Переглянути джерело

Merge pull request #687 from causefx/cero-dev

Cero dev
causefx 8 роки тому
батько
коміт
ef39c9be18
3 змінених файлів з 43 додано та 24 видалено
  1. 1 1
      functions.php
  2. 15 16
      homepage.php
  3. 27 7
      user.php

+ 1 - 1
functions.php

@@ -2,7 +2,7 @@
 
 // ===================================
 // Define Version
- define('INSTALLEDVERSION', '1.5001');
+ define('INSTALLEDVERSION', '1.6');
 // ===================================
 use Kryptonit3\Sonarr\Sonarr;
 use Kryptonit3\SickRage\SickRage;

+ 15 - 16
homepage.php

@@ -143,19 +143,27 @@ foreach(loadAppearance() as $key => $value) {
             .slick-image-tall{
                 /*width: 125px;
                 height: 180px;*/
-				width: 100%;
+				width: 93.5%;
 				height: 200px;
 				padding: 0 2px;
             }
-			.slick-bottom-title {
-				width: 100%;
+            .slick-image-short{
+                /*width: 125px;
+                height: 130px;
+                margin-top: 50px;*/
+				width: 93.5%;
+				height: 130px;
+				margin-top: 70px;
 				padding: 0 2px;
-			}
-			.requestBottom {
-				width: 100%;
+            }
+            .requestBottom {
+				width: 93.5%;
 				padding: 0 2px;
 			    display: inline-flex;
-
+			}
+			.slick-bottom-title {
+				width: 93.5%;
+				padding: 0 2px;
 			}
 			.requestLast {
 				border-radius: 0 0 5px 5px;
@@ -182,15 +190,6 @@ foreach(loadAppearance() as $key => $value) {
 			.requestGroup:last-child {
 				border-radius: 0 0 5px 0;
 			}
-            .slick-image-short{
-                /*width: 125px;
-                height: 130px;
-                margin-top: 50px;*/
-				width: 100%;
-				height: 130px;
-				margin-top: 70px;
-				padding: 0 2px;
-            }
             .overlay{
                 position: absolute;
                 top: 0;

+ 27 - 7
user.php

@@ -119,6 +119,7 @@
 		// the user's email address, if logged in.
 		var $email = "";
 		var $adminEmail = "";
+		var $adminList = array();
 		// the user's role in the system
 		var $role = "";
 		var $group = "";
@@ -214,6 +215,7 @@
 			$this->userdir = ($this->username !=User::GUEST_USER? USER_HOME . $this->username : false);
 			$this->email = $this->get_user_email($this->username);
 			$this->adminEmail = $this->get_admin_email();
+			$this->adminList = $this->get_admin_list();
 			$this->role = $this->get_user_role($this->username);
 			//$this->group = $this->get_user_group($this->username);
 			// clear database
@@ -743,14 +745,26 @@
 		 */
 		function update_user($username, $email, $sha1, $role)
 		{
-			// logged in, but do the tokens match?
-			$token = $this->get_user_token($username);
-			writeLog("success", "$username has requested info update using token: $token");
-			if($token != $_SESSION["token"]) {
-				$this->error("token mismatch for $username");
-				return false;
+			//Admin bypass
+			if(!in_arrayi($_SESSION["username"], $this->get_admin_list())){
+				// logged in, but do the tokens match?
+				$token = $this->get_user_token($username);
+				if($token != $_SESSION["token"]) {
+					writeLog("error", "$username has requested info update using token: $token");
+					$this->error("token mismatch for $username");
+					return false;
+				}else{
+					writeLog("success", "$username token has been validated");
+				}
 			}else{
-				writeLog("success", "$username token has been validated");
+				$token = $this->get_user_token($_SESSION["username"]);
+				if($token != $_SESSION["token"]) {
+					writeLog("error", $_SESSION["username"]." has requested info update using token: $token");
+					$this->error("token mismatch for ".$_SESSION["username"]);
+					return false;
+				}else{
+					writeLog("success", "Admin Override on update for $username info");
+				}
 			}
 			if($email !="") {
 				$update = "UPDATE users SET email = '$email' WHERE username = '$username' COLLATE NOCASE";
@@ -883,6 +897,12 @@
 			foreach($this->database->query($query) as $data) { return $data["email"]; }
 			return "";
 		}
+		function get_admin_list()
+		{
+			$query = "SELECT username FROM users WHERE role = 'admin' COLLATE NOCASE";
+			foreach($this->database->query($query) as $data) { $list[] =  $data['username']; }
+			if(!empty($list)){ return $list; } else { return false; }
+		}
 		/**
 		 * Get a user's role
 		 */