From 3ba0d061f7e3251fc1659ccff9e11a51aceeb66b Mon Sep 17 00:00:00 2001
From: dave <dave>
Date: Wed, 21 Nov 2007 07:41:09 +0000
Subject: [PATCH] - Remove auth_has_access($access) completely, use  
 committee_auth_has_access($access) now. - Remove unused committee_login and
 committee_auth.php - Simplify the left bar logic for the committee links

---
 committee.inc.php   |  1 -
 committee_auth.php  | 61 ---------------------------------------------
 committee_login.php | 61 ---------------------------------------------
 common.inc.php      | 23 +++++++----------
 4 files changed, 9 insertions(+), 137 deletions(-)
 delete mode 100644 committee_auth.php
 delete mode 100644 committee_login.php

diff --git a/committee.inc.php b/committee.inc.php
index 8f66da1..6bf741c 100644
--- a/committee.inc.php
+++ b/committee.inc.php
@@ -1,5 +1,4 @@
 <?
-require_once("user.inc.php");
 
 function committee_auth_has_access($access="")
 {
diff --git a/committee_auth.php b/committee_auth.php
deleted file mode 100644
index fd55aa1..0000000
--- a/committee_auth.php
+++ /dev/null
@@ -1,61 +0,0 @@
-<?
-
-require_once('committee.inc.php');
-require_once('user.inc.php');
-
-function auth_has_access($access="")
-{
-	return committee_auth_has_access($access);
-}
-
-
-/*
-$accesscache=array();
-
-function auth_has_access($access="")
-{
-	global $accesscache;
-
-	if(in_array($access,$accesscache))
-	{
-		if($accesscache[$access]=='Y') return true;
-		else return false;
-	}
-	else
-	{
-		$q=mysql_query("SELECT access_admin, access_config, access_super FROM committees_members WHERE email='".mysql_escape_string($_SESSION['email'])."' AND id='".$_SESSION['committee_member_id']."' AND deleted='N'"); 
-
-		$r=mysql_fetch_object($q);
-		echo mysql_error();
-		
-		$accesscache['admin']=$r->access_admin;
-		$accesscache['config']=$r->access_config;
-		$accesscache['super']=$r->access_super;
-		
-		switch($access)
-		{
-			case "config": if($r->access_config=='Y') return true; 	break;
-			case "admin": if($r->access_admin=='Y') return true; break;
-			case "super": if($r->access_super=='Y') return true; break;
-			default:
-				return false;
-				break;	
-		}
-	}
-	return false;
-
-}
-
-function auth_required($access="")
-{
-	global $config;
-
-	if(!auth_has_access($access))
-	{
-		header("Location: ".$config['SFIABDIRECTORY']."/committee_login.php");
-		exit;
-	}
-}
-*/
-
-?>
diff --git a/committee_login.php b/committee_login.php
deleted file mode 100644
index 190a40c..0000000
--- a/committee_login.php
+++ /dev/null
@@ -1,61 +0,0 @@
-<?
- require("common.inc.php");
-
- if($_POST['action']=="login" )
- {
- 	if($_POST['pass'] && $_POST['email'])
-	{
-		$q=mysql_query("SELECT * FROM committees_members WHERE email='".$_POST['email']."' AND password='".$_POST['pass']."' AND deleted='N'");
-		if(mysql_num_rows($q)==1)
-		{
-			$r=mysql_fetch_object($q);
-			$_SESSION['email']=$r->email;
-			$_SESSION['committee_member_id']=$r->id;
-			send_header("Committee Login", array());
-			echo happy(i18n("Successfully logged in"));
-			echo i18n("Use the menu on the left to access the committee pages");
-		}
-		else
-		{
-			send_header("Committee Login", array());
-			echo error(i18n("Invalid Email/Password"));
-		}
-
-	}
-	else
-	{
-		send_header("Committee Login", array());
-		echo error(i18n("Email/Password missing"));
-	}
- }
- else if($_GET['action']=="logout")
- {
- 	unset($_SESSION['email']);
-	unset($_SESSION['committee_member_id']);
-	send_header("Committee Login", array());
-	echo notice(i18n("You have been successfully logged out"));
- }
- else
- {
-
-	send_header("Committee Login", array());
-
-	?>
-	 <form method="post" action="committee_login.php">
-	 <input type="hidden" name="action" value="login" />
-	 <table><tr><td>
-	 <?=i18n("Email")?>:</td><td><input type="text" name="email" size="20" />
-	 </td></tr>
-	 <tr><td>
-	 <?=i18n("Password")?>:</td><td><input type="password" size="20" name="pass" />
-	 </td></tr>
-	 <tr><td colspan=2>
-	 <input type="submit" value=<?=i18n("Login")?> />
-	 </td></tr>
-	 </table>
-	 </form>
-<?
- }
-
- send_footer();
-?>
diff --git a/common.inc.php b/common.inc.php
index 95d39b8..3f1e64e 100644
--- a/common.inc.php
+++ b/common.inc.php
@@ -178,7 +178,7 @@ while($r=mysql_fetch_object($q))
 	$config['dates'][$r->name]=$r->date;
 }
 
-require_once("committee_auth.php");
+require_once("committee.inc.php");
 
 session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY']));
 session_set_cookie_params(0,$config['SFIABDIRECTORY']);
@@ -439,12 +439,7 @@ if(isset($_SESSION['users_type'])) {
 	
 } else if(isset($_SESSION['email'])) {
 	/* Backwards compatible login settings */
-	/* Check for committee */
-	if(isset($_SESSION['committee_member_id'])) {
-		echo i18n('Committee Member');
-		echo " {$_SESSION['email']}: ";
-		echo "<a href=\"{$config['SFIABDIRECTORY']}/committee_login.php?action=logout\">[".i18n("Logout")."]</a>";
-	} else if(isset($_SESSION['judges_id'])) {
+	if(isset($_SESSION['judges_id'])) {
 		echo i18n('Judge');
 		echo " {$_SESSION['email']}: ";
 		echo "<a href=\"{$config['SFIABDIRECTORY']}/register_judges.php?action=logout\">[".i18n("Logout")."]</a>";
@@ -500,17 +495,17 @@ echo "</div>";
 <br />
 <ul class="mainnav">
 <?
-if(auth_has_access("admin") || auth_has_access("config") || auth_has_access("super"))
+if($_SESSION['users_type'] == 'committee')
 {
-	if(auth_has_access("admin")){ ?>
+	if(committee_auth_has_access("admin")){ ?>
 		<li><a href="<?=$config['SFIABDIRECTORY']?>/user_personal.php"><?=i18n("My Profile")?></a></li>
 		<li><a href="<?=$config['SFIABDIRECTORY']?>/admin/"><?=i18n("Fair Administration")?></a></li>
 <? } 
-	if(auth_has_access("config")){ ?>
+	if(committee_auth_has_access("config")){ ?>
 		<li><a href="<?=$config['SFIABDIRECTORY']?>/config/"><?=i18n("SFIAB Configuration")?></a></li>
 <? } 
 
-?><li><a href="<?=$config['SFIABDIRECTORY']?>/committee_login.php?action=logout"><?=i18n("Committee Logout")?></a></li><?
+?><li><a href="<?=$config['SFIABDIRECTORY']?>/user_login.php?action=logout"><?=i18n("Committee Logout")?></a></li><?
 
 }
 else
@@ -592,11 +587,11 @@ if(is_array($nav)) {
 <div id="main">
 <?
 
-if(auth_has_access("config") || auth_has_access("admin"))
+if(committee_auth_has_access("config") || committee_auth_has_access("admin"))
 	committee_warnings();
-if(auth_has_access("config"))
+if(committee_auth_has_access("config"))
 	config_warnings();
-if(auth_has_access("admin"))
+if(committee_auth_has_access("admin"))
 	admin_warnings();
 
 echo "<table cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td>";