From 9303229865a5f7b8a262f1bb969bbbf1803cba89 Mon Sep 17 00:00:00 2001
From: cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>
Date: Mon, 22 Dec 2008 22:16:16 +0000
Subject: Change T_Shirt Size, was now enable-disabel by user rights

git-svn-id: svn://svn.cccv.de/engel-system@325 29ba0400-6e00-0410-a75a-ca02368028f8
---
 DB/UserCVS.sql                      |  5 +--
 www-ssl/nonpublic/einstellungen.php | 67 ++++++++++++++++++++++++++-----------
 2 files changed, 50 insertions(+), 22 deletions(-)

diff --git a/DB/UserCVS.sql b/DB/UserCVS.sql
index bddaac10..f0a07db8 100644
--- a/DB/UserCVS.sql
+++ b/DB/UserCVS.sql
@@ -38,6 +38,7 @@ CREATE TABLE `UserCVS` (
   `nonpublic/messages.php` char(1) NOT NULL default 'Y',
   `nonpublic/faq.php` char(1) NOT NULL default 'Y',
   `nonpublic/einstellungen.php` char(1) NOT NULL default 'Y',
+  `Change T_Shirt Size` char(1) NOT NULL default 'Y',
   `admin/index.php` char(1) NOT NULL default 'N',
   `admin/room.php` char(1) NOT NULL default 'N',
   `admin/EngelType.php` char(1) NOT NULL default 'N',
@@ -71,7 +72,7 @@ CREATE TABLE `UserCVS` (
 
 INSERT INTO `UserCVS` (`UID`, `index.php`, `logout.php`, `faq.php`, `lageplan.php`, `makeuser.php`, `nonpublic/index.php`, `nonpublic/news.php`, `nonpublic/newsAddMeting`, `nonpublic/news_comments.php`, `nonpublic/myschichtplan.php`, `nonpublic/myschichtplan_ical.php`, `nonpublic/engelbesprechung.php`, `nonpublic/schichtplan.php`, `nonpublic/schichtplan_add.php`, `nonpublic/wecken.php`, `nonpublic/waeckliste.php`, `nonpublic/messages.php`, `nonpublic/faq.php`, `nonpublic/einstellungen.php`, `admin/index.php`, `admin/room.php`, `admin/EngelType.php`, `admin/schichtplan.php`, `admin/shiftadd.php`, `admin/schichtplan_druck.php`, `admin/user.php`, `admin/user2.php`, `admin/userDefaultSetting.php`, `admin/UserPicture.php`, `admin/aktiv.php`, `admin/tshirt.php`, `admin/news.php`, `admin/faq.php`, `admin/free.php`, `admin/sprache.php`, `admin/dect.php`, `admin/dect_call.php`, `admin/dbUpdateFromXLS.php`, `admin/Recentchanges.php`, `admin/debug.php`, `Herald`, `Info`, `Conference`) VALUES
 
-(-1, 'Y', 'N', 'Y', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N ', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N'),
+(-1, 'Y', 'N', 'Y', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'N ', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N'),
 --    1    2    3    4    5    6    7    8    9   10   11   12   13   14   15   16   17   18   19   20   21   22   23   24   25   26   27   28   29   30   31   32   33   34   35   36   37   38   39   40   41   42   43
-(1, 'N', 'Y', 'N', 'N', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y',  'Y', 'Y', 'Y', 'Y', 'N');
+(1, 'N', 'Y', 'N', 'N', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y',  'Y', 'Y', 'Y', 'Y', 'N');
 
diff --git a/www-ssl/nonpublic/einstellungen.php b/www-ssl/nonpublic/einstellungen.php
index e497a84d..6e29974e 100755
--- a/www-ssl/nonpublic/einstellungen.php
+++ b/www-ssl/nonpublic/einstellungen.php
@@ -50,17 +50,22 @@ if (!IsSet($_POST["action"]))
 
 		<tr>	<td><?PHP Print_Text("pub_einstellungen_Hometown"); ?></td>
 	  		<td><input type="text" name="Hometown" size="40" value="<?PHP echo $_SESSION['Hometown']; ?>"></td></tr>
-
-                <tr>    <td><?PHP Print_Text("makeuser_T-Shirt"); ?></td>	           <td>
-                <select name="Sizeid">
-                        <option <?php if($_SESSION['Size'] == S) { echo "selected"; } ?> value="S">S</option>
-                        <option <?php if($_SESSION['Size'] == M) { echo "selected"; } ?> value="M">M</option>
-                        <option <?php if($_SESSION['Size'] == L) { echo "selected"; } ?> value="L">L</option>
-                        <option <?php if($_SESSION['Size'] == XL) { echo "selected"; } ?> value="XL">XL</option>
-                        <option <?php if($_SESSION['Size'] == XXL) { echo "selected"; } ?> value="XXL">XXL</option>
-                        <option <?php if($_SESSION['Size'] == XXXL) { echo "selected"; } ?> value="XXXL">XXXL</option>
-                </select>
-           </td>	
+<?PHP
+if( $_SESSION['CVS'][ "Change T_Shirt Size" ] == "Y" )
+{
+?>
+                <tr>    <td><?PHP Print_Text("makeuser_T-Shirt"); ?></td>
+			<td><select name="Sizeid">
+        	         	<option <?php if($_SESSION['Size'] == S) { echo "selected"; } ?> value="S">S</option>
+                		<option <?php if($_SESSION['Size'] == M) { echo "selected"; } ?> value="M">M</option>
+                        	<option <?php if($_SESSION['Size'] == L) { echo "selected"; } ?> value="L">L</option>
+                        	<option <?php if($_SESSION['Size'] == XL) { echo "selected"; } ?> value="XL">XL</option>
+                        	<option <?php if($_SESSION['Size'] == XXL) { echo "selected"; } ?> value="XXL">XXL</option>
+                        	<option <?php if($_SESSION['Size'] == XXXL) { echo "selected"; } ?> value="XXXL">XXXL</option>
+	                </select></td></tr>
+<?PHP
+}
+?>
 	</table>
 	<input type="submit" value="<?PHP Print_Text("save"); ?>">
 </form>
@@ -251,14 +256,28 @@ case 'avatar':
         break;
 
 case 'setUserData':
-	$chsql= "UPDATE `User` SET ".
-		"`Nick`='".     $_POST["eNick"].	"', `Name`='".   $_POST["eName"].  "', ".
-		"`Vorname`='".  $_POST["eVorname"].	"', `Alter`='".  $_POST["eAlter"]. "', ".
-		"`Telefon`='".  $_POST["eTelefon"].	"', `Handy`='".  $_POST["eHandy"]. "', ".
-		"`DECT`='".     $_POST["eDECT"]. 	"', `email`='".  $_POST["eemail"]. "', ".
-		"`ICQ`='".      $_POST["eICQ"].		"', `jabber`='". $_POST["ejabber"]."', ".
-		"`Hometown`='". $_POST["Hometown"].	"', `Size`='". $_POST["Sizeid"]."' ".
-		"WHERE `UID`='". $_SESSION['UID']. "' LIMIT 1;";
+	if( $_SESSION['CVS'][ "Change T_Shirt Size" ] == "Y" )
+	{
+		$chsql= "UPDATE `User` SET ".
+			"`Nick`='".     $_POST["eNick"].	"', `Name`='".   $_POST["eName"].  "', ".
+			"`Vorname`='".  $_POST["eVorname"].	"', `Alter`='".  $_POST["eAlter"]. "', ".
+			"`Telefon`='".  $_POST["eTelefon"].	"', `Handy`='".  $_POST["eHandy"]. "', ".
+			"`DECT`='".     $_POST["eDECT"]. 	"', `email`='".  $_POST["eemail"]. "', ".
+			"`ICQ`='".      $_POST["eICQ"].		"', `jabber`='". $_POST["ejabber"]."', ".
+			"`Hometown`='". $_POST["Hometown"].	"', `Size`='".   $_POST["Sizeid"]. "' ".
+			"WHERE `UID`='". $_SESSION['UID']. "' LIMIT 1;";
+	}
+	else
+	{
+		$chsql= "UPDATE `User` SET ".
+			"`Nick`='".     $_POST["eNick"].	"', `Name`='".   $_POST["eName"].  "', ".
+			"`Vorname`='".  $_POST["eVorname"].	"', `Alter`='".  $_POST["eAlter"]. "', ".
+			"`Telefon`='".  $_POST["eTelefon"].	"', `Handy`='".  $_POST["eHandy"]. "', ".
+			"`DECT`='".     $_POST["eDECT"]. 	"', `email`='".  $_POST["eemail"]. "', ".
+			"`ICQ`='".      $_POST["eICQ"].		"', `jabber`='". $_POST["ejabber"]."', ".
+			"`Hometown`='". $_POST["Hometown"].	"' ".
+			"WHERE `UID`='". $_SESSION['UID']. "' LIMIT 1;";
+	}
         $Erg = mysql_query($chsql, $con);
 
 	if ($Erg==1) 
@@ -274,7 +293,15 @@ case 'setUserData':
 		$_SESSION['ICQ'] = $_POST["eICQ"];
 		$_SESSION['jabber'] = $_POST["ejabber"];
 		$_SESSION['Hometown'] = $_POST["Hometown"];
-		$_SESSION['Size']=$_POST["Sizeid"];		
+		if( $_SESSION['CVS'][ "Change T_Shirt Size" ] == "Y" )
+		{
+			$_SESSION['Size']=$_POST["Sizeid"];		
+		}
+		else if( $_SESSION['Size'] != $_POST["Sizeid"]) 
+		{
+			array_push($error_messages, "einstellungen.php, change t-shirt size not allowed\n");
+		}
+
 	
 		Print_Text("pub_einstellungen_UserDateSaved");
         } 
-- 
cgit v1.2.3-54-g00ecf