26 function local_session_sql() {
28 SELECT session.*, usr.*, principal.*
29 FROM session JOIN usr USING(user_no) JOIN principal USING(user_no)
37 require(
'Session.php');
38 include_once(
'DAVResource.php');
41 @Session::_CheckLogout();
52 private $privilege_resources = array();
63 $this->principal_id = null;
64 parent::__construct($sid);
73 if ( !isset($u->principal_id) ) {
75 $qry =
new AwlQuery(
'SELECT * FROM dav_principal WHERE username = :username', array(
':username' => $u->username) );
76 if ( $qry->Exec() && $qry->rows() == 1 ) {
81 parent::AssignSessionDetails( $u );
83 if ( function_exists(
'awl_set_locale') && isset($this->locale) && $this->locale !=
'' ) {
84 awl_set_locale($this->locale);
93 $this->roles = array();
94 $sql =
'SELECT role_name FROM roles JOIN role_member ON roles.role_no=role_member.role_no WHERE user_no = '.$this->user_no;
95 $qry =
new AwlQuery( $sql );
96 if ( $qry->Exec(
'DAViCalSession') && $qry->rows() > 0 ) {
97 while( $role = $qry->Fetch() ) {
98 $this->roles[$role->role_name] = 1;
102 $sql =
'SELECT role_name FROM (((group_member JOIN dav_principal first_dav_principal ON group_member.group_id=first_dav_principal.principal_id) JOIN role_member ON first_dav_principal.user_no=role_member.user_no) JOIN roles ON roles.role_no=role_member.role_no) JOIN dav_principal second_dav_principal ON group_member.member_id=second_dav_principal.principal_id WHERE second_dav_principal.user_no = '.$this->user_no;
103 $qry =
new AwlQuery( $sql );
104 if ( $qry->Exec(
'DAViCalSession') && $qry->rows() > 0 ) {
105 while( $role = $qry->Fetch() ) {
106 if($role->role_name==
'Admin')
107 $this->roles[
'Admin'] = 1;
121 if ( $this->AllowedTo(
'Admin') )
return true;
122 if ( !isset($this->privilege_resources[$path]) ) {
123 $this->privilege_resources[$path] =
new DAVResource($path);
125 $resource = $this->privilege_resources[$path];
126 if ( isset($resource) && $resource->Exists() ) {
127 return $resource->HavePrivilegeTo($do_what,$any);
144 global $c, $session, $main_menu, $sub_menu, $tab_menu;
146 $current_domain = (isset($_SERVER[
'SERVER_NAME'])?$_SERVER[
'SERVER_NAME']:$_SERVER[
'SERVER_ADDR']);
147 if ( (isset($c->restrict_admin_domain) && $c->restrict_admin_domain != $current_domain)
148 || (isset($c->restrict_admin_port) && $c->restrict_admin_port != $_SERVER[
'SERVER_PORT'] ) ) {
149 header(
'Location: caldav.php');
150 dbg_error_log(
'LOG WARNING',
'Access to "%s" via "%s:%d" rejected.', $_SERVER[
'REQUEST_URI'], $current_domain, $_SERVER[
'SERVER_PORT'] );
151 @ob_flush(); exit(0);
153 if ( isset($c->restrict_admin_roles) && $roles ==
'' ) $roles = $c->restrict_admin_roles;
154 if ( $this->logged_in && $roles ==
'' )
return;
159 if ( isset($_SERVER[
'PHP_AUTH_USER']) && !$this->logged_in && $_SERVER[
'PHP_AUTH_USER'] !=
"" && $_SERVER[
'PHP_AUTH_PW'] !=
"" && ! $_COOKIE[
'NoAutoLogin'] ) {
160 if ( $this->Login($_SERVER[
'PHP_AUTH_USER'],$_SERVER[
'PHP_AUTH_PW'],
false)) {
161 setcookie(
'NoAutoLogin',1,0);
165 if ( ! $this->logged_in ) {
166 $c->messages[] = i18n(
'You must log in to use this system.');
167 include_once(
'page-header.php');
168 if ( function_exists(
'local_index_not_logged_in') ) {
169 local_index_not_logged_in();
172 if ( $this->login_failed ) {
173 $c->messages[] = i18n(
'Invalid user name or password.');
175 echo
'<h1>'.translate(
'Log On Please').
"</h1>\n";
176 echo
'<p>'.translate(
'For access to the')
177 .
' '.translate($c->system_name).
' ' 178 .translate(
'you should log on with the username and password that have been issued to you.')
180 echo
'<p>'.translate(
'If you would like to request access, please e-mail').
' '.$c->admin_email.
"</p>\n";
181 echo $this->RenderLoginPanel();
185 $valid_roles = explode(
',', $roles);
186 foreach( $valid_roles AS $k => $v ) {
187 if ( $this->AllowedTo($v) )
return;
189 $c->messages[] = i18n(
'You are not authorised to use this function.');
190 include_once(
'page-header.php');
193 include(
'page-footer.php');
194 @ob_flush(); exit(0);
199 $session->_CheckLogin();
HavePrivilegeTo( $do_what, $path, $any=null)
AssignSessionDetails( $u)
LoginRequired( $roles='')