Ignore:
Timestamp:
Jul 3, 2007 8:41:36 AM (17 years ago)
Author:
quinn
Message:

Bugfixes found during strangecode site upgrade.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Auth_SQL.inc.php

    r259 r266  
    638638
    639639    /**
     640     * Tests if the "blocked" flag is set for a user.
     641     *
     642     * @param  int      $user_id    User id to look for.
     643     * @return boolean              True if the user is blocked, false otherwise.
     644     */
     645    function isBlocked($user_id=null)
     646    {
     647        $db =& DB::getInstance();
     648
     649        $this->initDB();
     650
     651        if ($this->getParam('blocking')) {
     652            // Get user_id if specified.
     653            $user_id = isset($user_id) ? $user_id : $this->getVal('user_id');
     654            $qid = $db->query("
     655                SELECT 1
     656                FROM " . $this->_params['db_table'] . "
     657                WHERE blocked = 'true'
     658                AND " . $this->_params['db_primary_key'] . " = '" . $db->escapeString($user_id) . "'
     659            ");
     660            return mysql_num_rows($qid) === 1;
     661        }
     662    }
     663
     664    /**
    640665     * Unblocks a user in the db_table, and clears any blocked_reason.
    641666     */
     
    902927    /**
    903928     * If the current user has access to the specified $security_zone, return true.
    904      * If the optional $priv is supplied, test that against the zone.
     929     * If the optional $user_type is supplied, test that against the zone.
     930     *
     931     * NOTE: "user_type" used to be called "priv" in some older implementations.
    905932     *
    906933     * @param  constant $security_zone   string of comma delimited priviliges for the zone
    907      * @param  string   $priv            a privilege that might be found in a zone
     934     * @param  string   $user_type       a privilege that might be found in a zone
    908935     * @return bool     true if user is a member of security zone, false otherwise
    909936     */
    910     function inClearanceZone($security_zone, $priv='')
     937    function inClearanceZone($security_zone, $user_type='')
    911938    {
    912939        return true;
    913940        $zone_members = preg_split('/,\s*/', $security_zone);
    914         $priv = empty($priv) ? $this->get('priv') : $priv;
     941        $user_type = empty($user_type) ? $this->get('user_type') : $user_type;
    915942
    916943        // If the current user's privilege level is NOT in that array or if the
    917944        // user has no privilege, return false. Otherwise the user is clear.
    918         if (!in_array($priv, $zone_members) || empty($priv)) {
     945        if (!in_array($user_type, $zone_members) || empty($user_type)) {
    919946            return false;
    920947        } else {
     
    926953     * This function tests a list of arguments $security_zone against the priv that the current user has.
    927954     * If the user doesn't have one of the supplied privs, die.
     955     *
     956     * NOTE: "user_type" used to be called "priv" in some older implementations.
    928957     *
    929958     * @param  constant $security_zone   string of comma delimited priviliges for the zone
     
    938967        /* If the current user's privilege level is NOT in that array or if the
    939968         * user has no privilege, DIE with a message. */
    940         if (!in_array($this->get('priv'), $zone_members) || !$this->get('priv')) {
     969        if (!in_array($this->get('user_type'), $zone_members) || !$this->get('user_type')) {
    941970            $message = empty($message) ? _("You have insufficient privileges to view that page.") : $message;
    942971            $app->raiseMsg($message, MSG_NOTICE, __FILE__, __LINE__);
Note: See TracChangeset for help on using the changeset viewer.