*** empty log message ***

svn path=/trunk/boinc/; revision=3282
2004-04-21 23:25:05 +00:00 · 2004-04-21 23:25:05 +00:00 · 8e66017d92
parent 979faa07da
commit 8e66017d92
7 changed files with 47 additions and 31 deletions
--- a/20
+++ b/20
@ -11718,3 +11718,23 @@ David  April 20 2004
 		file_names.C
 	lib/
 		filesys.C
+
+David  April 21 2004
+    - Web: page_head() no longer checks for logged-in user.
+        Pages that care about that must do it separately,
+        and can pass the user into page_head() if they want.
+    - added is_valid_country() function
+    - don't get logged-in user for pages that don't show sensitive info
+        (results, workunit, host).
+        This also makes these pages cacheable.
+
+    html/
+        forum/
+            edit.php
+        inc/
+            countries.php
+            util.inc
+        user/
+            result.php
+            results.php
+            show_host_detail.php
--- a/html/forum/edit.php
+++ b/html/forum/edit.php
@ -30,7 +30,7 @@ if ($_POST['submit']) {
 }


-page_head('Forum', $logged_in_user, NULL, 'forum.css');
+page_head('Forum', $logged_in_user);

 if (!empty($_GET['id'])) {
    $post = getPost($_GET['id']);
--- a/html/inc/countries.inc
+++ b/html/inc/countries.inc
@ -233,27 +233,33 @@ $countries = array(
    "Yemen",
    "Zambia",
    "Zimbabwe"
-    );
+);

 function print_country_select($selected_country="None") {
-   global $countries;
+    global $countries;

-   //See if we can find the user's country and select it as default:
-   $gi = geoip_open("../inc/GeoIP.dat",GEOIP_STANDARD);
-   $geoip_country = geoip_country_name_by_addr($gi,$_SERVER["REMOTE_ADDR"]);
-   geoip_close($gi);
+    //See if we can find the user's country and select it as default:
+    $gi = geoip_open("../inc/GeoIP.dat",GEOIP_STANDARD);
+    $geoip_country = geoip_country_name_by_addr($gi,$_SERVER["REMOTE_ADDR"]);
+    geoip_close($gi);

-   if ($selected_country=="") $selected_country="None";
-   if ($selected_country=="None" and $geoip_country!=""){
-       $selected_country=$geoip_country;
-   }
-   echo "selected: $selected_country\n";
+    if ($selected_country=="") $selected_country="None";
+    if ($selected_country=="None" and $geoip_country!=""){
+        $selected_country=$geoip_country;
+    }
+    echo "selected: $selected_country\n";

-   $numCountries = count($countries);
-   for ($i=0; $i<$numCountries; $i++) {
-       $country = $countries[$i];
-       $selected = ($selected_country == $country ? "selected":"");
-       echo "<option value=\"$country\" $selected>$country</option>\n";
-   }
+    $numCountries = count($countries);
+    for ($i=0; $i<$numCountries; $i++) {
+        $country = $countries[$i];
+        $selected = ($selected_country == $country ? "selected":"");
+        echo "<option value=\"$country\" $selected>$country</option>\n";
+    }
 } 
+
+function is_valid_country($country) {
+    global $countries;
+    return in_array($country, $countries);
+}
+
 ?>
--- a/html/inc/util.inc
+++ b/html/inc/util.inc
@ -122,11 +122,7 @@ function write_fd($fd, $str) {
    }
 }

-function page_head($title, $user=null, $fd=null, $get_user=true) {
-    if ($user == NULL && $get_user) {
-        $user = get_logged_in_user(false);
-    }
-
+function page_head($title, $user=null, $fd=null) {
    $styleSheet = URL_BASE . STYLESHEET;

    write_fd($fd, "<html><head><title>$title</title>\n");
--- a/html/user/result.php
+++ b/html/user/result.php
@ -8,7 +8,6 @@
    db_init();
    $resultid = $_GET["resultid"];
    page_head("Result");
-    $user = get_logged_in_user();
    $r = mysql_query("select * from result where id=$resultid");
    $result = mysql_fetch_object($r);
    mysql_free_result($r);
@ -16,10 +15,6 @@
        echo "No such result";
        exit();
    }
-    //if ($result->userid != $user->id) {
-    //    echo "No access";
-    //    exit();
-    //}
    show_result($result);
    page_tail();
 ?>
--- a/html/user/results.php
+++ b/html/user/results.php
@ -13,14 +13,13 @@
    $offset = $_GET["offset"];
    if (!$offset) $offset=0;

-    $user = get_logged_in_user();
-
    if ($hostid) {
        $host = lookup_host($hostid);
        $type = "host";
        $link = "<a href=show_host_detail.php?hostid=$hostid>host $hostid</a>";
        $clause = "hostid=$hostid";
    } else {
+        $user = get_logged_in_user();
        if ($userid != $user->id) {
            echo "No access";
            exit();
--- a/html/user/show_host_detail.php
+++ b/html/user/show_host_detail.php
@ -13,7 +13,7 @@
        exit();
    }
    $private = false;
-    $user = get_logged_in_user();
+    $user = get_logged_in_user(false);
    if ($user && $user->id == $host->userid) {
        $private = true;
    }