X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/251616969893b447852aad81a4e68be6853e202e..a034b7a3f5b363f74a47c9f20bfa0cf4f2988b34:/auth.inc.php

diff --git a/auth.inc.php b/auth.inc.php
index a1ccedf..3901609 100644
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -3,9 +3,9 @@ date_default_timezone_set('Europe/Amsterdam');
 
 class User
 {
-	function __construct($dir)
+	function __construct($dir, $existing = TRUE)
 	{
-		if (!file_exists($dir)) {
+		if (!file_exists($dir) and $existing) {
 			throw new Exception("Gebruiker niet gevonden in $dir");
 		}
 		$this->dir = $dir;
@@ -29,7 +29,11 @@ class User
 
 	function html()
 	{
-		return $this->name ?: $this->login;
+		$name = htmlspecialchars($this->login);
+		if ($this->name and $this->name != $name) {
+			$name = "{$this->name}<small> @$name</small>";
+		}
+		return $name;
 	}
 
 	function email()
@@ -40,7 +44,16 @@ class User
 	function admin($permission = NULL)
 	{
 		if (isset($permission)) {
-			return $this->admin && isset($this->admin[$permission]);  # check level
+			if (!$this->admin) {
+				return FALSE;  # empty results
+			}
+			preg_match_all('{[ /]}', $permission, $parts, PREG_OFFSET_CAPTURE);
+			foreach ($parts[0] as $part) {
+				if (isset($this->admin[substr($permission, 0, $part[1])])) {
+					return TRUE;  # partial match
+				}
+			}
+			return isset($this->admin[$permission]);  # check level
 		}
 		if (!@file_exists("{$this->dir}/.admin")) {
 			return FALSE;  # not an admin