userlevel via authmodule

git-svn-id: http://www.observium.org/svn/observer/trunk@992 61d68cd4-352d-0410-923a-c4978735b2b8

html/includes/authenticate.inc.php

@@ -45,11 +45,7 @@ if (isset($_SESSION['username']))
 {
   if (authenticate($_SESSION['username'],$_SESSION['password']))
   {
-    #FIXME below should also come from auth module, get_userlevel, etc
-    $sql = "SELECT * FROM `users` WHERE `username`='".$_SESSION['username']."'";
-    $query = mysql_query($sql);
-    $row = @mysql_fetch_array($query);
-    $_SESSION['userlevel'] = $row['level'];
+    $_SESSION['userlevel'] = get_userlevel($_SESSION['username'])
     $_SESSION['user_id'] = $row['user_id'];
     if(!$_SESSION['authenticated']) 
     {

html/includes/authentication/http-auth.inc.php

@@ -51,4 +51,11 @@ function user_exists($username)
   return mysql_result(mysql_query("SELECT * FROM users WHERE username = '".mres($username)."'"),0);
 }
 
+function get_userlevel($username)
+{
+  $sql = "SELECT level FROM `users` WHERE `username`='".mres($username)."'";
+  $row = mysql_fetch_array(mysql_query($sql);
+  return $row['level'];
+}
+
 ?>

html/includes/authentication/ldap.inc.php

@@ -60,5 +60,12 @@ function user_exists($username)
   return 0; # FIXME to be implemented
 }
   
-  
+function get_userlevel($username)
+{
+  # FIXME should come from LDAP
+  $sql = "SELECT level FROM `users` WHERE `username`='".mres($username)."'";
+  $row = mysql_fetch_array(mysql_query($sql);
+  return $row['level'];
+}
+ 
 ?>

html/includes/authentication/mysql.inc.php

@@ -42,4 +42,11 @@ function user_exists($username)
   return mysql_result(mysql_query("SELECT * FROM users WHERE username = '".mres($username)."'"),0);
 }
   
+function get_userlevel($username)
+{
+  $sql = "SELECT level FROM `users` WHERE `username`='".mres($username)."'";
+  $row = mysql_fetch_array(mysql_query($sql);
+  return $row['level'];
+}
+  
 ?>