No userID() on public pages...

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>

diff --git a/_admin.php b/_admin.php
index 85dc80f..6ab8699 100644 (file)
--- a/_admin.php
+++ b/_admin.php
@@ -1,4 +1,6 @@
 <?php
+define('IS_ADMIN_PAGE', 1);
+
 require_once dirname(__FILE__) . '/widget.auth.php';
 require_once dirname(__FILE__) . '/widget.post.perms.php';
 require_once dirname(__FILE__) . '/widget.blog.owner.php';

diff --git a/class.xorg.auth.php b/class.xorg.auth.php
index fb1b33d..ebd6d2b 100644 (file)
--- a/class.xorg.auth.php
+++ b/class.xorg.auth.php
@@ -48,7 +48,7 @@ class xorgAuth extends dcAuth {
       $cur = new cursor($this->con, 'dc_user');
       $cur->user_id = $_SESSION['auth-xorg'];
       $cur->user_pwd = md5(rand());
-      $cur->user_super = ($_SESSION['auth-xorg-perms'] == 'admin');
+      $cur->user_super = ($_SESSION['auth-xorg-perms'] == 'admin') ? '1' : '0';
       $cur->user_lang = 'fr';
       $cur->user_name = $_SESSION['auth-xorg-nom'];
       $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
@@ -96,7 +96,6 @@ class xorgAuth extends dcAuth {
     } else if ($type != 'user') {
       $perms = array();
     } else {
-        echo "bad session";
       return;
     }
     $core->setUserBlogPermissions($_SESSION['auth-xorg'],
@@ -213,6 +212,9 @@ class xorgAuth extends dcAuth {
 
   public function userID() {
     $this->buildFromSession();
+    if (!defined('IS_ADMIN_PAGE')) {
+      return null;
+    }
     return parent::userID();
   }
 

diff --git a/widget.auth.php b/widget.auth.php
index ba14500..1efd583 100644 (file)
--- a/widget.auth.php
+++ b/widget.auth.php
@@ -6,7 +6,7 @@ class xorgAuthWidget {
 
   static public function widget(&$w) {
     global $core;
-    $name = $core->auth->userID();
+    $name = @$core->auth->getInfo('user_displayname');
     if ($name) {
       $str = '<p>Tu es ' . $core->auth->getInfo('user_displayname') . '<br />';
       if ($core->auth->check('usage,contentadmin,admin', $core->blog->id)) {