diff options
| -rw-r--r-- | DB/UserCVS.sql | 4 | ||||
| -rwxr-xr-x | www-ssl/admin/group.php | 13 | ||||
| -rwxr-xr-x | www-ssl/admin/user.php | 2 | ||||
| -rwxr-xr-x | www-ssl/admin/userChangeSecure.php | 2 | ||||
| -rwxr-xr-x | www-ssl/admin/userSaveNormal.php | 1 | ||||
| -rwxr-xr-x | www-ssl/admin/userSaveSecure.php | 56 |
6 files changed, 64 insertions, 14 deletions
diff --git a/DB/UserCVS.sql b/DB/UserCVS.sql index 487bd965..11377aff 100644 --- a/DB/UserCVS.sql +++ b/DB/UserCVS.sql @@ -18,7 +18,7 @@ DROP TABLE IF EXISTS `UserCVS`; CREATE TABLE `UserCVS` ( `UID` int(11) NOT NULL default '0', - `GroupID` int(11) default NULL, + `GroupID` int(11) default '-2', `index.php` char(1) NOT NULL default 'G', `logout.php` char(1) NOT NULL default 'G', `faq.php` char(1) NOT NULL default 'G', @@ -47,7 +47,9 @@ CREATE TABLE `UserCVS` ( `admin/schichtplan_druck.php` char(1) NOT NULL default 'G', `admin/user.php` char(1) NOT NULL default 'G', `admin/userChangeNormal.php` char(1) NOT NULL default 'G', + `admin/userSaveNormal.php` char(1) NOT NULL default 'G', `admin/userChangeSecure.php` char(1) NOT NULL default 'G', + `admin/userSaveSecure.php` char(1) NOT NULL default 'G', `admin/userSaveNormal.php` char(1) NOT NULL default 'G', `admin/userSaveSecure.php` char(1) NOT NULL default 'G', `admin/group.php` char(1) NOT NULL default 'G', diff --git a/www-ssl/admin/group.php b/www-ssl/admin/group.php index 6377593d..00b7329f 100755 --- a/www-ssl/admin/group.php +++ b/www-ssl/admin/group.php @@ -16,10 +16,10 @@ if (!IsSet($_GET["enterGID"])) // anzahl zeilen $Zeilen = mysql_num_rows($Erg); - echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n"; + echo "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n"; echo "<tr class=\"contenttopic\">\n"; echo "\t<td>Groupname</td>\n"; - echo "\t<td>-</td>\n"; + echo "\t<td>Link</td>\n"; echo "</tr>\n"; for ($n = 0 ; $n < $Zeilen ; $n++) { @@ -30,6 +30,15 @@ if (!IsSet($_GET["enterGID"])) mysql_result($Erg, $n, "UID")."&Type=Secure\">change</a></td>\n"; echo "</tr>\n"; } + + // new form + echo "<tr class=\"content\">\n"; + echo "\t<form action=\"userSaveSecure.php?new=newGroup\" method=\"POST\">\n"; + echo "\t\t<td><input name=\"GroupName\" type=\"text\" value=\"--new group--\"></td>\n"; + echo "\t\t<td><input type=\"submit\" name=\"Send\" value=\"Save\"></td>\n"; + echo "\t</form>\n"; + echo "</tr>\n"; + echo "\t</table>\n"; // Ende Userliste } diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php index 748c09fa..5f0888e4 100755 --- a/www-ssl/admin/user.php +++ b/www-ssl/admin/user.php @@ -11,8 +11,6 @@ if (!IsSet($_GET["enterUID"])) echo "<a href=\"../makeuser.php\">Neuen Engel eintragen</a><br><br>\n"; - echo "\n<a href=\"./user.php?enterUID=-1&Type=Secure\">Edit logout User</a><br><br>\n"; - if( !isset($_GET["OrderBy"]) ) $_GET["OrderBy"] = "Nick"; $SQL = "SELECT * FROM `User` ORDER BY `". $_GET["OrderBy"]. "` ASC"; $Erg = mysql_query($SQL, $con); diff --git a/www-ssl/admin/userChangeSecure.php b/www-ssl/admin/userChangeSecure.php index e7de1b5c..bae26ad4 100755 --- a/www-ssl/admin/userChangeSecure.php +++ b/www-ssl/admin/userChangeSecure.php @@ -16,7 +16,7 @@ if (IsSet($_GET["enterUID"])) "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel ". "bereits sein T-Shirt erhalten hat.<br><br>\n"; - echo "<form action=\"./userChangeSecure.php?action=change\" method=\"POST\">\n"; + echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n"; echo "<table border=\"0\">\n"; echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n"; diff --git a/www-ssl/admin/userSaveNormal.php b/www-ssl/admin/userSaveNormal.php index 466c2e6e..62ba44a3 100755 --- a/www-ssl/admin/userSaveNormal.php +++ b/www-ssl/admin/userSaveNormal.php @@ -9,7 +9,6 @@ include ("../../includes/funktion_db.php"); if (IsSet($_GET["action"])) { - SetHeaderGo2Back(); echo "Gesendeter Befehl: ". $_GET["action"]. "<br>"; diff --git a/www-ssl/admin/userSaveSecure.php b/www-ssl/admin/userSaveSecure.php index 02da8d6d..6eadeddc 100755 --- a/www-ssl/admin/userSaveSecure.php +++ b/www-ssl/admin/userSaveSecure.php @@ -7,12 +7,20 @@ include ("../../includes/funktion_db_list.php"); include ("../../includes/crypt.php"); include ("../../includes/funktion_db.php"); -if (IsSet($_GET["action"])) +if( !IsSet($_POST["enterUID"]) ) +{ + $Right = "N"; +} elseif( $_POST["enterUID"] > 0 ) { + $Right = $_SESSION['CVS'][ "admin/user.php"]; +} else { + $Right = $_SESSION['CVS'][ "admin/group.php"]; +} + +if ( ($Right=="Y") && IsSet($_GET["action"])) { - SetHeaderGo2Back(); echo "Gesendeter Befehl: ". $_GET["action"]. "<br>"; - + switch ($_GET["action"]) { case "change": @@ -31,7 +39,9 @@ if (IsSet($_GET["action"])) if( $CVS_Data_Name == "GroupID") { if( $_POST["enterUID"] > 0 ) - $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", "; + $SQL2.= "`$CVS_Data_Name` = '". $_POST["GroupID"]."', "; + else + $SQL2.= "`$CVS_Data_Name` = NULL, "; } else { $SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', "; } @@ -90,9 +100,41 @@ if (IsSet($_GET["action"])) } // end switch // ende - Action ist gesetzt -} -else -{ +} elseif ( IsSet($_GET["new"]) && ($_SESSION['CVS']["admin/group.php"]=="Y") ) { + echo "Gesendeter Befehl: ". $_GET["new"]. "<br>"; + + switch ($_GET["new"]) + { + case "newGroup": + echo "\tGenerate new Group ID...\n"; + $SQLid="SELECT MIN(`UID`) FROM `UserCVS`;"; + $Erg = mysql_query( $SQLid); + + if( mysql_num_rows($Erg) == 1) { + $NewId = mysql_result( $Erg, 0, 0)-1; + $SQLnew1 = "INSERT INTO `UserGroups` (`UID`, `Name`) VALUES ('$NewId', '". $_POST["GroupName"]. "' );"; + $SQLnew2 = "INSERT INTO `UserCVS` (`UID`, `GroupID`) VALUES ('$NewId', NULL );"; + echo "\t<br>Generate new UserGroup ...\n"; + $ErgNew1 = db_query($SQLnew1, "create UserGroups Entry"); + if ($ErgNew1 == 1) + { + echo "\t<br>Generate new User rights...\n"; + $ErgNew2 = db_query($SQLnew2, "UserCVS Entry"); + if ($ErgNew1 == 1) { + echo "\t<br>New group was created.\n"; + } else { + echo "Error on creation\n(". mysql_error($con). ")"; + } + } else { + echo "Error on creation\n(". mysql_error($con). ")"; + } + + } + + + break; + } +} else { // kein Action gesetzt -> abbruch echo "Unzulässiger Aufruf.<br>Bitte neu editieren..."; } |