ulysia/szurubooru
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Closed #52 - fixes for anonymous accounts

Browse source 
- Anonymous account is no longer created when commenting/uploading
- Anonymous users can now switch safety, if it's available
- Anonymous users can delete their own posts
- Refurbished session and logging in/out mechanism
- Possible fixes for registration/activation/account deletion issues
This commit is contained in:
Marcin Kurczewski 2013-10-27 20:39:32 +01:00
parent f726690ea3
commit b55a8f1dce
10 changed files with 75 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
src/Bootstrap.php
View file

@ -1,41 +1,6 @@
<?php <?php
class Bootstrap class Bootstrap
{ {
public function attachUser()
{
$this->context->loggedIn = false;
if (isset($_SESSION['user-id']))
{
if (!isset($_SESSION['user']))
{
$dbUser = R::findOne('user', 'id = ?', [$_SESSION['user-id']]);
$_SESSION['user'] = serialize($dbUser);
}
$this->context->user = unserialize($_SESSION['user']);
if (!empty($this->context->user))
{
$this->context->loggedIn = true;
}
}
if (!$this->context->loggedIn)
{
try
{
AuthController::tryAutoLogin();
}
catch (Exception $e)
{
}
}
if (empty($this->context->user))
{
$dummy = R::dispense('user');
$dummy->name = 'Anonymous';
$dummy->access_rank = AccessRank::Anonymous;
$this->context->user = $dummy;
}
}
public function workWrapper($workCallback) public function workWrapper($workCallback)
{ {
$this->config->chibi->baseUrl = 'http://' . rtrim($_SERVER['HTTP_HOST'], '/') . '/'; $this->config->chibi->baseUrl = 'http://' . rtrim($_SERVER['HTTP_HOST'], '/') . '/';
@ -62,7 +27,7 @@ class Bootstrap
$this->context->transport = new StdClass; $this->context->transport = new StdClass;
$this->context->transport->success = null; $this->context->transport->success = null;
$this->attachUser(); AuthController::doLogIn();
if (empty($this->context->route)) if (empty($this->context->route))
{ {

56
src/Controllers/AuthController.php
View file

@ -4,6 +4,7 @@ class AuthController
public static function tryLogin($name, $password) public static function tryLogin($name, $password)
{ {
$config = \Chibi\Registry::getConfig(); $config = \Chibi\Registry::getConfig();
$context = \Chibi\Registry::getContext();
$dbUser = R::findOne('user', 'name = ?', [$name]); $dbUser = R::findOne('user', 'name = ?', [$name]);
if ($dbUser === null) if ($dbUser === null)
@ -22,8 +23,8 @@ class AuthController
if ($config->registration->needEmailForRegistering) if ($config->registration->needEmailForRegistering)
PrivilegesHelper::confirmEmail($dbUser); PrivilegesHelper::confirmEmail($dbUser);
$_SESSION['user-id'] = $dbUser->id; $context->user = $dbUser;
$_SESSION['user'] = serialize($dbUser); self::doReLog();
\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index')); \Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
return $dbUser; return $dbUser;
} }
@ -75,9 +76,56 @@ class AuthController
public function logoutAction() public function logoutAction()
{ {
$this->context->viewName = null; $this->context->viewName = null;
$this->context->viewName = null; $this->context->layoutName = null;
unset($_SESSION['user-id']); self::doLogOut();
setcookie('auth', false, 0, '/'); setcookie('auth', false, 0, '/');
\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index')); \Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
} }
public static function doLogOut()
{
unset($_SESSION['user']);
}
public static function doLogIn()
{
$context = \Chibi\Registry::getContext();
if (!isset($_SESSION['user']))
{
if (!empty($context->user) and $context->user->id)
{
$dbUser = R::findOne('user', 'id = ?', [$context->user->id]);
$_SESSION['user'] = serialize($dbUser);
}
else
{
$dummy = R::dispense('user');
$dummy->name = 'Anonymous';
$dummy->access_rank = AccessRank::Anonymous;
$dummy->anonymous = true;
$_SESSION['user'] = serialize($dummy);
}
}
$context->user = unserialize($_SESSION['user']);
#throw new SimpleException($context->user->anonymous ? '1' : '0');
$context->loggedIn = $context->user->anonymous ? false : true;
if (!$context->loggedIn)
{
try
{
self::tryAutoLogin();
}
catch (Exception $e)
{
}
}
}
public static function doReLog()
{
$context = \Chibi\Registry::getContext();
if ($context->user !== null)
$_SESSION['user'] = serialize($context->user);
self::doLogIn();
}
} }

3
src/Controllers/CommentController.php
View file

@ -72,7 +72,8 @@ class CommentController
$text = Model_Comment::validateText($text); $text = Model_Comment::validateText($text);
$comment = R::dispense('comment'); $comment = R::dispense('comment');
$comment->post = $post; $comment->post = $post;
$comment->commenter = $this->context->user; if ($this->context->loggedIn)
$comment->commenter = $this->context->user;
$comment->comment_date = time(); $comment->comment_date = time();
$comment->text = $text; $comment->text = $text;
if (InputHelper::get('sender') != 'preview') if (InputHelper::get('sender') != 'preview')

3
src/Controllers/PostController.php
View file

@ -341,7 +341,8 @@ class PostController
$dbPost->upload_date = time(); $dbPost->upload_date = time();
$dbPost->image_width = $imageWidth; $dbPost->image_width = $imageWidth;
$dbPost->image_height = $imageHeight; $dbPost->image_height = $imageHeight;
$dbPost->uploader = $this->context->user; if ($this->context->loggedIn)
$dbPost->uploader = $this->context->user;
$dbPost->ownFavoritee = []; $dbPost->ownFavoritee = [];
$dbPost->sharedTag = $dbTags; $dbPost->sharedTag = $dbTags;

16
src/Controllers/UserController.php
View file

@ -209,6 +209,8 @@ class UserController
R::store($post); R::store($post);
} }
$user->ownFavoritee = []; $user->ownFavoritee = [];
if ($user->id == $this->context->user->id)
AuthController::doLogOut();
R::store($user); R::store($user);
R::trash($user); R::trash($user);
\Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index')); \Chibi\UrlHelper::forward(\Chibi\UrlHelper::route('index', 'index'));
@ -247,7 +249,7 @@ class UserController
$user->enableEndlessScrolling(InputHelper::get('endless-scrolling')); $user->enableEndlessScrolling(InputHelper::get('endless-scrolling'));
R::store($user); R::store($user);
$this->context->transport->user = $user; AuthController::doReLog();
$this->context->transport->success = true; $this->context->transport->success = true;
} }
} }
@ -453,7 +455,9 @@ class UserController
$this->context->user->enableSafety($safety, $this->context->user->enableSafety($safety,
!$this->context->user->hasEnabledSafety($safety)); !$this->context->user->hasEnabledSafety($safety));
R::store($this->context->user); AuthController::doReLog();
if (!$this->context->user->anonymous)
R::store($this->context->user);
$this->context->transport->success = true; $this->context->transport->success = true;
} }
@ -535,8 +539,8 @@ class UserController
if (!$this->config->registration->needEmailForRegistering and !$this->config->registration->staffActivation) if (!$this->config->registration->needEmailForRegistering and !$this->config->registration->staffActivation)
{ {
$_SESSION['user-id'] = $dbUser->id; $this->context->user = $dbUser;
\Chibi\Registry::getBootstrap()->attachUser(); AuthController::doReLog();
} }
} }
} }
@ -567,8 +571,8 @@ class UserController
if (!$this->config->registration->staffActivation) if (!$this->config->registration->staffActivation)
{ {
$_SESSION['user-id'] = $dbUser->id; $this->context->user = $dbUser;
\Chibi\Registry::getBootstrap()->attachUser(); AuthController::doReLog();
} }
} }
} }

2
src/Helpers/PrivilegesHelper.php
View file

@ -53,7 +53,7 @@ class PrivilegesHelper
public static function getIdentitySubPrivilege($user) public static function getIdentitySubPrivilege($user)
{ {
if (!$user) if (!$user)
return false; return 'all';
$userFromContext = \Chibi\Registry::getContext()->user; $userFromContext = \Chibi\Registry::getContext()->user;
return $user->id == $userFromContext->id ? 'own' : 'all'; return $user->id == $userFromContext->id ? 'own' : 'all';
} }

13
src/Models/Model_User.php
View file

@ -41,17 +41,6 @@ class Model_User extends RedBean_SimpleModel
$this->settings = $settings; $this->settings = $settings;
} }
public function update()
{
$context = \Chibi\Registry::getContext();
if ($context->user->id == $this->id)
{
$context->user = $this;
unset($_SESSION['user']);
}
}
const SETTING_SAFETY = 1; const SETTING_SAFETY = 1;
const SETTING_ENDLESS_SCROLLING = 2; const SETTING_ENDLESS_SCROLLING = 2;
@ -60,7 +49,7 @@ class Model_User extends RedBean_SimpleModel
{ {
$all = $this->getSetting(self::SETTING_SAFETY); $all = $this->getSetting(self::SETTING_SAFETY);
if (!$all) if (!$all)
return true; return $safety == PostSafety::toFlag(PostSafety::Safe);
return $all & PostSafety::toFlag($safety); return $all & PostSafety::toFlag($safety);
} }

6
src/Views/comment-small.phtml
View file

@ -2,10 +2,10 @@
<div class="avatar"> <div class="avatar">
<?php if ($this->context->comment->commenter): ?> <?php if ($this->context->comment->commenter): ?>
<a href="<?php echo \Chibi\UrlHelper::route('user', 'view', ['name' => $this->context->comment->commenter->name]) ?>"> <a href="<?php echo \Chibi\UrlHelper::route('user', 'view', ['name' => $this->context->comment->commenter->name]) ?>">
<img src="<?php echo htmlspecialchars($this->context->comment->commenter->getAvatarUrl(40)) ?>" alt="<?php echo $this->context->comment->commenter->name ?: '[deleted user]' ?>"/> <img src="<?php echo htmlspecialchars($this->context->comment->commenter->getAvatarUrl(40)) ?>" alt="<?php echo $this->context->comment->commenter->name ?: '[unknown user]' ?>"/>
</a> </a>
<?php else: ?> <?php else: ?>
<img src="<?php echo \Chibi\UrlHelper::absoluteUrl('/media/img/pixel.gif') ?>" alt="[deleted user]"> <img src="<?php echo \Chibi\UrlHelper::absoluteUrl('/media/img/pixel.gif') ?>" alt="[unknown user]">
<?php endif ?> <?php endif ?>
</div> </div>
@ -17,7 +17,7 @@
<?php echo $this->context->comment->commenter->name ?> <?php echo $this->context->comment->commenter->name ?>
</a> </a>
<?php else: ?> <?php else: ?>
[deleted user] [unknown user]
<?php endif ?> <?php endif ?>
</span> </span>

2
src/Views/layout-normal.phtml
View file

@ -67,7 +67,7 @@
} }
?> ?>
<?php if ($this->context->loggedIn): ?> <?php if (PrivilegesHelper::confirm(Privilege::ChangeUserSettings, PrivilegesHelper::getIdentitySubPrivilege($this->context->user))): ?>
<li class="safety"> <li class="safety">
<ul> <ul>
<?php foreach (PostSafety::getAll() as $safety): ?> <?php foreach (PostSafety::getAll() as $safety): ?>

4
src/Views/post-view.phtml
View file

@ -54,8 +54,8 @@
</a> </a>
</span> </span>
<?php else: ?> <?php else: ?>
<span class="value" title="[deleted user]"> <span class="value" title="[unknown user]">
[deleted user] [unknown user]
</span> </span>
<?php endif ?> <?php endif ?>
</div> </div>