REVERT: variable name change

[phorkie.git] / www / www-security.php

diff --git a/www/www-security.php b/www/www-security.php
index 241f866f03c12fd6071db452e94de7242b8b3420..ccbdb9784c6b3e78f1d154363310a7f99591a642 100644 (file)
--- a/www/www-security.php
+++ b/www/www-security.php
@@ -4,12 +4,12 @@ namespace phorkie;
  * security levels + login requirement:
  */
 
  * security levels + login requirement:
  */
 

-if (!isset($GLOBALS['phorkie']['auth']['secure'])) {
+if (!isset($GLOBALS['phorkie']['auth']['securityLevel'])) {

     //not set? highest level of security
     //not set? highest level of security

-    $GLOBALS['phorkie']['auth']['secure'] = 2;
+    $GLOBALS['phorkie']['auth']['securityLevel'] = 2;

 }
 
 }
 

-if ($GLOBALS['phorkie']['auth']['secure'] == 0) {
+if ($GLOBALS['phorkie']['auth']['securityLevel'] == 0) {

     //everyone may do everything
     return;
 }
     //everyone may do everything
     return;
 }


@@ -17,8 +17,8 @@ if ($GLOBALS['phorkie']['auth']['secure'] == 0) {
 $logged_in = false;
 if (!isset($_SESSION['identity'])) {
     //not logged in 
 $logged_in = false;
 if (!isset($_SESSION['identity'])) {
     //not logged in 

-} else if ($GLOBALS['phorkie']['auth']['userlist']) {
-    if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
+} else if ($GLOBALS['phorkie']['auth']['listedUsersOnly']) {
+    if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['auth']['users'])) {

         $logged_in = true;
     }
 } else {
         $logged_in = true;
     }
 } else {


@@ -26,15 +26,24 @@ if (!isset($_SESSION['identity'])) {
     $logged_in = true;
 }
 
     $logged_in = true;
 }
 

-if ($logged_in) {
-    //logged in? all fine
-    return;
-} else if ($GLOBALS['phorkie']['auth']['secure'] == 2) {
-    //not logged in and security level 2 => error
-    require 'forbidden.php';
-} else if (isset($pageRequiresLogin) && !$pageRequiresLogin) {
+if ($secureAtLevel >= $GLOBALS['phorkie']['auth']['securityLevel']) {
+    if ($logged_in) {
+        return;
+    }
+} else {

     return;
 }
 
     return;
 }
 

+// p / G / log_in = disp
+// 0 / 1 / true   = return
+// 0 / 1 / false  = block
+// 0 / 2 / true   = return
+// 0 / 2 / false  = return
+// 1 / 1 / true   = return
+// 1 / 1 / false  = block
+// 1 / 2 / true   = return
+// 1 / 2 / false  = block
+
+$_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI'];

 require 'forbidden.php';
 require 'forbidden.php';

-?>
\ No newline at end of file
+?>