| [ PHPXref.com ] | [ Generated: Sun Jul 20 19:53:39 2008 ] | [ PHProjekt 5.0.1 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 3 // settings_data_profile.php - PHProjekt Version 5.0 4 // copyright © 2000-2005 Albrecht Guenther ag@phprojekt.com 5 // www.phprojekt.com 6 // Author: Franz Graf, $Author: nina $ 7 // $Id: settings_data_profile.php,v 1.9.2.2 2005/08/19 22:59:03 nina Exp $ 8 9 // check whether the lib has been included - authentication! 10 if (!defined('lib_included')) die('Please use settings.php!'); 11 12 13 // Update: 14 if ($_REQUEST['profile_id'] && $_REQUEST['profile_id'] > 0) { 15 16 // Check permission: 17 // The user may update/delete this profile if it already exists 18 // and if the 'von'-entry equals with the user's id 19 $query = "SELECT COUNT(*) 20 FROM ".DB_PREFIX."profile 21 WHERE ID = '".$_REQUEST['profile_id']."' 22 AND von = '$user_ID'"; 23 $result = db_query($query) or db_die(); 24 $row = db_fetch_row($result); 25 26 if ($row && $row[0] > 0) { 27 // okay - it's the user's profile let him do what he wants 28 if ($_REQUEST['action_write_profile']) { 29 #include_once($path_pre."lib/access.inc.php"); 30 #$access = assign_acc($acc, 'profile'); 31 $data = array( 'id' => $profile_id, 32 'name' => $profile_name, 33 'users' => $profile_users ); 34 update_profile($data); 35 } 36 else if ($_REQUEST['action_delete_profile']) { 37 delete_profile($profile_id); 38 } 39 } 40 } 41 42 else { 43 include_once ($path_pre."lib/access.inc.php"); 44 $access = assign_acc($acc, 'profile'); 45 $data = array( 'name' => $profile_name, 46 'users' => $profile_users, 47 'acc' => $access ); 48 insert_profile($data); 49 } 50 51 52 53 // --------------------------------------- 54 55 /** 56 * Delete the profile identified by the given ID 57 * It is NOT checked, if the profile really belongs to that user! 58 * This HAS to be done before. 59 * 60 * @param int $id ID of the profile to delete 61 */ 62 function delete_profile($id) { 63 $query = "DELETE FROM ".DB_PREFIX."profile 64 WHERE ID = '$id'"; 65 db_query($query) or db_die(); 66 message_stack_in(__('The profile has been deleted.'), 'settings', 'notice'); 67 } 68 69 70 /** 71 * Insert a new profile. 72 * Parameterchecks are NOT performed at this point. 73 * If the array of usernames is empty, the insert does NOT get executed. 74 * 75 * @author Franz Graf 76 * @param string $data['name'] Name of this profile 77 * @param array $data['users'] array of user-id's 78 * @param string $data['acc'] access rights 79 */ 80 function insert_profile($data) { 81 global $path_pre, $user_ID, $user_group, $dbIDnull; 82 83 prepare_profile_data($data); 84 if (empty($data['name'])) { 85 message_stack_in(__('Please specify a description! '), 'settings', 'error'); 86 return; 87 } 88 if (count($data['users']) == 0) { 89 message_stack_in(__('Please select at least one name! '), 'settings', 'error'); 90 return; 91 } 92 93 $query = "SELECT bezeichnung 94 FROM ".DB_PREFIX."profile 95 WHERE von = '$user_ID' 96 AND bezeichnung = '".$data['name']."'"; 97 $result = db_query($query); 98 $row = db_fetch_row($result); 99 100 if ($row[0] == $data['name']) 101 message_stack_in(__('A Profile with the same name already exists'), 'settings', 'error'); 102 else { 103 $data['users'] = serialize($data['users']); 104 $query = xss("INSERT INTO ".DB_PREFIX."profile 105 (ID, von, bezeichnung, personen, gruppe) 106 VALUES ($dbIDnull, '$user_ID', '".$data['name']."', '".$data['users']."', 107 '$user_group')"); 108 db_query($query) or db_die(); 109 message_stack_in(xss($data['name']).__(' is created as a profile.<br>'), 'settings', 'notice'); 110 } 111 } 112 113 114 /** 115 * Update an already existing profile of this user. 116 * Parameterchecks are NOT performed at this point. 117 * 118 * @author Franz Graf 119 * @param int $data['id'] ID of the profile to update 120 * @param string $data['name'] (new) Name of this profile 121 * @param array $data['users'] array of user-id's 122 * @param string $data['acc'] access rights 123 */ 124 function update_profile($data) { 125 global $user_group; 126 127 prepare_profile_data($data); 128 if (empty($data['name'])) { 129 message_stack_in(__('Please specify a description! '), 'settings', 'error'); 130 return; 131 } 132 if (count($data['users']) == 0) { 133 message_stack_in(__('Please select at least one name! '), 'settings', 'error'); 134 return; 135 } 136 137 $data['users'] = serialize($data['users']); 138 $query = xss("UPDATE ".DB_PREFIX."profile 139 SET bezeichnung = '".$data['name']."', 140 personen = '".$data['users']."', 141 gruppe = '$user_group' 142 WHERE ID = '".$data['id']."'"); 143 db_query($query) or db_die(); 144 message_stack_in(xss($data['name']).__('is changed.<br>'), 'settings', 'notice'); 145 } 146 147 148 /** 149 * Prepare the form data for saving. 150 * 151 * @param string &$data['name'] Name of the profile 152 * @param array &$data['users'] array of user-shortnames(!) 153 */ 154 function prepare_profile_data(&$data) { 155 156 $data['name'] = trim($data['name']); 157 settype($data['users'], 'array'); 158 159 // convert users id's to 'kurz' 160 if (count($data['users']) > 0) { 161 $ids = "'".implode("','", $data['users'])."'"; 162 $data['users'] = array(); 163 $query = "SELECT kurz 164 FROM ".DB_PREFIX."users 165 WHERE ID IN ($ids)"; 166 $res = db_query($query) or db_die(); 167 while ($row = db_fetch_row($res)) { 168 $data['users'][] = $row[0]; 169 } 170 } 171 } 172 173 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |