summaryrefslogtreecommitdiff
path: root/www-ssl/admin
diff options
context:
space:
mode:
Diffstat (limited to 'www-ssl/admin')
-rwxr-xr-xwww-ssl/admin/group.php13
-rwxr-xr-xwww-ssl/admin/user.php2
-rwxr-xr-xwww-ssl/admin/userChangeSecure.php2
-rwxr-xr-xwww-ssl/admin/userSaveNormal.php1
-rwxr-xr-xwww-ssl/admin/userSaveSecure.php56
5 files changed, 61 insertions, 13 deletions
diff --git a/www-ssl/admin/group.php b/www-ssl/admin/group.php
index 6377593d..00b7329f 100755
--- a/www-ssl/admin/group.php
+++ b/www-ssl/admin/group.php
@@ -16,10 +16,10 @@ if (!IsSet($_GET["enterGID"]))
// anzahl zeilen
$Zeilen = mysql_num_rows($Erg);
- echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
+ echo "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
echo "<tr class=\"contenttopic\">\n";
echo "\t<td>Groupname</td>\n";
- echo "\t<td>-</td>\n";
+ echo "\t<td>Link</td>\n";
echo "</tr>\n";
for ($n = 0 ; $n < $Zeilen ; $n++) {
@@ -30,6 +30,15 @@ if (!IsSet($_GET["enterGID"]))
mysql_result($Erg, $n, "UID")."&Type=Secure\">change</a></td>\n";
echo "</tr>\n";
}
+
+ // new form
+ echo "<tr class=\"content\">\n";
+ echo "\t<form action=\"userSaveSecure.php?new=newGroup\" method=\"POST\">\n";
+ echo "\t\t<td><input name=\"GroupName\" type=\"text\" value=\"--new group--\"></td>\n";
+ echo "\t\t<td><input type=\"submit\" name=\"Send\" value=\"Save\"></td>\n";
+ echo "\t</form>\n";
+ echo "</tr>\n";
+
echo "\t</table>\n";
// Ende Userliste
}
diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php
index 748c09fa..5f0888e4 100755
--- a/www-ssl/admin/user.php
+++ b/www-ssl/admin/user.php
@@ -11,8 +11,6 @@ if (!IsSet($_GET["enterUID"]))
echo "<a href=\"../makeuser.php\">Neuen Engel eintragen</a><br><br>\n";
- echo "\n<a href=\"./user.php?enterUID=-1&Type=Secure\">Edit logout User</a><br><br>\n";
-
if( !isset($_GET["OrderBy"]) ) $_GET["OrderBy"] = "Nick";
$SQL = "SELECT * FROM `User` ORDER BY `". $_GET["OrderBy"]. "` ASC";
$Erg = mysql_query($SQL, $con);
diff --git a/www-ssl/admin/userChangeSecure.php b/www-ssl/admin/userChangeSecure.php
index e7de1b5c..bae26ad4 100755
--- a/www-ssl/admin/userChangeSecure.php
+++ b/www-ssl/admin/userChangeSecure.php
@@ -16,7 +16,7 @@ if (IsSet($_GET["enterUID"]))
"Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
"bereits sein T-Shirt erhalten hat.<br><br>\n";
- echo "<form action=\"./userChangeSecure.php?action=change\" method=\"POST\">\n";
+ echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n";
echo "<table border=\"0\">\n";
echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n";
diff --git a/www-ssl/admin/userSaveNormal.php b/www-ssl/admin/userSaveNormal.php
index 466c2e6e..62ba44a3 100755
--- a/www-ssl/admin/userSaveNormal.php
+++ b/www-ssl/admin/userSaveNormal.php
@@ -9,7 +9,6 @@ include ("../../includes/funktion_db.php");
if (IsSet($_GET["action"]))
{
-
SetHeaderGo2Back();
echo "Gesendeter Befehl: ". $_GET["action"]. "<br>";
diff --git a/www-ssl/admin/userSaveSecure.php b/www-ssl/admin/userSaveSecure.php
index 02da8d6d..6eadeddc 100755
--- a/www-ssl/admin/userSaveSecure.php
+++ b/www-ssl/admin/userSaveSecure.php
@@ -7,12 +7,20 @@ include ("../../includes/funktion_db_list.php");
include ("../../includes/crypt.php");
include ("../../includes/funktion_db.php");
-if (IsSet($_GET["action"]))
+if( !IsSet($_POST["enterUID"]) )
+{
+ $Right = "N";
+} elseif( $_POST["enterUID"] > 0 ) {
+ $Right = $_SESSION['CVS'][ "admin/user.php"];
+} else {
+ $Right = $_SESSION['CVS'][ "admin/group.php"];
+}
+
+if ( ($Right=="Y") && IsSet($_GET["action"]))
{
-
SetHeaderGo2Back();
echo "Gesendeter Befehl: ". $_GET["action"]. "<br>";
-
+
switch ($_GET["action"])
{
case "change":
@@ -31,7 +39,9 @@ if (IsSet($_GET["action"]))
if( $CVS_Data_Name == "GroupID")
{
if( $_POST["enterUID"] > 0 )
- $SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", ";
+ $SQL2.= "`$CVS_Data_Name` = '". $_POST["GroupID"]."', ";
+ else
+ $SQL2.= "`$CVS_Data_Name` = NULL, ";
} else {
$SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', ";
}
@@ -90,9 +100,41 @@ if (IsSet($_GET["action"]))
} // end switch
// ende - Action ist gesetzt
-}
-else
-{
+} elseif ( IsSet($_GET["new"]) && ($_SESSION['CVS']["admin/group.php"]=="Y") ) {
+ echo "Gesendeter Befehl: ". $_GET["new"]. "<br>";
+
+ switch ($_GET["new"])
+ {
+ case "newGroup":
+ echo "\tGenerate new Group ID...\n";
+ $SQLid="SELECT MIN(`UID`) FROM `UserCVS`;";
+ $Erg = mysql_query( $SQLid);
+
+ if( mysql_num_rows($Erg) == 1) {
+ $NewId = mysql_result( $Erg, 0, 0)-1;
+ $SQLnew1 = "INSERT INTO `UserGroups` (`UID`, `Name`) VALUES ('$NewId', '". $_POST["GroupName"]. "' );";
+ $SQLnew2 = "INSERT INTO `UserCVS` (`UID`, `GroupID`) VALUES ('$NewId', NULL );";
+ echo "\t<br>Generate new UserGroup ...\n";
+ $ErgNew1 = db_query($SQLnew1, "create UserGroups Entry");
+ if ($ErgNew1 == 1)
+ {
+ echo "\t<br>Generate new User rights...\n";
+ $ErgNew2 = db_query($SQLnew2, "UserCVS Entry");
+ if ($ErgNew1 == 1) {
+ echo "\t<br>New group was created.\n";
+ } else {
+ echo "Error on creation\n(". mysql_error($con). ")";
+ }
+ } else {
+ echo "Error on creation\n(". mysql_error($con). ")";
+ }
+
+ }
+
+
+ break;
+ }
+} else {
// kein Action gesetzt -> abbruch
echo "Unzul&auml;ssiger Aufruf.<br>Bitte neu editieren...";
}