Location: PHPKode > projects > lcdata > lcdata-0.0.1/frontend-web/frmrightedit.php3
<?
include 'includes/funktions.php';
$conn = connectdb();
timerefresh('prefs_page',"SELECT ku_lasttime as lasttime FROM known_users WHERE ku_name='$usrd->name'");
getuserdaten();
require 'includes/labels.php';


if (($save==true)){
 // $result = SQL_exec ($conn, "SELECT * FROM known_users WHERE ku_name='$usrd->name'");
 // $data = pg_fetch_object ($result, 0);
 // if (gidhasright($data->gid,$Rgidedit)){

  $meinerechte=(gidhasright($gid,$Rallrights));

  $maxRows=count($rights);
  for ($row=0;$row < $maxRows; $row++){
    $setuserid=$rights[$row][0];
    $right=0;
    for ($i = 1; $i <10; $i++){           
      $right=$right| $rights[$row][$i];
    }

   $sql="SELECT * FROM gidrights WHERE gr_gid=$gid AND gr_userid=$setuserid ";
   $result = SQL_exec ($conn, $sql);
   $ergb = pg_fetch_object ($result, 0);
   $recht=$ergb->userrights;

   $recht1=(($meinerechte & ($Rgivegidsee+$Rgivegidopen+$Rgivegidedit+$Rgivegiddelete) )/16);
   if ($meinerechte & $Rgivegidgives) $recht2=$Rgidrightedit;
   $recht_mask=$recht1 | $recht2;
   
   $right1=$right & $recht_mask;  // Maskieren: neu setzen nur was ich auch darf!!
   $recht=$recht & (~$recht_mask);  // Maskieren: alte lassen nur was ich auch darf!!

   $right=$right1 | $recht; 

   $sql="UPDATE gidrights set gr_userrights=$right WHERE gr_gid=$gid AND gr_userid=$setuserid ";
   $result = SQL_exec ($conn, $sql);
   //print "user $setuserid =$right $recht1 $recht2 $right1 $recht $recht_mask <br>";
  }


//  header("Location: $burl target=mainframe ");  
}

if (($doadd==true)){
  $sql    = "SELECT * FROM gidrights WHERE gr_gid=$gid AND gr_userid=$selectuser";
  $result = SQL_exec ($conn, $sql);
  if (pg_numrows( $result )==0){
    $sql    = "INSERT INTO gidrights (gr_gid,gr_userid,gr_userrights) VALUES ($gid,$selectuser,0)";
    $result = SQL_exec ($conn, $sql);
  }
}

if (($delete==true)){
  $sql    = "SELECT * FROM gidrights WHERE gr_gid=$gid";
  $result = SQL_exec ($conn, $sql);
  if (pg_numrows( $result )>1){
    $sql    = "DELETE FROM gidrights WHERE gr_gid=$gid AND gr_userid=$selectuser";
    $result = SQL_exec ($conn, $sql);
  }
}

if ($typ=="add") $result = SQL_exec ($conn, "SELECT A.ad_gid as gid, A.ad_name1 as name,K.ku_name as username, G.gr_userid as userid, G.gr_userrights as userrights FROM addresses A ,gidrights G,known_users K WHERE A.ad_gid=$gid AND A.ad_gid=G.gr_gid AND G.gr_userid=K.ku_userid");
if ($typ=="per") $result = SQL_exec ($conn, "SELECT P.pe_gid as gid, P.pe_title ||' '||P.pe_pname ||' '|| P.pe_sname as name,K.ku_name as username, G.gr_userid as userid, G.gr_userrights as userrights FROM persons P ,gidrights G,known_users K WHERE P.pe_gid=$gid AND P.pe_gid=G.gr_gid AND G.gr_userid=K.ku_userid");
if ($typ=="dat") $result = SQL_exec ($conn, "SELECT D.da_gid as gid, D.da_subject as name,K.ku_name as username, G.gr_userid as userid, G.gr_userrights as userrights FROM dates D ,gidrights G,known_users K WHERE D.da_gid=$gid AND D.da_gid=G.gr_gid AND G.gr_userid=K.ku_userid");
if ($typ=="frm") $result = SQL_exec ($conn, "SELECT gr_gid as gid, K.ku_name as username, G.gr_userid as userid, G.gr_userrights as userrights  FROM gidrights G,known_users K WHERE G.gr_gid=$gid AND G.gr_userid=K.ku_userid");
if ($typ=="doc") $result = SQL_exec ($conn, "SELECT dc_gid as gid, dc_name as name,K.ku_name as username, G.gr_userid as userid, G.gr_userrights as userrights FROM documents ,gidrights G,known_users K WHERE dc_gid=$gid AND dc_gid=G.gr_gid AND G.gr_userid=K.ku_userid");
if ($typ=="dod") $result = SQL_exec ($conn, "SELECT dd_gid as gid, dd_name as name,K.ku_name as username, G.gr_userid as userid, G.gr_userrights as userrights FROM documentdrawers ,gidrights G,known_users K WHERE dd_gid=$gid AND dd_gid=G.gr_gid AND G.gr_userid=K.ku_userid");


if (!(empty($data->name))) $name=$data->name;

$data = pg_fetch_object ($result, 0);
   
print "<html>\n<head></head>\n<body bgcolor=\"#$frm_color\">\n<center><h2>$lb_prefform</h2>\n";
 if (gidhasright($data->gid,$Rgidrightedit)){
   
    print "<form action=\"frmrightedit.php3?$dummy&typ=$typ&frm_color=$frm_color&gid=$data->gid&burl=$burl\" Method=\"POST\">\n";
    print "<table border=0>\n";
    print "<tr><td bgcolor=\"#$frm_color_head\" height=$row_height width=50>record</td><td bgcolor=\"#$frm_color_head\" width=50>$data->gid &#160;</td>";
    print "<td bgcolor=\"#$frm_color_head\" width=50>value</td><td bgcolor=\"#$frm_color_head\" colspan=8>$name &#160;</td></tr>\n";
    print "<tr><td height=$row_height width=50 bgcolor=\"#$frm_color_head\">user</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">see</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">open</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">edit</td>";
    print "<td width=75 bgcolor=\"#$frm_color_head\">delete</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">g_see</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">g_open</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">g_edit</td>";
    print "<td width=75 bgcolor=\"#$frm_color_head\">g_delete</td>";
    print "<td width=75 bgcolor=\"#$frm_color_head\">g_gives</td>";
    print "<td width=50 bgcolor=\"#$frm_color_head\">&#160;</td>";
    print "</tr>\n";
 


    for($row=0;$row<pg_numrows( $result );$row++)
    {
     $data = pg_fetch_object ($result, $row);
 
     if($row%2){
       $frm_color_row=$frm_color_row1;
     }
     else{
       $frm_color_row=$frm_color_row2;
     }   
    $rechte= $data->userrights;
    $meinerechte=(gidhasright($data->gid,$Rallrights));

    print "<tr><td bgcolor=\"#$frm_color_row\">$data->username &#160;</td>";
    print "<input type=\"hidden\" name=\"rights[$row][]\" value=\"$data->userid\">";

    print "<td bgcolor=\"#$frm_color_row\">";
    if ($meinerechte & $Rgivegidsee){
      print "<input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgidsee\" "; 
      if ($rechte & $Rgidsee) print "checked=true";
      print "></td>\n";
    }
    else{
      if ($rechte & $Rgidsee) print "X";
      print "&#160;</td>\n";
    }
   
 
    print "<td bgcolor=\"#$frm_color_row\">";
    if ($meinerechte & $Rgivegidopen){
      print "<input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgidopen\" ";
      if ($rechte & $Rgidopen) print "checked=true";
      print "></td>\n";
    }
    else{
      if ($rechte & $Rgidopen) print "X";
      print "&#160;</td>\n";
    };


    print "<td bgcolor=\"#$frm_color_row\">";
    if ($meinerechte & $Rgivegidedit){
      print "<input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgidedit\" ";
      if ($rechte & $Rgidedit) print "checked=true";
      print "></td>\n";
    }
    else{
      if ($rechte & $Rgidedit) print "X";
      print "&#160;</td>";
    };



    print "<td bgcolor=\"#$frm_color_row\">";
    if ($meinerechte & $Rgivegiddelete){
      print "<input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgiddelete\" ";
      if ($rechte & $Rgiddelete) print "checked=true";
      print "></td>";
    }
    else{
      if ($rechte & $Rgiddelete) print "X";
      print "&#160;</td>";
    };




    if ($meinerechte & $Rgivegidgives){
      print "<td bgcolor=\"#$frm_color_row\"><input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgivegidsee\" ";
      if ($rechte & $Rgivegidsee) print "checked=true";
      print "></td><td bgcolor=\"#$frm_color_row\"><input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgivegidopen\" ";
      if ($rechte & $Rgivegidopen) print "checked=true";
      print "></td><td bgcolor=\"#$frm_color_row\"><input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgivegidedit\" ";
      if ($rechte & $Rgivegidedit) print "checked=true";
      print "></td><td bgcolor=\"#$frm_color_row\"><input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgivegiddelete\" ";
      if ($rechte & $Rgivegiddelete) print "checked=true";
      print "></td><td bgcolor=\"#$frm_color_row\"><input type=\"checkbox\" name=\"rights[$row][]\" value=\"$Rgivegidgives\" ";
      if ($rechte & $Rgivegidgives) print "checked=true";
      print "></td>";
    }
    else{
      print "<td bgcolor=\"#$frm_color_row\">";
      if ($rechte & $Rgivegidsee) print "X";
      print "&#160;</td><td bgcolor=\"#$frm_color_row\">";
      if ($rechte & $Rgivegidopen) print "X";
      print "&#160;</td><td bgcolor=\"#$frm_color_row\">";
      if ($rechte & $Rgivegidedit) print "X";
      print "&#160;</td><td bgcolor=\"#$frm_color_row\">";
      if ($rechte & $Rgivegiddelete) print "X";
      print "&#160;</td><td bgcolor=\"#$frm_color_row\">";
      if ($rechte & $Rgivegidgives) print "X";
      print "&#160;</td>";
    }
    print "<td bgcolor=\"#$frm_color_row\">";
    if ($meinerechte & $Rgivegidgives) print "<a href=\"frmrightedit.php3?$dummy&delete=true&selectuser=$data->userid&frm_color=$frm_color&typ=$typ&gid=$data->gid&edit=true&burl=$burl\">delete</a>";
    print "&#160;</td>\n";

    print "</tr>";

    }


    print "</table><br>";


// Benutzer-Auswahl
//
 $sql= "SELECT * FROM known_users ORDER by ku_isgroup,ku_name";
 $result = SQL_exec ($conn,$sql);
  print "<select name=\"selectuser\" size=1>\n";
  for($row=0;$row<pg_numrows( $result );$row++)
  {
    $user = pg_fetch_object ($result, $row);
    print " <option value=\"$user->ku_userid\" ";
    if ($selectuser==$user->ku_userid){
      print "selected";
    }
    print ">$user->ku_name</option>\n";
  }
  print "</select>\n"; 



    if (gidhasright($data->gid,$Rgidrightedit)){
      print "<input type=submit name=\"doadd\" value=\"$lb_addnew\">\n";
    }
    print " <a href=\"frmrightedit.php3?$dummy&frm_color=$frm_color&typ=$typ&gid=$data->gid&edit=true&burl=$burl\" ><img src=\"gfx/$lan/reload.gif\" border=0></a>";
    print " <a href=\"$burl\" ><img src=\"gfx/$lan/cancel.gif\" border=0></a>";
    if (gidhasright($data->gid,$Rgidrightedit)){
      print "<input type=submit name=\"save\" value=\"save\">\n";
    }


    print "</form>";
  }
print "<br></center></body>\n</html>\n";
?>

Return current item: lcdata