* security levels + login requirement:
*/
-if (!isset($GLOBALS['phorkie']['auth']['secure'])) {
+if (!isset($GLOBALS['phorkie']['auth']['securityLevel'])) {
//not set? highest level of security
- $GLOBALS['phorkie']['auth']['secure'] = 2;
+ $GLOBALS['phorkie']['auth']['securityLevel'] = 2;
}
-if ($GLOBALS['phorkie']['auth']['secure'] == 0) {
+if ($GLOBALS['phorkie']['auth']['securityLevel'] == 0) {
//everyone may do everything
return;
}
$logged_in = false;
if (!isset($_SESSION['identity'])) {
//not logged in
-} else if ($GLOBALS['phorkie']['auth']['userlist']) {
- if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
+} else if ($GLOBALS['phorkie']['auth']['listedUsersOnly']) {
+ if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['auth']['users'])) {
$logged_in = true;
}
} else {
$logged_in = true;
}
-if ($secureAtLevel >= $GLOBALS['phorkie']['auth']['secure']) {
- if ($logged_in) {
- return;
- }
-} else {
+if ($logged_in) {
+ //you may do everything if you're logged in
return;
}
-// p / G / log_in = disp
-// 0 / 1 / true = return
-// 0 / 1 / false = block
-// 0 / 2 / true = return
-// 0 / 2 / false = return
-// 1 / 1 / true = return
-// 1 / 1 / false = block
-// 1 / 2 / true = return
-// 1 / 2 / false = block
+if (!isset($reqWritePermissions)) {
+ $reqWritePermissions = true;
+}
+if ($GLOBALS['phorkie']['auth']['securityLevel'] == 1
+ && !$reqWritePermissions
+) {
+ return;
+}
$_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
require 'forbidden.php';
git.cweiske.de / phorkie.git / blobdiff