From 9e7c2dfeca9bc8095bb06071108fc2c9ab457b91 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Mon, 3 Dec 2012 22:47:08 +0100 Subject: shift join right fuckup --- includes/pages/user_shifts.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'includes') diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index ff8cd8fe..c144733d 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -188,7 +188,11 @@ function user_shifts() { header("Location: " . page_link_to('user_shifts')); } - $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1"); + if (in_array('user_shifts_admin', $privileges)) + $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1"); + else + $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND `UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND (`AngelTypes`.`restricted` = 0 OR NOT `UserAngelTypes`.`confirm_user_id` IS NULL) LIMIT 1"); + if (count($type) == 0) header("Location: " . page_link_to('user_shifts')); $type = $type[0]; @@ -260,7 +264,10 @@ function view_user_shifts() { $ical_shifts = array (); $days = sql_select("SELECT DISTINCT DATE(FROM_UNIXTIME(`start`)) AS `id`, DATE(FROM_UNIXTIME(`start`)) AS `name` FROM `Shifts` ORDER BY `start`"); $rooms = sql_select("SELECT `RID` AS `id`, `Name` AS `name` FROM `Room` WHERE `show`='Y' ORDER BY `Name`"); - $types = sql_select("SELECT `id`, `name` FROM `AngelTypes`"); + if (in_array('admin_shifts', $privileges)) + $types = sql_select("SELECT `id`, `name` FROM `AngelTypes`"); + else + $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND (`AngelTypes`.`restricted` = 0 OR NOT `UserAngelTypes`.`confirm_user_id` IS NULL)"); $filled = array ( array ( 'id' => '1', -- cgit v1.2.3-54-g00ecf