From bad34a0b263a60f024102df21a5613f9b0e72cc9 Mon Sep 17 00:00:00 2001 From: Philip Häusler Date: Fri, 3 Jun 2011 08:12:53 +0200 Subject: user management --- includes/pages/admin_user.php | 84 ++++++++++++++++++++++++++++++++----------- 1 file changed, 64 insertions(+), 20 deletions(-) (limited to 'includes') diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 497f5fdb..630ca772 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -98,7 +98,6 @@ function admin_user() { $html .= "\n"; $html .= "\n
\n"; - $html .= "\n"; $html .= "\n"; $html .= ""; @@ -112,14 +111,31 @@ function admin_user() { "\n"; $html .= ""; - $html .= "\n"; $html .= "\n"; $html .= ""; $html .= "
"; + $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:
\n"; + $html .= ''; + + list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`"); + list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`"); + + if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`"); + foreach ($groups as $group) + $html .= ''; + + $html .= '
' . $group['Name'] . '
'; + + $html .= "\n"; + $html .= "
"; + + $html .= "
"; + } + $html .= "
\n"; - $html .= "\n"; $html .= "\n"; $html .= "
"; @@ -127,6 +143,34 @@ function admin_user() { $html .= funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_REQUEST['id']); } else { switch ($_REQUEST['action']) { + case 'save_groups' : + if ($id != $user['UID']) { + list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`"); + list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`"); + + if ($my_highest_group <= $his_highest_group) { + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`"); + $grouplist = array (); + foreach ($groups as $group) + $grouplist[] = $group['UID']; + + if (!is_array($_REQUEST['groups'])) + $_REQUEST['groups'] = array (); + + sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); + foreach ($_REQUEST['groups'] as $group) + if (in_array($group, $grouplist)) + sql_query("INSERT INTO `UserGroups` SET `uid`=" . + sql_escape($id) . ", `group_id`=" . sql_escape($group)); + $html .= success("Benutzergruppen gespeichert."); + } else { + $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten."); + } + } else { + $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten."); + } + break; + case 'delete' : if ($user['UID'] != $id) { sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); @@ -185,23 +229,23 @@ function admin_user() { $html .= "Anzahl Engel: $Zeilen

\n"; $html .= ' - - - - - - - - - - - - - '; +
- Nick - Vorname NameAlter - E-Mail - GrößeGekommenAktivT-ShirtRegistrierÄnd.
+ + + + + + + + + + + + '; $Gekommen = 0; $Active = 0; $Tshirt = 0; -- cgit v1.2.3-54-g00ecf
+ Nick + Vorname NameAlter + E-Mail + GrößeGekommenAktivT-ShirtRegistrierÄnd.