예제 #1
0
    /**
     * Returns links to edit the profile, based on the permissions of the user
     * that is viewing this page. 
     */
    public function get_edit_links_html(Website $website)
    {
        $viewing_user = $website->getAuth()->getCurrentUser();
        $returnValue = "";
        // Get privileges
        $is_viewing_themselves = false;
        $is_viewing_as_moderator = false;
        $is_viewing_as_admin = false;
        if ($viewing_user != null) {
            $is_viewing_themselves = $this->user->getId() == $viewing_user->getId();
            if ($website->isLoggedInAsStaff(false)) {
                $is_viewing_as_moderator = true;
            }
            if ($website->isLoggedInAsStaff(true)) {
                $is_viewing_as_admin = true;
            }
        }
        // Gravatar link + help
        if ($is_viewing_themselves) {
            // No way that other admins can edit someone's avatar, so only display help text for owner
            $returnValue .= <<<EOT
                <p>
                     {$website->tReplaced("users.gravatar.explained", '<a href="http://gravatar.com/">gravatar.com</a>')}
                </p>
EOT;
        }
        // Add all account edit links
        $edit_links = [];
        if (!$is_viewing_themselves && $is_viewing_as_moderator) {
            // Accessed by a moderator that isn't viewing his/her own account
            // Add (un)ban link
            $edit_links[] = $this->get_edit_link($website, "edit_account_status", "users.status.edit");
        }
        if ($is_viewing_themselves || $is_viewing_as_admin) {
            // Accessed by the user themselves or an admin
            // Display links to edit profile
            $edit_links[] = $this->get_edit_link($website, "edit_email", "users.email.edit");
            $edit_links[] = $this->get_edit_link($website, "edit_password", "users.password.edit");
            $edit_links[] = $this->get_edit_link($website, "edit_display_name", "users.display_name.edit");
        }
        if (!$is_viewing_themselves && $is_viewing_as_admin) {
            // Accessed by an admin that isn't viewing his/her own account
            // Add rank edit link and login link
            $edit_links[] = $this->get_edit_link($website, "edit_rank", "users.rank.edit");
            // Only display login link if account is not deleted/banned
            if ($this->user->canLogIn()) {
                $edit_links[] = $this->get_edit_link($website, "login_other", "main.log_in");
            }
        }
        if (count($edit_links) > 0) {
            $returnValue .= "<p>\n" . implode($edit_links) . "</p>\n";
        }
        return $returnValue;
    }
예제 #2
0
 /**
  * Save that user object in the session. Doesn't modify the login cookie.
  * Null values are not permitted. Use log_out to log the current user out.
  * @param User $user The user to login
  * @return boolean Whether the user object was set. Returns false when the
  * account is banned or deleted.
  */
 public function setCurrentUser(User $user)
 {
     if (!$user->canLogIn()) {
         // User is banned or something
         return false;
     }
     $_SESSION['user_id'] = $user->getId();
     if ($user->hasRank(self::RANK_MODERATOR)) {
         // This session vars are purely used for CKEditor.
         // In rCMS there are much better, easier and safer ways to check this.
         $_SESSION['moderator'] = true;
     } else {
         $_SESSION['moderator'] = false;
     }
     $this->currentUser = $user;
     return true;
 }