Fixed ACL checks not working in the middle of a db query

This commit is contained in:
jengo 2001-01-31 03:02:00 +00:00
parent 22f4074433
commit c4d3423bde

View File

@ -29,61 +29,64 @@
var $groups; var $groups;
var $group_names; var $group_names;
var $apps; var $apps;
var $db;
function accounts_()
{
global $phpgw;
$this->db = $phpgw->db;
}
function fill_user_array() function fill_user_array()
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
$db2 = $phpgw->db; $this->db->query("select * from accounts where account_lid='" . $phpgw_info["user"]["userid"] . "'",__LINE__,__FILE__);
$this->db->next_record();
$db2->query("select * from accounts where account_lid='" . $phpgw_info["user"]["userid"] . "'",__LINE__,__FILE__);
$db2->next_record();
/* Now dump it into the array */ /* Now dump it into the array */
$phpgw_info["user"]["account_id"] = $db2->f("account_id"); $phpgw_info["user"]["account_id"] = $this->db->f("account_id");
$phpgw_info["user"]["firstname"] = $db2->f("account_firstname"); $phpgw_info["user"]["firstname"] = $this->db->f("account_firstname");
$phpgw_info["user"]["lastname"] = $db2->f("account_lastname"); $phpgw_info["user"]["lastname"] = $this->db->f("account_lastname");
$phpgw_info["user"]["fullname"] = $db2->f("account_firstname") . " " $phpgw_info["user"]["fullname"] = $this->db->f("account_firstname") . " "
. $db2->f("account_lastname"); . $this->db->f("account_lastname");
$phpgw_info["user"]["groups"] = explode (",", $db2->f("account_groups")); $phpgw_info["user"]["groups"] = explode (",", $this->db->f("account_groups"));
// $apps = CreateObject('phpgwapi.applications',intval($phpgw_info["user"]["account_id"])); // $apps = CreateObject('phpgwapi.applications',intval($phpgw_info["user"]["account_id"]));
// $prefs = CreateObject('phpgwapi.preferences',intval($phpgw_info["user"]["account_id"])); // $prefs = CreateObject('phpgwapi.preferences',intval($phpgw_info["user"]["account_id"]));
// $phpgw_info["user"]["preferences"] = $prefs->get_saved_preferences(); // $phpgw_info["user"]["preferences"] = $prefs->get_saved_preferences();
// $phpgw_info["user"]["apps"] = $apps->enabled_apps(); // $phpgw_info["user"]["apps"] = $apps->enabled_apps();
$phpgw_info["user"]["lastlogin"] = $db2->f("account_lastlogin"); $phpgw_info["user"]["lastlogin"] = $this->db->f("account_lastlogin");
$phpgw_info["user"]["lastloginfrom"] = $db2->f("account_lastloginfrom"); $phpgw_info["user"]["lastloginfrom"] = $this->db->f("account_lastloginfrom");
$phpgw_info["user"]["lastpasswd_change"] = $db2->f("account_lastpwd_change"); $phpgw_info["user"]["lastpasswd_change"] = $this->db->f("account_lastpwd_change");
$phpgw_info["user"]["status"] = $db2->f("account_status"); $phpgw_info["user"]["status"] = $this->db->f("account_status");
} }
function read_userData($id) function read_userData($id)
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
$db2 = $phpgw->db; $this->db->query("select * from accounts where account_id='$id'",__LINE__,__FILE__);
$this->db->next_record();
$db2->query("select * from accounts where account_id='$id'",__LINE__,__FILE__);
$db2->next_record();
/* Now dump it into the array */ /* Now dump it into the array */
$userData["account_id"] = $db2->f("account_id"); $userData["account_id"] = $this->db->f("account_id");
$userData["account_lid"] = $db2->f("account_lid"); $userData["account_lid"] = $this->db->f("account_lid");
$userData["firstname"] = $db2->f("account_firstname"); $userData["firstname"] = $this->db->f("account_firstname");
$userData["lastname"] = $db2->f("account_lastname"); $userData["lastname"] = $this->db->f("account_lastname");
$userData["fullname"] = $db2->f("account_firstname") . " " $userData["fullname"] = $this->db->f("account_firstname") . " "
. $db2->f("account_lastname"); . $this->db->f("account_lastname");
$userData["groups"] = explode(",", $db2->f("account_groups")); $userData["groups"] = explode(",", $this->db->f("account_groups"));
// $apps = CreateObject('phpgwapi.applications',intval($phpgw_info["user"]["account_id"])); // $apps = CreateObject('phpgwapi.applications',intval($phpgw_info["user"]["account_id"]));
// $prefs = CreateObject('phpgwapi.preferences',intval($phpgw_info["user"]["account_id"])); // $prefs = CreateObject('phpgwapi.preferences',intval($phpgw_info["user"]["account_id"]));
// $userData["preferences"] = $prefs->get_saved_preferences(); // $userData["preferences"] = $prefs->get_saved_preferences();
// $userData["apps"] = $apps->enabled_apps(); // $userData["apps"] = $apps->enabled_apps();
$userData["lastlogin"] = $db2->f("account_lastlogin"); $userData["lastlogin"] = $this->db->f("account_lastlogin");
$userData["lastloginfrom"] = $db2->f("account_lastloginfrom"); $userData["lastloginfrom"] = $this->db->f("account_lastloginfrom");
$userData["lastpasswd_change"] = $db2->f("account_lastpwd_change"); $userData["lastpasswd_change"] = $this->db->f("account_lastpwd_change");
$userData["status"] = $db2->f("account_status"); $userData["status"] = $this->db->f("account_status");
return $userData; return $userData;
} }
@ -92,7 +95,6 @@
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
$db2 = $phpgw->db;
if (gettype($id) == "string") { $id = $this->username2userid($id); } if (gettype($id) == "string") { $id = $this->username2userid($id); }
$groups = Array(); $groups = Array();
$group_memberhips = $phpgw->acl->get_location_list_for_id("phpgw_group", 1, "u", $id); $group_memberhips = $phpgw->acl->get_location_list_for_id("phpgw_group", 1, "u", $id);
@ -108,8 +110,6 @@
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$db2 = $phpgw->db;
if (! $lid) { if (! $lid) {
$lid = $phpgw_info["user"]["userid"]; $lid = $phpgw_info["user"]["userid"];
} }
@ -117,10 +117,10 @@
$i = 0; $i = 0;
while ($groups && $group = each($groups)) { while ($groups && $group = each($groups)) {
$db2->query("select group_name from groups where group_id=".$group[0],__LINE__,__FILE__); $this->db->query("select group_name from groups where group_id=".$group[0],__LINE__,__FILE__);
$db2->next_record(); $this->db->next_record();
$group_names[$i][0] = $group[0]; $group_names[$i][0] = $group[0];
$group_names[$i][1] = $db2->f("group_name"); $group_names[$i][1] = $this->db->f("group_name");
$group_names[$i++][2] = $group[1]; $group_names[$i++][2] = $group[1];
} }
@ -135,8 +135,6 @@
{ {
global $phpgw; global $phpgw;
$db2 = $phpgw->db;
if ($group) { if ($group) {
$users = $phpgw->acl->get_ids_for_location($group, 1, "phpgw_group", "u"); $users = $phpgw->acl->get_ids_for_location($group, 1, "phpgw_group", "u");
reset ($users); reset ($users);
@ -149,15 +147,15 @@
} }
} }
$sql .= ")"; $sql .= ")";
$db2->query($sql,__LINE__,__FILE__); $this->db->query($sql,__LINE__,__FILE__);
} else { } else {
$db2->query("select account_lid,account_firstname,account_lastname from accounts",__LINE__,__FILE__); $this->db->query("select account_lid,account_firstname,account_lastname from accounts",__LINE__,__FILE__);
} }
$i = 0; $i = 0;
while ($db2->next_record()) { while ($this->db->next_record()) {
$accounts["account_lid"][$i] = $db2->f("account_lid"); $accounts["account_lid"][$i] = $this->db->f("account_lid");
$accounts["account_firstname"][$i] = $db2->f("account_firstname"); $accounts["account_firstname"][$i] = $this->db->f("account_firstname");
$accounts["account_lastname"][$i] = $db2->f("account_lastname"); $accounts["account_lastname"][$i] = $this->db->f("account_lastname");
$i++; $i++;
} }
return $accounts; return $accounts;
@ -166,11 +164,11 @@
function username2userid($user_name) function username2userid($user_name)
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$db2 = $phpgw->db;
$db2->query("SELECT account_id FROM accounts WHERE account_lid='".$user_name."'",__LINE__,__FILE__); $this->db->query("SELECT account_id FROM accounts WHERE account_lid='".$user_name."'",__LINE__,__FILE__);
if($db2->num_rows()) { if($this->db->num_rows()) {
$db2->next_record(); $this->db->next_record();
return $db2->f("account_id"); return $this->db->f("account_id");
}else{ }else{
return False; return False;
} }
@ -179,11 +177,11 @@
function userid2username($user_id) function userid2username($user_id)
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$db2 = $phpgw->db;
$db2->query("SELECT account_lid FROM accounts WHERE account_id='".$user_id."'",__LINE__,__FILE__); $this->db->query("SELECT account_lid FROM accounts WHERE account_id='".$user_id."'",__LINE__,__FILE__);
if($db2->num_rows()) { if($this->db->num_rows()) {
$db2->next_record(); $this->db->next_record();
return $db2->f("account_lid"); return $this->db->f("account_lid");
}else{ }else{
return False; return False;
} }
@ -192,11 +190,11 @@
function groupname2groupid($group_name) function groupname2groupid($group_name)
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$db2 = $phpgw->db;
$db2->query("SELECT group_id FROM groups WHERE group_name='".$group_name."'",__LINE__,__FILE__); $this->db->query("SELECT group_id FROM groups WHERE group_name='".$group_name."'",__LINE__,__FILE__);
if($db2->num_rows()) { if($this->db->num_rows()) {
$db2->next_record(); $this->db->next_record();
return $db2->f("group_id"); return $this->db->f("group_id");
}else{ }else{
return False; return False;
} }
@ -205,11 +203,11 @@
function groupid2groupname($group_id) function groupid2groupname($group_id)
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$db2 = $phpgw->db;
$db2->query("SELECT group_name FROM groups WHERE group_id='".$group_id."'",__LINE__,__FILE__); $this->db->query("SELECT group_name FROM groups WHERE group_id='".$group_id."'",__LINE__,__FILE__);
if($db2->num_rows()) { if($this->db->num_rows()) {
$db2->next_record(); $this->db->next_record();
return $db2->f("group_name"); return $this->db->f("group_name");
}else{ }else{
return False; return False;
} }