commit 20196504c14effb87e83e2e9077cc553dbc4139a
parent 4ec3ac4194be58dd2dff952cc7eccc2c1b3477f4
Author: dankert <dankert@braunbaer-laptop>
Date: Wed, 11 Nov 2009 09:25:03 +0100
Merge durchgefuehrt.
Diffstat:
3 files changed, 59 insertions(+), 41 deletions(-)
diff --git a/actionClasses/IndexAction.class.php b/actionClasses/IndexAction.class.php
@@ -60,12 +60,20 @@ class IndexAction extends Action
function setDefaultDb()
{
- global $conf;
-
- if ( !isset($conf['database']['default']) )
- die('default-database not set');
-
- $dbid = $conf['database']['default'];
+ if ( $this->hasRequestVar(REQ_PARAM_DATABASE_ID) )
+ {
+ $dbid = $this->getRequestVar(REQ_PARAM_DATABASE_ID);
+ }
+ else
+ {
+ global $conf;
+
+ if ( !isset($conf['database']['default']) )
+ die('default-database not set');
+
+ $dbid = $conf['database']['default'];
+ }
+
$this->setDb( $dbid );
}
@@ -133,11 +141,7 @@ class IndexAction extends Action
{
// Login war erfolgreich!
$user->load();
-// $user->loadProjects();
- //$user->loadRights();
$user->setCurrent();
-// $user->loginDate = time();
-// Session::setUser( $user );
Logger::info( 'login successful' );
return true;
@@ -145,7 +149,6 @@ class IndexAction extends Action
else
{
Logger::info( "login for user $name failed" );
- //$SESS['loginmessage'] = lang('USER_LOGIN_FAILED');
return false;
}
@@ -302,6 +305,7 @@ class IndexAction extends Action
$this->setTemplateVar('actdbid',$conf['database']['default']);
+ // Den Benutzernamen aus dem Client-Zertifikat lesen und in die Loginmaske eintragen.
$ssl_user_var = $conf['security']['ssl']['user_var'];
if ( !empty($ssl_user_var) )
{
@@ -314,14 +318,17 @@ class IndexAction extends Action
exit;
}
-// Html::debug($username);
+ // Benutzername ist in Eingabemaske unveränderlich
$this->setTemplateVar('force_username',$username);
}
-
+
+ $this->setTemplateVar('objectid' ,$this->getRequestVar('objectid' ,'num') );
+ $this->setTemplateVar('projectid' ,$this->getRequestVar('projectid' ,'num') );
+ $this->setTemplateVar('modelid' ,$this->getRequestVar('modelid' ,'num') );
+ $this->setTemplateVar('languageid',$this->getRequestVar('languageid','num') );
+
$this->setTemplateVar('register' ,$conf['login' ]['register' ]);
$this->setTemplateVar('send_password',$conf['login' ]['send_password']);
- $this->setTemplateVar('loginmessage',$this->getSessionVar('loginmessage'));
- $this->setSessionVar('loginmessage','');
}
@@ -809,56 +816,55 @@ class IndexAction extends Action
if ( ! is_object($user) )
{
$this->callSubAction('show');
+ return;
}
$this->evaluateRequestVars( array('projectid'=>$this->getRequestId()) );
-
- $project = Session::getProject();
- $language = Session::getProjectLanguage();
- $user->loadRights( $project->projectid,$language->languageid );
Session::setUser( $user );
}
function object()
{
- $this->evaluateRequestVars( array('objectid'=>$this->getRequestId()) );
-
$user = Session::getUser();
-
if ( ! is_object($user) )
- {
- $this->callSubAction('show');
+ {
+ $this->callSubAction('show');
return;
- }
+ }
+
+ $this->evaluateRequestVars( array('objectid'=>$this->getRequestId()) );
- $user->loadRights( $project->projectid,$language->languageid );
Session::setUser( $user );
}
function language()
{
- $this->evaluateRequestVars( array(REQ_PARAM_LANGUAGE_ID=>$this->getRequestId()) );
-
$user = Session::getUser();
- $project = Session::getProject();
- $language = Session::getProjectLanguage();
- $user->loadRights( $project->projectid,$language->languageid );
- Session::setUser( $user );
+ if ( ! is_object($user) )
+ {
+ $this->callSubAction('show');
+ return;
+ }
+
+ $this->evaluateRequestVars( array(REQ_PARAM_LANGUAGE_ID=>$this->getRequestId()) );
}
function model()
{
+ $user = Session::getUser();
+ if ( ! is_object($user) )
+ {
+ $this->callSubAction('show');
+ return;
+ }
+
$this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) );
$user = Session::getUser();
- $project = Session::getProject();
- $language = Session::getProjectLanguage();
- $user->loadRights( $project->projectid,$language->languageid );
- Session::setUser( $user );
}
@@ -879,6 +885,18 @@ class IndexAction extends Action
$this->setDb($vars[REQ_PARAM_DATABASE_ID]);
else
die('no database available.');
+ }
+ else
+ {
+ // Prüft, ob die übergebene Datenbank-Id mit der
+ // aktuellen übereinstimmt.
+ // Falls nicht, muss ein Re-Login erfolgen.
+ if ( isset($vars[REQ_PARAM_DATABASE_ID]) )
+ if ( $db->id != $vars[REQ_PARAM_DATABASE_ID] )
+ {
+ $this->callSubAction('show');
+ return;
+ }
}
@@ -1058,7 +1076,7 @@ class IndexAction extends Action
break;
default:
- die('unknown auth-type: '.$conf['security']['login']['type'] );
+ Http::serverError('Unknown auth-type: '.$conf['security']['login']['type'].'. Please check the configuration setting /security/login/type' );
}
}
diff --git a/objectClasses/Object.class.php b/objectClasses/Object.class.php
@@ -625,7 +625,7 @@ SQL
$row = $db->getRow($sql);
if (count($row) == 0)
- die('fatal: Object::objectLoadRaw(): objectid not found: '.$this->objectid.', SQL='.$sql);
+ die('fatal: Object::objectLoadRaw(): objectid not found: '.$this->objectid.', SQL='.$sql->raw);
$this->parentid = $row['parentid' ];
$this->filename = $row['filename' ];
diff --git a/objectClasses/User.class.php b/objectClasses/User.class.php
@@ -518,13 +518,13 @@ SQL
// Datenbankbefehl ausfuehren
$db->query( $sql );
- $this->addNewUserGroups(); // Neue Gruppen hinzuf�gen.
+ $this->addNewUserGroups(); // Neue Gruppen hinzufuegen.
}
/**
- * Zu einem neuen Benutzer automatisch Gruppen hinzuf�gen.
+ * Zu einem neuen Benutzer automatisch Gruppen hinzufuegen.
* Diese Methode wird automatisch in "add()" aufgerufen.
*/
function addNewUserGroups()
@@ -538,7 +538,7 @@ SQL
$db = db_connection();
$groupNames = "'".implode("','",$groupNames)."'";
- $sql = new Sql("SELECT id FROM {t_group} WHERE name IN($groupNames})");
+ $sql = new Sql("SELECT id FROM {t_group} WHERE name IN($groupNames)");
$groupIds = array_unique( $db->getCol($sql) );
// Wir brauchen hier nicht weiter pr�fen, ob der Benutzer eine Gruppe schon hat, denn