comma in wrong place.

[squirrelmail.git] / plugins / administrator / auth.php

diff --git a/plugins/administrator/auth.php b/plugins/administrator/auth.php
index eb6bd740c2641e2e67239671be107827859be3dd..c32ccbe738715614e14dd065559ede84851406e5 100644 (file)
--- a/plugins/administrator/auth.php
+++ b/plugins/administrator/auth.php
@@ -1,19 +1,49 @@
 <?php
+/**
+ * Administrator plugin - Authentication routines
+ *
+ * This function tell other modules what users have access
+ * to the plugin.
+ *
+ * @version $Id$
+ * @author Philippe Mingo
+ * @copyright (c) 1999-2004 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @package plugins
+ * @subpackage administrator
+ */
 
+/**
+ * Check if user has access to administrative functions
+ *
+ * @return boolean
+ * @access private
+ */
 function adm_check_user() {
+    global $PHP_SELF;
+    require_once(SM_PATH . 'functions/global.php');
+    
+    if ( !sqgetGlobalVar('username',$username,SQ_SESSION) ) {
+        $username = '';
+    }
 
-    GLOBAL $username;
-
-    $auth = FALSE;
-    if ( $adm_id = fileowner('../config/config.php') ) {
+    /* This needs to be first, for all non_options pages */
+    if (strpos('options.php', $PHP_SELF)) {
+        $auth = FALSE;
+    } else if (file_exists(SM_PATH . 'plugins/administrator/admins')) {
+        $auths = file(SM_PATH . 'plugins/administrator/admins');
+        $auth = in_array("$username\n", $auths);
+    } else if (file_exists(SM_PATH . 'config/admins')) {
+        $auths = file(SM_PATH . 'config/admins');
+        $auth = in_array("$username\n", $auths);
+    } else if ($adm_id = fileowner(SM_PATH . 'config/config.php')) {
         $adm = posix_getpwuid( $adm_id );
-        if ( $username == $adm['name'] ) {
-            $auth = TRUE;
-        } 
+        $auth = ($username == $adm['name']);
+    } else {
+        $auth = FALSE;
     }
 
-    return( $auth );
-
+    return ($auth);
 }
 
 ?>
\ No newline at end of file