Mercurial > hg > fapweb

diff msite.inc.php @ 5:76c3b89d7b11

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improve voting, clean up the code, etc.
author Matti Hamalainen <ccr@tnsp.org>
date Wed, 05 Dec 2012 08:08:58 +0200
parents 8019b357cc03
children d76020022881
line wrap: on
line diff
--- a/msite.inc.php	Tue Dec 04 21:28:11 2012 +0200
+++ b/msite.inc.php	Wed Dec 05 08:08:58 2012 +0200
@@ -19,17 +19,42 @@
 }
 
 
-function stAuthSession()
+function stSetupCacheControl()
+{
+  header("Cache-Control: private");
+  header("Cache-Control: must-revalidate");
+  header("Cache-Control: no-store");
+}
+
+
+function stSessionExpire($type)
 {
-  if (@session_start() === TRUE && isset($_SESSION["admpass"]) &&
-      $_SESSION["admpass"] == stGetSetting("admpass", FALSE))
+  // Check for session expiration
+  if (!isset($_SESSION["expires"]) || $_SESSION["expires"] < time())
+    return FALSE;
+
+  // Add more time to expiration
+  $_SESSION["expires"] = time() + stGetSetting($type);
+  return TRUE;
+}
+
+
+function stAdmSessionAuth()
+{
+  if (@session_start() === TRUE && isset($_SESSION["admPassword"]) &&
+      $_SESSION["admPassword"] == stGetSetting("admPassword"))
+    return stSessionExpire("admTimeout");
+  else
+    return FALSE;
+}
+
+
+function stAdmSessionStart()
+{
+  if (@session_start() === TRUE)
   {
-    // Check for session expiration
-    if (!isset($_SESSION["expires"]) || $_SESSION["expires"] < time())
-      return FALSE;
-
-    // Add more time to expiration
-    $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60);
+    $_SESSION["admPassword"] = stGetSetting("admPassword");
+    $_SESSION["expires"] = time() + stGetSetting("admTimeout");
     return TRUE;
   }
   else
@@ -37,12 +62,20 @@
 }
 
 
-function stStartSession()
+function stVoteSessionAuth()
+{
+  if (@session_start() === TRUE && isset($_SESSION["key"]) && isset($_SESSION["votes"]))
+    return stSessionExpire("voteTimeout");
+  else
+    return FALSE;
+}
+
+
+function stVoteSessionStart()
 {
   if (@session_start() === TRUE)
   {
-    $_SESSION["admpass"] = stGetSetting("admpass", FALSE);
-    $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60);
+    $_SESSION["expires"] = time() + stGetSetting("voteTimeout");
     return TRUE;
   }
   else
@@ -50,9 +83,14 @@
 }
 
 
-function stEndSession()
+function stSetVoteStatus($st)
 {
-  $ok = stAuthSession();
+  $_SESSION["status"] = $st;
+}
+
+
+function stSessionEnd($ok)
+{
   $_SESSION = array();
   if (ini_get("session.use_cookies"))
   {
@@ -67,13 +105,16 @@
 }
 
 
-function stGetSetting($name, $default)
+function stGetSetting($name)
 {
-  global $siteSettings;
+  global $siteSettings, $siteDefaults;
   if (isset($siteSettings[$name]))
     return $siteSettings[$name];
   else
-    return $default;
+  if (isset($siteDefaults[$name]))
+    return $siteDefaults[$name];
+  else
+    die("No config value or default for '".$name."'.\n");
 }
 
 
@@ -117,7 +158,7 @@
   return
     "<input ".$extra." type=\"checkbox\" id=\"".$prefix.$name.$id."\" ".
     "name=\"".$prefix.$name.$id."\" ".($checked ? "checked=\"checked\" " : "")." />".
-    "<label for=\"".$prefix.$name.$id."\">".$label."</label>";
+    ($label != "" ? "<label for=\"".$prefix.$name.$id."\">".$label."</label>" : "");
 }
 
 
@@ -260,7 +301,7 @@
 {
   global $db;
   try {
-    $db = new PDO("sqlite:".stGetSetting("dbfilename", FALSE));
+    $db = new PDO("sqlite:".stGetSetting("sqlDBfilename"));
   }
   catch (PDOException $e) {
     error_log("Could not connect to SQL database: ".$e->getMessage().".");