Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Usergruppen Verwaltung

Browse Source 
- kleine fixes und Verbesserungen vorgenommen
main
radiskull 14 years ago
parent 143672601b
commit 12b2418b79
3 changed files with 27 additions and 26 deletions
Show Stats Download Patch File Download Diff File

5
ag/gm/gm_seite.php
Unescape View File

@ -68,14 +68,15 @@ function loginUser($user,$pass){
$result = mysql_fetch_assoc($qry);
$usergroups = getUserGroups($user);
if(isUserInGroup($usergroups, Admin)) {
if(isUserInGroup($usergroups, admin)) {
$_SESSION['user'] = $result['id'];
$_SESSION['username'] = $result['nickname'];
$_SESSION['password'] = $result['passwort'];
$_SESSION['usergroups'] = $usergroups;
echo '<a href="'.$_SERVER['PHP_SELF'].'">Zum Hauptmenu</a>';
return true;
}
return true;
return false;
}
echo displayHistoryBackLink();
return false;

32
ag/gm/include/user.inc.php
Unescape View File

@ -15,20 +15,20 @@ function getOtherUserGroups($user) {
$groups = array();
//prüfen welcher wert für user steht (id oder name)
if(validateInteger($user, null) != null) {
$test = 'SELECT gruppe_id, gruppe_name FROM user_gruppe WHERE gruppe_id not in
(SELECT gruppe_id FROM user_gruppe_zuordnung WHERE user_id = \''.$user.'\')';
if(is_numeric($user)) {
$test = 'SELECT gruppen_id, gruppen_name FROM user_gruppe WHERE gruppen_id not in
(SELECT gruppen_id FROM user_gruppe_zuordnung WHERE user_id = \''.$user.'\')';
$qry = mysql_query($test);
} else if (validateString($user) != null) {
$test = 'SELECT gruppe_id, gruppe_name FROM user_gruppe WHERE gruppe_id not in
(SELECT ugz.gruppe_id FROM user u INNER JOIN user_gruppe_zuordnung ugz ON
$test = 'SELECT gruppen_id, gruppen_name FROM user_gruppe WHERE gruppen_id not in
(SELECT ugz.gruppen_id FROM user u INNER JOIN user_gruppe_zuordnung ugz ON
u.id=ugz.user_id WHERE nickname = \''.$user.'\')';
$qry = mysql_query($test);
}
$i = 0;
while ($result = mysql_fetch_assoc($qry)) {
$groups[$i] = array("gruppe_id" => $result['gruppe_id'], "gruppe_name" => $result['gruppe_name']);
$groups[$i] = array("gruppen_id" => $result['gruppen_id'], "gruppen_name" => $result['gruppen_name']);
$i++;
}
@ -40,10 +40,10 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
$username = validateName($name);
if ($delete !== NULL && $delete >= 0) {
$qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$username.
'\') AND gruppe_id = '.$delete.';';
'\') AND gruppen_id = '.$delete.';';
mysql_query($qry);
} else if($add !== NULL && $add >= 0) {
$qry = 'INSERT INTO user_gruppe_zuordnung(user_id, gruppe_id)
$qry = 'INSERT INTO user_gruppe_zuordnung(user_id, gruppen_id)
VALUES((SELECT id FROM user WHERE nickname = \''.$username.'\'), '.$add.');';
mysql_query($qry);
}
@ -65,7 +65,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<option value="-1">Gruppe ausw&auml;hlen</option>
<?php
for($i = 0; $i < count($usergroups); $i++) {
echo '<option value="'.$usergroups[$i]['gruppe_id'].'">'.$usergroups[$i]['gruppe_name'].'</option>';
echo '<option value="'.$usergroups[$i]['gruppen_id'].'">'.$usergroups[$i]['gruppen_name'].'</option>';
}
?>
</select> <input type="submit" value="löschen" />
@ -76,7 +76,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<option value="-1">Gruppe ausw&auml;hlen</option>
<?php
for($i = 0; $i < count($notusergroups); $i++) {
echo '<option value="'.$notusergroups[$i]['gruppe_id'].'">'.$notusergroups[$i]['gruppe_name'].'</option>';
echo '<option value="'.$notusergroups[$i]['gruppen_id'].'">'.$notusergroups[$i]['gruppen_name'].'</option>';
}
?>
</select> <input type="submit" value="hinzufügen" />
@ -89,7 +89,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<th>Usergruppen</th>
<?php
for($i = 0; $i < count($usergroups); $i++) {
echo '<tr><td align="center">'.$usergroups[$i]['gruppe_name'].'</td>';
echo '<tr><td align="center">'.$usergroups[$i]['gruppen_name'].'</td>';
}
?>
@ -112,8 +112,8 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
} else if($action === 'show') {
$username = validateName($ugname);
$sqlqry = 'SELECT u.nickname FROM user_gruppe_zuordnung ugz
INNER JOIN user_gruppe ug ON ug.gruppe_id=ugz.gruppe_id
INNER JOIN user u ON ugz.user_id=u.id WHERE ug.gruppe_name = \''.$ugname.'\';';
INNER JOIN user_gruppe ug ON ug.gruppen_id=ugz.gruppen_id
INNER JOIN user u ON ugz.user_id=u.id WHERE ug.gruppen_name = \''.$ugname.'\';';
$usergroups_qry = mysql_query($sqlqry);
?>
<table width="80%">
@ -174,11 +174,11 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<th>Usergruppe</th>
<th>Beschreibung</th>
<?php
$usergroups_qry = mysql_query('SELECT gruppe_name, gruppe_beschreibung FROM user_gruppe ug;');
$usergroups_qry = mysql_query('SELECT gruppen_name, gruppen_beschreibung FROM user_gruppe ug;');
while($row = mysql_fetch_assoc($usergroups_qry)){
echo '<tr><td align="center"><a href="'
.$_SERVER['PHP_SELF'].'?choose=usergroups&action=show&ugname='.$row['gruppe_name'].'">'
.$row['gruppe_name'].'</a></td><td>'.$row['gruppe_beschreibung'].'</td></tr>';
.$_SERVER['PHP_SELF'].'?choose=usergroups&action=show&ugname='.$row['gruppen_name'].'">'
.$row['gruppen_name'].'</a></td><td>'.$row['gruppen_beschreibung'].'</td></tr>';
}
?>

16
ag/include/usergroup.inc.php
Unescape View File

@ -7,8 +7,8 @@
*/
//Konstanten
define("Admin", 1);
define("Tester", 2);
define("admin", 1);
define("tester", 2);
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
@ -17,14 +17,14 @@ function getUserGroups($user) {
$groups = array();
//prüfen welcher wert für user steht (id oder name)
if(validateInteger($user, null) != null) {
$test = 'SELECT ug.gruppe_name, ug.gruppe_id FROM user_gruppe_zuordnung as ugz
INNER JOIN user_gruppe as ug ON ugz.gruppe_id=ug.gruppe_id
if(is_numeric($user)) {
$test = 'SELECT ug.gruppen_name, ug.gruppen_id FROM user_gruppe_zuordnung as ugz
INNER JOIN user_gruppe as ug ON ugz.gruppen_id=ug.gruppen_id
WHERE ugz.user_id = \''.$user.'\'';
$qry = mysql_query($test);
} else if (validateString($user) != null) {
$test = 'SELECT ug.gruppe_name, ug.gruppe_id FROM user_gruppe_zuordnung as ugz
INNER JOIN user_gruppe as ug ON ugz.gruppe_id=ug.gruppe_id
$test = 'SELECT ug.gruppen_name, ug.gruppen_id FROM user_gruppe_zuordnung as ugz
INNER JOIN user_gruppe as ug ON ugz.gruppen_id=ug.gruppen_id
INNER JOIN user as u ON u.id=ugz.user_id
WHERE u.nickname = \''.$user.'\'';
$qry = mysql_query($test);
@ -32,7 +32,7 @@ function getUserGroups($user) {
$i = 0;
while ($result = mysql_fetch_assoc($qry)) {
$groups[$i] = array("gruppe_id" => $result['gruppe_id'], "gruppe_name" => $result['gruppe_name']);
$groups[$i] = array("gruppen_id" => $result['gruppen_id'], "gruppen_name" => $result['gruppen_name']);
$i++;
}

Write Preview
Loading…
Cancel
Save