X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=0a5b7481dc381bba29617ae769f30ef60a24dae0;hb=7840540918bfd37c886877a5d52e3ba0b3373289;hp=7763ae672e76bb473313d939da0150e2e7fa211e;hpb=98a64632fdc5636cf2a59457e703b73b00254595;p=fa-stable.git diff --git a/includes/current_user.inc b/includes/current_user.inc index 7763ae67..0a5b7481 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -9,8 +9,11 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -include_once($path_to_root . "/includes/prefs/userprefs.inc"); +include_once($path_to_root . "/includes/prefs/userprefs.inc"); +if (!defined('TB_PREF')) { + define('TB_PREF', '&TB_PREF&'); +} //-------------------------------------------------------------------------- class current_user @@ -19,17 +22,18 @@ class current_user var $loginname; var $username; var $name; - var $company; + var $company; // user's company var $pos; var $access; var $timeout; var $last_act; var $role_set = false; - var $old_db; + var $old_db; var $logged; var $ui_mode = 0; var $prefs; + var $cur_con; // current db connection (can be different from $company for superuser) function current_user() { @@ -59,11 +63,20 @@ class current_user $this->set_company($company); $this->logged = false; - $Auth_Result = get_user_for_login($loginname, $password); + set_global_connection(); - if (db_num_rows($Auth_Result) > 0) + // Use external authentication source if any. + // Keep in mind you need to have user data set for $loginname + // in FA users table anyway to successfully log in. + $Auth_Result = hook_authenticate($loginname, $password); + + if (!isset($Auth_Result)) // if not used: standard method + $Auth_Result = get_user_auth($loginname, md5($password)); + + if ($Auth_Result) { - $myrow = db_fetch($Auth_Result); + $myrow = get_user_by_login($loginname); + $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { if ($this->old_db) { @@ -149,22 +162,9 @@ class current_user return $this->can_access($page_level); } - function get_db_connection($id=-1) + function set_db_connection($id = -1) { - global $db_connections; - - $connection = $db_connections[$id == -1 ? $this->company : $id]; - - //print_r($connection); - - $db = mysql_connect($connection["host"] , - $connection["dbuser"], $connection["dbpassword"]); - mysql_select_db($connection["dbname"],$db); - - if (!defined('TB_PREF')) - define('TB_PREF', $connection["tbpref"]); - - return $db; + return set_global_connection($id); } function update_prefs($prefs) @@ -198,7 +198,7 @@ function number_format2($number, $decimals=0) $tsep = $thoseps[$_SESSION["wa_current_user"]->prefs->tho_sep()]; $dsep = $decseps[$_SESSION["wa_current_user"]->prefs->dec_sep()]; //return number_format($number, $decimals, $dsep, $tsep); - if($decimals=='max') + if($decimals==='max') $dec = 15 - floor(log10(abs($number))); else { $delta = ($number < 0 ? -.0000000001 : .0000000001); @@ -211,6 +211,20 @@ function number_format2($number, $decimals=0) return $decimals==='max' ? rtrim($num, '0') : $num; } + +/* price/float comparision helper to be used in any suspicious place for zero values? +usage: +if (!floatcmp($value1, $value2)) + compare value is 0 +*/ + +define('FLOAT_COMP_DELTA', 0.004); + +function floatcmp($a, $b) +{ + return $a - $b > FLOAT_COMP_DELTA ? 1 : $b - $a > FLOAT_COMP_DELTA ? -1 : 0; +} + // // Current ui mode. // @@ -420,6 +434,11 @@ function user_startup_tab() return $_SESSION["wa_current_user"]->prefs->start_up_tab(); } +function user_check_access($sec_area) +{ + return $_SESSION["wa_current_user"]->can_access($sec_area); +} + function set_user_prefs($prefs) { $_SESSION["wa_current_user"]->update_prefs($prefs); @@ -529,6 +548,9 @@ function array_search_key($needle, $haystack, $valuekey=null) function flush_dir($path, $wipe = false) { $dir = opendir($path); + if(!$dir) + return; + while(false !== ($fname = readdir($dir))) { if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue; if(is_dir($path.'/'.$fname)) {