You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@vcl.apache.org by jf...@apache.org on 2010/08/05 21:19:04 UTC
svn commit: r982738 - in /incubator/vcl/trunk/web/.ht-inc: privileges.php
requests.php userpreferences.php utils.php
Author: jfthomps
Date: Thu Aug 5 19:19:03 2010
New Revision: 982738
URL: http://svn.apache.org/viewvc?rev=982738&view=rev
Log:
VCL-334
utils.php:
-modified getUserInfo - added extra argument named $numeric to tell if $userid was passed as an id value or unityid value; changed is_numeric calls to just $numeric
-added 2 calls to addLoginLog when using XMLRPC API (not related to this issue)
modified calls to getUserInfo in the following files where $userid was passed as the user.id value:
userpreferences.php
privileges.php
requests.php
Modified:
incubator/vcl/trunk/web/.ht-inc/privileges.php
incubator/vcl/trunk/web/.ht-inc/requests.php
incubator/vcl/trunk/web/.ht-inc/userpreferences.php
incubator/vcl/trunk/web/.ht-inc/utils.php
Modified: incubator/vcl/trunk/web/.ht-inc/privileges.php
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/privileges.php?rev=982738&r1=982737&r2=982738&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/privileges.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/privileges.php Thu Aug 5 19:19:03 2010
@@ -2584,7 +2584,7 @@ function checkUserHasPriv($priv, $uid, $
if(array_key_exists($key, $_SESSION['userhaspriv']))
return $_SESSION['userhaspriv'][$key];
if($user["id"] != $uid) {
- $_user = getUserInfo($uid);
+ $_user = getUserInfo($uid, 0, 1);
if(is_null($user))
return 0;
}
Modified: incubator/vcl/trunk/web/.ht-inc/requests.php
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/requests.php?rev=982738&r1=982737&r2=982738&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/requests.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/requests.php Thu Aug 5 19:19:03 2010
@@ -1198,7 +1198,7 @@ function viewRequestInfo() {
}
}
$states = getStates();
- $userinfo = getUserInfo($request["userid"], 1);
+ $userinfo = getUserInfo($request["userid"], 1, 1);
print "<DIV align=center>\n";
print "<H2>View Reservation</H2>\n";
print "<table summary=\"\">\n";
@@ -1853,7 +1853,7 @@ function confirmDeleteRequest() {
. $reservation["prettyimage"] . "</strong> that started ";
}
else {
- $userinfo = getUserInfo($request["userid"], 1);
+ $userinfo = getUserInfo($request["userid"], 1, 1);
$text = "Delete reservation by {$userinfo['unityid']}@"
. "{$userinfo['affiliation']} for <strong>"
. "{$reservation["prettyimage"]}</strong> that started ";
Modified: incubator/vcl/trunk/web/.ht-inc/userpreferences.php
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/userpreferences.php?rev=982738&r1=982737&r2=982738&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/userpreferences.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/userpreferences.php Thu Aug 5 19:19:03 2010
@@ -502,7 +502,7 @@ function submitUserPrefs() {
. "WHERE userid = {$user['id']}";
doQuery($query, 101);
}
- $user = getUserInfo($user["id"], 1);
+ $user = getUserInfo($user["id"], 1, 1);
$_SESSION['user'] = $user;
userpreferences();
}
Modified: incubator/vcl/trunk/web/.ht-inc/utils.php
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/utils.php?rev=982738&r1=982737&r2=982738&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/utils.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/utils.php Thu Aug 5 19:19:03 2010
@@ -384,10 +384,12 @@ function checkAccess() {
$ldapuser = sprintf($authMechs[$authtype]['userid'], $user['unityid']);
$res = ldap_bind($ds, $ldapuser, $xmlpass);
if(! $res) {
+ addLoginLog($user['unityid'], $authtype, $user['affiliationid'], 0);
printXMLRPCerror(3); # access denied
dbDisconnect();
exit;
}
+ addLoginLog($user['unityid'], $authtype, $user['affiliationid'], 1);
}
elseif($ENABLE_ITECSAUTH &&
$authMechs[$authtype]['affiliationid'] == getAffiliationID('ITECS')) {
@@ -1120,12 +1122,11 @@ function getImages($includedeleted=0, $i
$imagelist[$row["id"]]["subimages"] = array();
if($row2["subimages"]) {
$query2 = "SELECT imageid "
- . "FROM subimages "
- . "WHERE imagemetaid = {$row["imagemetaid"]}";
+ . "FROM subimages "
+ . "WHERE imagemetaid = {$row["imagemetaid"]}";
$qh2 = doQuery($query2, 101);
- while($row2 = mysql_fetch_assoc($qh2)) {
+ while($row2 = mysql_fetch_assoc($qh2))
array_push($imagelist[$row["id"]]["subimages"], $row2["imageid"]);
- }
}
}
else
@@ -1750,7 +1751,7 @@ function addOwnedResources(&$resources,
///
////////////////////////////////////////////////////////////////////////////////
function addOwnedResourceGroups(&$resourcegroups, $userid) {
- if(! $user = getUserInfo($userid, 1))
+ if(! $user = getUserInfo($userid, 1, 1))
return;
$userid = $user["id"];
$groupids = implode(',', array_keys($user["groups"]));
@@ -2878,9 +2879,9 @@ function processInputData($data, $type,
/// returns NULL if could not get information about the user
///
////////////////////////////////////////////////////////////////////////////////
-function getUserInfo($id, $noupdate=0) {
+function getUserInfo($id, $noupdate=0, $numeric=0) {
$affilid = DEFAULT_AFFILID;
- if(! is_numeric($id)) {
+ if(! $numeric)) {
$rc = getAffilidAndLogin($id, $affilid);
if($rc == -1)
return NULL;
@@ -2917,7 +2918,7 @@ function getUserInfo($id, $noupdate=0) {
. "WHERE u.IMtypeid = i.id AND "
. "u.adminlevelid = a.id AND "
. "u.affiliationid = af.id AND ";
- if(is_numeric($id))
+ if($numeric)
$query .= "u.id = $id";
else
$query .= "u.unityid = '$id' AND af.id = $affilid";
@@ -2949,7 +2950,7 @@ function getUserInfo($id, $noupdate=0) {
return $user;
}
}
- if(is_numeric($id))
+ if($numeric)
$user = updateUserData($id, "numeric");
else
$user = updateUserData($id, "loginid", $affilid);