Merged last changes from stable.

[fa-stable.git] / includes / current_user.inc

diff --git a/includes/current_user.inc b/includes/current_user.inc
index 76d52f2f126f5228c4b74e6a1d2e406de14e4106..7d80febbe3b4f02f8f1acb00a5bd1a8d6f3d1903 100644 (file)
--- a/includes/current_user.inc
+++ b/includes/current_user.inc
@@ -59,12 +59,15 @@ class current_user
 
        function login($company, $loginname, $password)
        {
-               global $security_areas, $security_groups, $security_headings, $path_to_root, $login_delay;
+               global $security_areas, $security_groups, $security_headings, $path_to_root, $dflt_lang, $login_delay;
 
                $this->set_company($company);
            $this->logged = false;
 
-               set_global_connection();
+               set_global_connection($company);
+               $lang = &$_SESSION['language'];
+               $lang->set_language($_SESSION['language']->code);
+               db_set_encoding($_SESSION['language']->encoding);
 
                // Use external authentication source if any.
                // Keep in mind you need to have user data set for $loginname
@@ -80,6 +83,13 @@ class current_user
                if ($Auth_Result)
                {
                        $myrow = get_user_by_login($loginname);
+                       if ($myrow['language'] != $dflt_lang)
+                       {        // refresh language and user data
+                               $lang->set_language($myrow['language']);
+                               db_set_encoding($_SESSION['language']->encoding);
+                               $myrow = get_user_by_login($loginname);
+                       }
+
                        $this->old_db = isset($myrow["full_access"]);
                        if (! @$myrow["inactive"]) {
                                if ($this->old_db) { 
@@ -141,20 +151,20 @@ class current_user
                        return !isset($security_groups) && is_array($this->role_set);
        }
 
-       function can_access($page_level)
+       function can_access($sec_area)
        {
                global $security_groups, $security_areas;
                if (isset($security_groups)) {
-                       return $this->company == 0 &&
+                       return is_admin_company() &&
                                in_array(20, $security_groups[$this->access]);
                }
 
-               if ($page_level === 'SA_OPEN') 
+               if ($sec_area === 'SA_OPEN') 
                        return true;
-               if ($page_level === 'SA_DENIED' || $page_level === '') 
+               if ($sec_area === 'SA_DENIED' || $sec_area === '') 
                        return false;
 
-               $code = $security_areas[$page_level][0];
+               $code = $security_areas[$sec_area][0];
 
                // only first registered company has site admin privileges
                return $code && in_array($code, $this->role_set)
@@ -506,6 +516,17 @@ function user_startup_tab()
        return $_SESSION["wa_current_user"]->prefs->start_up_tab();
 }
 
+function user_transaction_days()
+{
+    return $_SESSION["wa_current_user"]->prefs->transaction_days();
+}
+
+
+function user_check_access($sec_area)
+{
+       return $_SESSION["wa_current_user"]->can_access($sec_area);
+}
+
 function set_user_prefs($prefs)
 {
        $_SESSION["wa_current_user"]->update_prefs($prefs);
@@ -625,6 +646,7 @@ function flush_dir($path, $wipe = false)
        $dir = opendir($path);
        if(!$dir)
                return;
+
        while(false !== ($fname = readdir($dir))) {
                if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue;
                if(is_dir($path.'/'.$fname)) {
@@ -650,5 +672,9 @@ function company_path($comp=null)
                        . '/'.$comp;
 }
 
+function is_admin_company()
+{
+       return $this->company == 0;
+}
 
 ?>
\ No newline at end of file