<?php
// File name:	scptpriv.inc.php
// Description:	PHP subroutines to check the script privilege
// Date:	2002-11-13
// Author:	imacat <imacat@pristine.com.tw>
// Copyright:	Copyright (C) 2002-2007 Pristine Communications

// Set the include path
if (!defined("INCPATH_SET")) {
    require_once dirname(__FILE__) . "/incpath.inc.php";
}
// Referenced subroutines
require_once "monica/chkpriv.inc.php";
require_once "monica/guest.inc.php";
require_once "monica/login.inc.php";
require_once "monica/requri.inc.php";
require_once "monica/server.inc.php";
require_once "monica/sql.inc.php";

// is_script_permitted: Check the script privilege
function is_script_permitted($script = null)
{
    // Cache the result
    static $cache = array();
    // Default to the current script
    if (is_null($script) || $script === true) {
        // If Apache SCRIPT_FILENAME exists, use it with DOC_ROOT to decide the current script
        if (    is_apache()
                && array_key_exists("SCRIPT_FILENAME", $_SERVER)
                && substr($_SERVER["SCRIPT_FILENAME"], 0, strlen(DOC_ROOT)) == DOC_ROOT) {
            $script = substr($_SERVER["SCRIPT_FILENAME"], strlen(DOC_ROOT));
            if (substr($script, -10) == "/index.php") {
                $script = substr($script, 0, -9);
            }
        } else {
            $script = REQUEST_PATH;
        }
    }
    // Return the cache
    if (array_key_exists($script, $cache)) {
        return $cache[$script];
    }
    
    // Always true for super users
    if (is_su()) {
        $cache[$script] = true;
        return $cache[$script];
    }
    
    // Obtain the permitted groups
    $select = "SELECT groups.id AS grp FROM scptpriv"
        . " INNER JOIN groups ON scptpriv.grp=groups.sn"
        . " WHERE scptpriv.script='" . sql_esctext($script) . "';\n";
    $result = sql_query($select);
    $count = sql_num_rows($result);
    for ($i = 0, $permgroups = array(); $i < $count; $i++) {
        $row = sql_fetch_assoc($result);
        $permgroups[] = $row["grp"];
    }
    
    // Only true for guests to act like ordinary administrators
    if (is_guest() && count($permgroups) > 0) {
        $cache[$script] = true;
        return $cache[$script];
    }
    
    // Obtain the belonged groups
    $curgroups = get_login_groups();
    // If there is any intersection
    if (count(array_intersect($curgroups, $permgroups)) > 0) {
        $cache[$script] = true;
        return $cache[$script];
    }
    
    // Default to false
    $cache[$script] = false;
    return $cache[$script];
}

// is_admin_script: If this is an administrative script
function is_admin_script($script = null)
{
    // Cache the result
    static $cache = array();
    // Default to the current script
    if (is_null($script)) {
        $script = REQUEST_PATH;
    }
    // Return the cache
    if (array_key_exists($script, $cache)) {
        return $cache[$script];
    }
    // Respect the local checker
    if (function_exists("is_admin_script_local")) {
        $cache[$script] = is_admin_script_local($script);
    
    // Else, check the "/admin/" prefix
    } else {
        $cache[$script] = substr($script, 0, 7) == "/admin/";
    }
    
    return $cache[$script];
}

?>