Changeset 415 for trunk/user.php
Legend:
- Unmodified
- Added
- Removed
-
trunk
- Property svn:ignore
-
old new 6 6 postfixadmin 7 7 backup 8 .project 9 .buildpath 10 .settings
-
- Property svn:ignore
-
trunk/user.php
r410 r415 34 34 var $AnonymousUserId = 98; 35 35 var $OnlineStateTimeout = 600; // in seconds 36 var $PermissionCache = array(); 36 37 37 38 function Check() … … 52 53 if($Row['User'] != $this->AnonymousUserId) 53 54 { 54 $Query = $this->Database->query('SELECT *, UserCustomerRel.Customer AS Member FROM User JOIN UserCustomerRel ON UserCustomerRel.User=User.Id WHERE User.Id='.$Row['User']);55 $Query = $this->Database->query('SELECT User.*, UserCustomerRel.Customer AS Member FROM User JOIN UserCustomerRel ON UserCustomerRel.User=User.Id WHERE User.Id='.$Row['User']); 55 56 $this->User = $Query->fetch_assoc(); 56 57 $Result = USER_LOGGED; … … 208 209 function CheckPermission($Module, $Operation, $ItemType = '', $ItemIndex = 0) 209 210 { 210 $DbResult = $this->Database->select('PermissionOperation', 'Id', '`Module`="'.$Module.'" AND `Item`="'.$ItemType.'" AND `ItemId`='.$ItemIndex.' AND `Operation`="'.$Operation.'"'); 211 if($DbResult->num_rows > 0) 212 { 213 $DbRow = $DbResult->fetch_array(); 214 $OperationId = $DbRow['Id']; 215 211 // First try to check cache 212 if(in_array(array($Module, $Operation, $ItemType, $ItemType), $this->PermissionCache)) 213 { 214 $OperationId = array_search(array($Module, $Operation, $ItemType, $ItemType), $this->PermissionCache); 215 $PermissionExists = is_numeric($OperationId); 216 } else 217 { 218 // If no permission combination exists in cache, do new check of database items 219 $DbResult = $this->Database->select('PermissionOperation', 'Id', '`Module`="'.$Module.'" AND `Item`="'.$ItemType.'" AND `ItemId`='.$ItemIndex.' AND `Operation`="'.$Operation.'"'); 220 if($DbResult->num_rows > 0) 221 { 222 $DbRow = $DbResult->fetch_array(); 223 $OperationId = $DbRow['Id']; 224 $this->PermissionCache[$DbRow['Id']] = array($Module, $Operation, $ItemType, $ItemType); 225 $PermissionExists = true; 226 } else 227 { 228 $this->PermissionCache[$DbRow['Id'].'_'] = array($Module, $Operation, $ItemType, $ItemType); 229 $PermissionExists = false; 230 } 231 } 232 233 if($PermissionExists) 234 { 216 235 // Check user-operation relation 217 236 $DbResult = $this->Database->select('PermissionUserAssignment', '*', '`User`="'.$this->User['Id'].'" AND `AssignedOperation`="'.$OperationId.'"'); … … 219 238 220 239 // Check user-group relation 221 $DbResult = $this->Database->select('PermissionUserAssignment', 'AssignedGroup', '`User`="'.$this->User['Id'].'" AND `AssignedGroup` IS NOT NULL');240 $DbResult = $this->Database->select('PermissionUserAssignment', 'AssignedGroup', '`User`="'.$this->User['Id'].'"'); 222 241 while($DbRow = $DbResult->fetch_array()) 223 242 { 224 243 if($this->CheckGroupPermission($DbRow['AssignedGroup'], $OperationId) == true) return(true); 225 244 } 226 245 return(false);
Note:
See TracChangeset
for help on using the changeset viewer.