::deleteById($tag_id, $thisuser->id()); } Tag::add($revision['data_id'], $revision['rev_id'], 'status', 'stable', -1);

@@ -855,7 +854,7 @@

// mark as new case 'mn': - if ($roscms_security_level > 1 && ROSUser::isMemberOfGroup('transmaint')) { + if ($thisuser->securityLevel() > 1 && $thisuser->isMemberOfGroup('transmaint')) {

// check for user language if ($user_lang == '') { @@ -870,7 +869,7 @@ // $tag_id = Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'status', -1); if ($tag_id > 0) { - Tag::deleteById($tag_id, $roscms_intern_account_id); + Tag::deleteById($tag_id, $thisuser->id()); } Tag::add($revision['data_id'], $revision['rev_id'], 'status', 'new', -1);

@@ -881,32 +880,32 @@

// add star case 'as': - $tag_id = Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'star', $roscms_intern_account_id); + $tag_id = Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'star', $thisuser->id()); if ($tag_id > 0) { - Tag::deleteById($t_tagid, $roscms_intern_account_id); + Tag::deleteById($t_tagid, $thisuser->id()); } - Tag::add($revision['data_id'], $revision['rev_id'], 'star', 'on', $roscms_intern_account_id); + Tag::add($revision['data_id'], $revision['rev_id'], 'star', 'on', $thisuser->id()); break;

// delete star case 'xs': - $tag_id = Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'star', $roscms_intern_account_id); + $tag_id = Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'star', $thisuser->id()); if ($tag_id > 0) { - Tag::deleteById($tag_id, $roscms_intern_account_id); + Tag::deleteById($tag_id, $thisuser->id()); } break;

// add label case 'tg': - Tag::add($revision['data_id'], $revision['rev_id'], 'tag', $label_name, $roscms_intern_account_id); + Tag::add($revision['data_id'], $revision['rev_id'], 'tag', $label_name, $thisuser->id()); break;

// delete entry case 'xe': - if ($roscms_security_level > 1 || $revision['rev_usrid'] == $roscms_intern_account_id) { + if ($thisuser->securityLevel() > 1 || $revision['rev_usrid'] == $thisuser->id()) {

// copy to Archive if no admin - if ($roscms_security_level < 3) { + if ($thisuser->securityLevel() < 3) { Data::copy($revision['data_id'], $revision['rev_id'], 0, $lang); } Data::deleteFile($revision['rev_id']); @@ -941,8 +940,6 @@ */ public static function copy( $data_id, $rev_id, $archive_mode, $lang = '' ) { - global $roscms_intern_account_id; - // set archive mode dependent vars if ($archive_mode == 0) { // copy to archive @@ -1006,7 +1003,7 @@ if ($archive_mode === false) { $revision = array( 'rev_version' => '0', - 'rev_usrid' => $roscms_intern_account_id, + 'rev_usrid' => ThisUser::getInstance()->id(), 'rev_language' => $lang, 'rev_datetime' => date('Y-m-d H:i:s'), 'rev_date' => date('Y-m-d'),

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Date.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Date.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Date.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -43,10 +43,9 @@ global $rdf_user_timezone; global $rdf_user_timezone_name; global $rdf_server_timezone; - global $roscms_intern_account_id;

// calculate only for registered users - if ($roscms_intern_account_id > 1) { + if (ThisUser::getInstance()->id() > 0) { $basedate = strtotime($date); $date_new = strtotime(($rdf_user_timezone+$rdf_server_timezone).' hours', $basedate); return date($format, $date_new).' '.$rdf_user_timezone_name;

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Editor.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Editor.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Editor.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -36,7 +36,7 @@ */ public function __construct( $data_id, $rev_id, $action = null ) { - require('login.php'); + Login::required(); $this->preventCaching(); if (!empty($data_id) && !empty($rev_id)) { $this->data_id = $data_id;

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -47,7 +47,8 @@ */ protected function evalAction( $action ) { - global $roscms_security_level; + $thisuser = &ThisUser::getInstance(); + global $roscms_standard_language; global $RosCMS_GET_d_value, $RosCMS_GET_d_value2, $RosCMS_GET_d_value3, $RosCMS_GET_d_value4; global $RosCMS_GET_d_id, $RosCMS_GET_d_r_id; @@ -59,7 +60,7 @@ case 'newentry':

// add a new entry only with higher security level - if ($roscms_security_level > 1) { + if ($thisuser->securityLevel() > 1) { switch ($RosCMS_GET_d_value) { case 'dynamic': $this->showAddEntry(self::DYNAMIC); @@ -146,7 +147,7 @@ case 'deltag':

// only delete, if user has a higher level than translator, or it's requested by the user itself - if ($roscms_security_level > 1 || $RosCMS_GET_d_value2 == $roscms_intern_account_id) { + if ($thisuser->securityLevel() > 1 || $RosCMS_GET_d_value2 == $thisuser->id()) { Tag::deleteById($RosCMS_GET_d_value, $RosCMS_GET_d_value2); }

@@ -158,7 +159,7 @@ case 'changetag': Tag::deleteById($RosCMS_GET_d_value4, $RosCMS_GET_d_value3); Tag::add($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value, $RosCMS_GET_d_value2, $RosCMS_GET_d_value3); - echo Tag::getIdByUser($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value, $roscms_intern_account_id); + echo Tag::getIdByUser($RosCMS_GET_d_id, $RosCMS_GET_d_r_id, $RosCMS_GET_d_value, $thisuser->id()); break;

// update tag by name/user @@ -200,7 +201,6 @@ protected function performDefaultAction() { global $RosCMS_GET_d_r_lang; - global $roscms_intern_account_id;

// normal (contains NO "tr") if (!isset($_GET['d_r_id']) || strpos($_GET['d_r_id'], 'tr') === false) { @@ -221,7 +221,7 @@ if (Data::copy($revision['data_id'], $revision['rev_id'], 1 /* copy mode */, $RosCMS_GET_d_r_lang)) { $stmt=DBConnection::getInstance()->prepare("SELECT data_id, rev_id, rev_language FROM data_revision WHERE data_id = :data_id AND rev_usrid = :user_id AND rev_version = 0 AND rev_language = :lang AND rev_date = :date ORDER BY rev_id DESC LIMIT 1"); $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_STR); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_STR); $stmt->bindParam('date',date('Y-m-d'),PDO::PARAM_STR); $stmt->execute(); @@ -265,7 +265,6 @@ { global $roscms_standard_language; global $roscms_standard_language_full; - global $roscms_security_level; global $h_a,$h_a2;

echo_strip(' @@ -543,9 +542,10 @@ */ protected function showEntryData( ) { - global $roscms_intern_account_id; global $h_a; global $h_a2; + + $thisuser = &ThisUser::getInstance();

// get Database Entry $stmt=DBConnection::getInstance()->prepare("SELECT d.data_id, d.data_name, d.data_type, r.rev_id, r.rev_version, r.rev_language, r.rev_datetime, u.user_name FROM data_".$h_a2." d JOIN data_revision".$h_a." r ON r.data_id = d.data_id JOIN users u ON r.rev_usrid = u.user_id WHERE r.rev_id = :rev_id LIMIT 1"); @@ -556,8 +556,8 @@ echo_strip(' <div style="padding-bottom: 3px;"> <span class="frmeditheader"> - <span onclick="'."bchangestar(".$revision['data_id'].",".$revision['rev_id'].",'star','addtagn', ".$roscms_intern_account_id.", 'editstar')".'" style="cursor: pointer;"> - <img id="editstar" class="'.Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'star', $roscms_intern_account_id).'" src="images/star_'.Tag::getValueByUser($revision['data_id'], $revision['rev_id'], 'star', $roscms_intern_account_id).'_small.gif" alt="" style="width:13px; height:13px; border:0px;" /> + <span onclick="'."bchangestar(".$revision['data_id'].",".$revision['rev_id'].",'star','addtagn', ".$thisuser->id().", 'editstar')".'" style="cursor: pointer;"> + <img id="editstar" class="'.Tag::getIdByUser($revision['data_id'], $revision['rev_id'], 'star', $thisuser->id()).'" src="images/star_'.Tag::getValueByUser($revision['data_id'], $revision['rev_id'], 'star', $thisuser->id()).'_small.gif" alt="" style="width:13px; height:13px; border:0px;" /> </span> &nbsp;'); echo $revision['data_name']; @@ -600,11 +600,10 @@

protected function showEntryDetails( $mode = self::METADATA) { - global $roscms_intern_account_id; - global $roscms_security_level; - global $h_a; global $h_a2; + + $thisuser = &ThisUser::getInstance();

echo_strip(' <div class="detailbody"> @@ -615,7 +614,7 @@ echo '<strong>Metadata</strong>'; } else { - echo '<span class="detailmenu" onclick="'."bshowtag(".$this->data_id.",".$this->rev_id.",'a','b', '".$roscms_intern_account_id."')".'">Metadata</span>'; + echo '<span class="detailmenu" onclick="'."bshowtag(".$this->data_id.",".$this->rev_id.",'a','b', '".$thisuser->id()."')".'">Metadata</span>'; } echo "&nbsp;|&nbsp;";

@@ -624,7 +623,7 @@ echo '<strong>History</strong>'; } else { - echo '<span class="detailmenu" onclick="'."bshowhistory(".$this->data_id.",".$this->rev_id.",'a','b', '".$roscms_intern_account_id."')".'">History</span>'; + echo '<span class="detailmenu" onclick="'."bshowhistory(".$this->data_id.",".$this->rev_id.",'a','b', '".$thisuser->id()."')".'">History</span>'; }

// allowed only for someone with "add" rights @@ -636,7 +635,7 @@ echo '<strong>Fields</strong>'; } else { - echo '<span class="detailmenu" onclick="'."balterfields(".$this->data_id.",".$this->rev_id.", '".$roscms_intern_account_id."')".'">Fields</span>'; + echo '<span class="detailmenu" onclick="'."balterfields(".$this->data_id.",".$this->rev_id.", '".$thisuser->id()."')".'">Fields</span>'; } echo "&nbsp;|&nbsp;";

@@ -644,19 +643,19 @@ echo '<strong>Entry</strong>'; } else { - echo '<span class="detailmenu" onclick="'."bshowentry(".$this->data_id.",".$this->rev_id.", '".$roscms_intern_account_id."')".'">Entry</span>'; + echo '<span class="detailmenu" onclick="'."bshowentry(".$this->data_id.",".$this->rev_id.", '".$thisuser->id()."')".'">Entry</span>'; } }

// allowed only for related super administrators - if (ROSUser::isMemberOfGroup("ros_sadmin") || (Security::hasRight($this->data_id, 'add') && ROSUser::isMemberOfGroup('ros_admin'))) { + if ($thisuser->isMemberOfGroup('ros_sadmin') || (Security::hasRight($this->data_id, 'add') && $thisuser->isMemberOfGroup('ros_admin'))) { echo "&nbsp;|&nbsp;";

if ($mode == self::SECURITY) { echo '<strong>Security</strong>'; } else { - echo '<span class="detailmenu" onclick="'."bshowsecurity(".$this->data_id.",".$this->rev_id.", '".$roscms_intern_account_id."')".'">Security</span>'; + echo '<span class="detailmenu" onclick="'."bshowsecurity(".$this->data_id.",".$this->rev_id.", '".$thisuser->id()."')".'">Security</span>'; } } echo_strip(' @@ -692,14 +691,14 @@ */ private function showEntryDetailsMetadata( ) { - global $roscms_security_level; - global $roscms_intern_account_id; global $h_a,$h_a2; + + $thisuser = &ThisUser::getInstance();

// helper vars $last_user = null; // used in first while, to recognize the last type

- if ($roscms_security_level > 1) { + if ($thisuser->securityLevel() > 1) { $stmt=DBConnection::getInstance()->prepare("SELECT a.tag_id, a.tag_usrid, n.tn_name, v.tv_value FROM data_".$h_a2." d, data_revision".$h_a." r, data_tag".$h_a." a, data_tag_name".$h_a." n, data_tag_value".$h_a." v WHERE (a.data_id = 0 OR (a.data_id = :data_id AND a.data_id = d.data_id) ) AND (a.data_rev_id = 0 OR (a.data_rev_id = :rev_id AND a.data_rev_id = r.rev_id) ) AND a.tag_usrid IN(-1, 0,:user_id) AND a.tag_name_id = n.tn_id AND a.tag_value_id = v.tv_id ORDER BY tag_usrid ASC, tn_name ASC"); } else { @@ -707,7 +706,7 @@ } $stmt->bindParam('data_id',$this->data_id,PDO::PARAM_INT); $stmt->bindParam('rev_id',$this->rev_id,PDO::PARAM_INT); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); while($tag = $stmt->fetch()) { if ($tag['tag_usrid'] != $last_user) { @@ -724,7 +723,7 @@ echo 'Labels'; break; default: - if ($tag['tag_usrid'] == $roscms_intern_account_id) { + if ($tag['tag_usrid'] == $thisuser->id()) { echo 'Private Labels'; } } // end switch @@ -738,9 +737,9 @@ // allow to delete label if SecLev > 1 // allow to delete sys metadata if user has the rights // allow someone to delete his metadata he set and the user-id > 0 - if (($roscms_security_level > 1 && $tag['tag_usrid'] == 0) || (Security::hasRight($this->data_id, 'add') && $tag['tag_usrid'] == -1) || ($tag['tag_usrid'] == $roscms_intern_account_id && $tag['tag_usrid'] > 0)) { + if (($thisuser->securityLevel() > 1 && $tag['tag_usrid'] == 0) || (Security::hasRight($this->data_id, 'add') && $tag['tag_usrid'] == -1) || ($tag['tag_usrid'] == $thisuser->id() && $tag['tag_usrid'] > 0)) { echo_strip('&nbsp;&nbsp; - <span class="frmeditbutton" onclick="'."bdeltag(".$this->data_id.",".$this->rev_id.",'".$tag['tag_id']."', '".$roscms_intern_account_id."')".'"> + <span class="frmeditbutton" onclick="'."bdeltag(".$this->data_id.",".$this->rev_id.",'".$tag['tag_id']."', '".$thisuser->id()."')".'"> <img src="images/remove.gif" alt="" style="width:11px; height:11px; border:0px;" /> &nbsp;Delete </span>'); @@ -756,10 +755,10 @@ <div class="frmeditheadline">Add Private Label</div> <label for="addtagn"><b>Tag:</b></label>&nbsp; <input type="text" id="addtagn" size="15" maxlength="100" value="" />&nbsp; - <button type="button" onclick="'."baddtag(".$this->data_id.",".$this->rev_id.",'tag','addtagn', '".$roscms_intern_account_id."')".'">Add</button> + <button type="button" onclick="'."baddtag(".$this->data_id.",".$this->rev_id.",'tag','addtagn', '".$thisuser->id()."')".'">Add</button> <br />');

- if ($roscms_security_level > 1) { + if ($thisuser->securityLevel() > 1) { echo_strip(' <br /> <div class="frmeditheadline">Add Label'.(Security::hasRight($this->data_id, 'add') ? ' or System Metadata' : '').'</div> @@ -823,7 +822,6 @@ */ private function showEntryDetailsSecurity( ) { - global $roscms_intern_account_id; global $h_a2;

$stmt=DBConnection::getInstance()->prepare("SELECT data_id, data_name, data_type, data_acl FROM data_".$h_a2." WHERE data_id = :data_id LIMIT 1"); @@ -865,7 +863,7 @@ <br /> <br /> <button type="button" id="beditsavefields" onclick="'."editsavesecuritychanges('".$this->data_id."','".$this->rev_id."')".'">Save Changes</button> &nbsp; - <button type="button" id="beditclear" onclick="'."bshowsecurity(".$this->data_id.",".$this->rev_id.", '".$roscms_intern_account_id."')".'">Clear</button>'); + <button type="button" id="beditclear" onclick="'."bshowsecurity(".$this->data_id.",".$this->rev_id.", '".$thisuser->id()."')".'">Clear</button>'); }

@@ -877,7 +875,6 @@ private function showEntryDetailsFields( ) { global $h_a; - global $roscms_intern_account_id;

echo_strip( '<br /> @@ -934,7 +931,7 @@ </span> <br /><br /><br /> <button type="button" id="beditsavefields" onclick="'."editsavefieldchanges('".$this->data_id."','".$this->rev_id."')".'">Save Changes</button> &nbsp; - <button type="button" id="beditclear" onclick="'."balterfields(".$this->data_id.",".$this->rev_id.", '".$roscms_intern_account_id."')".'">Clear</button>'); + <button type="button" id="beditclear" onclick="'."balterfields(".$this->data_id.",".$this->rev_id.", '".$thisuser->id()."')".'">Clear</button>'); }

@@ -995,7 +992,7 @@ <br /> <br /> <button type="button" id="beditsaveentry" onclick="editsaveentrychanges('.$this->data_id.','.$this->rev_id.')">Save Changes</button> &nbsp; - <button type="button" id="beditclear" onclick="'."bshowentry(".$this->data_id.",".$this->rev_id.", '".$roscms_intern_account_id."')".'">Clear</button>'); + <button type="button" id="beditclear" onclick="'."bshowentry(".$this->data_id.",".$this->rev_id.", '".$thisuser->id()."')".'">Clear</button>'); }

@@ -1034,7 +1031,6 @@ */ private function showDifference( $rev_id1, $rev_id2 ) { - global $roscms_security_level;

// get archive mode for entry 1 if (substr($rev_id1, 0, 2) == 'ar') { @@ -1129,7 +1125,7 @@ <li>Type: '.$revision1['data_type'].'</li> <li>Language: '.$revision1['lang_name'].'</li> <li>User: '.$revision1['user_name'].'</li>'); - if ($roscms_security_level > 1) { + if (ThisUser::getInstance()->securityLevel() > 1) { echo '<li>ID: '.$revision1['rev_id'].'</li>'; } echo_strip(' @@ -1141,7 +1137,7 @@ <li>Type: '.$revision2['data_type'].'</li> <li>Language: '.$revision2['lang_name'].'</li> <li>User: '.$revision2['user_name'].'</li>'); - if ($roscms_security_level > 1) { + if (ThisUser::getInstance()->securityLevel() > 1) { echo '<li>ID: '.$revision2['rev_id'].'</li>'; } echo_strip('

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -28,7 +28,7 @@

public function __construct( ) { - require('login.php'); + Login::required(); }

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_HTML.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_HTML.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_HTML.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -330,7 +330,6 @@ */ public function processText( $rev_id, $output_type = '' ) { - global $roscms_intern_account_id; global $roscms_standard_language_full; global $roscms_intern_webserver_pages; global $roscms_intern_webserver_roscms; @@ -396,7 +395,7 @@ // replace with user_name // @FIXME broken logic, or one link too much, which should be removed from Database $stmt=DBConnection::getInstance()->prepare("SELECT user_name FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id); + $stmt->bindParam('user_id',ThisUser::getInstance()->id()); $stmt->execute(); $user_name = $stmt->fetchColumn(); $content = str_replace('[#roscms_user]', $user_name, $content); // account that generate @@ -470,7 +469,6 @@ */ private function insertHyperlink( $matches ) { - global $roscms_intern_account_id; global $roscms_intern_webserver_pages; global $roscms_intern_webserver_roscms;

@@ -617,8 +615,6 @@ */ private function insertTemplate( $matches ) { - global $roscms_intern_account_id; - // extract the name, e.g. [#templ_about] -> 'about' $content_name = substr($matches[0], 8, (strlen($matches[0])-9));

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Maintain.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Maintain.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Maintain.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -51,9 +51,6 @@ */ public function maintain( ) { - global $roscms_security_level; - global $roscms_intern_account_id; - global $RosCMS_GET_d_use; global $RosCMS_GET_d_value; global $RosCMS_GET_d_value2; @@ -66,13 +63,13 @@ case 'optimize': $stmt=DBConnection::getInstance()->prepare("OPTIMIZE TABLE data_, data_a, data_revision, data_revision_a, data_security, data_stext, data_stext_a, data_tag, data_tag_a, data_tag_name, data_tag_name_a, data_tag_value, data_tag_value_a, data_text, data_text_a, data_user_filter, languages, subsys_mappings, usergroups, usergroup_members, users, user_sessions"); $stmt->execute(); - Log::writeHigh('optimize database tables: done by '.$roscms_intern_account_id.' {data_maintain_out}'); + Log::writeHigh('optimize database tables: done by '.ThisUser::getInstance()->id().' {data_maintain_out}'); break;

case 'analyze': $stmt=DBConnection::getInstance()->exec("ANALYZE TABLE data_, data_a, data_revision, data_revision_a, data_security, data_stext, data_stext_a, data_tag, data_tag_a, data_tag_name, data_tag_name_a, data_tag_value, data_tag_value_a, data_text, data_text_a, data_user_filter, languages, subsys_mappings, usergroups, usergroup_members, users, user_sessions"); $stmt->execute(); - Log::writeHigh('analyze database tables: done by '.$roscms_intern_account_id.' {data_maintain_out}'); + Log::writeHigh('analyze database tables: done by '.ThisUser::getInstance()->id().' {data_maintain_out}'); break;

case 'genpages':

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_QuickInfo.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_QuickInfo.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_QuickInfo.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -45,9 +45,6 @@ */ private function getInfo( ) { - global $roscms_intern_account_id; - global $roscms_security_level; - global $h_a; global $h_a2;

@@ -79,14 +76,14 @@ $stmt=DBConnection::getInstance()->prepare("SELECT n.tn_name, v.tv_value FROM data_tag".$h_a." a JOIN data_".$h_a2." d ON a.data_id = d.data_id JOIN data_revision".$h_a." r ON a.data_rev_id = r.rev_id JOIN data_tag_name".$h_a." n ON a.tag_name_id = n.tn_id JOIN data_tag_value".$h_a." v ON a.tag_value_id = v.tv_id WHERE a.data_id IN(0, :data_id) AND a.data_rev_id IN(0, :rev_id) AND a.tag_usrid IN(-1, 0, :user_id) ORDER BY tag_usrid ASC, tn_name ASC"); $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT); $stmt->bindParam('rev_id',$revision['rev_id'],PDO::PARAM_INT); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute(); while ($tag = $stmt->fetch(PDO::FETCH_ASSOC)) { echo $t_s.ucfirst($tag['tn_name']).$t_e . $tag['tv_value'].$t_lb; }

// show additional data for security level > 1 - if ($roscms_security_level > 1) { + if (ThisUser::getInstance()->securityLevel() > 1) { echo $t_s.'Rev-ID'.$t_e.$revision['rev_id'].$t_lb; echo $t_s.'Data-ID'.$t_e.$revision['data_id'].$t_lb; echo $t_s.'ACL'.$t_e.$revision['data_acl'].$t_lb;

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -51,13 +51,12 @@ */ public function search( ) { - global $roscms_security_level; - global $roscms_intern_account_id; - global $RosCMS_GET_d_use; global $RosCMS_GET_d_flag; global $RosCMS_GET_d_value; global $RosCMS_GET_d_value2; + + $thisuser = &ThisUser::getInstance();

$usage = $RosCMS_GET_d_use; $flag = $RosCMS_GET_d_flag; @@ -67,12 +66,12 @@ $new_lang = $RosCMS_GET_d_value2; $search_type = $RosCMS_GET_d_value2;

- if (ROSUser::isMemberOfGroup('transmaint') || $roscms_security_level == 3) { + if ($thisuser->isMemberOfGroup('transmaint') || $thisuser->securityLevel() == 3) { if ($usage == 'usrtbl') {

- if (ROSUser::isMemberOfGroup('transmaint')) { + if ($thisuser->isMemberOfGroup('transmaint')) { $stmt=DBConnection::getInstance()->prepare("SELECT user_language FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id); + $stmt->bindParam('user_id',$thisuser->id()); $stmt->execute(); $user_lang = $stmt->fetchColumn();

@@ -88,17 +87,23 @@ switch ($flag) { case 'addmembership': // check if user is already member, so we don't add him twice - if (!ROSUser::isMemberOfGroup($user_id,$group_id)) { - + // also check that you don't give accounts a higher seclevel + $stmt=DBConnection::getInstance()->prepare("SELECT 1 FROM usergroup_members m JOIN usergroups g ON m.usergroupmember_usergroupid = g.usrgroup_name_id WHERE usergroupmember_userid = :user_id AND usergroupmember_usergroupid = :group_id AND usrgroup_seclev <= :security_level LIMIT 1"); + $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); + $stmt->bindParam('group_id',$group_id,PDO::PARAM_STR); + $stmt->bindParam('security_level',$thisuser->securityLevel(),PDO::PARAM_INT); + $stmt->execute(); + if ($stmt->fetchColumn() === false) { + // insert new membership $stmt=DBConnection::getInstance()->prepare("INSERT INTO usergroup_members ( usergroupmember_userid , usergroupmember_usergroupid ) VALUES ( :user_id, :group_id )"); $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); $stmt->bindParam('group_id',$group_id,PDO::PARAM_INT); $stmt->execute(); if ($user_lang !== false) { - Log::writeLangMedium("add user account membership: user-id=".$user_id.", group-id=".$RosCMS_GET_d_value2." done by ".$roscms_intern_account_id." {data_user_out}", $user_lang); - } - Log::writeMedium('add user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$roscms_intern_account_id.' {data_user_out}'); + Log::writeLangMedium("add user account membership: user-id=".$user_id.", group-id=".$RosCMS_GET_d_value2." done by ".$thisuser->id()." {data_user_out}", $user_lang); + } + Log::writeMedium('add user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}'); } // preselect displayed content $flag = 'detail'; @@ -110,16 +115,16 @@ $stmt->bindParam('group_id',$group_id,PDO::PARAM_INT); $stmt->execute(); if ($user_lang !== false) { - Log::writeLangMedium('delete user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$roscms_intern_account_id.' {data_user_out}', $user_lang); - } - Log::writeMedium('delete user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$roscms_intern_account_id.' {data_user_out}'); + Log::writeLangMedium('delete user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}', $user_lang); + } + Log::writeMedium('delete user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}'); // preselect displayed content $flag = 'detail'; break;

case 'accountdisable': // only with admin rights - if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { $stmt=DBConnection::getInstance()->prepare("UPDATE users SET user_account_enabled = 'no' WHERE user_id = :user_id"); $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); $stmt->execute(); @@ -130,7 +135,7 @@

case 'accountenable': // enable account only with admin rights - if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { // enable account only, if he has already activated his account $stmt=DBConnection::getInstance()->prepare("UPDATE users SET user_account_enabled = 'yes' WHERE user_register_activation = '' AND user_id = :user_id"); $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); @@ -146,9 +151,9 @@ $stmt->bindParam('user_id',$user_id); $stmt->execute(); if ($user_lang) { - Log::writeLangMedium('change user account language: user-id='.$user_id.', lang-id='.$group_id.' done by '.$roscms_intern_account_id.' {data_user_out}', $user_lang); - } - Log::writeMedium('change user account language: user-id='.$user_id.', lang-id='.$group_id.' done by '.$roscms_intern_account_id.' {data_user_out}'); + Log::writeLangMedium('change user account language: user-id='.$user_id.', lang-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}', $user_lang); + } + Log::writeMedium('change user account language: user-id='.$user_id.', lang-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}'); // preselect displayed content $flag = 'detail'; break; @@ -217,7 +222,7 @@ <legend>Details for ''.$user['user_name'].''</legend> <p><strong>Name:</strong> '.$user['user_name'].' ('.$user['user_fullname'].') ['.$user['user_id'].']</p> <p><strong>Lang:</strong> '.$user['user_language'].'</p>'); - if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { echo_strip(' <p><strong>E-Mail:</strong> '.$user['user_email'].'</p> <p><strong>Latest Login:</strong> '.$user['visit'].'; '.$user['visitcount'].' logins</p> @@ -239,7 +244,7 @@ while ($user = $stmt->fetch(PDO::FETCH_ASSOC)) {

echo '<li>'.$user['usrgroup_name'].' '; - if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { echo_strip(' &nbsp; <span class="frmeditbutton" onclick="'."delmembership(".$user_id.", '".$user['usrgroup_name_id']."')".'"> @@ -251,15 +256,15 @@ } // end while echo '</ul>';

- if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { echo '<select id="cbmmemb" name="cbmmemb">'; $stmt=DBConnection::getInstance()->prepare("SELECT usrgroup_name_id, usrgroup_name FROM usergroups WHERE usrgroup_seclev <= :sec_level ORDER BY usrgroup_name ASC"); - $stmt->bindParam('sec_level',$roscms_security_level,PDO::PARAM_INT); + $stmt->bindParam('sec_level',$thisuser->securityLevel(),PDO::PARAM_INT); $stmt->execute(); while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) {

// only super admin can give super admin rights - if (ROSUser::isMemberOfGroup('ros_sadmin') || $group['usrgroup_name_id'] != 'ros_sadmin') { + if ($group['usrgroup_name'] != 'sadmin' || $thisuser->isMemberOfGroup('ros_sadmin')) { echo '<option value="'.$group['usrgroup_name_id'].'">'.$group['usrgroup_name'].'</option>'; } } @@ -276,12 +281,12 @@ echo_strip('</select> <input type="button" name="addusrlang" id="addusrlang" value="Update User language" onclick="'."updateusrlang(".$user_id.", document.getElementById('cbmusrlang').value)".'" /><br />'); } - elseif (ROSUser::isMemberOfGroup('transmaint')) { + elseif ($thisuser->isMemberOfGroup('transmaint')) { echo_strip('<input type="button" name="addmemb" id="addmemb" value="Make this User a Translator" onclick="'."addmembership(".$user_id.", 'translator')".'" /> <br /> <br />'); $stmt=DBConnection::getInstance()->prepare("SELECT user_language FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); $user_lang = $stmt->fetchColumn();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -89,9 +89,6 @@ */ public function page_table_main( $data_name, $filter, $page_offset = 0 ) { - global $roscms_intern_account_id; - global $roscms_security_level; - // set headers, do not cache ! header('Content-type: text/xml'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past @@ -124,12 +121,18 @@ */ private function generateXML( $page_offset = 0 ) { - global $roscms_intern_account_id; - global $roscms_security_level; + $thisuser = &ThisUser::getInstance();

$tdata = ''; $row_counter = 1; - $column_array = explode('|', substr($this->column_list,1,-1)); // prevent from additional entries caused by '|' at start and end + $this->column_list = substr($this->column_list,1,-1);// prevent from additional entries caused by '|' at start and end + if ($this->column_list === '') { + $column_array = array(); + } + else { + $column_array = explode('|', $this->column_list); + + }

// check if there are entries which are found by filter settings $stmt=DBConnection::getInstance()->prepare("SELECT COUNT('d.data_id') FROM data_revision".$this->a." r, data_".$this->a2." d ".$this->sql_from." , data_security y WHERE r.rev_version >= 0 AND r.data_id = d.data_id AND d.data_acl = y.sec_name AND y.sec_branch = 'website' ". Security::getACL('read') ." ". $this->sql_where); @@ -145,7 +148,7 @@ echo $ptm_entries.'<table>';

// start table header - $tdata .= " <view curpos="".$page_offset."" pagelimit="".$this->page_limit."" pagemax="".$ptm_entries."" tblcols="".$this->column_list."" /> \n"; + $tdata .= " <view curpos="".$page_offset."" pagelimit="".$this->page_limit."" pagemax="".$ptm_entries."" tblcols="|".$this->column_list."|" /> \n";

// prepare for usage in loop $stmt_trans=DBConnection::getInstance()->prepare("SELECT d.data_id, d.data_name, d.data_type, r.rev_id, r.rev_version, r.rev_language, r.rev_datetime, r.rev_date, r.rev_usrid FROM data_".$this->a2." d, data_revision".$this->a." r WHERE d.data_id = :data_id AND r.rev_version > 0 AND d.data_id = r.data_id AND r.rev_language = :lang LIMIT 1"); @@ -166,7 +169,7 @@ }

// proceed entries - $stmt=DBConnection::getInstance()->prepare("SELECT d.data_id, d.data_name, d.data_type, d.data_acl, r.rev_id, r.rev_version, r.rev_language, r.rev_datetime, r.rev_date, r.rev_usrid ".$this->sql_select." , y.sec_lev".$roscms_security_level."_write FROM data_revision".$this->a." r, data_".$this->a2." d ".$this->sql_from." , data_security y WHERE r.rev_version >= 0 AND r.data_id = d.data_id AND d.data_acl = y.sec_name AND y.sec_branch = 'website' ". Security::getACL('read') ." ". $this->sql_where ." ". $this->sql_order ." LIMIT :limit OFFSET :offset"); + $stmt=DBConnection::getInstance()->prepare("SELECT d.data_id, d.data_name, d.data_type, d.data_acl, r.rev_id, r.rev_version, r.rev_language, r.rev_datetime, r.rev_date, r.rev_usrid ".$this->sql_select." , y.sec_lev".$thisuser->securityLevel()."_write FROM data_revision".$this->a." r, data_".$this->a2." d ".$this->sql_from." , data_security y WHERE r.rev_version >= 0 AND r.data_id = d.data_id AND d.data_acl = y.sec_name AND y.sec_branch = 'website' ". Security::getACL('read') ." ". $this->sql_where ." ". $this->sql_order ." LIMIT :limit OFFSET :offset"); $stmt->bindValue('limit',0+$this->page_limit,PDO::PARAM_INT); $stmt->bindValue('offset',0+$page_offset,PDO::PARAM_INT); $stmt->execute(); @@ -250,10 +253,10 @@ }

// care about bookmark visibility - if (Tag::getValueByUser($row['data_id'], $row['rev_id'], 'star', $roscms_intern_account_id) == 'on') { + if (Tag::getValueByUser($row['data_id'], $row['rev_id'], 'star', $thisuser->id()) == 'on') { $star_state = '1'; } - $star_id = Tag::getIdByUser($row['data_id'], $row['rev_id'], 'star', $roscms_intern_account_id); + $star_id = Tag::getIdByUser($row['data_id'], $row['rev_id'], 'star', $thisuser->id());

// get page title $stmt_stext->bindParam('rev_id',$row['rev_id'],PDO::PARAM_INT); @@ -346,9 +349,8 @@ */ private function generateFilterSQL( $filter ) { - global $roscms_intern_account_id; - global $roscms_security_level; - + $thisuser = &ThisUser::getInstance(); + // check if there is something to do if ($filter == '') { return; @@ -672,12 +674,12 @@ if ($entries_private <= 0 && $entries_system <= 0 && $entries_public <= 0) {

// everything except draft - if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { $this->sql_where .= " AND (n.tn_name = 'status' AND v.tv_value != 'draft') "; }

// new, stable and unknown (if more than translator) - if ($roscms_security_level == 2) { + if ($thisuser->securityLevel() == 2) { $this->sql_where .= " AND (n.tn_name = 'status' AND (v.tv_value = 'new' OR v.tv_value = 'stable' OR v.tv_value = 'unknown')) "; } else { @@ -687,7 +689,7 @@ // set additional needed sql $this->sql_select .= ", n.tn_name, v.tv_value "; $this->sql_from .= ", data_tag".$this->a." a, data_tag_name".$this->a." n, data_tag_value".$this->a." v "; - $this->sql_where .= " AND r.data_id = a.data_id AND r.rev_id = a.data_rev_id AND a.tag_usrid IN(-1, 0, ".DBConnection::getInstance()->quote($roscms_intern_account_id,PDO::PARAM_INT).") AND a.tag_name_id = n.tn_id AND a.tag_value_id = v.tv_id "; + $this->sql_where .= " AND r.data_id = a.data_id AND r.rev_id = a.data_rev_id AND a.tag_usrid IN(-1, 0, ".DBConnection::getInstance()->quote($thisuser->id(),PDO::PARAM_INT).") AND a.tag_name_id = n.tn_id AND a.tag_value_id = v.tv_id "; }

// construct additioanl sql for tag-usage from filter @@ -695,17 +697,17 @@ for ($i = 1; $i <= $tag_counter; $i++) { $this->sql_select .= ", n".$i.".tn_name, v".$i.".tv_value "; $this->sql_from .= ", data_tag".$this->a." a".$i.", data_tag_name".$this->a." n".$i.", data_tag_value".$this->a." v".$i." "; - $this->sql_where .= " AND r.data_id = a".$i.".data_id AND r.rev_id = a".$i.".data_rev_id AND (a".$i.".tag_usrid = '-1' OR a".$i.".tag_usrid = '0' OR a".$i.".tag_usrid = ".DBConnection::getInstance()->quote($roscms_intern_account_id,PDO::PARAM_INT).") AND a".$i.".tag_name_id = n".$i.".tn_id AND a".$i.".tag_value_id = v".$i.".tv_id "; + $this->sql_where .= " AND r.data_id = a".$i.".data_id AND r.rev_id = a".$i.".data_rev_id AND (a".$i.".tag_usrid = '-1' OR a".$i.".tag_usrid = '0' OR a".$i.".tag_usrid = ".DBConnection::getInstance()->quote($thisuser->id(),PDO::PARAM_INT).") AND a".$i.".tag_name_id = n".$i.".tn_id AND a".$i.".tag_value_id = v".$i.".tv_id "; } }

// make sure only private drafts are visible - if ($roscms_security_level < 3 && $entries_private > 0) { - $this->sql_where .= " AND r.rev_usrid = '".$roscms_intern_account_id."' "; + if ($thisuser->securityLevel() < 3 && $entries_private > 0) { + $this->sql_where .= " AND r.rev_usrid = '".$thisuser->id()."' "; }

// either show draft (private) OR stable & new (public) entries, private AND public entries together are NOT allowed => block - if ($roscms_security_level < 2 && (($entries_private > 0 && $entries_public > 0) || $entries_system > 0)) { + if ($thisuser->securityLevel() < 2 && (($entries_private > 0 && $entries_public > 0) || $entries_system > 0)) { $this->sql_select = ""; $this->sql_from = ""; $this->sql_where = " FALSE ";

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -37,8 +37,8 @@ public function __construct( $page_title = '' ) { // need to have a logged in user with minimum security level 1 - require('login.php'); - if ($roscms_security_level == 0) { + Login::required(); + if (ThisUser::getInstance()->securityLevel() == 0) { header('location:?page=nopermission'); }

@@ -65,17 +65,26 @@ */ private function navigation( ) { - global $roscms_security_level; - global $roscms_security_memberships; - global $roscms_intern_login_check_username; global $roscms_intern_page_link; global $roscms_intern_webserver_pages, $roscms_intern_page_link; + + $thisuser = &ThisUser::getInstance(); + + // generate list of memberships + $group_list = ''; + $groups = $thisuser->getGroups(); + foreach($groups as $group_name => $security_level) { + $group_list .= ($group_list!=''?',':'').$group_name; + } + + // get security level + $security_level = $thisuser->securityLevel();

// get selected navigation entry echo_strip(' <div id="myReactOS" style="padding-right: 10px;"> - <strong>'.$roscms_intern_login_check_username.'</strong> - '.(($roscms_security_level > 1) ? '| SecLev: '.$roscms_security_level.' ('. str_replace('|', ', ', substr($roscms_security_memberships, 1, -2)) .')' : '').' + <strong>'.$thisuser->name().'</strong> + '.(($security_level > 1) ? '| SecLev: '.$security_level.' ('. $group_list .')' : '').' | <span onclick="pagerefresh()" style="color:#006090; cursor:pointer;"> <img src="images/reload.gif" alt="reload page" width="16" height="16" /> @@ -108,7 +117,7 @@ </th> <td>&nbsp;&nbsp;</td>');

- if (ROSUser::isMemberOfGroup('transmaint','ros_admin','ros_sadmin')) { + if ($thisuser->isMemberOfGroup('transmaint','ros_admin','ros_sadmin')) { echo_strip(' <th class="int'.(($this->branch == 'user') ? '2' : '1').'" onclick="'."roscms_mainmenu('user')".'"> <div class="tc1"> @@ -121,7 +130,7 @@ <td>&nbsp;&nbsp;</td>'); }

- if ($roscms_security_level == 3) { + if ($thisuser->securityLevel() == 3) { echo_strip(' <th class="int'.(($this->branch == 'maintain') ? '2' : '1').'" onclick="'."roscms_mainmenu('maintain')".'"> <div class="tc1">

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Maintain.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Maintain.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Maintain.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -52,10 +52,9 @@ protected function body( ) { global $roscms_intern_page_link; - global $roscms_security_level;

// check if user has rights for this area - if ($roscms_security_level > 3) { + if (ThisUser::getInstance()->securityLevel() < 3) { return; }

@@ -97,7 +96,7 @@ <img id="ajaxloading" style="display:none;" src="images/ajax_loading.gif" width="13" height="13" alt="" /> <br />');

- if (ROSUser::isMemberOfGroup('ros_sadmin')) { + if (ThisUser::getInstance()->isMemberOfGroup('ros_sadmin')) {

// display logs echo_strip('

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -52,8 +52,10 @@ protected function body( ) { global $roscms_standard_language; - - if (!ROSUser::isMemberOfGroup('transmaint','ros_admin','ros_sadmin')) { + + $thisuser = &ThisUser::getInstance(); + + if (!$thisuser->isMemberOfGroup('transmaint','ros_admin','ros_sadmin')) { return; }

@@ -63,10 +65,10 @@ <p style="font-weight: bold;">User Account Management Interface</p> <br />');

- if (ROSUser::isMemberOfGroup('ros_admin','ros_sadmin')) { + if ($thisuser->isMemberOfGroup('ros_admin','ros_sadmin')) { echo '<h3>Administrator</h3>'; } - elseif (ROSUser::isMemberOfGroup('transmaint')) { + elseif ($thisuser->isMemberOfGroup('transmaint')) { echo '<h3>Language Maintainer</h3>'; $stmt=DBConnection::getInstance()->prepare("SELECT d.data_id, u.user_id, u.user_name, u.user_fullname, u.user_language, COUNT(r.data_id) as 'editcounter' FROM data_a d, data_revision r, users u WHERE r.data_id = d.data_id AND r.rev_usrid = u.user_id AND rev_version > 0 AND r.rev_language = :lang GROUP BY u.user_name ORDER BY editcounter DESC, u.user_name"); $stmt->bindParam('lang',$roscms_standard_language,PDO::PARAM_STR);

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -56,13 +56,12 @@ */ protected function body( ) { - global $roscms_intern_account_id; - global $roscms_intern_login_check_username; - global $roscms_security_level; global $roscms_standard_language; global $roscms_standard_language_trans; global $roscms_intern_webserver_roscms; global $roscms_intern_page_link; + + $thisuser = &ThisUser::getInstance();

echo_strip(' <noscript> @@ -98,21 +97,21 @@ var roscms_page_load_finished = false;

// map php vars - var roscms_intern_account_id = ".$roscms_intern_account_id."; + var roscms_intern_account_id = ".$thisuser->id()."; var roscms_standard_language = '".$roscms_standard_language."'; var roscms_standard_language_trans = '".$roscms_standard_language_trans."'; - var roscms_intern_login_check_username = '".$roscms_intern_login_check_username."'; + var roscms_intern_login_check_username = '".$thisuser->name()."'; var roscms_intern_webserver_roscms = '".$roscms_intern_webserver_roscms."'; var roscms_intern_page_link = '".$roscms_intern_page_link."'; var roscms_get_edit = '".(isset($_GET['edit']) ? $RosCMS_GET_cms_edit : '')."'; - var roscms_access_level = ".$roscms_security_level."; - var roscms_cbm_hide = '".(($roscms_security_level > 1) ? '' : ' disabled="disabled" style="color:#CCCCCC;"')."'; // disable combobox entries for novice user + var roscms_access_level = ".$thisuser->securityLevel()."; + var roscms_cbm_hide = '".(($thisuser->securityLevel() > 1) ? '' : ' disabled="disabled" style="color:#CCCCCC;"')."'; // disable combobox entries for novice user

// favorite user language ";

$stmt=DBConnection::getInstance()->prepare("SELECT user_language FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); $user_lang = $stmt->fetchColumn();

@@ -150,13 +149,13 @@

<div class="roscms_container" style="border: 1px dashed white; z-index: 2;"> <div class="tabmenu" style="position: absolute; top: 0px; width: 150px; left: 0px; border: 0px; z-index:1;"> - <div id="smenutab1" class="submb" onclick="smenutab_open(this.id)"'.(($roscms_security_level == 1 || ROSUser::isMemberOfGroup("transmaint")) ? ' style="display:none;"' : '').'> + <div id="smenutab1" class="submb" onclick="smenutab_open(this.id)"'.(($thisuser->securityLevel() == 1 || $thisuser->isMemberOfGroup('transmaint')) ? ' style="display:none;"' : '').'> <div class="subm1"> <div id="smenutabc1" class="subm2" style="font-weight: bold;">New Entry</div> </div> </div>');

- if ($roscms_security_level > 1) { + if ($thisuser->securityLevel() > 1) { echo '<div style="background: white none repeat scroll 0%;">&nbsp;</div>'; }

@@ -167,7 +166,7 @@ </div> </div>

- <div id="smenutab3" class="submb" onclick="smenutab_open(this.id)"'.(($roscms_security_level == 1 || ROSUser::isMemberOfGroup("transmaint")) ? ' style="display:none;"' : '').'> + <div id="smenutab3" class="submb" onclick="smenutab_open(this.id)"'.(($thisuser->securityLevel() == 1 || $thisuser->isMemberOfGroup('transmaint')) ? ' style="display:none;"' : '').'> <div class="subm1"> <div id="smenutabc3" class="subm2">Page</div> </div> @@ -177,12 +176,12 @@ <div id="smenutabc4" class="subm2">Content</div> </div> </div> - <div id="smenutab5" class="submb" onclick="smenutab_open(this.id)"'.(($roscms_security_level == 1 || ROSUser::isMemberOfGroup("transmaint")) ? ' style="display:none;"' : '').'> + <div id="smenutab5" class="submb" onclick="smenutab_open(this.id)"'.(($thisuser->securityLevel() == 1 || $thisuser->isMemberOfGroup('transmaint')) ? ' style="display:none;"' : '').'> <div class="subm1"> <div id="smenutabc5" class="subm2">Template</div> </div> </div> - <div id="smenutab6" class="submb" onclick="smenutab_open(this.id)"'.(($roscms_security_level == 1 || ROSUser::isMemberOfGroup("transmaint")) ? ' style="display:none;"' : '').'> + <div id="smenutab6" class="submb" onclick="smenutab_open(this.id)"'.(($thisuser->securityLevel() == 1 || $thisuser->isMemberOfGroup('transmaint')) ? ' style="display:none;"' : '').'> <div class="subm1"> <div id="smenutabc6" class="subm2">Script</div> </div> @@ -303,7 +302,7 @@ <div style="border: 0px dashed red; position: absolute; top: 9px; right: 13px; text-align:right; white-space: nowrap;"> <select name="favlangopt" id="favlangopt" style="vertical-align: top; width: 22ex;" onchange="setlang(this.value)">');

- $user_lang = ROSUser::getLanguage($roscms_intern_account_id, true); + $user_lang = ROSUser::getLanguage($thisuser->id(), true);

$stmt=DBConnection::getInstance()->prepare("SELECT lang_id, lang_name FROM languages WHERE lang_level > '0' ORDER BY lang_name ASC"); $stmt->execute();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Welcome.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Welcome.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Welcome.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -47,7 +47,6 @@ */ protected function body( ) { - global $roscms_intern_account_id; global $roscms_standard_language;

echo_strip(' @@ -65,10 +64,10 @@ <p style="font-weight: bold;">');echo Data::getContent('web_news', 'system', 'en', 'heading', 'stext').'</p>'. Data::getContent('web_news', 'system', 'en', 'content', 'text').'<br />';

- if (ROSUser::isMemberOfGroup('translator', 'transmaint')) { + if (ThisUser::getInstance()->isMemberOfGroup('translator', 'transmaint')) {

$stmt=DBConnection::getInstance()->prepare("SELECT user_language FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute(); $user_lang = $stmt->fetchColumn();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -54,15 +54,14 @@ */ private function navigation( ) { - global $roscms_intern_account_id; global $roscms_intern_webserver_pages; global $roscms_intern_webserver_roscms; global $roscms_SET_path_ex; global $rdf_uri_str; global $rpm_lang; global $roscms_langres; - global $roscms_intern_login_check_username; - global $roscms_security_level; + + $thisuser = &ThisUser::getInstance();

echo_strip(' <table style="border:0" width="100%" cellpadding="0" cellspacing="0"> @@ -78,15 +77,15 @@ </ol> <br />');

- if ($roscms_intern_account_id > 0) { + if ($thisuser->id() > 0) { echo_strip(' <div class="navTitle">'.$roscms_langres['Account'].'</div> <ol> - <li title="'.$roscms_intern_login_check_username.'">&nbsp;Nick:&nbsp;'.substr($roscms_intern_login_check_username, 0, 9).'</li> + <li title="'.$thisuser->name().'">&nbsp;Nick:&nbsp;'.substr($thisuser->name(), 0, 9).'</li> <li><a href="'.$roscms_SET_path_ex.'my/">My Profile</a></li> <li><a href="'.$roscms_SET_path_ex.'search/">User Search</a></li> <li><a href="'.$roscms_intern_webserver_pages.'peoplemap/">User Map</a></li>'); - if ($roscms_security_level > 0) { + if ($thisuser->securityLevel() > 0) { echo '<li><a href="'.$roscms_intern_webserver_roscms.'?page=data&amp;branch=welcome">RosCMS Interface</a></li>'; } echo_strip('

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_Profile.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -36,7 +36,7 @@ */ public function __construct( $page_title = '', $search = false) { - require('login.php'); + Login::required(); $this->search = $search; parent::__construct( $page_title ); } @@ -49,7 +49,6 @@ */ protected function body( ) { - global $roscms_intern_account_id; global $rdf_uri_2; global $roscms_SET_path_ex;

@@ -115,7 +114,7 @@ } } else { - $this->profile($roscms_intern_account_id); + $this->profile(ThisUser::getInstance()->id()); } }

@@ -126,11 +125,11 @@ */ private function profile( $user_id = null ) { - global $roscms_intern_account_id; global $roscms_SET_path_ex; global $roscms_intern_webserver_pages; global $rdf_name; - global $roscms_security_level; + + $thisuser = &ThisUser::getInstance();

$stmt=DBConnection::getInstance()->prepare("SELECT user_id, user_name, user_register, user_fullname, user_email, user_email_activation, user_website, user_country, user_timezone, user_occupation, user_setting_multisession, user_setting_browseragent, user_setting_ipaddress, user_setting_timeout, user_language FROM users WHERE user_id = :user_id LIMIT 1"); $stmt->bindparam('user_id',$user_id,PDO::PARAM_INT); @@ -177,7 +176,7 @@ }

// email only for the user itself or admins - if ($profile['user_id'] == $roscms_intern_account_id || $roscms_security_level == 3) { + if ($profile['user_id'] == $thisuser->id() || $thisuser->securityLevel() == 3) { echo_strip(' <div class="login-form"> <div class="u-desc">E-Mail Address </div> @@ -241,7 +240,7 @@ }

// Groups (only for user itself) and admins - if ($profile['user_id'] == $roscms_intern_account_id || $roscms_security_level == 3) { + if ($profile['user_id'] == $thisuser->id() || $thisuser->securityLevel() == 3) { echo_strip(' <div class="login-form"> <div class="u-desc">User Groups</div> @@ -261,12 +260,12 @@ // Location echo_Strip(' <div class="login-form"> - <a href="'.$roscms_intern_webserver_pages.'peoplemap/" style="color:#333333 !important; text-decoration:underline; font-weight:bold;">'.($profile['user_id']==$roscms_intern_account_id ? 'My ' : '').'Location on the Map</a> + <a href="'.$roscms_intern_webserver_pages.'peoplemap/" style="color:#333333 !important; text-decoration:underline; font-weight:bold;">'.($profile['user_id']==$thisuser->id() ? 'My ' : '').'Location on the Map</a> </div> </div>');

// show edit or search link (depending if the current user is searched user) - if ($profile['user_id'] == $roscms_intern_account_id) { + if ($profile['user_id'] == $thisuser->id()) { echo_strip(' <div>&nbsp;</div> <div class="u-link"><a href="'.$roscms_SET_path_ex.'my/edit/">Edit My Profile</a></div>

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_User_ProfileEdit.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -33,7 +33,7 @@ */ public function __construct() { - require('login.php'); + Login::required(); session_start(); parent::__construct(); } @@ -46,7 +46,6 @@ */ protected function body( ) { - global $roscms_intern_account_id; global $roscms_SET_path_ex; global $rdf_uri_3; global $rdf_name_long; @@ -89,7 +88,7 @@ <div style="text-align:center; padding: 4px; ">');

$stmt=DBConnection::getInstance()->prepare("SELECT user_id, user_name, user_fullname, user_email, user_email_activation, user_website, user_country, user_timezone, user_occupation, user_setting_multisession, user_setting_browseragent, user_setting_ipaddress, user_setting_timeout FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute(); $profile = $stmt->fetchOnce();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Log.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Log.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Log.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -44,9 +44,7 @@ */ public static function prepareInfo( $data_id, $rev_id ) { - global $roscms_intern_account_id; - - return ' [dataid: '.$data_id.'; revid: '.$rev_id.'; userid: '.$roscms_intern_account_id.'; security: '.Security::rightsOverview($data_id).'] '; + return ' [dataid: '.$data_id.'; revid: '.$rev_id.'; userid: '.ThisUser::getInstance()->id().'; security: '.Security::rightsOverview($data_id).'] '; } // end of member function prepare_info

@@ -170,7 +168,6 @@ */ private function write( $log_str, $log_mode = 3, $log_entry = 'log_website_' ) { - global $roscms_intern_account_id; global $roscms_standard_language;

// get current log id @@ -204,7 +201,7 @@ $stmt=DBConnection::getInstance()->prepare("INSERT INTO data_revision_a ( rev_id , data_id , rev_version , rev_language , rev_usrid , rev_datetime , rev_date , rev_time ) VALUES ( NULL, :data_id, '1', :lang, :user_id, NOW(), CURDATE(), CURTIME() )"); $stmt->bindParam('data_id',$log_id,PDO::PARAM_INT); $stmt->bindParam('lang',$roscms_standard_language,PDO::PARAM_STR); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute();

// get the new log revison id @@ -261,7 +258,7 @@

// get a username, who is responsible for this log $stmt=DBConnection::getInstance()->prepare("SELECT user_name FROM users WHERE user_id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute(); $username = $stmt->fetchColumn();

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Login.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -2,6 +2,7 @@ /* RosCMS - ReactOS Content Management System Copyright (C) 2005 Ge van Geldorp gvg@reactos.org + 2005 Klemens Friedl frik85@reactos.org

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -150,5 +151,60 @@ exit; } // end of member function login

+ + /** + * User Settings: + * user_setting_multisession == "true" (default: false) [multi sessions are allowed for this user] + * user_setting_browseragent == "true" (default: true) [no one should deactivate ("false") this option or only if he change the user agent very often (e.g. in opera: IE <=> Opera)] + * user_setting_ipaddress == "true" (default: true) [IP address check; avoid this setting if the user is behind a proxy or use more than one pc the same time (a possible security risk, but some persons wanted that behavior ...); Note: this is a per user setting, everyone can change it!] + * user_setting_timeout == "true" (default: false) [NO timeout; so user can use the ros homepage systems without to login everytime] + * + * @access public + */ + public static function required( ) + { + + // check if user wants to logout + if (isset($_POST['logout'])) { + header('location:?page=logout'); + } + + // get current location (for redirection, if the login succeds) + $target = $_SERVER[ 'PHP_SELF' ]; + if ( IsSet( $_SERVER[ 'QUERY_STRING' ] ) ) { + $target .= '?'.$_SERVER[ 'QUERY_STRING' ]; + } + + // get information about script executer + $user_id = Login::in(Login::REQUIRED, $target); + if ($user_id == 0) { + die('Could not Login.'); + } + + // get user data + $stmt=DBConnection::getInstance()->prepare("SELECT user_id, user_name, user_roscms_password, user_timestamp_touch, user_setting_timeout, user_login_counter, user_account_enabled, user_setting_multisession, user_setting_browseragent, user_setting_ipaddress FROM users WHERE user_id = :user_id LIMIT 1"); + $stmt->bindparam('user_id',$user_id,PDO::PARAM_INT); + $stmt->execute() or die('DB error (login script #1)!'); + $user = $stmt->fetchOnce(PDO::FETCH_ASSOC); + if($user === false) { + die('DB error (login script #2)'); + } + + // if the account is NOT enabled; e.g. a reason could be that a member of the admin group has disabled this account because of spamming, etc. + if ($user['user_account_enabled'] != 'yes') { + die('Account is not enabled!<br /><br />System message: '.$user['user_account_enabled']); + } + + // collect memberships for current user + $stmt=DBConnection::getInstance()->prepare("SELECT m.usergroupmember_usergroupid AS name, usrgroup_seclev AS security_level FROM usergroup_members m JOIN usergroups g ON m.usergroupmember_usergroupid = g.usrgroup_name_id WHERE usergroupmember_userid = :user_id"); + $stmt->bindparam('user_id',$user['user_id'],PDO::PARAM_INT); + $stmt->execute(); + while($membership = $stmt->fetch()) { + ThisUser::getInstance()->addGroup($membership); + } + + ThisUser::getInstance()->setData($user); + } // end of member function require + } // end of Login ?>

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/ROSUser.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/ROSUser.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/ROSUser.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -151,36 +151,6 @@

/** - * checks if the user is member of at least in one of the groups - * - * @param string group_name - * @param string group_name2 - * @param string group_name3 - * @return bool - * @access public - */ - public static function isMemberOfGroup( $group_name, $group_name2 = null, $group_name3 = null ) - { - global $roscms_intern_account_id; - - // construct SQL for group membership check - $group = DBConnection::getInstance()->quote($group_name,PDO::PARAM_STR); - if ($group_name2 !== null) { - $group .= ",".DBConnection::getInstance()->quote($group_name2,PDO::PARAM_STR); - } - if ($group_name3 !== null) { - $group .= ",".DBConnection::getInstance()->quote($group_name3,PDO::PARAM_STR); - } - - $stmt=DBConnection::getInstance()->prepare("SELECT TRUE FROM usergroup_members WHERE usergroupmember_userid = :user_id AND usergroupmember_usergroupid IN(".$group.") LIMIT 1"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); - $stmt->execute(); - - return ($stmt->fetchColumn() !== false); - } // end of member isGroupMember - - - /** * * * @param string email

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Security.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -42,18 +42,17 @@ */ public function getACL( $kind ) { - global $roscms_intern_account_id; - global $roscms_security_level; + $thisuser = &ThisUser::getInstance();

$acl = ''; $sec_access = false; // security access already granted ?

// only if user has rights to access the interface - if ($roscms_security_level > 0) { + if ($thisuser->securityLevel() > 0) {

// for usage in the while loop $stmt=DBConnection::getInstance()->prepare("SELECT usergroupmember_usergroupid FROM usergroup_members WHERE usergroupmember_userid = :user_id"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); $usergroups = $stmt->fetchAll(PDO::FETCH_ASSOC);

@@ -63,7 +62,7 @@ while ($sec_entry = $stmt->fetch(PDO::FETCH_ASSOC)) {

// add entries, remove them if they're on the deny list - if ($sec_entry['sec_lev'.$roscms_security_level.'_'.$kind] == 1) { + if ($sec_entry['sec_lev'.$thisuser->securityLevel().'_'.$kind] == 1) { if ($sec_access) { $acl .= " OR"; } @@ -143,11 +142,10 @@ { global $h_a2;

- global $roscms_intern_account_id; - global $roscms_security_level; + $thisuser = &ThisUser::getInstance();

// roscms interface access ? - if ($roscms_security_level < 1) { + if ($thisuser->securityLevel() < 1) { return; }

@@ -163,7 +161,7 @@

// check for membership in allowed groups $stmt=DBConnection::getInstance()->prepare("SELECT usergroupmember_usergroupid FROM usergroup_members WHERE usergroupmember_userid = :user_id"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); while($usergroup = $stmt->fetch(PDO::FETCH_ASSOC)) {

@@ -176,7 +174,7 @@

// check for membership in denied list $stmt=DBConnection::getInstance()->prepare("SELECT usergroupmember_usergroupid FROM usergroup_members WHERE usergroupmember_userid = :user_id"); - $stmt->bindParam('user_id',$roscms_intern_account_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->execute(); while($usergroup = $stmt->fetch(PDO::FETCH_ASSOC)) {

@@ -189,19 +187,19 @@

// create a list with rights //@CHECKME is this type of checks a good idea ?? - if (($rights['sec_lev'.$roscms_security_level.'_read'] == 1 || $acl_allow === true) && $acl_deny === false) { + if (($rights['sec_lev'.$thisuser->securityLevel().'_read'] == 1 || $acl_allow === true) && $acl_deny === false) { $rights_list .= 'read|'; } - if (($rights['sec_lev'.$roscms_security_level.'_write'] == 1 || $acl_allow === true) && $acl_deny === false) { + if (($rights['sec_lev'.$thisuser->securityLevel().'_write'] == 1 || $acl_allow === true) && $acl_deny === false) { $rights_list .= 'write|'; } - if (($rights['sec_lev'.$roscms_security_level.'_add'] == 1 || ($acl_allow === true && $roscms_security_level == 3)) && $acl_deny === false) { + if (($rights['sec_lev'.$thisuser->securityLevel().'_add'] == 1 || ($acl_allow === true && $thisuser->securityLevel() == 3)) && $acl_deny === false) { $rights_list .= 'add|'; } - if (($rights['sec_lev'.$roscms_security_level.'_pub'] == 1 || ($acl_allow === true && $roscms_security_level == 3)) && $acl_deny === false) { + if (($rights['sec_lev'.$thisuser->securityLevel().'_pub'] == 1 || ($acl_allow === true && $thisuser->securityLevel() == 3)) && $acl_deny === false) { $rights_list .= 'pub|'; } - if (($rights['sec_lev'.$roscms_security_level.'_trans'] == 1 || ($acl_allow === true && $roscms_security_level == 3)) && $acl_deny === false) { + if (($rights['sec_lev'.$thisuser->securityLevel().'_trans'] == 1 || ($acl_allow === true && $thisuser->securityLevel() == 3)) && $acl_deny === false) { $rights_list .= 'trans|'; }

@@ -218,11 +216,8 @@ */ public function hasRight( $data_id, $kind ) { - global $roscms_security_level; - // only if roscms interface access is granted - if ($roscms_security_level < 1) { -echo $roscms_security_level; + if (ThisUser::getInstance()->securityLevel() < 1) { return false; }

@@ -241,10 +236,8 @@ */ public function rightsOverview( $data_id ) { - global $roscms_security_level; - // only if roscms interface access is granted - if ($roscms_security_level < 1) { + if (ThisUser::getInstance()->securityLevel() < 1) { return; }

@@ -259,7 +252,7 @@ $explanation .= (strpos($rights_list, '|trans|') === false) ? '-' : 'p';

// add also security level - $explanation .= ' '.$roscms_security_level; + $explanation .= ' '.ThisUser::getInstance()->securityLevel();

return $explanation; } // end of member function rightsOverview

Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -83,10 +83,9 @@ public static function deleteById( $tag_id, $user_id ) { global $h_a; - global $roscms_intern_account_id;

// @unimplemented: account group membership check - if ($user_id == $roscms_intern_account_id || $user_id == 0 || $user_id == -1) { + if ($user_id == ThisUser::getInstance()->id() || $user_id == 0 || $user_id == -1) {

// get tag data $stmt=DBConnection::getInstance()->prepare("SELECT tag_name_id, tag_value_id FROM data_tag".$h_a." WHERE tag_id = :tag_id LIMIT 1"); @@ -139,10 +138,9 @@ public static function add( $data_id, $rev_id, $tag_name, $tag_value, $user_id ) { global $h_a; - global $roscms_intern_account_id;

//@ADD group membership check - if ($user_id != $roscms_intern_account_id && $user_id != 0 && $user_id != -1) { + if ($user_id != ThisUser::getInstance()->id() && $user_id != 0 && $user_id != -1) { die('ERROR: no rights to access this function'); }

Added: branches/danny-web/reactos.org/htdocs/roscms/lib/ThisUser.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/ThisUser.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/ThisUser.class.php [iso-8859-1] Sat Nov 22 17:51:18 2008 @@ -1,0 +1,142 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2008 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +/** + * class ThisUser + * + */ +class ThisUser +{ + private $security_level = 0; + private $user = array('id'=>0,'name'=>''); + private $groups = array(); + + + /** + * adds a new membership for this user and registers maximum security level + * + * @access public + */ + public function addGroup( $group ) + { + $this->groups[$group['name']] = $group['security_level']; + if ($group['security_level'] > $this->security_level) $this->security_level = $group['security_level']; + } // end of member function setId + + + /** + * adds a new membership for this user + * + * @return array + * @access public + */ + public function getGroups( ) + { + return $this->groups; + } // end of member function setId + + + /** + * checks if the user is member of at least in one of the groups + * + * @param string group_name + * @param string group_name2 + * @param string group_name3 + * @return bool + * @access public + */ + public function isMemberOfGroup( $group_name, $group_name2 = null, $group_name3 = null ) + { + if (@$this->groups[$group_name] > -1 || @$this->groups[$group_name2] > -1 || @$this->groups[$group_name3] > -1) { + return true; + } + return false; + } // end of member isGroupMember + + + /** + * returns highest security level of users group memberships + * + * @return int + * @access public + */ + public function securityLevel( ) + { + return $this->security_level; + } // end of member function securityLevel + + + /** + * returns the id of the user, which has requested the script + * + * @return int + * @access public + */ + public function id( ) + { + return $this->user['id']; + } // end of member function securityLevel + + + /** + * returns the name of the user, which has requested the script + * + * @return string + * @access public + */ + public function name( ) + { + return $this->user['name']; + } // end of member function securityLevel + + + /** + * set the current user data, of the user which has requested the script + * + * @access public + */ + public function setData( $user ) + { + if($user !== false){ + $this->user['id'] = $user['user_id']; + $this->user['name'] = $user['user_name']; + } + } // end of member function setId + + + /** + * returns the instance + * + * @return object + * @access public + */ + public static function getInstance( ) + { + static $instance; + + if (empty($instance)) { + $instance = new ThisUser(); + } + + return $instance; + } // end of member function check_lang + +} // end of ThisUser +?>