Commit ff39c83a430c3f551c4f5a6eb5ae7a8b8847ca3c
1 parent
bcc271d2
updates for modified session/control handling, updated phpdocs
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@372 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
13 additions
and
10 deletions
control.php
| ... | ... | @@ -11,8 +11,8 @@ |
| 11 | 11 | * Licensed under the GNU GPL. For full terms see the file COPYING. |
| 12 | 12 | * |
| 13 | 13 | * @version $Revision$ |
| 14 | - * @author <a href="mailto:michael@jamwarehouse.com">Michael Joseph</a>, Jam Warehouse (Pty) Ltd, South Africa | |
| 15 | - * @package dmslib | |
| 14 | + * @author Michael Joseph <michael@jamwarehouse.com>, Jam Warehouse (Pty) Ltd, South Africa | |
| 15 | + * @package control | |
| 16 | 16 | */ |
| 17 | 17 | |
| 18 | 18 | // main library routines and defaults |
| ... | ... | @@ -23,7 +23,9 @@ require_once("$default->owl_fs_root/lib/SiteMap.inc"); |
| 23 | 23 | // page start |
| 24 | 24 | // ------------------------------- |
| 25 | 25 | |
| 26 | -if (checkSession()) { | |
| 26 | +// check the session, but don't redirect if the check fails | |
| 27 | + | |
| 28 | +if (checkSessionAndRedirect(false)) { | |
| 27 | 29 | // session check succeeds, so default action should be the dashboard if no action was specified |
| 28 | 30 | if (!isset($action)) { |
| 29 | 31 | $action = "dashboard"; |
| ... | ... | @@ -35,17 +37,19 @@ if (checkSession()) { |
| 35 | 37 | } |
| 36 | 38 | } |
| 37 | 39 | |
| 40 | +// (if there is no userID on the session and the action that we're looking up | |
| 41 | +// from the sitemap requires group access ie. !Anonymous then redirect to no | |
| 42 | +// permission page) | |
| 43 | + | |
| 38 | 44 | // reset authorisation flag before checking access |
| 39 | -$_SESSION["authorised"] = false; | |
| 45 | +$_SESSION["pageAccess"] = NULL; | |
| 40 | 46 | |
| 41 | -$default->log->info("control.php: checking ($action, " . $_SESSION["userID"] . ")"); | |
| 42 | 47 | // check whether the users group has access to the requested page |
| 43 | 48 | $page = $default->siteMap->getPage($action, $_SESSION["userID"]); |
| 44 | 49 | |
| 45 | 50 | $default->log->debug("retrieved page=$page from SiteMap"); |
| 46 | 51 | if (!$page) { |
| 47 | - $default->log->info("control.php: permission denied for ($action, " . $_SESSION["userID"] . ")"); | |
| 48 | - // this group doesn't have permission to access the page | |
| 52 | + // this user doesn't have permission to access the page | |
| 49 | 53 | // or there is no page mapping for the requested action |
| 50 | 54 | |
| 51 | 55 | // FIXME: redirect to no permission page |
| ... | ... | @@ -55,9 +59,8 @@ if (!$page) { |
| 55 | 59 | exit; |
| 56 | 60 | } else { |
| 57 | 61 | // set authorised flag and redirect |
| 58 | - $_SESSION["authorised"] = true; | |
| 59 | - $default->log->debug("control.php: ($action, " . $_SESSION["userID"] . ")set authorised flag:" . $_SESSION["authorised"]); | |
| 60 | - | |
| 62 | + $_SESSION["pageAccess"][$page] = true; | |
| 63 | + $default->log->debug("control.php: just set SESSION[\"pageAccess\"][$page]=" . $_SESSION["pageAccess"][$page]); | |
| 61 | 64 | redirect($page); |
| 62 | 65 | } |
| 63 | 66 | ?> | ... | ... |