Author: jfthomps Date: Thu Aug 5 19:19:03 2010 New Revision: 982738 URL: http://svn.apache.org/viewvc?rev=982738&view=rev Log: VCL-334
utils.php: -modified getUserInfo - added extra argument named $numeric to tell if $userid was passed as an id value or unityid value; changed is_numeric calls to just $numeric -added 2 calls to addLoginLog when using XMLRPC API (not related to this issue) modified calls to getUserInfo in the following files where $userid was passed as the user.id value: userpreferences.php privileges.php requests.php Modified: incubator/vcl/trunk/web/.ht-inc/privileges.php incubator/vcl/trunk/web/.ht-inc/requests.php incubator/vcl/trunk/web/.ht-inc/userpreferences.php incubator/vcl/trunk/web/.ht-inc/utils.php Modified: incubator/vcl/trunk/web/.ht-inc/privileges.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/privileges.php?rev=982738&r1=982737&r2=982738&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/privileges.php (original) +++ incubator/vcl/trunk/web/.ht-inc/privileges.php Thu Aug 5 19:19:03 2010 @@ -2584,7 +2584,7 @@ function checkUserHasPriv($priv, $uid, $ if(array_key_exists($key, $_SESSION['userhaspriv'])) return $_SESSION['userhaspriv'][$key]; if($user["id"] != $uid) { - $_user = getUserInfo($uid); + $_user = getUserInfo($uid, 0, 1); if(is_null($user)) return 0; } Modified: incubator/vcl/trunk/web/.ht-inc/requests.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/requests.php?rev=982738&r1=982737&r2=982738&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/requests.php (original) +++ incubator/vcl/trunk/web/.ht-inc/requests.php Thu Aug 5 19:19:03 2010 @@ -1198,7 +1198,7 @@ function viewRequestInfo() { } } $states = getStates(); - $userinfo = getUserInfo($request["userid"], 1); + $userinfo = getUserInfo($request["userid"], 1, 1); print "<DIV align=center>\n"; print "<H2>View Reservation</H2>\n"; print "<table summary=\"\">\n"; @@ -1853,7 +1853,7 @@ function confirmDeleteRequest() { . $reservation["prettyimage"] . "</strong> that started "; } else { - $userinfo = getUserInfo($request["userid"], 1); + $userinfo = getUserInfo($request["userid"], 1, 1); $text = "Delete reservation by {$userinfo['unityid']}@" . "{$userinfo['affiliation']} for <strong>" . "{$reservation["prettyimage"]}</strong> that started "; Modified: incubator/vcl/trunk/web/.ht-inc/userpreferences.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/userpreferences.php?rev=982738&r1=982737&r2=982738&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/userpreferences.php (original) +++ incubator/vcl/trunk/web/.ht-inc/userpreferences.php Thu Aug 5 19:19:03 2010 @@ -502,7 +502,7 @@ function submitUserPrefs() { . "WHERE userid = {$user['id']}"; doQuery($query, 101); } - $user = getUserInfo($user["id"], 1); + $user = getUserInfo($user["id"], 1, 1); $_SESSION['user'] = $user; userpreferences(); } Modified: incubator/vcl/trunk/web/.ht-inc/utils.php URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/utils.php?rev=982738&r1=982737&r2=982738&view=diff ============================================================================== --- incubator/vcl/trunk/web/.ht-inc/utils.php (original) +++ incubator/vcl/trunk/web/.ht-inc/utils.php Thu Aug 5 19:19:03 2010 @@ -384,10 +384,12 @@ function checkAccess() { $ldapuser = sprintf($authMechs[$authtype]['userid'], $user['unityid']); $res = ldap_bind($ds, $ldapuser, $xmlpass); if(! $res) { + addLoginLog($user['unityid'], $authtype, $user['affiliationid'], 0); printXMLRPCerror(3); # access denied dbDisconnect(); exit; } + addLoginLog($user['unityid'], $authtype, $user['affiliationid'], 1); } elseif($ENABLE_ITECSAUTH && $authMechs[$authtype]['affiliationid'] == getAffiliationID('ITECS')) { @@ -1120,12 +1122,11 @@ function getImages($includedeleted=0, $i $imagelist[$row["id"]]["subimages"] = array(); if($row2["subimages"]) { $query2 = "SELECT imageid " - . "FROM subimages " - . "WHERE imagemetaid = {$row["imagemetaid"]}"; + . "FROM subimages " + . "WHERE imagemetaid = {$row["imagemetaid"]}"; $qh2 = doQuery($query2, 101); - while($row2 = mysql_fetch_assoc($qh2)) { + while($row2 = mysql_fetch_assoc($qh2)) array_push($imagelist[$row["id"]]["subimages"], $row2["imageid"]); - } } } else @@ -1750,7 +1751,7 @@ function addOwnedResources(&$resources, /// //////////////////////////////////////////////////////////////////////////////// function addOwnedResourceGroups(&$resourcegroups, $userid) { - if(! $user = getUserInfo($userid, 1)) + if(! $user = getUserInfo($userid, 1, 1)) return; $userid = $user["id"]; $groupids = implode(',', array_keys($user["groups"])); @@ -2878,9 +2879,9 @@ function processInputData($data, $type, /// returns NULL if could not get information about the user /// //////////////////////////////////////////////////////////////////////////////// -function getUserInfo($id, $noupdate=0) { +function getUserInfo($id, $noupdate=0, $numeric=0) { $affilid = DEFAULT_AFFILID; - if(! is_numeric($id)) { + if(! $numeric)) { $rc = getAffilidAndLogin($id, $affilid); if($rc == -1) return NULL; @@ -2917,7 +2918,7 @@ function getUserInfo($id, $noupdate=0) { . "WHERE u.IMtypeid = i.id AND " . "u.adminlevelid = a.id AND " . "u.affiliationid = af.id AND "; - if(is_numeric($id)) + if($numeric) $query .= "u.id = $id"; else $query .= "u.unityid = '$id' AND af.id = $affilid"; @@ -2949,7 +2950,7 @@ function getUserInfo($id, $noupdate=0) { return $user; } } - if(is_numeric($id)) + if($numeric) $user = updateUserData($id, "numeric"); else $user = updateUserData($id, "loginid", $affilid);