if (db_num_rows($Auth_Result) > 0)
{
$myrow = db_fetch($Auth_Result);
+ $this->old_db = isset($myrow["full_access"]);
if (! @$myrow["inactive"]) {
- if (isset($myrow["full_access"])) {
+ if ($this->old_db) {
// Transition code:
// db was not yet upgraded after source update to v.2.2
// give enough access for admin user to continue upgrade
function check_user_access()
{
global $security_groups;
- if (isset($security_groups)) {
+ if ($this->old_db) {
// notification after upgrade from pre-2.2 version
-// display_notification(_("After database upgrade don't forget to remove \$security_groups and \$security_headings from config.php file!"));
- return is_array(@$security_groups[$this->access]);
+ return isset($security_groups) && is_array(@$security_groups[$this->access]);
} else
- return is_array($this->role_set);
+ return !isset($security_groups) && is_array($this->role_set);
}
function can_access_page($page_level)
if (!$_SESSION["wa_current_user"]->check_user_access())
{
// notification after upgrade from pre-2.2 version
- $msg = is_array($_SESSION["wa_current_user"]->role_set) ?
- _("Please remove \$security_groups and \$security_headings arrays from config.php file!")
- : _("Security settings have not been defined for your user account.")
- . "<br>" . _("Please contact your system administrator.");
+ $msg = $_SESSION["wa_current_user"]->old_db ?
+ _("Security settings have not been defined for your user account.")
+ . "<br>" . _("Please contact your system administrator.")
+ : _("Please remove \$security_groups and \$security_headings arrays from config.php file!");
page(_("Access denied"), false);
display_error($msg);
//
function login_timeout()
{
- if ($_SESSION["wa_current_user"]->logged) {
+ // skip timeout on logout page
+ if ($_SESSION["wa_current_user"]->logged
+ && !strpos($_SERVER['PHP_SELF'], 'logout.php')) {
$tout = $_SESSION["wa_current_user"]->timeout;
if ($tout && (time() > $_SESSION["wa_current_user"]->last_act + $tout))
{
projects / fa-stable.git / commitdiff