diff options
-rw-r--r-- | DB/update_20100112_2300.sql | 2 | ||||
-rwxr-xr-x | includes/UserCVS.php | 30 | ||||
-rwxr-xr-x | includes/funktion_user.php | 19 | ||||
-rwxr-xr-x | includes/header.php | 7 | ||||
-rwxr-xr-x | www-ssl/admin/user.php | 49 | ||||
-rwxr-xr-x | www-ssl/admin/user2.php | 13 | ||||
-rwxr-xr-x | www-ssl/admin/userDefaultSetting.php | 35 |
7 files changed, 110 insertions, 45 deletions
diff --git a/DB/update_20100112_2300.sql b/DB/update_20100112_2300.sql new file mode 100644 index 00000000..ab944226 --- /dev/null +++ b/DB/update_20100112_2300.sql @@ -0,0 +1,2 @@ +ALTER TABLE `UserCVS` ADD `GroupID` INT NULL AFTER `UID` ; + diff --git a/includes/UserCVS.php b/includes/UserCVS.php index f6bc30ed..4f606b7e 100755 --- a/includes/UserCVS.php +++ b/includes/UserCVS.php @@ -4,14 +4,28 @@ if( !isset($_SESSION['UID'])) $_SESSION['UID'] = -1; // CVS import Data -$SQL = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['UID']; -$Erg_CVS = mysql_query($SQL, $con); +$SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['UID']; +$Erg_CVS = mysql_query($SQL_CVS, $con); $_SESSION['CVS'] = mysql_fetch_array($Erg_CVS); + +// Group import Data, if nesseary +if( isset( $_SESSION['CVS'][ "GroupID" ])) +{ + $SQL_GRP = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['CVS'][ "GroupID" ]; + $Erg_GRP = mysql_query($SQL_GRP, $con); + $_SESSION['CVS_Group'] = mysql_fetch_array($Erg_GRP); + + foreach( $_SESSION['CVS'] as $k => $v) + { + if($v=="G") // Right == Group + $_SESSION['CVS'][$k] = $_SESSION['CVS_Group'][$k]; + } +} + //pagename ermitteln $Page["Name"] = substr( $_SERVER['PHP_SELF'], strlen($ENGEL_ROOT) ); - //recht für diese seite auslesen if( isset( $_SESSION['CVS'][ $Page["Name"] ])) $Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ]; @@ -23,11 +37,11 @@ else if( $DEBUG ) { -// echo "UserID:". $_SESSION["UID"]. "<br>"; -// echo "Nick:". $_SESSION["Nick"]. "<br>"; - - foreach( $_SESSION as $k => $v) - echo "$k = $v<br>\n"; +// foreach( $_SESSION as $k => $v) +// echo "$k = $v<br>\n"; + echo "<pre>\$_SESSION:\n"; + print_r($_SESSION); + echo "</pre>"; if( strlen($Page["CVS"]) == 0 ) echo "<h1><u> CVS ERROR, on page '". $Page["Name"]. "'</u></h1>"; diff --git a/includes/funktion_user.php b/includes/funktion_user.php index bcb77778..742b2624 100755 --- a/includes/funktion_user.php +++ b/includes/funktion_user.php @@ -3,15 +3,22 @@ function UID2Nick($UID) { global $con; - - $SQL = "SELECT Nick FROM `User` WHERE UID='$UID'"; + + if( $UID>0) { + $SQL = "SELECT Nick FROM `User` WHERE UID='$UID'"; + } else { + $SQL = "SELECT Name FROM `UserGroups` WHERE UID='$UID'"; + } $Erg = mysql_query($SQL, $con); //echo $UID."#"; - if( mysql_num_rows($Erg)) - return mysql_result($Erg, 0); - else - { + if( mysql_num_rows($Erg)) { + if( $UID>0 ) { + return mysql_result($Erg, 0); + } else { + return "Group-".mysql_result($Erg, 0); + } + } else { if( $UID == -1) return "logout User"; else diff --git a/includes/header.php b/includes/header.php index fc5a3a96..6529706a 100755 --- a/includes/header.php +++ b/includes/header.php @@ -7,12 +7,7 @@ echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n"; <HEAD> <?PHP -// SVN versions auswertung -exec("svnversion", $VersionArray); -if( strlen($VersionArray[0])) - $Version = "(r ". $VersionArray[0]. ")"; - -echo "<TITLE>--- $title $Version ---</TITLE>"; +echo "<TITLE>--- $title ---</TITLE>"; ?> <meta name="keywords" content="Engel, Himmelsverwaltung"> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php index 05bc5fd6..5b6077aa 100755 --- a/www-ssl/admin/user.php +++ b/www-ssl/admin/user.php @@ -129,7 +129,7 @@ else "bereits sein T-Shirt erhalten hat.<br><br>\n"; echo "<form action=\"./user2.php?action=change\" method=\"POST\">\n"; - echo "<table>\n"; + echo "<table border=\"0\">\n"; echo "<input type=\"hidden\" name=\"Type\" value=\"". $_GET["Type"]. "\">\n"; if( $_GET["Type"] == "Normal" ) @@ -259,16 +259,43 @@ else //nur jeder zweiter sonst wird für jeden text noch die position (Zahl) ausgegeben if( $CVS_Data_i%2 && $CVS_Data_Name!="UID") { - echo "<tr><td>$CVS_Data_Name</td>\n<td>"; - echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"Y\" "; - if( $CVS_Data_Value == "Y" ) - echo " checked"; - echo ">allow \n"; - echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"N\" "; - if( $CVS_Data_Value == "N" ) - echo " checked"; - echo ">denied \n"; - echo "</td></tr>"; + if($CVS_Data_Name=="GroupID") { + if( $_GET["enterUID"] > 0 ) + { + echo "<tr><td><b>Group</b></td>\n". + "<td><select name=\"GroupID\">"; + + $SQL_Group = "SELECT * FROM `UserGroups`"; + $Erg_Group = mysql_query($SQL_Group, $con); + for ($n = 0 ; $n < mysql_num_rows($Erg_Group) ; $n++) + { + $UID = mysql_result($Erg_Group, $n, "UID"); + echo "\t<option value=\"$UID\""; + if( $CVS_Data_Value == $UID) + echo " selected"; + echo ">". mysql_result($Erg_Group, $n, "Name"). "</option>\n"; + } + echo "</select></td></tr>"; + } + } else { + echo "<tr><td>$CVS_Data_Name</td>\n<td>"; + echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"Y\" "; + if( $CVS_Data_Value == "Y" ) + echo " checked"; + echo ">allow \n"; + echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"N\" "; + if( $CVS_Data_Value == "N" ) + echo " checked"; + echo ">denied \n"; + if( $_GET["enterUID"] > 0 ) + { + echo "<input type=\"radio\" name=\"".($CVS_Data_i-1)."\" value=\"G\" "; + if( $CVS_Data_Value == "G" ) + echo " checked"; + echo ">group-setting \n"; + echo "</td></tr>"; + } + } } //IF } //Foreach echo "</td></tr>\n"; diff --git a/www-ssl/admin/user2.php b/www-ssl/admin/user2.php index b4647da5..229a4cdc 100755 --- a/www-ssl/admin/user2.php +++ b/www-ssl/admin/user2.php @@ -54,10 +54,17 @@ if (IsSet($_GET["action"])) $CVS_Data_i = 1; foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) { - if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") - $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', "; - $CVS_Data_i++; + if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID") { + if( $CVS_Data_Name == "GroupID") + { + if( $_POST["enterUID"] > 0 ) + $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", "; + } else { + $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', "; + } } + $CVS_Data_i++; + } $SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 ); $SQL2.= " WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;"; echo "<br>Secure-"; diff --git a/www-ssl/admin/userDefaultSetting.php b/www-ssl/admin/userDefaultSetting.php index 3c47ebc7..09c62a15 100755 --- a/www-ssl/admin/userDefaultSetting.php +++ b/www-ssl/admin/userDefaultSetting.php @@ -46,7 +46,7 @@ if( isset( $_GET["Field"]) && isset( $_GET["Default"]) && isset( $_GET["Send"])) "[". mysql_error(). "]<br><br>"; break; case "SetForAllUser": - $SQL = "UPDATE `UserCVS` SET `". $_GET["Field"]. "`='". $_GET["Default"]. "'"; + $SQL = "UPDATE `UserCVS` SET `". $_GET["Field"]. "`='". $_GET["Default"]. "' WHERE UID>0"; $Erg = mysql_query( $SQL, $con); if( $Erg == 1) echo "<H2>UPDATE ".$_GET["Field"]. " = ". $_GET["Default"]. " for all Users succesfull</h2>\n"; @@ -70,20 +70,30 @@ if( isset( $_GET["Field"]) && isset( $_GET["Default"]) && isset( $_GET["Send"])) $erg = mysql_query("SHOW COLUMNS FROM `UserCVS`"); echo mysql_error(); -for( $i=1; $i<mysql_num_rows($erg); $i++) +for( $i=2; $i<mysql_num_rows($erg); $i++) { echo "\t<tr class=\"content\">\n"; echo "\t\t<form action=\"userDefaultSetting.php\">\n"; echo "\t\t\t<input name=\"Field\" type=\"hidden\" value=\"". mysql_result( $erg, $i, "Field"). "\">\n"; echo "\t\t\t<td>". mysql_result( $erg, $i, "Field"). "</td>\n"; - echo "\t\t\t<td>"; + echo "\t\t\t<td>\n"; + + echo "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"Y\""; if( mysql_result( $erg, $i, "Default") == "Y") - echo "<input type=\"radio\" name=\"Default\" value=\"Y\" checked>Y\n". - "\t\t\t <input type=\"radio\" name=\"Default\" value=\"N\">N"; - else - echo "<input type=\"radio\" name=\"Default\" value=\"Y\">Y\n". - "\t\t\t <input type=\"radio\" name=\"Default\" value=\"N\" checked>N"; - echo "</td>\n"; + echo " checked"; + echo ">allow\n"; + + echo "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"N\""; + if( mysql_result( $erg, $i, "Default") == "N") + echo " checked"; + echo ">denied\n"; + + echo "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"G\""; + if( mysql_result( $erg, $i, "Default") == "G") + echo " checked"; + echo ">group-setting\n"; + + echo "\t\t\t</td>\n"; echo "\t\t\t<td><input type=\"submit\" name=\"Send\" value=\"Save\">\n"; echo "\t\t\t <input type=\"submit\" name=\"Send\" value=\"Del\">\n"; echo "\t\t\t <input type=\"submit\" name=\"Send\" value=\"SetForAllUser\"></td>\n"; @@ -95,8 +105,11 @@ echo "\t<tr class=\"content\">\n"; echo "\t\t<form action=\"userDefaultSetting.php\">\n"; echo "\t\t\t<input name=\"New\" type=\"hidden\" value=\"New\">\n"; echo "\t\t\t<td><input name=\"Field\" type=\"text\" value=\"new\"></td>\n"; -echo "\t\t\t<td><input type=\"radio\" name=\"Default\" value=\"Y\">Y\t". - "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"N\">N</td>\n"; +echo "\t\t\t<td>\n"; +echo "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"Y\">allow\n"; +echo "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"N\">denied\n"; +echo "\t\t\t\t<input type=\"radio\" name=\"Default\" value=\"G\" checked>group-setting\n"; +echo "\t\t\t</td>\n"; echo "\t\t\t<td><input type=\"submit\" name=\"Send\" value=\"New\"></td>\n"; echo "\t\t</form>\n"; echo "\t</tr>\n"; |