static function siteAccessList() { $siteAccessList = array(); $ini = eZINI::instance(); $availableSiteAccessList = $ini->variable('SiteAccessSettings', 'AvailableSiteAccessList'); if (!is_array($availableSiteAccessList)) { $availableSiteAccessList = array(); } $serverSiteAccess = eZSys::serverVariable($ini->variable('SiteAccessSettings', 'ServerVariableName'), true); if ($serverSiteAccess) { $availableSiteAccessList[] = $serverSiteAccess; } $availableSiteAccessList = array_unique($availableSiteAccessList); foreach ($availableSiteAccessList as $siteAccessName) { $siteAccessItem = array(); $siteAccessItem['name'] = $siteAccessName; $siteAccessItem['id'] = eZSys::ezcrc32($siteAccessName); $siteAccessList[] = $siteAccessItem; } return $siteAccessList; }
function userHasSiteAccess( $site ) { $result = $this->User->hasAccessTo( 'user', 'login' ); $accessWord = $result['accessWord']; if ( $accessWord == 'limited' ) { $hasAccess = false; $policyChecked = false; foreach ( array_keys( $result['policies'] ) as $key ) { $policy =& $result['policies'][$key]; if ( isset( $policy['SiteAccess'] ) ) { $policyChecked = true; if ( in_array( eZSys::ezcrc32( $site ), $policy['SiteAccess'] ) ) { $hasAccess = true; break; } } if ( $hasAccess ) break; } if ( !$policyChecked ) $hasAccess = true; } else if ( $accessWord == 'yes' ) { $hasAccess = true; } else if ( $accessWord == 'no' ) { $hasAccess = false; } return $hasAccess; }
static function cachePath($keyString, $nodeID = false) { $filename = eZSys::ezcrc32($keyString) . ".cache"; $phpDir = eZTemplateCacheBlock::templateBlockCacheDir(); if (is_numeric($nodeID)) { $phpDir .= eZTemplateCacheBlock::calculateSubtreeCacheDir($nodeID, $filename); } else { $phpDir .= $filename[0] . '/' . $filename[1] . '/' . $filename[2]; } $phpPath = $phpDir . '/' . $filename; return $phpPath; }
function modify($tpl, $operatorName, $operatorParameters, $rootNamespace, $currentNamespace, &$operatorValue, $namedParameters, $placement) { $digestData = $operatorValue; switch ($operatorName) { // Calculate and return crc32 polynomial. case $this->Crc32Name: $operatorValue = eZSys::ezcrc32($digestData); break; // Calculate the MD5 hash. // Calculate the MD5 hash. case $this->Md5Name: $operatorValue = md5($digestData); break; // Calculate the SHA1 hash. // Calculate the SHA1 hash. case $this->Sha1Name: $operatorValue = sha1($digestData); break; // Preform rot13 transform on the string. // Preform rot13 transform on the string. case $this->Rot13Name: $operatorValue = str_rot13($digestData); break; // Default case: something went wrong - unknown things... // Default case: something went wrong - unknown things... default: $tpl->warning($operatorName, "Unknown input type '{$operatorName}'", $placement); break; } }
function markCRC32(&$tr) { //include_once( 'lib/ezutils/classes/ezsys.php' ); eZSys::ezcrc32($this->Text); }
function createSiteAccess( $params ) { $srcSiteaccess = $params['src']['siteaccess']; $dstSiteaccess = $params['dst']['siteaccess']; $dstSettings = isset( $params['dst']['settings'] ) ? $params['dst']['settings'] : array(); // Create the siteaccess directory $srcSiteaccessDir = "settings/siteaccess/" . $srcSiteaccess; $dstSiteaccessDir = "settings/siteaccess/" . $dstSiteaccess; eZDir::mkdir( $dstSiteaccessDir, false, true ); eZDir::copy( $srcSiteaccessDir, $dstSiteaccessDir, false, true ); // Update settings foreach ( $dstSettings as $iniFile => $settingGroups ) { $ini = eZINI::instance( $iniFile . ".append.php", $dstSiteaccessDir, null, false, null, true ); foreach ( $settingGroups as $settingGroup => $settings ) { foreach ( $settings as $name => $value ) { $ini->setVariable( $settingGroup, $name, $value ); } } $ini->save( false, false, false, false, true, true ); unset( $ini ); } // Create roles $role = eZRole::fetchByName( "Anonymous" ); $role->appendPolicy( "user", "login", array( "SiteAccess" => array( eZSys::ezcrc32( $dstSiteaccess ) ) ) ); $role->store(); }
function transformByGroup($text, $group, $charset = false, $useCache = true) { if ($text === '') { return $text; } $charsetName = $charset === false ? eZTextCodec::internalCharset() : eZCharsetInfo::realCharsetCode($charset); if ($useCache) { // CRC32 is used for speed, MD5 would be more unique but is slower $keyText = 'Group:' . $group; $key = eZSys::ezcrc32($keyText . '-' . $charset); $filepath = $this->cacheFilePath('g-' . $group . '-', '-' . $charsetName, $key); // Try to execute code in the cache file, if it succeeds // \a $text will/ transformated $retText = $this->executeCacheFile($text, $filepath); if ($retText !== false) { return $retText; } } $commands = $this->groupCommands($group); if ($commands === false) { return false; } $mapper = new eZCodeMapper(); $mapper->loadTransformationFiles($charsetName, $group); $rules = array(); foreach ($commands as $command) { $rules = array_merge($rules, $mapper->decodeCommand($command['command'], $command['parameters'])); } // First generate a unicode based mapping table from the rules $unicodeTable = $mapper->generateMappingCode($rules); unset($unicodeTable[0]); // Then transform that to a table that works with the current charset // Any character not available in the current charset will be removed $charsetTable = $mapper->generateCharsetMappingTable($unicodeTable, $charset); $transformationData = array('table' => $charsetTable); unset($unicodeTable); if ($useCache) { $extraCode = ''; foreach ($commands as $command) { $code = $mapper->generateCommandCode($command, $charsetName); if ($code !== false) { $extraCode .= $code . "\n"; } } $this->storeCacheFile($filepath, $transformationData, $extraCode, 'Group:' . $group, $charsetName); } // Execute transformations $text = strtr($text, $transformationData['table']); // Execute custom code foreach ($commands as $command) { $mapper->executeCommandCode($text, $command, $charsetName); } return $text; }
function createImageAliasKey( $alias ) { $keyData = array( $alias['name'], $alias['reference'], $alias['mime_type'] ); if ( $alias['reference'] ) { $referenceAlias = $this->alias( $alias['reference'] ); if ( $referenceAlias ) $keyData[] = $referenceAlias['alias_key']; } foreach ( $alias['filters'] as $filter ) { $filterData = $filter['name']; if ( is_array( $filter['data'] ) ) $filterData .= '=' . implode( ',', $filter['data'] ); $keyData[] = $filterData; } $key = eZSys::ezcrc32( implode( "\n", $keyData ) ); return $key; }
/** * Checks authorization of the given $user to a given $path. * * This method checks if the given $user has the permission $access to the * resource identified by $path. The $path is the result of a translation * by the servers {@link ezcWebdavPathFactory} from the request URI. * * The $access parameter can be one of * <ul> * <li>{@link ezcWebdavAuthorizer::ACCESS_WRITE}</li> * <li>{@link ezcWebdavAuthorizer::ACCESS_READ}</li> * </ul> * * The implementation of this method must only check the given $path, but * MUST not check descendant paths, since the back end will issue dedicated * calls for such paths. In contrast, the algoritm MUST ensure, that parent * permission constraints of the given $paths are met. * * Examples: * Permission is rejected for the paths "/a", "/b/beamme" and "/c/connect": * * <code> * <?php * var_dump( $auth->authorize( 'johndoe', '/a' ) ); // false * var_dump( $auth->authorize( 'johndoe', '/b' ) ); // true * var_dump( $auth->authorize( 'johndoe', '/b/beamme' ) ); // false * var_dump( $auth->authorize( 'johndoe', '/c/connect/some/deeper/path' ) ); // false * ?> * </code> * * @param string $user * @param string $path * @param int $access * @return bool */ public function authorize($user, $path, $access = self::ACCESS_READ) { $fullPath = $path; if ($fullPath === '') { $fullPath = '/'; } if ($access === self::ACCESS_READ) { // reading the root (/) is allowed return true; } $target = $this->splitFirstPathElement($fullPath, $site); if ($target === '' && $access === self::ACCESS_READ) { // reading the site list is allowed return true; } else { if ($target !== '') { $target = $this->splitFirstPathElement($target, $element); } } if ($target === '' && ($access = self::ACCESS_WRITE)) { // writing to second-level paths (/plain_site_user/) is not allowed return false; } $user = eZUser::currentUser(); $result = $user->hasAccessTo('user', 'login'); $accessWord = $result['accessWord']; if ($accessWord == 'limited') { $hasAccess = false; $policyChecked = false; foreach (array_keys($result['policies']) as $key) { $policy =& $result['policies'][$key]; if (isset($policy['SiteAccess'])) { $policyChecked = true; if (in_array(eZSys::ezcrc32($site), $policy['SiteAccess'])) { $hasAccess = true; break; } } if ($hasAccess) { break; } } if (!$policyChecked) { $hasAccess = true; } } else { if ($accessWord == 'yes') { $hasAccess = true; } else { if ($accessWord == 'no') { $hasAccess = false; } } } return $hasAccess; }
function markCRC32(&$tr) { eZSys::ezcrc32($this->Text); }
/** * Execution point for controller actions. * Returns false if not supported * * @return ezpKernelResult */ public function run() { $db = eZDB::instance(); if ($db->isConnected()) { $this->sessionInit(); } else { return $this->exitWithInternalError(ezpI18n::tr('kernel/content/treemenu', 'Database is not connected')); } $moduleINI = eZINI::instance('module.ini'); $globalModuleRepositories = $moduleINI->variable('ModuleSettings', 'ModuleRepositories'); eZModule::setGlobalPathList($globalModuleRepositories); $module = eZModule::exists('content'); if (!$module) { return $this->exitWithInternalError(ezpI18n::tr('kernel/content/treemenu', '"content" module could not be found.')); } $function_name = 'treemenu'; $this->uri->increase(); $this->uri->increase(); $currentUser = eZUser::currentUser(); $siteAccessResult = $currentUser->hasAccessTo('user', 'login'); $hasAccessToSite = false; if ($siteAccessResult['accessWord'] == 'limited') { $policyChecked = false; foreach ($siteAccessResult['policies'] as $policy) { if (isset($policy['SiteAccess'])) { $policyChecked = true; $crc32AccessName = eZSys::ezcrc32($this->access['name']); if (in_array($crc32AccessName, $policy['SiteAccess'])) { $hasAccessToSite = true; break; } } if ($hasAccessToSite) { break; } } if (!$policyChecked) { $hasAccessToSite = true; } } else { if ($siteAccessResult['accessWord'] == 'yes') { $hasAccessToSite = true; } } if (!$hasAccessToSite) { return $this->exitWithInternalError(ezpI18n::tr('kernel/content/treemenu', 'Insufficient permissions to display the treemenu.'), 403); } $GLOBALS['eZRequestedModule'] = $module; $content = $module->run($function_name, $this->uri->elements(false), false, array('use-cache-headers' => $this->settings['use-cache-headers'])); $attributes = isset($content['lastModified']) ? array('lastModified' => $content['lastModified']) : array(); $this->shutdown(); return new ezpKernelResult($content['content'], $attributes); }
/** * Used by the permission system: check if current user has access to ws method * @param string $functionName * @param ezuser $user */ static function checkAccess($functionName, $user = null) { if ($user == null) { $user = eZUser::currentUser(); } $access = false; $accessResult = $user->hasAccessTo('webservices', 'execute'); $accessWord = $accessResult['accessWord']; if ($accessWord == 'yes') { $access = true; } else { if ($accessWord != 'no') { $currentsa = eZSys::ezcrc32($GLOBALS['eZCurrentAccess']['name']); $functionName = md5($functionName); $accessws = 1; $accesssa = 1; foreach ($accessResult['policies'] as $key => $policy) { if (isset($policy['Webservices']) && $accessws === 1) { $accessws = false; } if (isset($policy['Webservices']) && in_array($functionName, $policy['Webservices'])) { $accessws = true; } if (isset($policy['SiteAccess']) && $accesssa === 1) { $accesssa = false; } if (isset($policy['SiteAccess']) && in_array($currentsa, $policy['SiteAccess'])) { $accesssa = true; } } $access = $accessws && $accesssa; } } return $access; }
function eZSiteCommonRoles(&$roles, $parameters) { include_once 'lib/ezutils/classes/ezsys.php'; // Make sure anonymous can only login to user site $roles[] = array('name' => 'Anonymous', 'policies' => array(array('module' => 'user', 'function' => 'login', 'limitation' => array('SiteAccess' => array(eZSys::ezcrc32($parameters['user_siteaccess'])))))); }
function siteRoles($params = false) { $guestAccountsID = $this->setting('guest_accounts_id'); $anonAccountsID = $this->setting('anonymous_accounts_id'); $roles = array(); // Add possibility to read rss by default for anonymous/guests $roles[] = array('name' => 'Anonymous', 'policies' => array(array('module' => 'rss', 'function' => 'feed')), 'assignments' => array(array('user_id' => $guestAccountsID), array('user_id' => $anonAccountsID))); include_once 'lib/ezutils/classes/ezsys.php'; // Make sure anonymous can only login to use side $roles[] = array('name' => 'Anonymous', 'policies' => array(array('module' => 'user', 'function' => 'login', 'limitation' => array('SiteAccess' => array(eZSys::ezcrc32($this->setting('user_siteaccess'))))))); return $roles; }
/** * Runs the dispatch loop */ protected function dispatchLoop() { $ini = eZINI::instance(); // Start the module loop while ($this->siteBasics['module-run-required']) { $objectHasMovedError = false; $objectHasMovedURI = false; $this->actualRequestedURI = $this->uri->uriString(); // Extract user specified parameters $userParameters = $this->uri->userParameters(); // Generate a URI which also includes the user parameters $this->completeRequestedURI = $this->uri->originalURIString(); // Check for URL translation if ($this->siteBasics['url-translator-allowed'] && eZURLAliasML::urlTranslationEnabledByUri($this->uri)) { $translateResult = eZURLAliasML::translate($this->uri); if (!is_string($translateResult) && $ini->variable('URLTranslator', 'WildcardTranslation') === 'enabled') { $translateResult = eZURLWildcard::translate($this->uri); } // Check if the URL has moved if (is_string($translateResult)) { $objectHasMovedURI = $translateResult; foreach ($userParameters as $name => $value) { $objectHasMovedURI .= '/(' . $name . ')/' . $value; } $objectHasMovedError = true; } } if ($this->uri->isEmpty()) { $tmp_uri = new eZURI($ini->variable("SiteSettings", "IndexPage")); $moduleCheck = eZModule::accessAllowed($tmp_uri); } else { $moduleCheck = eZModule::accessAllowed($this->uri); } if (!$moduleCheck['result']) { if ($ini->variable("SiteSettings", "ErrorHandler") == "defaultpage") { $defaultPage = $ini->variable("SiteSettings", "DefaultPage"); $this->uri->setURIString($defaultPage); $moduleCheck['result'] = true; } } $displayMissingModule = false; $this->oldURI = $this->uri; if ($this->uri->isEmpty()) { if (!fetchModule($tmp_uri, $this->check, $this->module, $moduleName, $functionName, $params)) { $displayMissingModule = true; } } else { if (!fetchModule($this->uri, $this->check, $this->module, $moduleName, $functionName, $params)) { if ($ini->variable("SiteSettings", "ErrorHandler") == "defaultpage") { $tmp_uri = new eZURI($ini->variable("SiteSettings", "DefaultPage")); if (!fetchModule($tmp_uri, $this->check, $this->module, $moduleName, $functionName, $params)) { $displayMissingModule = true; } } else { $displayMissingModule = true; } } } if (!$displayMissingModule && $moduleCheck['result'] && $this->module instanceof eZModule) { // Run the module/function eZDebug::addTimingPoint("Module start '" . $this->module->attribute('name') . "'"); $moduleAccessAllowed = true; $omitPolicyCheck = true; $runModuleView = true; $availableViewsInModule = $this->module->attribute('views'); if (!isset($availableViewsInModule[$functionName]) && !$objectHasMovedError && !isset($this->module->Module['function']['script'])) { $moduleResult = $this->module->handleError(eZError::KERNEL_MODULE_VIEW_NOT_FOUND, 'kernel', array("check" => $moduleCheck)); $runModuleView = false; $this->siteBasics['policy-check-required'] = false; $omitPolicyCheck = true; } if ($this->siteBasics['policy-check-required']) { $omitPolicyCheck = false; $moduleName = $this->module->attribute('name'); if (in_array($moduleName, $this->siteBasics['policy-check-omit-list'])) { $omitPolicyCheck = true; } else { $policyCheckViewMap = $this->getPolicyCheckViewMap($this->siteBasics['policy-check-omit-list']); if (isset($policyCheckViewMap[$moduleName][$functionName])) { $omitPolicyCheck = true; } } } if (!$omitPolicyCheck) { $currentUser = eZUser::currentUser(); $siteAccessResult = $currentUser->hasAccessTo('user', 'login'); $hasAccessToSite = false; if ($siteAccessResult['accessWord'] === 'limited') { $policyChecked = false; foreach (array_keys($siteAccessResult['policies']) as $key) { $policy = $siteAccessResult['policies'][$key]; if (isset($policy['SiteAccess'])) { $policyChecked = true; $crc32AccessName = eZSys::ezcrc32($this->access['name']); eZDebugSetting::writeDebug('kernel-siteaccess', $policy['SiteAccess'], $crc32AccessName); if (in_array($crc32AccessName, $policy['SiteAccess'])) { $hasAccessToSite = true; break; } } if ($hasAccessToSite) { break; } } if (!$policyChecked) { $hasAccessToSite = true; } } else { if ($siteAccessResult['accessWord'] === 'yes') { eZDebugSetting::writeDebug('kernel-siteaccess', "access is yes"); $hasAccessToSite = true; } else { if ($siteAccessResult['accessWord'] === 'no') { $accessList = $siteAccessResult['accessList']; } } } if ($hasAccessToSite) { $accessParams = array(); $moduleAccessAllowed = $currentUser->hasAccessToView($this->module, $functionName, $accessParams); if (isset($accessParams['accessList'])) { $accessList = $accessParams['accessList']; } } else { eZDebugSetting::writeDebug('kernel-siteaccess', $this->access, 'not able to get access to siteaccess'); $moduleAccessAllowed = false; if ($ini->variable("SiteAccessSettings", "RequireUserLogin") == "true") { $this->module = eZModule::exists('user'); if ($this->module instanceof eZModule) { $moduleResult = $this->module->run('login', array(), array('SiteAccessAllowed' => false, 'SiteAccessName' => $this->access['name'])); $runModuleView = false; } } } } $GLOBALS['eZRequestedModule'] = $this->module; if ($runModuleView) { if ($objectHasMovedError == true) { $moduleResult = $this->module->handleError(eZError::KERNEL_MOVED, 'kernel', array('new_location' => $objectHasMovedURI)); } else { if (!$moduleAccessAllowed) { if (isset($availableViewsInModule[$functionName]['default_navigation_part'])) { $defaultNavigationPart = $availableViewsInModule[$functionName]['default_navigation_part']; } if (isset($accessList)) { $moduleResult = $this->module->handleError(eZError::KERNEL_ACCESS_DENIED, 'kernel', array('AccessList' => $accessList)); } else { $moduleResult = $this->module->handleError(eZError::KERNEL_ACCESS_DENIED, 'kernel'); } if (isset($defaultNavigationPart)) { $moduleResult['navigation_part'] = $defaultNavigationPart; unset($defaultNavigationPart); } } else { if (!isset($userParameters)) { $userParameters = false; } // Check if we should switch access mode (http/https) for this module view. eZSSLZone::checkModuleView($this->module->attribute('name'), $functionName); $moduleResult = $this->module->run($functionName, $params, false, $userParameters); if ($this->module->exitStatus() == eZModule::STATUS_FAILED && $moduleResult == null) { $moduleResult = $this->module->handleError(eZError::KERNEL_MODULE_VIEW_NOT_FOUND, 'kernel', array('module' => $moduleName, 'view' => $functionName)); } } } } } else { if ($moduleCheck['result']) { eZDebug::writeError("Undefined module: {$moduleName}", "index"); $this->module = new eZModule("", "", $moduleName); $GLOBALS['eZRequestedModule'] = $this->module; $moduleResult = $this->module->handleError(eZError::KERNEL_MODULE_NOT_FOUND, 'kernel', array('module' => $moduleName)); } else { if ($moduleCheck['view_checked']) { eZDebug::writeError("View '" . $moduleCheck['view'] . "' in module '" . $moduleCheck['module'] . "' is disabled", "index"); } else { eZDebug::writeError("Module '" . $moduleCheck['module'] . "' is disabled", "index"); } $GLOBALS['eZRequestedModule'] = $this->module = new eZModule("", "", $moduleCheck['module']); $moduleResult = $this->module->handleError(eZError::KERNEL_MODULE_DISABLED, 'kernel', array('check' => $moduleCheck)); } } $this->siteBasics['module-run-required'] = false; if ($this->module->exitStatus() == eZModule::STATUS_RERUN) { if (isset($moduleResult['rerun_uri'])) { $this->uri = eZURI::instance($moduleResult['rerun_uri']); $this->siteBasics['module-run-required'] = true; } else { eZDebug::writeError('No rerun URI specified, cannot continue', 'index.php'); } } if (is_array($moduleResult)) { if (isset($moduleResult["pagelayout"])) { $this->siteBasics['show-page-layout'] = $moduleResult["pagelayout"]; $GLOBALS['eZCustomPageLayout'] = $moduleResult["pagelayout"]; } if (isset($moduleResult["external_css"])) { $this->siteBasics['external-css'] = $moduleResult["external_css"]; } } } return $moduleResult; }
public function canLoginToSiteAccess($access) { $siteAccessResult = $this->hasAccessTo('user', 'login'); $hasAccessToSite = false; if ($siteAccessResult['accessWord'] == 'limited') { $siteNameCRC = eZSys::ezcrc32($access['name']); $policyChecked = false; foreach ($siteAccessResult['policies'] as $policy) { if (isset($policy['SiteAccess'])) { $policyChecked = true; if (in_array($siteNameCRC, $policy['SiteAccess'])) { $hasAccessToSite = true; break; } } } if (!$policyChecked) { $hasAccessToSite = true; } } else { if ($siteAccessResult['accessWord'] == 'yes') { $hasAccessToSite = true; } } return $hasAccessToSite; }
/** * Returns a valid limitation value to be saved in database * * @since 1.2.0 * @param string $limitationType Limitation type * @param string $limitationValue Human readable input value * @return string Value to be saved in database */ private function getLimitationValue($limitationType, $limitationValue) { $limitationValue = $this->getReferenceID($limitationValue); switch ($limitationType) { case 'Class': case 'ParentClass': if (!is_int($limitationValue)) { $class = eZContentClass::fetchByIdentifier($limitationValue); if ($class) { $limitationValue = $class->ID; } } break; case 'Subtree': //Subtree limitations need to store path_string instead of node_id $val = (int) $limitationValue; if ($val > 0) { $node = eZContentObjectTreeNode::fetch($val); $limitationValue = $node->attribute('path_string'); } break; case 'SiteAccess': //siteaccess name must be crc32'd if (!is_int($limitationValue)) { $limitationValue = eZSys::ezcrc32($limitationValue); } break; case 'Section': if (!is_int($limitationValue)) { $section = eZSection::fetchByIdentifier($limitationValue); if ($section) { $limitationValue = $section->attribute('id'); } } break; } return $limitationValue; }
$function_name = 'treemenu'; $uri->increase(); $uri->increase(); $currentUser = eZUser::currentUser(); $siteAccessResult = $currentUser->hasAccessTo( 'user', 'login' ); $hasAccessToSite = false; if ( $siteAccessResult[ 'accessWord' ] == 'limited' ) { $policyChecked = false; foreach ( $siteAccessResult['policies'] as $policy ) { if ( isset( $policy['SiteAccess'] ) ) { $policyChecked = true; $crc32AccessName = eZSys::ezcrc32( $access[ 'name' ] ); if ( in_array( $crc32AccessName, $policy['SiteAccess'] ) ) { $hasAccessToSite = true; break; } } if ( $hasAccessToSite ) { break; } } if ( !$policyChecked ) { $hasAccessToSite = true; }
$userClass = eZUserLoginHandler::instance($loginHandler); if (!is_object($userClass)) { continue; } $user = $userClass->loginUser($userLogin, $userPassword); if ($user instanceof eZUser) { // HACK! seems to be no trigger for login/logout if (class_exists('sCacheCookieHelper')) { sCacheCookieHelper::setCookie(); } $access = $GLOBALS['eZCurrentAccess']; $siteAccessResult = $user->hasAccessTo('user', 'login'); $hasAccessToSite = false; // A check that the user has rights to access current siteaccess. if ($siteAccessResult['accessWord'] == 'limited') { $siteNameCRC = eZSys::ezcrc32($access['name']); //include_once( 'lib/ezutils/classes/ezsys.php' ); $policyChecked = false; foreach ($siteAccessResult['policies'] as $policy) { if (isset($policy['SiteAccess'])) { $policyChecked = true; if (in_array($siteNameCRC, $policy['SiteAccess'])) { $hasAccessToSite = true; break; } } if ($hasAccessToSite) { break; } } if (!$policyChecked) {