1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
<?php
if( !isset($_SESSION['UID']))
$_SESSION['UID'] = -1;
// CVS import Data
$SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['UID'];
$Erg_CVS = mysql_query($SQL_CVS, $con);
$_SESSION['CVS'] = mysql_fetch_array($Erg_CVS);
// Group import Data, if nesseary
if( isset( $_SESSION['CVS'][ "GroupID" ]))
{
$SQL_GRP = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['CVS'][ "GroupID" ];
$Erg_GRP = mysql_query($SQL_GRP, $con);
$_SESSION['CVS_Group'] = mysql_fetch_array($Erg_GRP);
foreach( $_SESSION['CVS'] as $k => $v)
{
if($v=="G") // Right == Group
$_SESSION['CVS'][$k] = $_SESSION['CVS_Group'][$k];
}
}
//pagename ermitteln
$Page["Name"] = substr( $_SERVER['PHP_SELF'], strlen($ENGEL_ROOT) );
//recht f�r diese seite auslesen
if( isset( $_SESSION['CVS'][ $Page["Name"] ]))
$Page["CVS"] = $_SESSION['CVS'][ $Page["Name"] ];
else
{
echo "SYSTEM ERROR: now right for ". $Page["Name"]. "exist";
die;
}
if( $DEBUG )
{
// foreach( $_SESSION as $k => $v)
// echo "$k = $v<br>\n";
echo "<pre>\$_SESSION:\n";
print_r($_SESSION);
echo "</pre>";
if( strlen($Page["CVS"]) == 0 )
echo "<h1><u> CVS ERROR, on page '". $Page["Name"]. "'</u></h1>";
else
echo "CVS: ". $Page["Name"]. " => '". $Page["CVS"]. "'<br>";
}
function funktion_isLinkAllowed( $PageName)
{
global $_SESSION;
// separate page parameter
$ParameterPos = strpos( $PageName, ".php?");
if( $ParameterPos === FALSE)
{
$pName = $PageName;
}
else
{
$pName = substr( $PageName, 0, $ParameterPos + 4);
}
// check rights
if( (isset( $_SESSION['CVS'][ $pName ]) === TRUE) &&
($_SESSION['CVS'][ $pName ] == "Y") )
{
return TRUE;
}
return FALSE;
}
function funktion_isLinkAllowed_addLink_OrLinkText( $PageName, $LinkText)
{
global $url, $ENGEL_ROOT;
if( funktion_isLinkAllowed( $PageName) === TRUE)
{
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
}
return $LinkText;
}
function funktion_isLinkAllowed_addLink_OrEmpty( $PageName, $LinkText)
{
global $url, $ENGEL_ROOT;
if( funktion_isLinkAllowed( $PageName) === TRUE)
{
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
}
return "";
}
?>
|
