bburnett
Posts: 22
|
| Posted: 01/09/2004, 3:49 PM |
|
Last summer I posted ASP code for modifying CCUserInGroups() to allow a person to be in multiple security roles. I finally got around to doing a PHP version:
function CCUserInGroups($GroupID, $GroupsAccess)
{
$Result = false;
//If no groups have been specified with access; let everyone in.
if(strlen($GroupsAccess))
{
//New code to handle users being in more than one group
$varElement="";
$arrayGroups="";
$varGroupID="";
$varGroupID=$GroupID;
//If GroupID is delimited put the values in an array; otherwise put the value in first element of array
if (strpos($varGroupID,",")>0) {
$arrayGroups=explode(",",$varGroupID);
}
else {
$arrayGroups=array($varGroupID);
}
//Check each array element and see if it is allowed access
foreach ($arrayGroups as $varElement) {
$Result = !(strpos(";".$GroupsAccess.";",";".$varElement.";")==0);
if ($Result==true){
//Once there is a match we know they have rights
break;
}
}
//End of New Code
//Original Code:
//$Result = (strpos(";" . $GroupsAccess . ";", ";" . $GroupID . ";") !== false);
}
else
{
$Result = true;
}
return $Result;
}
_________________
Brandon Burnett
New Media Architect
REL Productions
West Des Moines, IA, USA
www.relonline.com |
 |
 |
bburnett
Posts: 22
|
| Posted: 01/09/2004, 3:53 PM |
|
Oh, yeah...
It will be looking for groups to be a varchar field with values seperated by commas
_________________
Brandon Burnett
New Media Architect
REL Productions
West Des Moines, IA, USA
www.relonline.com |
|
|
|
bburnett
Posts: 22
|
| Posted: 01/12/2004, 12:19 PM |
|
CORRECTION:
$Result = !(strpos(";".$GroupsAccess.";",";".$varElement.";")==0);
SHOULD BE:
$Result = (strpos(";".$GroupsAccess.";",";".$varElement.";")===0);
_________________
Brandon Burnett
New Media Architect
REL Productions
West Des Moines, IA, USA
www.relonline.com |
|
|
|
RogerR
Posts: 21
|
| Posted: 01/13/2004, 5:11 AM |
|
Thanks Bryan;
I've always built my security seperate and outside of CCS for this very reason. I am looking forward to trying this to see how it will work for me.
Thanks again;
Roger R.
_________________
***********************************************************
The best antivirus a windose user can get - LINUX!
*********************************************************** |
|
|
|
RogerR
Posts: 21
|
| Posted: 01/13/2004, 5:14 AM |
|
Thanks Brandon;
I've always built my security seperate and outside of CCS for this very reason. I am looking forward to trying this to see how it will work for me.
Thanks again;
Roger R.
_________________
***********************************************************
The best antivirus a windose user can get - LINUX!
*********************************************************** |
|
|
|
Norbi
|
| Posted: 12/04/2004, 11:51 AM |
|
The script is really nice, thank you !
I found small bug however 
It took me some time to discover what's going on.
In my security model (group_id is text based) it happened that $Result was just an empty string. Once this happen the security didn't work fine.
I just replaced this part
$Result = (strpos(";".$GroupsAccess.";",";".$varElement.";")===0);
if ($Result==true){
//Once there is a match we know they have rights
break;
}
with the following one and it seems to work fine:
if( strpos(";".$GroupsAccess.";",";".$varElement.";")>0){
$Result = true;
break;
}
Hope this helps someone.
Best regards
Norbert
|
|
|
|
Norbi
|
| Posted: 12/09/2004, 2:25 PM |
|
 Hello All,
I was too quick publishing the updated code for multi-groups security model. So here it comes again and it looks like this one is working fine, sorry for confusion.
Below You can find full code I use.
//CCUserInGroups @0-9F7F30EA
function CCUserInGroups($GroupID, $GroupsAccess)
{
//code to handle assignment to more than 1 group
$Result = false;
//If no groups have been specified with access; let everyone in.
if(strlen($GroupsAccess))
{
//New code to handle users being in more than one group
$varElement="";
$arrayGroups="";
$varGroupID="";
$varGroupID=$GroupID;
//If GroupID is delimited put the values in an array; otherwise put the value in first element of array
if (strpos($varGroupID,",")>0) {
$arrayGroups=explode(",",$varGroupID);
}
else {
$arrayGroups=array($varGroupID);
}
//Check each array element and see if it is allowed access
/* echo "Access rights debuging: ";
var_dump($arrayGroups);
echo "<HR>";
*/
foreach ($arrayGroups as $varElement) {
if( ! (strpos(";".$GroupsAccess.";",";".$varElement.";") === false)){
$Result = true;
break;
}
}
//End of New Code
//Original Code:
//$Result = (strpos(";" . $GroupsAccess . ";", ";" . $GroupID . ";") !== false);
}
else
{
$Result = true;
}
return $Result;
}
//End CCUserInGroups
//CCLoginUser @0-FFD3CE11
//adapted to my application
function CCLoginUser($login, $password)
{
$db = new clsDBADZ();
$SQL = "SELECT i_id, s_group, s_firstname FROM v_users2groups WHERE s_username=" . $db->ToSQL($login, ccsText) . " AND s_password=" . $db->ToSQL($password, ccsText);
$db->query($SQL);
$licznik = 0; //counter
$user_groups="";
while($db->next_record()){
if(!$licznik){
CCSetSession("ISWP_UserID", $db->f("i_id"));
CCSetSession("ISWP_UserLogin", $login);
CCSetSession("ISWP_UserName", $db->f("s_firstname"));
$licznik=1;
}
if(strlen($user_groups)>0)
$user_groups .= "," . $db->f("s_group");
else
$user_groups = $db->f("s_group");
}
CCSetSession("ISWP_GroupID", $user_groups);
$db->close();
$Result = $licznik;
return $Result;
}
//End CCLoginUser
____________________________
Best regards
Norbert Neubauer
www.tronix.pl
|
|
|
|
|
