1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
<?php
class Garradin_Membres
{
const DROIT_CONNEXION = 1;
const DROIT_INSCRIPTION = 2;
const DROIT_WIKI_LIRE = 10;
const DROIT_WIKI_ECRIRE = 11;
const DROIT_WIKI_FICHIERS = 12;
const DROIT_WIKI_ADMIN = 13;
const DROIT_MEMBRE_LISTER = 20;
const DROIT_MEMBRE_GESTION = 21;
const DROIT_MEMBRE_ADMIN = 22;
const DROIT_COMPTA_GESTION = 30;
const DROIT_COMPTA_ADMIN = 31;
protected function _getSalt($length)
{
$str = str_split('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789');
shuffle($str);
return implode('',
|
|
|
<
|
<
<
<
<
<
<
<
<
<
<
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
<?php
class Garradin_Membres
{
const DROIT_AUCUN = 0;
const DROIT_ACCES = 1;
const DROIT_ADMIN = 9;
protected function _getSalt($length)
{
$str = str_split('./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789');
shuffle($str);
return implode('',
|
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
protected function _login($user)
{
$this->_sessionStart(true);
$db = Garradin_DB::getInstance();
$_SESSION['logged_user'] = $user;
$_SESSION['logged_user']['rights'] = $db->queryFetchAssoc('SELECT droit, droit FROM membres_categories_droits
WHERE id_categorie = '.(int)$user['id_categorie'].';', SQLITE3_ASSOC);
return true;
}
public function login($email, $passe)
{
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
return false;
$db = Garradin_DB::getInstance();
$r = $db->querySingle('SELECT * FROM membres WHERE email=\''.$db->escapeString($email).'\' LIMIT 1;', true);
if (empty($r))
return false;
if (!$this->_checkPassword($passe, $r['passe']))
return false;
return $this->_login($r);
}
public function isLogged()
{
$this->_sessionStart();
|
<
<
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
protected function _login($user)
{
$this->_sessionStart(true);
$db = Garradin_DB::getInstance();
$_SESSION['logged_user'] = $user;
return true;
}
public function login($email, $passe)
{
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
return false;
$db = Garradin_DB::getInstance();
$r = $db->querySingle('SELECT * FROM membres WHERE email=\''.$db->escapeString($email).'\' LIMIT 1;', true);
if (empty($r))
return false;
if (!$this->_checkPassword($passe, $r['passe']))
return false;
$droits = $db->simpleQuerySingle(
'SELECT * FROM membres_categories WHERE id = ?;',
true, (int)$r['id_categorie']);
foreach ($droits as $key=>$value)
{
unset($droits[$key]);
$key = str_replace('droit_', '', $key, $found);
if ($found)
{
$droits[$key] = (int) $value;
}
}
if ($droits['connexion'] == self::DROIT_AUCUN)
return false;
$r['droits'] = $droits;
return $this->_login($r);
}
public function isLogged()
{
$this->_sessionStart();
|