rename "secureAtLevel" variable since it does not define a level at all

diff --git a/www/delete.php b/www/delete.php
index d9ee2511f6ba2b0d37a24b228ef7e47f369e4144..43ec9d5be24a9ad7162dbfac9854fa05e81a7200 100644 (file)
--- a/www/delete.php
+++ b/www/delete.php
@@ -3,7 +3,7 @@ namespace phorkie;
 /**
  * Delete paste or ask for deletion
  */
 /**
  * Delete paste or ask for deletion
  */

-$secureAtLevel = '1';
+$reqWritePermissions = true;

 require_once 'www-header.php';
 
 $repo = new Repository();
 require_once 'www-header.php';
 
 $repo = new Repository();

diff --git a/www/display.php b/www/display.php
index fc93b0dc3d174018f1e913db4f2a535a5dfa3df4..ffc978629c3ddc293d3227ceec5132f92b18af12 100644 (file)
--- a/www/display.php
+++ b/www/display.php
@@ -3,7 +3,7 @@ namespace phorkie;
 /**
  * Display paste contents
  */
 /**
  * Display paste contents
  */

-$secureAtLevel = '0';
+$reqWritePermissions = false;

 require_once 'www-header.php';
 
 $repo = new Repository();
 require_once 'www-header.php';
 
 $repo = new Repository();

diff --git a/www/doap.php b/www/doap.php
index 377030b44f6fa1a829a88c1135923d06e20f63fd..63a66e630d57a21b71ade37b10eab5ec0ef9df82 100644 (file)
--- a/www/doap.php
+++ b/www/doap.php
@@ -4,7 +4,7 @@ namespace phorkie;
  * Display DOAP of the paste.
  * Contains a machine-readable project description with Git URL.
  */
  * Display DOAP of the paste.
  * Contains a machine-readable project description with Git URL.
  */

-$secureAtLevel = '0';
+$reqWritePermissions = false;

 require_once 'www-header.php';
 
 $repo = new Repository();
 require_once 'www-header.php';
 
 $repo = new Repository();

diff --git a/www/edit.php b/www/edit.php
index f83dfb3d2d4ca9b221a395a324e8ca2ec24157be..4de3d47cb93b4310d6529b2ba80083a9f2d8aed2 100644 (file)
--- a/www/edit.php
+++ b/www/edit.php
@@ -3,8 +3,9 @@ namespace phorkie;
 /**
  * Edit paste contents
  */
 /**
  * Edit paste contents
  */

-$secureAtLevel = '1';
+$reqWritePermissions = true;

 require_once 'www-header.php';
 require_once 'www-header.php';

+

 $repo = new Repository();
 $repo->loadFromRequest();
 
 $repo = new Repository();
 $repo->loadFromRequest();
 

diff --git a/www/fork.php b/www/fork.php
index 10bd1e201d0dcc91a18612618e0f6bc0c2792ddb..6c96a6acb3b85d2918bcf12c10a353c1ddc53b41 100644 (file)
--- a/www/fork.php
+++ b/www/fork.php
@@ -3,7 +3,7 @@
  * Fork a repository
  */
 namespace phorkie;
  * Fork a repository
  */
 namespace phorkie;

-$secureAtLevel = '1';
+$reqWritePermissions = true;

 require_once 'www-header.php';
 
 if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
 require_once 'www-header.php';
 
 if ($_SERVER['REQUEST_METHOD'] !== 'POST') {

diff --git a/www/index.php b/www/index.php
index 7ff1814767cb6a619d3ad939d52714c4b19dac42..0ee9211679cbe1aa1e79c936af4117b372015271 100644 (file)
--- a/www/index.php
+++ b/www/index.php
@@ -3,7 +3,7 @@
  * Jump to the index as per the configuration
  */
 namespace phorkie;
  * Jump to the index as per the configuration
  */
 namespace phorkie;

-$secureAtLevel = false;
+$reqWritePermissions = false;

 require_once 'www-header.php';
 
 header(
 require_once 'www-header.php';
 
 header(

diff --git a/www/list.php b/www/list.php
index 8252f37b89f66c1924d2d18fb41bbcb493b7275b..750e811dfbbe6301d21471c872f18abd1edf8255 100644 (file)
--- a/www/list.php
+++ b/www/list.php
@@ -3,7 +3,7 @@
  * List a repository
  */
 namespace phorkie;
  * List a repository
  */
 namespace phorkie;

-$secureAtLevel = '0';
+$reqWritePermissions = false;

 require_once 'www-header.php';
 $rs = new Repositories();
 
 require_once 'www-header.php';
 $rs = new Repositories();
 

diff --git a/www/new.php b/www/new.php
index e2611c0849b2707ea48a76dfc1e3f0fd13e1e102..7a708917ef45912a6be54cb6e82e069bdbc90858 100644 (file)
--- a/www/new.php
+++ b/www/new.php
@@ -10,7 +10,7 @@ namespace phorkie;
  *
  * Creates and redirects to display page
  */
  *
  * Creates and redirects to display page
  */

-$secureAtLevel = '1';
+$reqWritePermissions = true;

 require_once 'www-header.php';
 
 $repopo = new Repository_Post();
 require_once 'www-header.php';
 
 $repopo = new Repository_Post();

diff --git a/www/raw.php b/www/raw.php
index 612a6b86b9aa49c1b2ef664135fedb8b2e2591cb..605462da41d267184cb522219917ca21a51caccb 100644 (file)
--- a/www/raw.php
+++ b/www/raw.php
@@ -3,7 +3,7 @@ namespace phorkie;
 /**
  * Displays a file
  */
 /**
  * Displays a file
  */

-$secureAtLevel = '0';
+$reqWritePermissions = false;

 require_once 'www-header.php';
 
 $repo = new Repository();
 require_once 'www-header.php';
 
 $repo = new Repository();

diff --git a/www/revision.php b/www/revision.php
index 513ca678f6886b5a7cecb0f24713ec1e3b485a54..4d4f97cb01bd3c3beb8e5a436c1f5c0f2d1c5c55 100644 (file)
--- a/www/revision.php
+++ b/www/revision.php
@@ -3,7 +3,7 @@ namespace phorkie;
 /**
  * Display historic paste contents
  */
 /**
  * Display historic paste contents
  */

-$secureAtLevel = '0';
+$reqWritePermissions = false;

 require_once 'www-header.php';
 
 $repo = new Repository();
 require_once 'www-header.php';
 
 $repo = new Repository();

diff --git a/www/search.php b/www/search.php
index 82d5f767e4caad714b073669232af203be8c5572..9c7ff6e5c77a2cb9ac549b15eb736c66f9842403 100644 (file)
--- a/www/search.php
+++ b/www/search.php
@@ -3,7 +3,7 @@ namespace phorkie;
 /**
  * Search for a search term
  */
 /**
  * Search for a search term
  */

-$secureAtLevel = '0';
+$reqWritePermissions = false;

 require_once 'www-header.php';
 
 if (!isset($_GET['q']) || $_GET['q'] == '') {
 require_once 'www-header.php';
 
 if (!isset($_GET['q']) || $_GET['q'] == '') {

diff --git a/www/user.php b/www/user.php
index 9e20f6a123ffcd690621915a5001507c0b055b30..8b86a506ff7a1a63191729f72b5014b3e3b4468a 100644 (file)
--- a/www/user.php
+++ b/www/user.php
@@ -3,7 +3,7 @@
  * Edit user information
  */
 namespace phorkie;
  * Edit user information
  */
 namespace phorkie;

-$secureAtLevel = '1';
+$reqWritePermissions = true;

 require_once 'www-header.php';
 
 if (isset($_POST['name'])) {
 require_once 'www-header.php';
 
 if (isset($_POST['name'])) {

diff --git a/www/www-security.php b/www/www-security.php
index ccbdb9784c6b3e78f1d154363310a7f99591a642..5051b0fea698ebd499231e2a0b06d00c85bd1d9f 100644 (file)
--- a/www/www-security.php
+++ b/www/www-security.php
@@ -26,23 +26,19 @@ if (!isset($_SESSION['identity'])) {
     $logged_in = true;
 }
 
     $logged_in = true;
 }
 

-if ($secureAtLevel >= $GLOBALS['phorkie']['auth']['securityLevel']) {
-    if ($logged_in) {
-        return;
-    }
-} else {
+if ($logged_in) {
+    //you may do everything if you're logged in

     return;
 }
 
     return;
 }
 

-// p / G / log_in = disp
-// 0 / 1 / true   = return
-// 0 / 1 / false  = block
-// 0 / 2 / true   = return
-// 0 / 2 / false  = return
-// 1 / 1 / true   = return
-// 1 / 1 / false  = block
-// 1 / 2 / true   = return
-// 1 / 2 / false  = block
+if (!isset($reqWritePermissions)) {
+    $reqWritePermissions = true;
+}
+if ($GLOBALS['phorkie']['auth']['securityLevel'] == 1
+    && !$reqWritePermissions
+) {
+    return;
+}

 
 $_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
 require 'forbidden.php';
 
 $_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
 require 'forbidden.php';