Enforce admin privileges
This commit is contained in:
36
inc/user.php
36
inc/user.php
@@ -5,6 +5,12 @@ class User extends PhpObject {
|
||||
//DB Tables
|
||||
const USER_TABLE = 'users';
|
||||
|
||||
//Clearance Levels
|
||||
const USER_ACTIVE = 1;
|
||||
const USER_INACTIVE = 0;
|
||||
const CLEARANCE_USER = 0;
|
||||
const CLEARANCE_ADMIN = 9;
|
||||
|
||||
//Cookie
|
||||
const COOKIE_ID_USER = 'subscriber';
|
||||
const COOKIE_DURATION = 60 * 60 * 24 * 365; //1 year
|
||||
@@ -22,7 +28,15 @@ class User extends PhpObject {
|
||||
parent::__construct(__CLASS__, Settings::DEBUG);
|
||||
$this->oDb = &$oDb;
|
||||
$this->iUserId = 0;
|
||||
$this->asUserInfo = array(Db::getId(self::USER_TABLE)=>0, 'name'=>'', 'email'=>'', 'language'=>'', 'timezone'=>'', 'active'=>'0');
|
||||
$this->asUserInfo = array(
|
||||
Db::getId(self::USER_TABLE) => 0,
|
||||
'name' => '',
|
||||
'email' => '',
|
||||
'language' => '',
|
||||
'timezone' => '',
|
||||
'active' => self::USER_INACTIVE,
|
||||
'clearance' => self::CLEARANCE_USER
|
||||
);
|
||||
$this->checkUserCookie();
|
||||
}
|
||||
|
||||
@@ -36,7 +50,7 @@ class User extends PhpObject {
|
||||
$sEmail = trim($sEmail);
|
||||
|
||||
//Check Email availability
|
||||
$iUserId = $this->oDb->selectValue(self::USER_TABLE, Db::getId(self::USER_TABLE), array('email'=>$sEmail, 'active'=>'1'));
|
||||
$iUserId = $this->oDb->selectValue(self::USER_TABLE, Db::getId(self::USER_TABLE), array('email'=>$sEmail, 'active'=>self::USER_ACTIVE));
|
||||
|
||||
if($iUserId > 0) {
|
||||
//Log user in
|
||||
@@ -45,7 +59,12 @@ class User extends PhpObject {
|
||||
}
|
||||
else {
|
||||
//Add/Reactivate user
|
||||
$iUserId = $this->oDb->insertUpdateRow(self::USER_TABLE, array('email'=>$sEmail, 'language'=>$sLang, 'timezone'=>$sTimezone, 'active'=>'1'), array('email'));
|
||||
$iUserId = $this->oDb->insertUpdateRow(
|
||||
self::USER_TABLE,
|
||||
array('email'=>$sEmail, 'language'=>$sLang, 'timezone'=>$sTimezone, 'active'=>self::USER_ACTIVE),
|
||||
array('email')
|
||||
);
|
||||
|
||||
if($iUserId==0) $sDesc = 'lang:error_commit_db';
|
||||
else {
|
||||
$this->updateGravatar($iUserId, $sEmail);
|
||||
@@ -68,7 +87,7 @@ class User extends PhpObject {
|
||||
$sDesc = '';
|
||||
|
||||
if($this->iUserId > 0) {
|
||||
$iUserId = $this->oDb->updateRow(self::USER_TABLE, $this->iUserId, array('active'=>'0'));
|
||||
$iUserId = $this->oDb->updateRow(self::USER_TABLE, $this->iUserId, array('active'=>self::USER_INACTIVE));
|
||||
if($iUserId==0) $sDesc = 'lang:error_commit_db';
|
||||
else {
|
||||
$sDesc = 'lang:nl_unsubscribed';
|
||||
@@ -121,13 +140,20 @@ class User extends PhpObject {
|
||||
$asInfo = array(
|
||||
'select' => array_keys($this->asUserInfo),
|
||||
'from' => self::USER_TABLE,
|
||||
'constraint'=> array('active'=>'1')
|
||||
'constraint'=> array('active'=>self::USER_ACTIVE)
|
||||
);
|
||||
if($iUserId != -1) $asInfo['constraint'][Db::getId(self::USER_TABLE)] = $iUserId;
|
||||
|
||||
if(!$this->checkUserClearance(self::CLEARANCE_ADMIN)) unset($asInfo['select']['clearance']);
|
||||
|
||||
return $this->oDb->selectRows($asInfo);
|
||||
}
|
||||
|
||||
public function checkUserClearance($iClearance)
|
||||
{
|
||||
return ($this->asUserInfo['clearance'] >= $iClearance);
|
||||
}
|
||||
|
||||
private function updateCookie($iDeltaTime) {
|
||||
setcookie(self::COOKIE_ID_USER, ($iDeltaTime < 0)?'':$this->iUserId, array('samesite' => 'Lax', 'expires' => time() + $iDeltaTime));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user