Skip to content
This repository
Browse code

Role user test

  • Loading branch information...
commit 8d4e448d15974cba225f8103c18b2b0669c6ffd2 1 parent 597fd88
Slaytanic authored July 19, 2012
7  accesslist.ini
@@ -3,23 +3,28 @@ username=data
3 3
 password=3e4r5t6y
4 4
 privdb=all
5 5
 mrslots=0,0
  6
+role=superadmin
6 7
 [1]
7 8
 username=mobile
8 9
 password=1q2w3e4r
9 10
 privdb=mvv,mlvv,mdaily,mactive,active_ipad,active_express,mobiletype,mdaily_count,mdownload,msearch
10 11
 mrslots=2,1
  12
+role=dbadmin
11 13
 [2]
12 14
 username=adver
13 15
 password=1qaz2wsx
14 16
 privdb=active2,addl,pv,vv,midinfo,click,movie_box_source,moviebox,cms
15 17
 mrslots=2,1
  18
+role=user
16 19
 [3]
17 20
 username=online
18 21
 password=2wsx3edc
19 22
 privdb=active2,click,pv,vv,boxlist,drm
20 23
 mrslots=2,1
  24
+role=user
21 25
 [4]
22 26
 username=local
23 27
 password=2w3e4r5t
24 28
 privdb=active2,daily5,error5,user_config,asf,bbinding,binstall,associate,face_action,ie_action,tips_test_action
25  
-mrslots=2,1
  29
+mrslots=2,1
  30
+role=user
7  config.inc.php
@@ -54,8 +54,8 @@
54 54
 else
55 55
 {
56 56
 
57  
-	$onlydb = $auth->AuthUser($env["privFile"],$user,$pass);
58  
-	if(($onlydb == FALSE) || ($onlydb == ""))
  57
+	$priv = $auth->AuthUser($env["privFile"],$user,$pass);
  58
+	if(($priv == FALSE) || ($priv['privdb'] == ""))
59 59
 	{
60 60
 		include_once "templates/login.html";
61 61
 		die('');
@@ -64,7 +64,8 @@
64 64
 	{
65 65
 		$_SESSION['username'] = $user;
66 66
 		$_SESSION['password'] = $pass;
67  
-		$_SESSION['onlydb'] = $onlydb;
  67
+		$_SESSION['onlydb'] = $priv['privdb'];
  68
+		$_SESSION['role'] = $priv['role'];
68 69
 	}
69 70
 }
70 71
 
2  dbList.php
@@ -14,7 +14,7 @@
14 14
 
15 15
 $i = 0;
16 16
 echo '<br />';
17  
-if($_SESSION['onlydb'] == "all")
  17
+if($_SESSION['role'] == "superadmin")
18 18
 {
19 19
 	while('' != @$db_array[$i]) {
20 20
 		echo '<a href="javascript:showsd(\'tableList.php?database='.$db_array[$i].'\',\'dbStructure.php?database='.$db_array[$i].'\')" target="left"><img src=images/database.png>'.$db_array[$i].'</a><br />'."\n";
6  dbStructure.php
@@ -41,7 +41,7 @@
41 41
 		echo "<tr bgcolor=#FFFF99>
42 42
 		<td></td>
43 43
 		<td>".$lang['tableName']."</td>";
44  
-		if($_SESSION['onlydb'] == "all")
  44
+		if($_SESSION['role'] == "superadmin" || $_SESSION['role'] == "dbadmin")
45 45
 		{
46 46
 			echo "<td>".$lang['alterTable']."</td>
47 47
 			<td>".$lang['loadData']."</td>
@@ -69,7 +69,7 @@
69 69
 			echo "<td>\n";
70 70
 			echo '<a href=sqlQuery.php?table='.$db_array[$i].'&database='.$_GET['database'].' target="right">'.$db_array[$i].'</a>';
71 71
 			echo "</td>\n";
72  
-			if($_SESSION['onlydb'] == "all")
  72
+			if($_SESSION['role'] == "superadmin" || $_SESSION['role'] == "dbadmin")
73 73
 			{
74 74
 				echo "<td>\n";
75 75
 				echo "<a href=alterTable.php?database=".$_GET['database']."&table=".$db_array[$i]."><img src=images/b_props.png>".$lang['alterTable']."</a>";
@@ -100,7 +100,7 @@
100 100
 		echo $lang['select']." / ".$lang['deselect']."<bR><br>\n";
101 101
 		echo "<input type=submit name=submit value=".$lang['submit'].">";
102 102
 		echo "</form><br><br>";
103  
-		if($_SESSION['onlydb'] == "all")
  103
+		if($_SESSION['role'] == "superadmin" || $_SESSION['role'] == "dbadmin")
104 104
 		{
105 105
 			include_once "templates/add_table.html";
106 106
 		}
2  getResult.php
@@ -31,7 +31,7 @@
31 31
 		}
32 32
 
33 33
 		$filename = $env['output_path']."/hive_res.".$str.".csv";
34  
-		if($_SESSION['onlydb'] != "all")
  34
+		if($_SESSION['role'] != "superadmin")
35 35
 		{
36 36
 			$logfile = $env['logs_path'].$_SESSION['username']."_".$str.".log";
37 37
 		}
4  history.php
@@ -31,7 +31,7 @@
31 31
 		{
32 32
 			if(!is_dir($dir.$file))
33 33
 			{
34  
-				if($_SESSION['onlydb'] == 'all')
  34
+				if($_SESSION['role'] == 'superadmin')
35 35
 				{
36 36
 					$file_array[$i] = $file;
37 37
 				}
@@ -95,7 +95,7 @@
95 95
 			$tmp = substr($tmp[1]."_".$tmp[2],0,-4);
96 96
 			if(file_exists($env['output_path']."/hive_res.".$tmp.".csv"))
97 97
 			{
98  
-				if($_SESSION['onlydb'] == 'all')
  98
+				if($_SESSION['role'] == 'superadmin')
99 99
 				{
100 100
 					echo "<td><a href=getResult.php?str=".$file.">$file</a></td>\n";
101 101
 				}
2  index.php
@@ -2,7 +2,7 @@
2 2
 
3 3
 include_once 'config.inc.php';
4 4
 
5  
-if($_SESSION['onlydb'] != "")
  5
+if($_SESSION['role'] != "")
6 6
 {
7 7
 	if(@$_GET['frame'])
8 8
 	{
4  libs/classes/class.auth.php
@@ -56,7 +56,7 @@ public function AuthUser($pAuthFilename,$pUsername,$pPassword)
56 56
 			{
57 57
 				if(preg_match("/\b".$pUsername."\b/",$v["username"]) && preg_match("/\b".$pPassword."\b/", $v["password"]))
58 58
 				{
59  
-					return $v['privdb'];
  59
+					return $v;
60 60
 				}
61 61
 				else
62 62
 				{
@@ -108,7 +108,7 @@ public function AuthSql($pPrivilege,$pSql)
108 108
 			preg_match("/\bdfs -\b/i",$pSql)
109 109
 			)
110 110
 		{
111  
-			if($pPrivilege != "all")
  111
+			if($pPrivilege != "superadmin" || $pPrivilege != "dbadmin")
112 112
 			{
113 113
 				return FALSE;
114 114
 			}
2  sqlQuery.php
@@ -123,7 +123,7 @@
123 123
 			$sha1 = $etc->FingerPrintMake();
124 124
 			
125 125
 			#auth if have enough privileges to do hql query
126  
-			$sql = $auth->AuthSql($_SESSION['onlydb'],@$_POST['sql']);
  126
+			$sql = $auth->AuthSql($_SESSION['role'],@$_POST['sql']);
127 127
 			if($sql == FALSE)
128 128
 			{
129 129
 				die("<script>alert('".$lang['permissionDenied']."');history.back()</script>");
2  templates/sql_query_navi.html
@@ -15,7 +15,7 @@
15 15
 </a>
16 16
 </td>-->
17 17
 <?php
18  
-if($_SESSION['onlydb'] == "all")
  18
+if($_SESSION['role'] == "superadmin" || $_SESSION['role'] == "dbadmin")
19 19
 {
20 20
 ?>
21 21
 <td>

0 notes on commit 8d4e448

Please sign in to comment.
Something went wrong with that request. Please try again.