forked from science-ation/science-ation
- remember when a full load on a user is done
- user mysql_escape_string on all fields before saving (oops!) :) - add a committee login function to set SESSION variables.
This commit is contained in:
dave
parent
3904e2d9d8
commit
0d8f704cd8
21
user.inc.php
21
user.inc.php
@ -165,7 +165,11 @@ function user_load($user, $load_full=false, $force_type=false)
|
|||||||
}
|
}
|
||||||
$ret = array_merge($ret, $r);
|
$ret = array_merge($ret, $r);
|
||||||
}
|
}
|
||||||
|
$ret['load_full'] = true;
|
||||||
|
} else {
|
||||||
|
$ret['load_full'] = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Do this assignment without recursion :) */
|
/* Do this assignment without recursion :) */
|
||||||
$orig = $ret;
|
$orig = $ret;
|
||||||
$ret['orig'] = $orig;
|
$ret['orig'] = $orig;
|
||||||
@ -190,7 +194,8 @@ function user_save($u)
|
|||||||
// if($f == 'types')
|
// if($f == 'types')
|
||||||
// $set .= "$f='".implode(',', $u[$f])."'";
|
// $set .= "$f='".implode(',', $u[$f])."'";
|
||||||
|
|
||||||
$set .= "$f='{$u[$f]}'";
|
$data = mysql_escape_string(stripslashes($u[$f]));
|
||||||
|
$set .= "$f='$data'";
|
||||||
}
|
}
|
||||||
//echo "<pre>";
|
//echo "<pre>";
|
||||||
//print_r($u);
|
//print_r($u);
|
||||||
@ -341,3 +346,17 @@ function user_update_complete(&$u, $status)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function user_committee_login($u)
|
||||||
|
{
|
||||||
|
/* Double check, make sure the user is of this type */
|
||||||
|
if(!in_array('committee', $u['types'])) return false;
|
||||||
|
|
||||||
|
$u = user_load($u, true);
|
||||||
|
|
||||||
|
$_SESSION['access_admin'] = ($u['access_admin'] == 'Y') ? true : false;
|
||||||
|
$_SESSION['access_config'] = ($u['access_config'] == 'Y') ? true : false;
|
||||||
|
$_SESSION['access_super'] = ($u['access_super'] == 'Y') ? true : false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user