/** * The whole could happen inside e_user class * @return void */ function init_session() { /* # Validate user # # - parameters none # - return boolean # - scope public */ // ---------------------------------------- global $user_pref, $currentUser; $e107 = e107::getInstance(); // New user model $user = e107::getUser(); define('USERIP', e107::getIPHandler()->getIP(FALSE)); define('POST_REFERER', md5($user->getToken())); // Check for intruders - outside the model for now // TODO replace __referer with e-token, remove the above if (isset($_POST['__referer']) && !$user->checkToken($_POST['__referer']) || isset($_GET['__referer']) && !$user->checkToken($_GET['__referer'])) { // Die, die, die! DIE!!! die('Unauthorized access!'); } if (e107::isCli()) { define('USER', true); define('USERID', 1); define('USERNAME', 'e107-cli'); define('USERTHEME', false); define('ADMIN', true); define('GUEST', false); define('USERCLASS', ''); define('USEREMAIL', ''); define('USERCLASS_LIST', ''); define('USERCLASS', ''); define('USERJOINED', ''); return; } if ($user->hasBan()) { $msg = e107::findPref('ban_messages/6'); if ($msg) { echo e107::getParser()->toHTML($msg); } exit; } if (!$user->isUser()) { define('USER', false); define('USERID', 0); define('USERTHEME', false); define('ADMIN', false); define('GUEST', true); define('USERCLASS', ''); define('USEREMAIL', ''); define('USERSIGNATURE', ''); if ($user->hasSessionError()) { define('LOGINMESSAGE', CORE_LAN10); define('CORRUPT_COOKIE', true); } } else { // we shouldn't use getValue() here, it's there for e.g. shortcodes, profile page render etc. define('USERID', $user->getId()); define('USERNAME', $user->get('user_name')); define('USERURL', $user->get('user_homepage', false)); //required for BC define('USEREMAIL', $user->get('user_email')); define('USER', true); define('USERCLASS', $user->get('user_class')); define('USERIMAGE', $user->get('user_image')); define('USERPHOTO', $user->get('user_sess')); define('USERJOINED', $user->get('user_join')); define('USERVISITS', $user->get('user_visits')); define('USERSIGNATURE', $user->get('user_signature')); define('ADMIN', $user->isAdmin()); define('ADMINID', $user->getAdminId()); define('ADMINNAME', $user->getAdminName()); define('ADMINPERMS', $user->getAdminPerms()); define('ADMINEMAIL', $user->getAdminEmail()); define('ADMINPWCHANGE', $user->getAdminPwchange()); if (ADMIN) { e107::getRedirect()->setPreviousUrl(); } define('USERLV', $user->get('user_lastvisit')); // BC - FIXME - get rid of them! $currentUser = $user->getData(); $currentUser['user_realname'] = $user->get('user_login'); // Used by force_userupdate $e107->currentUser =& $currentUser; // if(defined('SETTHEME')) //override - within e_module for example. // { // $_POST['sitetheme'] = SETTHEME; // $_POST['settheme'] = 1; // } // XXX could go to e_user class as well if ($user->checkClass(e107::getPref('allow_theme_select', false), false)) { // User can set own theme if (isset($_POST['settheme'])) { $uconfig = $user->getConfig(); if (e107::getPref('sitetheme') != $_POST['sitetheme']) { require_once e_HANDLER . "theme_handler.php"; $utheme = new themeHandler(); $ut = $utheme->themeArray[$_POST['sitetheme']]; $uconfig->setPosted('sitetheme', $_POST['sitetheme'])->setPosted('sitetheme_custompages', $ut['custompages'])->setPosted('sitetheme_deflayout', $utheme->findDefault($_POST['sitetheme'])); } else { $uconfig->remove('sitetheme')->remove('sitetheme_custompages')->remove('sitetheme_deflayout'); } $uconfig->save(true); unset($ut); } } elseif ($user->getPref('sitetheme')) { $user->getConfig()->remove('sitetheme')->remove('sitetheme_custompages')->remove('sitetheme_deflayout')->save(false); } // XXX could go to e_user class as well END if (!defined("USERTHEME")) { define('USERTHEME', $user->getPref('sitetheme') && file_exists(e_THEME . $user->getPref('sitetheme') . "/theme.php") ? $user->getPref('sitetheme') : false); } $user_pref = $user->getPref(); } define('USERCLASS_LIST', $user->getClassList(true)); define('e_CLASS_REGEXP', $user->getClassRegex()); define('e_NOBODY_REGEXP', '(^|,)' . e_UC_NOBODY . '(,|$)'); }