1764 $db->free_result(); |
1764 $db->free_result(); |
1765 |
1765 |
1766 $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');'); |
1766 $this->sql('INSERT INTO '.table_prefix.'users_extra(user_id) VALUES(' . $user_id . ');'); |
1767 } |
1767 } |
1768 |
1768 |
1769 // Grant edit and very limited mod access to the userpage |
1769 // Config option added, 1.1.5 |
1770 $acl_data = array( |
1770 if ( getConfig('userpage_grant_acl', '1') == '1' ) |
1771 'read' => AUTH_ALLOW, |
1771 { |
1772 'view_source' => AUTH_ALLOW, |
1772 // Grant edit and very limited mod access to the userpage |
1773 'edit_page' => AUTH_ALLOW, |
1773 $acl_data = array( |
1774 'post_comments' => AUTH_ALLOW, |
1774 'read' => AUTH_ALLOW, |
1775 'edit_comments' => AUTH_ALLOW, // only allows editing own comments |
1775 'view_source' => AUTH_ALLOW, |
1776 'history_view' => AUTH_ALLOW, |
1776 'edit_page' => AUTH_ALLOW, |
1777 'history_rollback' => AUTH_ALLOW, |
1777 'post_comments' => AUTH_ALLOW, |
1778 'rename' => AUTH_ALLOW, |
1778 'edit_comments' => AUTH_ALLOW, // only allows editing own comments |
1779 'delete_page' => AUTH_ALLOW, |
1779 'history_view' => AUTH_ALLOW, |
1780 'tag_create' => AUTH_ALLOW, |
1780 'history_rollback' => AUTH_ALLOW, |
1781 'tag_delete_own' => AUTH_ALLOW, |
1781 'rename' => AUTH_ALLOW, |
1782 'tag_delete_other' => AUTH_ALLOW, |
1782 'delete_page' => AUTH_ALLOW, |
1783 'edit_cat' => AUTH_ALLOW, |
1783 'tag_create' => AUTH_ALLOW, |
1784 'create_page' => AUTH_ALLOW |
1784 'tag_delete_own' => AUTH_ALLOW, |
1785 ); |
1785 'tag_delete_other' => AUTH_ALLOW, |
1786 $acl_data = $db->escape($this->perm_to_string($acl_data)); |
1786 'edit_cat' => AUTH_ALLOW, |
1787 $userpage = $db->escape(sanitize_page_id($user_orig)); |
1787 'create_page' => AUTH_ALLOW |
1788 $cols = "target_type, target_id, page_id, namespace, rules"; |
1788 ); |
1789 $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'"; |
1789 $acl_data = $db->escape($this->perm_to_string($acl_data)); |
1790 $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);"; |
1790 $userpage = $db->escape(sanitize_page_id($user_orig)); |
1791 $this->sql($q); |
1791 $cols = "target_type, target_id, page_id, namespace, rules"; |
|
1792 $vals = ACL_TYPE_USER . ", $user_id, '$userpage', 'User', '$acl_data'"; |
|
1793 $q = "INSERT INTO ".table_prefix."acl($cols) VALUES($vals);"; |
|
1794 $this->sql($q); |
|
1795 } |
1792 |
1796 |
1793 // Require the account to be activated? |
1797 // Require the account to be activated? |
1794 if ( $coppa ) |
1798 if ( $coppa ) |
1795 { |
1799 { |
1796 $this->admin_activation_request($username); |
1800 $this->admin_activation_request($username); |
3398 * Backend code for the JSON login interface. Basically a frontend to the session API that takes all parameters in one huge array. |
3402 * Backend code for the JSON login interface. Basically a frontend to the session API that takes all parameters in one huge array. |
3399 * @param array LoginAPI request |
3403 * @param array LoginAPI request |
3400 * @return array LoginAPI response |
3404 * @return array LoginAPI response |
3401 */ |
3405 */ |
3402 |
3406 |
3403 function process_login_request($req) |
3407 function process_login_request($req, $_dbgtmp = false) |
3404 { |
3408 { |
3405 global $db, $session, $paths, $template, $plugins; // Common objects |
3409 global $db, $session, $paths, $template, $plugins; // Common objects |
3406 |
3410 |
3407 // Setup EnanoMath and Diffie-Hellman |
3411 // Setup EnanoMath and Diffie-Hellman |
3408 global $dh_supported; |
3412 global $dh_supported; |