From 728910985f90c66207bd0ac9f16ea48ca5ad7823 Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Tue, 1 Sep 2009 11:19:55 +0000 Subject: [PATCH] Fixed ui behaviour during FA upgrade. --- includes/current_user.inc | 10 +++++----- includes/session.inc | 12 +++++++----- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/includes/current_user.inc b/includes/current_user.inc index 77e8dc3e..fc11db84 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -64,8 +64,9 @@ class current_user if (db_num_rows($Auth_Result) > 0) { $myrow = db_fetch($Auth_Result); + $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { - if (isset($myrow["full_access"])) { + if ($this->old_db) { // Transition code: // db was not yet upgraded after source update to v.2.2 // give enough access for admin user to continue upgrade @@ -115,12 +116,11 @@ class current_user function check_user_access() { global $security_groups; - if (isset($security_groups)) { + if ($this->old_db) { // notification after upgrade from pre-2.2 version -// display_notification(_("After database upgrade don't forget to remove \$security_groups and \$security_headings from config.php file!")); - return is_array(@$security_groups[$this->access]); + return isset($security_groups) && is_array(@$security_groups[$this->access]); } else - return is_array($this->role_set); + return !isset($security_groups) && is_array($this->role_set); } function can_access_page($page_level) diff --git a/includes/session.inc b/includes/session.inc index c37b7c15..566c9a66 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -52,10 +52,10 @@ function check_page_security($page_security) if (!$_SESSION["wa_current_user"]->check_user_access()) { // notification after upgrade from pre-2.2 version - $msg = is_array($_SESSION["wa_current_user"]->role_set) ? - _("Please remove \$security_groups and \$security_headings arrays from config.php file!") - : _("Security settings have not been defined for your user account.") - . "
" . _("Please contact your system administrator."); + $msg = $_SESSION["wa_current_user"]->old_db ? + _("Security settings have not been defined for your user account.") + . "
" . _("Please contact your system administrator.") + : _("Please remove \$security_groups and \$security_headings arrays from config.php file!"); page(_("Access denied"), false); display_error($msg); @@ -102,7 +102,9 @@ function strip_quotes($data) // function login_timeout() { - if ($_SESSION["wa_current_user"]->logged) { + // skip timeout on logout page + if ($_SESSION["wa_current_user"]->logged + && !strpos($_SERVER['PHP_SELF'], 'logout.php')) { $tout = $_SESSION["wa_current_user"]->timeout; if ($tout && (time() > $_SESSION["wa_current_user"]->last_act + $tout)) { -- 2.30.2