Location: PHPKode > projects > ARBS > arbs-1.5.1.78/mrbs_auth.inc.php
<?php
/*
 * ARBS - Advanced Resource Booking System
 * Copyright (C) 2005-2007 ITMC der TU Dortmund
 * Based on MRBS by Daniel Gardner <http://mrbs.sourceforge.net/>
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor,
 * Boston, MA 02110-1301, USA.
 */


// include the authentification wrappers
include "auth_$auth[type].inc.php";

/* getAuthorised($user, $pass, $level)
 * 
 * Check to see if the user name/password is valid
 * 
 * $user  - The user name
 * $pass  - The users password
 * $level - The access level required
 * 
 * Returns:
 *   0        - The user does not have the required access
 *   non-zero - The user has the required access
 */
function getAuthorised($user, $pass, $level){
	global $auth;	
	if(!authValidateUser($user, $pass))
		return 0;	
	return authGetUserLevel($user, $auth["admin"]) >= $level;
}

/* getWritable($creator, $user)
 * 
 * Determines if a user is able to modify an entry
 *
 * $creator - The creator of the entry
 * $user    - Who wants to modify it
 *
 * Returns:
 *   0        - The user does not have the required access
 *   non-zero - The user has the required access
 */
function getWritable($creator, $user){
	global $auth;
	// Always allowed to modify your own stuff
	if($creator == $user)
		return 1;
	
	if(authGetUserLevel($user, $auth["admin"]) >= 2)
		return 1;
	
	// Unathorised access
	return 0;
}

/* showAccessDenied()
 * 
 * Displays an appropate message when access has been denied
 * 
 * Retusns: Nothing
 */
function showAccessDenied($day, $month, $year, $area){
	global $lang;
	
	print_header($day, $month, $year, $area);
?>
  <H1><?php echo(_("Access denied")); ?></H1>
  <P>
   <?php echo(_("You don't have the neccessary rights to do this action.")); ?>
  </P>
  <P>
   <A HREF="<?php echo($_SERVER['HTTP_REFERER']); ?>"><?php echo(_("Back to previous page")); ?></A>
  </P>
 </BODY>
</HTML>
<?php
exit;
}
?>
Return current item: ARBS