forked from science-ation/science-ation
- remember when a full load on a user is done
- user mysql_escape_string on all fields before saving (oops!) :) - add a committee login function to set SESSION variables.
This commit is contained in:
dave
parent
3904e2d9d8
commit
0d8f704cd8
21
user.inc.php
21
user.inc.php
@ -165,7 +165,11 @@ function user_load($user, $load_full=false, $force_type=false)
|
||||
}
|
||||
$ret = array_merge($ret, $r);
|
||||
}
|
||||
$ret['load_full'] = true;
|
||||
} else {
|
||||
$ret['load_full'] = false;
|
||||
}
|
||||
|
||||
/* Do this assignment without recursion :) */
|
||||
$orig = $ret;
|
||||
$ret['orig'] = $orig;
|
||||
@ -190,7 +194,8 @@ function user_save($u)
|
||||
// if($f == 'types')
|
||||
// $set .= "$f='".implode(',', $u[$f])."'";
|
||||
|
||||
$set .= "$f='{$u[$f]}'";
|
||||
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||
$set .= "$f='$data'";
|
||||
}
|
||||
//echo "<pre>";
|
||||
//print_r($u);
|
||||
@ -341,3 +346,17 @@ function user_update_complete(&$u, $status)
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
function user_committee_login($u)
|
||||
{
|
||||
/* Double check, make sure the user is of this type */
|
||||
if(!in_array('committee', $u['types'])) return false;
|
||||
|
||||
$u = user_load($u, true);
|
||||
|
||||
$_SESSION['access_admin'] = ($u['access_admin'] == 'Y') ? true : false;
|
||||
$_SESSION['access_config'] = ($u['access_config'] == 'Y') ? true : false;
|
||||
$_SESSION['access_super'] = ($u['access_super'] == 'Y') ? true : false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user