diff --git a/html/includes/authenticate.inc.php b/html/includes/authenticate.inc.php index ac79c164c..e796f5ca8 100644 --- a/html/includes/authenticate.inc.php +++ b/html/includes/authenticate.inc.php @@ -46,7 +46,7 @@ if (isset($_SESSION['username'])) if (authenticate($_SESSION['username'],$_SESSION['password'])) { $_SESSION['userlevel'] = get_userlevel($_SESSION['username']); - $_SESSION['user_id'] = $row['user_id']; + $_SESSION['user_id'] = get_userid($_SESSION['username']);; if(!$_SESSION['authenticated']) { $_SESSION['authenticated'] = true; diff --git a/html/includes/authentication/http-auth.inc.php b/html/includes/authentication/http-auth.inc.php index 5edb8d876..d417fdd29 100644 --- a/html/includes/authentication/http-auth.inc.php +++ b/html/includes/authentication/http-auth.inc.php @@ -58,4 +58,11 @@ function get_userlevel($username) return $row['level']; } +function get_userid($username) +{ + $sql = "SELECT user_id FROM `users` WHERE `username`='".mres($username)."'"; + $row = mysql_fetch_array(mysql_query($sql)); + return $row['user_id']; +} + ?> \ No newline at end of file diff --git a/html/includes/authentication/ldap.inc.php b/html/includes/authentication/ldap.inc.php index e987c1c46..fd7986662 100644 --- a/html/includes/authentication/ldap.inc.php +++ b/html/includes/authentication/ldap.inc.php @@ -67,5 +67,13 @@ function get_userlevel($username) $row = mysql_fetch_array(mysql_query($sql)); return $row['level']; } - + +function get_userid($username) +{ + # FIXME should come from LDAP + $sql = "SELECT user_id FROM `users` WHERE `username`='".mres($username)."'"; + $row = mysql_fetch_array(mysql_query($sql)); + return $row['user_id']; +} + ?> \ No newline at end of file diff --git a/html/includes/authentication/mysql.inc.php b/html/includes/authentication/mysql.inc.php index e7f6410f0..f212e6f60 100644 --- a/html/includes/authentication/mysql.inc.php +++ b/html/includes/authentication/mysql.inc.php @@ -48,5 +48,12 @@ function get_userlevel($username) $row = mysql_fetch_array(mysql_query($sql)); return $row['level']; } - + +function get_userid($username) +{ + $sql = "SELECT user_id FROM `users` WHERE `username`='".mres($username)."'"; + $row = mysql_fetch_array(mysql_query($sql)); + return $row['user_id']; +} + ?> \ No newline at end of file