| 1 |
6daefa8c
|
Petr Lukašík
|
<?
|
| 2 |
|
|
if (empty($AUTORIZACE_INC_PHP)):
|
| 3 |
|
|
$AUTORIZACE_INC_PHP = 1;
|
| 4 |
|
|
define(LEVEL_WEBMASTER, "10");
|
| 5 |
|
|
define(LEVEL_SUPER_UZIVATEL, "9");
|
| 6 |
|
|
define(LEVEL_UZIVATEL, "1");
|
| 7 |
|
|
$auth_level = 0;
|
| 8 |
|
|
$auth = "";
|
| 9 |
|
|
$auth_userkod = "";
|
| 10 |
|
|
function ksa_authorize()
|
| 11 |
|
|
{
|
| 12 |
|
|
global $PHP_AUTH_USER, $PHP_AUTH_PW;
|
| 13 |
|
|
global $auth_level, $auth_userkod, $auth;
|
| 14 |
|
|
$auth_level = 0;
|
| 15 |
|
|
$auth_userkod = "";
|
| 16 |
|
|
$PHP_AUTH_PW = MD5($PHP_AUTH_PW);
|
| 17 |
|
|
@$connection = Pg_Connect ("user=dbowner dbname=klinopis");
|
| 18 |
|
|
if (!$connection):
|
| 19 |
|
|
//echo "Nepodarilo se pripojit k datab?zi!";
|
| 20 |
|
|
return 0;
|
| 21 |
|
|
endif;
|
| 22 |
|
|
$uzivatele = pg_exec("select kod, autor, heslo, menu from c_autor where kod = '$PHP_AUTH_USER' AND heslo = '$PHP_AUTH_PW' order by menu DESC");
|
| 23 |
|
|
$rows = @Pg_NumRows ($uzivatele);
|
| 24 |
|
|
if ($rows > 0) {
|
| 25 |
|
|
List($kod, $autor, $heslo, $menu)= Pg_Fetch_Row($uzivatele, 0, PGSQL_NUM);
|
| 26 |
|
|
$auth_level = $menu;
|
| 27 |
|
|
$auth_userkod = $kod;
|
| 28 |
|
|
$auth = $kod;
|
| 29 |
|
|
}
|
| 30 |
|
|
else {
|
| 31 |
|
|
$auth_level = 0;
|
| 32 |
|
|
$auth_userkod = "";
|
| 33 |
|
|
$auth = "";
|
| 34 |
|
|
}
|
| 35 |
|
|
Pg_Close ($connection);
|
| 36 |
|
|
return $auth_level;
|
| 37 |
|
|
}
|
| 38 |
|
|
function ksa_unauthorized()
|
| 39 |
|
|
{
|
| 40 |
|
|
Header("Pragma: no-cache");
|
| 41 |
|
|
Header("Cache-Control: no-cache, must-revalidate");
|
| 42 |
|
|
Header("WWW-Authenticate: Basic realm=\"OBTC\"");
|
| 43 |
|
|
Header("HTTP/1.0 401 Unauthorized");
|
| 44 |
|
|
echo "You don't have a permission to edit something, contact the administrator Mr. <a href=\"mailto:rahman@kbs.zcu.cz\">>F. Rahman</a> if you like to join us.";
|
| 45 |
|
|
die();
|
| 46 |
|
|
}
|
| 47 |
|
|
|
| 48 |
|
|
endif;
|