git.cweiske.de / phorkie.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Part of #6: atom feed for new pastes
[phorkie.git] / www / www-security.php
diff --git a/www/www-security.php b/www/www-security.php
index e9fdab7207eb1340422f1ebc07f30c70c06f2e42..5051b0fea698ebd499231e2a0b06d00c85bd1d9f 100644 (file)
--- a/www/www-security.php
+++ b/www/www-security.php
@@ -17,8 +17,8 @@ if ($GLOBALS['phorkie']['auth']['securityLevel'] == 0) {
 $logged_in = false;
 if (!isset($_SESSION['identity'])) {
     //not logged in 
-} else if ($GLOBALS['phorkie']['auth']['userlist']) {
-    if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
+} else if ($GLOBALS['phorkie']['auth']['listedUsersOnly']) {
+    if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['auth']['users'])) {
         $logged_in = true;
     }
 } else {
@@ -26,23 +26,19 @@ if (!isset($_SESSION['identity'])) {
     $logged_in = true;
 }
 
-if ($secureAtLevel >= $GLOBALS['phorkie']['auth']['securityLevel']) {
-    if ($logged_in) {
-        return;
-    }
-} else {
+if ($logged_in) {
+    //you may do everything if you're logged in
     return;
 }
 
-// p / G / log_in = disp
-// 0 / 1 / true   = return
-// 0 / 1 / false  = block
-// 0 / 2 / true   = return
-// 0 / 2 / false  = return
-// 1 / 1 / true   = return
-// 1 / 1 / false  = block
-// 1 / 2 / true   = return
-// 1 / 2 / false  = block
+if (!isset($reqWritePermissions)) {
+    $reqWritePermissions = true;
+}
+if ($GLOBALS['phorkie']['auth']['securityLevel'] == 1
+    && !$reqWritePermissions
+) {
+    return;
+}
 
 $_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
 require 'forbidden.php';
Self-hosted pastebin software written in PHP. Pastes are editable, may have multiple files and are stored in git repositories.