auth: create user object regardless of login

Simplify code not having to check for object existence.

diff --git a/auth.inc.php b/auth.inc.php
index 3901609ac5317685563fc446aee404d121a442ad..b22ed5bf998aed0f7458ed3d727ac5606e391404 100644 (file)
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -3,8 +3,13 @@ date_default_timezone_set('Europe/Amsterdam');
 
 class User
 {
-       function __construct($dir, $existing = TRUE)
+       public $dir, $login;
+
+       function __construct($dir = NULL, $existing = TRUE)
        {
+               if (empty($dir)) {
+                       return;
+               }
                if (!file_exists($dir) and $existing) {
                        throw new Exception("Gebruiker niet gevonden in $dir");
                }
@@ -55,7 +60,7 @@ class User
                        }
                        return isset($this->admin[$permission]);  # check level
                }
-               if (!@file_exists("{$this->dir}/.admin")) {
+               if (!$this->dir or !@file_exists("{$this->dir}/.admin")) {
                        return FALSE;  # not an admin
                }
                return array_fill_keys(explode("\n", file_get_contents("{$this->dir}/.admin")), TRUE);
@@ -122,8 +127,11 @@ function login($inuser, $inpass = NULL)
        return $user;
 }
 
+global $User;
 if (isset($_COOKIE['login'])) {
-       global $User;
        $User = login($_COOKIE['login']);
 }
+if (!$User) {
+       $User = new User;
+}
 

diff --git a/edit/foto/cover/index.php b/edit/foto/cover/index.php
index ab86a2f8e71e1abb02e7de640dd932a11f3df7b8..2558e102fb358644e588741df851fa0b08e81d20 100644 (file)
--- a/edit/foto/cover/index.php
+++ b/edit/foto/cover/index.php
@@ -1,5 +1,5 @@
 <?php
-if (!$User or !$User->admin('foto')) {
+if (!$User->admin('foto')) {
        http_response_code(403);
        print "Beheerrechten verplicht voor instellen van covers\n";
        exit;

diff --git a/edit/nieuws/tag/index.php b/edit/nieuws/tag/index.php
index 9bfb5156b7e1208106bad6c8817c813263b40082..ca477c8c4427e10f133c8589d3ccb1651bb6b964 100644 (file)
--- a/edit/nieuws/tag/index.php
+++ b/edit/nieuws/tag/index.php
@@ -5,7 +5,7 @@ if (!$Args)
        abort("pagina niet opgegeven", '409 input error');
 
 $pagename = ltrim($Args, '/').'.html';
-if (!$User or !$User->admin("edit $pagename"))
+if (!$User->admin("edit $pagename"))
        abort("geen beheersrechten", '401 unauthorised');
 
 @list ($category, $year, $article) = explode('/', $pagename);

diff --git a/edit/page/index.php b/edit/page/index.php
index 48f8942e144e3487dee87ca1f7efabb6a50ca068..8989dd53586483126431b5e68cf5e9d5ef237e45 100644 (file)
--- a/edit/page/index.php
+++ b/edit/page/index.php
@@ -1,5 +1,5 @@
 <?php
-if (!$User or !$User->admin("edit $Page$Args"))
+if (!$User->admin("edit $Page$Args"))
        abort("geen beheersrechten", '401 unauthorised');
 
 if ($_FILES) {

diff --git a/foto/album.inc.php b/foto/album.inc.php
index 7a3f917afbab757e6f3e81a0ea1efb922a69e8eb..92a7395f1df4c263f7cd40303013300b1cea7f0b 100644 (file)
--- a/foto/album.inc.php
+++ b/foto/album.inc.php
@@ -24,7 +24,7 @@ function openphotoswipe(index) {
                closeElClasses: [], 
                shareButtons: [
 <?php
-if ($User and $User->admin('foto')) {
+if ($User->admin('foto')) {
        printf("\t\t\t{id:'%s', label:'%s', url:'%s'},\n",
                'cover', 'Cover instellen', "/edit/foto/cover$Args?img={{image_url}}"
        );

diff --git a/foto/index.php b/foto/index.php
index 89f5d060a74a6a878156ffa68019f8ce92594c9f..a97ec1c24ef0073e844df0cbb129834608484f49 100644 (file)
--- a/foto/index.php
+++ b/foto/index.php
@@ -1,7 +1,7 @@
 <?php
 $rootdir = $Page . $Args;
 
-if ($User and $User->admin('foto')) {
+if ($User->admin('foto')) {
        $access = '🔓 Openbaar';
        if (!empty($PageAccess)) {
                $access = "🔒 Bewoners";
@@ -64,7 +64,7 @@ if ($imgs = glob("$rootdir/*", GLOB_ONLYDIR)) {
 
                $html = '<img src="/'.$cover.'" />';
                $html .= "<figcaption>$album</figcaption>";
-               if (empty($User) and file_exists("$path/.private")) {
+               if (!$User->login and file_exists("$path/.private")) {
                        $html = '<strike title="bewoners">'.$html.'</strike>';
                }
                $html = "<figure>$html</figure>";

diff --git a/login/admin/index.php b/login/admin/index.php
index eb8a8773d19d2aebdc31a371bd861f5e9499d561..0688f17f3c37cb00cad10bae6889a3825156ba4b 100644 (file)
--- a/login/admin/index.php
+++ b/login/admin/index.php
@@ -1,5 +1,5 @@
 <?php
-if (!$User or !$User->admin('site')) {
+if (!$User->admin('site')) {
        http_response_code(403);
 ?>
 <h2>Verboden toegang</h2>

diff --git a/login/index.php b/login/index.php
index c69ec3c5d48395939d6e612564303b0bb9cd760c..6783a47c9d73d9b9dfeffe42025565ba3e51a889 100644 (file)
--- a/login/index.php
+++ b/login/index.php
@@ -35,7 +35,7 @@ elseif (isset($_GET['logout'])) {
        $message = "Je bent uitgelogd. Graag tot ziens!";
 }
 
-if (empty($User)) {
+if (!$User or !$User->login) {
        $Article->title = 'Inloggen';
        if (isset($_REQUEST['goto'])) {
                $target = ltrim($_REQUEST['goto'], '/');
@@ -75,7 +75,7 @@ if (isset($_REQUEST['goto'])) {
 if (isset($Article->raw)) {
        print $Article->raw;
 }
-if (empty($Args) and $User and $User->admin) {
+if (empty($Args) and $User->admin) {
        include_once 'login/admin.html';
 }
 

diff --git a/login/pass/index.php b/login/pass/index.php
index 735770a791cb7aea185d287b1b4880301bbca7b3..cd6518662616018bbc7cdbaec8c6d9a8f7167e96 100644 (file)
--- a/login/pass/index.php
+++ b/login/pass/index.php
@@ -13,7 +13,7 @@ if (isset($_GET['token'])) {
                return TRUE;
        }
 }
-elseif (!$User) {
+elseif (!$User->login) {
        http_response_code(303);
        $target = urlencode($_SERVER['REQUEST_URI']);
        header("Location: /login?goto=$target");
@@ -38,7 +38,7 @@ Hier kun je een nieuwe inlogcode instellen voor <em><?= htmlspecialchars($User->
 Dit zal de huidige code vervangen.
 </p>
 <p>
-<?php if ($User and strlen($User->pass)) { ?>
+<?php if ($User->login and strlen($User->pass)) { ?>
 <input type="password" name="oldpass" value="" placeholder="Huidig wachtwoord" />
 <?php } ?>
 <input type="password" name="newpass" value="" placeholder="Nieuw wachtwoord" />

diff --git a/login/post/index.php b/login/post/index.php
index 96219780f49fd2134989290d2f126ab799a0c092..0beb42ff8b618f6e5cd349370bffc7067d572a6f 100644 (file)
--- a/login/post/index.php
+++ b/login/post/index.php
@@ -1,5 +1,5 @@
 <?php
-if (!$User) {
+if (!$User->login) {
        http_response_code(303);
        $target = urlencode($_SERVER['REQUEST_URI']);
        header("Location: /login?goto=$target");

diff --git a/nieuws/index.php b/nieuws/index.php
index 392a10fce64340c6e7f2cd80498f7ef797eb94ad..f74c632bd762ea06dab685c70ce9c41a6f4733fa 100644 (file)
--- a/nieuws/index.php
+++ b/nieuws/index.php
@@ -1,14 +1,14 @@
 <?php
-$replyform = $Page == 'melding' && !empty($User);
+$replyform = $Page == 'melding' && $User->login;
 @list ($year, $page) = explode('/', trim($Args, '/'));
 
-if ($User and $User->admin("edit $Page")) {
+if ($User->admin("edit $Page")) {
        print '<script src="/nieuws/edit.js"></script>'."\n";
 }
 
 if ($page and !is_numeric($page)) {
        $Article->meta['og:type'] = 'article';
-       $edit = $User && $User->admin("edit $Page$Args") ? htmlspecialchars(@$_GET['edit']) : NULL;
+       $edit = $User->admin("edit $Page$Args") ? htmlspecialchars(@$_GET['edit']) : NULL;
        if ($edit) {
                $Article->title = $edit;
        }
@@ -16,7 +16,7 @@ if ($page and !is_numeric($page)) {
                $Place[1] = ' <small class="date">'.$Article->date.'</small>';
        }
        print preg_replace('{(?<=<h2>)(.*?)(?=</h2>)}', ($edit ?: '\1').' [[1]]', $Article->raw);
-       if ($User and $User->admin("edit $Page$Args")) {
+       if ($User->admin("edit $Page$Args")) {
                $taglist = [];
                foreach (glob("$Page/.tags/*") as $tagpath) {
                        $tagname = pathinfo($tagpath, PATHINFO_BASENAME);

diff --git a/page.inc.php b/page.inc.php
index 7a54bf7424b59603c98509a65ae83da5962bcf1b..94ef7cfb0dbf48aed0b6e97b99afd7c931b7f1ce 100644 (file)
--- a/page.inc.php
+++ b/page.inc.php
@@ -7,7 +7,7 @@ print "<header>\n";
 ob_start();
 include 'menu.inc.html';
 ob_start();
-if (!empty($User)) {
+if ($User and $User->login) {
        print '<div class="login"><p>';
        printf('<span>Ingelogd: <b><a href="%s">%s</a></b></span>', '/login', $User->login);
        if ($User->admin("edit $Page$Args")) {
@@ -44,7 +44,7 @@ register_shutdown_function(function () {
        print "</footer>\n";
 
        global $User, $Page, $Args;
-       if (!empty($User) and $User->admin("edit $Page$Args")) {
+       if ($User and $User->admin("edit $Page$Args")) {
                $ckesrc = '/lib/ckeditor'; # local install
                if (!file_exists(DOCROOT . $ckesrc)) {
                        $ckesrc = '//cdn.ckeditor.com/4.7.3/full-all'; # remote fallback

diff --git a/page.php b/page.php
index 93b705ff610ef837c2b78349ab1f871a2c9333ba..bb2de0b75f9ddddffb51d37749e575286941d235 100644 (file)
--- a/page.php
+++ b/page.php
@@ -54,7 +54,7 @@ function getoutput($blocks = [])
 
        # keep either login or logout parts depending on user level
        global $User;
-       $hideclass = empty($User) ? 'login' : 'logout';
+       $hideclass = $User && $User->login ? 'logout' : 'login';
        $doc = preg_replace('{\s*<([a-z]+) class="'.$hideclass.'">.*?</\1>}s', '', $doc);
 
        return preg_replace_callback(
@@ -118,8 +118,7 @@ error_reporting(error_reporting() & ~E_FATAL);
 
 # user login and control
 
-$User = NULL;
-include_once 'auth.inc.php';
+include_once 'auth.inc.php'; // sets global $User
 $Edit = isset($_GET['edit']);
 
 # setup requested page
@@ -149,7 +148,7 @@ $Args = $Article->path;
 
 if ($PageAccess = $Article->restricted) {
        # access restriction
-       if (empty($User)) {
+       if (!$User->login) {
                http_response_code(303);
                $target = urlencode($Article->link);
                header("Location: /login?goto=$target");
@@ -168,12 +167,12 @@ header(sprintf('Content-Security-Policy: %s', implode('; ', [
 
 ob_start(); # page body
 $Place = [
-       'user'  => $User ? $User->login : '',
+       'user'  => $User->login ?: '',
        'url'   => htmlspecialchars($_SERVER['REQUEST_URI']),
 ];
 
 if (isset($Article->raw)) {
-       if ($User and $User->admin("edit $Page$Args")) {
+       if ($User->admin("edit $Page$Args")) {
                # restore meta tags in static contents for editing
                foreach (array_reverse($Article->meta) as $metaprop => $val) {
                        $Article->raw = sprintf(
@@ -183,7 +182,7 @@ if (isset($Article->raw)) {
                }
        }
 }
-elseif ($User and $User->admin("edit {$Article->link}")) {
+elseif ($User->admin("edit {$Article->link}")) {
        $Article->raw(file_exists("$Page/template.inc.html") ? "$Page/template.inc.html" : 'template.inc.html');
 }
 if (isset($Article->raw)) {

diff --git a/upload.inc.php b/upload.inc.php
index 74219ed0043c01e77a3db61026e5c09dc0fe1036..6175fe20a685b1b1df707ccba8e74f4bad2564f1 100644 (file)
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -45,7 +45,7 @@ function messagehtml($input)
        if (empty($input)) {
                return;
        }
-       if ($User and $User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
+       if ($User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
                return $input;  # allow html input as is if privileged
        }
        $html = preg_replace(

diff --git a/widget/contact.php b/widget/contact.php
index 6e04005226abade032281e95fb36f750dfe8f521..b7e073fe40f72890260fcab2f448fd6ca1f3123a 100644 (file)
--- a/widget/contact.php
+++ b/widget/contact.php
@@ -2,7 +2,7 @@
 $error = NULL;
 if ($_POST) {
        global $User;
-       if ($User) {
+       if ($User->login) {
                $_REQUEST['login'] = $User->login;
                $_REQUEST['email'] = $_REQUEST['email'] ?: $User->email;
        }

diff --git a/widget/login/name.php b/widget/login/name.php
index df934a5e0e422dbe45b42fde2e6748a8c1f7392c..6c15196cb00cd9289fcf6dde3a409c527add50b9 100644 (file)
--- a/widget/login/name.php
+++ b/widget/login/name.php
@@ -1,6 +1,6 @@
 <?php
 global $User;
-if (empty($User)) {
+if (!$User->login) {
        print '<em>niet ingelogd</em>';
        return;
 }

diff --git a/widget/reply.php b/widget/reply.php
index 7e0ec1e83aea3c4c0819df20d9315f491db8ab8b..edffaa75ceb3b6bc9de79f34d79af2b4d94bff72 100644 (file)
--- a/widget/reply.php
+++ b/widget/reply.php
@@ -103,7 +103,7 @@ while ($row = $query->fetch()) {
        print "</li>\n";
 }
 
-if ($User) {
+if ($User->login) {
        print '<li>';
        print '<form method="post" action="" enctype="multipart/form-data">';
        if (isset($Issue) and $User->admin("edit $Page")) {