X-Git-Url: https://git.cweiske.de/phorkie.git/blobdiff_plain/972d5d8a7e5450d9c3784feda363eee56f3ad269..92d6cf1f537c2126baf324cbdadbef1067e156b6:/www/www-security.php diff --git a/www/www-security.php b/www/www-security.php index 241f866..ccbdb97 100644 --- a/www/www-security.php +++ b/www/www-security.php @@ -4,12 +4,12 @@ namespace phorkie; * security levels + login requirement: */ -if (!isset($GLOBALS['phorkie']['auth']['secure'])) { +if (!isset($GLOBALS['phorkie']['auth']['securityLevel'])) { //not set? highest level of security - $GLOBALS['phorkie']['auth']['secure'] = 2; + $GLOBALS['phorkie']['auth']['securityLevel'] = 2; } -if ($GLOBALS['phorkie']['auth']['secure'] == 0) { +if ($GLOBALS['phorkie']['auth']['securityLevel'] == 0) { //everyone may do everything return; } @@ -17,8 +17,8 @@ if ($GLOBALS['phorkie']['auth']['secure'] == 0) { $logged_in = false; if (!isset($_SESSION['identity'])) { //not logged in -} else if ($GLOBALS['phorkie']['auth']['userlist']) { - if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) { +} else if ($GLOBALS['phorkie']['auth']['listedUsersOnly']) { + if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['auth']['users'])) { $logged_in = true; } } else { @@ -26,15 +26,24 @@ if (!isset($_SESSION['identity'])) { $logged_in = true; } -if ($logged_in) { - //logged in? all fine - return; -} else if ($GLOBALS['phorkie']['auth']['secure'] == 2) { - //not logged in and security level 2 => error - require 'forbidden.php'; -} else if (isset($pageRequiresLogin) && !$pageRequiresLogin) { +if ($secureAtLevel >= $GLOBALS['phorkie']['auth']['securityLevel']) { + if ($logged_in) { + return; + } +} else { return; } +// p / G / log_in = disp +// 0 / 1 / true = return +// 0 / 1 / false = block +// 0 / 2 / true = return +// 0 / 2 / false = return +// 1 / 1 / true = return +// 1 / 1 / false = block +// 1 / 2 / true = return +// 1 / 2 / false = block + +$_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI']; require 'forbidden.php'; -?> \ No newline at end of file +?>