includes/sessions.php
changeset 735 f191cb6bd0ca
parent 733 e5f638c216f7
parent 731 8e6dbf6882c2
child 749 ea3045a3bcbd
equal deleted inserted replaced
734:904fbf10f112 735:f191cb6bd0ca
  1764       $db->free_result();
  1764       $db->free_result();
  1765       
  1765       
  1766       $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');');
  1766       $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');');
  1767     }
  1767     }
  1768     
  1768     
  1769     // Grant edit and very limited mod access to the userpage
  1769     // Config option added, 1.1.5
  1770     $acl_data = array(
  1770     if ( getConfig('userpage_grant_acl', '1') == '1' )             
  1771         'read' => AUTH_ALLOW,
  1771     {
  1772         'view_source' => AUTH_ALLOW,
  1772       // Grant edit and very limited mod access to the userpage
  1773         'edit_page' => AUTH_ALLOW,
  1773       $acl_data = array(
  1774         'post_comments' => AUTH_ALLOW,
  1774           'read' => AUTH_ALLOW,
  1775         'edit_comments' => AUTH_ALLOW, // only allows editing own comments
  1775           'view_source' => AUTH_ALLOW,
  1776         'history_view' => AUTH_ALLOW,
  1776           'edit_page' => AUTH_ALLOW,
  1777         'history_rollback' => AUTH_ALLOW,
  1777           'post_comments' => AUTH_ALLOW,
  1778         'rename' => AUTH_ALLOW,
  1778           'edit_comments' => AUTH_ALLOW, // only allows editing own comments
  1779         'delete_page' => AUTH_ALLOW,
  1779           'history_view' => AUTH_ALLOW,
  1780         'tag_create' => AUTH_ALLOW,
  1780           'history_rollback' => AUTH_ALLOW,
  1781         'tag_delete_own' => AUTH_ALLOW,
  1781           'rename' => AUTH_ALLOW,
  1782         'tag_delete_other' => AUTH_ALLOW,
  1782           'delete_page' => AUTH_ALLOW,
  1783         'edit_cat' => AUTH_ALLOW,
  1783           'tag_create' => AUTH_ALLOW,
  1784         'create_page' => AUTH_ALLOW
  1784           'tag_delete_own' => AUTH_ALLOW,
  1785       );
  1785           'tag_delete_other' => AUTH_ALLOW,
  1786     $acl_data = $db->escape($this->perm_to_string($acl_data));
  1786           'edit_cat' => AUTH_ALLOW,
  1787     $userpage = $db->escape(sanitize_page_id($user_orig));
  1787           'create_page' => AUTH_ALLOW
  1788     $cols = "target_type, target_id, page_id, namespace, rules";
  1788         );
  1789     $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'";
  1789       $acl_data = $db->escape($this->perm_to_string($acl_data));
  1790     $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);";
  1790       $userpage = $db->escape(sanitize_page_id($user_orig));
  1791     $this->sql($q);
  1791       $cols = "target_type, target_id, page_id, namespace, rules";
       
  1792       $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'";
       
  1793       $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);";
       
  1794       $this->sql($q);
       
  1795     }
  1792     
  1796     
  1793     // Require the account to be activated?
  1797     // Require the account to be activated?
  1794     if ( $coppa )
  1798     if ( $coppa )
  1795     {
  1799     {
  1796       $this->admin_activation_request($username);
  1800       $this->admin_activation_request($username);
  3398    * Backend code for the JSON login interface. Basically a frontend to the session API that takes all parameters in one huge array.
  3402    * Backend code for the JSON login interface. Basically a frontend to the session API that takes all parameters in one huge array.
  3399    * @param array LoginAPI request
  3403    * @param array LoginAPI request
  3400    * @return array LoginAPI response
  3404    * @return array LoginAPI response
  3401    */
  3405    */
  3402   
  3406   
  3403   function process_login_request($req)
  3407   function process_login_request($req, $_dbgtmp = false)
  3404   {
  3408   {
  3405     global $db, $session, $paths, $template, $plugins; // Common objects
  3409     global $db, $session, $paths, $template, $plugins; // Common objects
  3406     
  3410     
  3407     // Setup EnanoMath and Diffie-Hellman
  3411     // Setup EnanoMath and Diffie-Hellman
  3408     global $dh_supported;
  3412     global $dh_supported;