Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Usergruppen Verwaltung

Browse Source 
- kleine fixes und Verbesserungen vorgenommen
main
radiskull 13 years ago
parent 143672601b
commit 12b2418b79
3 changed files with 27 additions and 26 deletions
Show Stats Download Patch File Download Diff File

5
ag/gm/gm_seite.php
Unescape View File

@ -68,14 +68,15 @@ function loginUser($user,$pass){
$result = mysql_fetch_assoc($qry); $result = mysql_fetch_assoc($qry);
$usergroups = getUserGroups($user); $usergroups = getUserGroups($user);
if(isUserInGroup($usergroups, Admin)) { if(isUserInGroup($usergroups, admin)) {
$_SESSION['user'] = $result['id']; $_SESSION['user'] = $result['id'];
$_SESSION['username'] = $result['nickname']; $_SESSION['username'] = $result['nickname'];
$_SESSION['password'] = $result['passwort']; $_SESSION['password'] = $result['passwort'];
$_SESSION['usergroups'] = $usergroups; $_SESSION['usergroups'] = $usergroups;
echo '<a href="'.$_SERVER['PHP_SELF'].'">Zum Hauptmenu</a>'; echo '<a href="'.$_SERVER['PHP_SELF'].'">Zum Hauptmenu</a>';
return true;
} }
return true; return false;
} }
echo displayHistoryBackLink(); echo displayHistoryBackLink();
return false; return false;

32
ag/gm/include/user.inc.php
Unescape View File

@ -15,20 +15,20 @@ function getOtherUserGroups($user) {
$groups = array(); $groups = array();
//prüfen welcher wert für user steht (id oder name) //prüfen welcher wert für user steht (id oder name)
if(validateInteger($user, null) != null) { if(is_numeric($user)) {
$test = 'SELECT gruppe_id, gruppe_name FROM user_gruppe WHERE gruppe_id not in $test = 'SELECT gruppen_id, gruppen_name FROM user_gruppe WHERE gruppen_id not in
(SELECT gruppe_id FROM user_gruppe_zuordnung WHERE user_id = \''.$user.'\')'; (SELECT gruppen_id FROM user_gruppe_zuordnung WHERE user_id = \''.$user.'\')';
$qry = mysql_query($test); $qry = mysql_query($test);
} else if (validateString($user) != null) { } else if (validateString($user) != null) {
$test = 'SELECT gruppe_id, gruppe_name FROM user_gruppe WHERE gruppe_id not in $test = 'SELECT gruppen_id, gruppen_name FROM user_gruppe WHERE gruppen_id not in
(SELECT ugz.gruppe_id FROM user u INNER JOIN user_gruppe_zuordnung ugz ON (SELECT ugz.gruppen_id FROM user u INNER JOIN user_gruppe_zuordnung ugz ON
u.id=ugz.user_id WHERE nickname = \''.$user.'\')'; u.id=ugz.user_id WHERE nickname = \''.$user.'\')';
$qry = mysql_query($test); $qry = mysql_query($test);
} }
$i = 0; $i = 0;
while ($result = mysql_fetch_assoc($qry)) { while ($result = mysql_fetch_assoc($qry)) {
$groups[$i] = array("gruppe_id" => $result['gruppe_id'], "gruppe_name" => $result['gruppe_name']); $groups[$i] = array("gruppen_id" => $result['gruppen_id'], "gruppen_name" => $result['gruppen_name']);
$i++; $i++;
} }
@ -40,10 +40,10 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
$username = validateName($name); $username = validateName($name);
if ($delete !== NULL && $delete >= 0) { if ($delete !== NULL && $delete >= 0) {
$qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$username. $qry = 'DELETE FROM user_gruppe_zuordnung WHERE user_id in (SELECT id FROM user WHERE nickname = \''.$username.
'\') AND gruppe_id = '.$delete.';'; '\') AND gruppen_id = '.$delete.';';
mysql_query($qry); mysql_query($qry);
} else if($add !== NULL && $add >= 0) { } else if($add !== NULL && $add >= 0) {
$qry = 'INSERT INTO user_gruppe_zuordnung(user_id, gruppe_id) $qry = 'INSERT INTO user_gruppe_zuordnung(user_id, gruppen_id)
VALUES((SELECT id FROM user WHERE nickname = \''.$username.'\'), '.$add.');'; VALUES((SELECT id FROM user WHERE nickname = \''.$username.'\'), '.$add.');';
mysql_query($qry); mysql_query($qry);
} }
@ -65,7 +65,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<option value="-1">Gruppe ausw&auml;hlen</option> <option value="-1">Gruppe ausw&auml;hlen</option>
<?php <?php
for($i = 0; $i < count($usergroups); $i++) { for($i = 0; $i < count($usergroups); $i++) {
echo '<option value="'.$usergroups[$i]['gruppe_id'].'">'.$usergroups[$i]['gruppe_name'].'</option>'; echo '<option value="'.$usergroups[$i]['gruppen_id'].'">'.$usergroups[$i]['gruppen_name'].'</option>';
} }
?> ?>
</select> <input type="submit" value="löschen" /> </select> <input type="submit" value="löschen" />
@ -76,7 +76,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<option value="-1">Gruppe ausw&auml;hlen</option> <option value="-1">Gruppe ausw&auml;hlen</option>
<?php <?php
for($i = 0; $i < count($notusergroups); $i++) { for($i = 0; $i < count($notusergroups); $i++) {
echo '<option value="'.$notusergroups[$i]['gruppe_id'].'">'.$notusergroups[$i]['gruppe_name'].'</option>'; echo '<option value="'.$notusergroups[$i]['gruppen_id'].'">'.$notusergroups[$i]['gruppen_name'].'</option>';
} }
?> ?>
</select> <input type="submit" value="hinzufügen" /> </select> <input type="submit" value="hinzufügen" />
@ -89,7 +89,7 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<th>Usergruppen</th> <th>Usergruppen</th>
<?php <?php
for($i = 0; $i < count($usergroups); $i++) { for($i = 0; $i < count($usergroups); $i++) {
echo '<tr><td align="center">'.$usergroups[$i]['gruppe_name'].'</td>'; echo '<tr><td align="center">'.$usergroups[$i]['gruppen_name'].'</td>';
} }
?> ?>
@ -112,8 +112,8 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
} else if($action === 'show') { } else if($action === 'show') {
$username = validateName($ugname); $username = validateName($ugname);
$sqlqry = 'SELECT u.nickname FROM user_gruppe_zuordnung ugz $sqlqry = 'SELECT u.nickname FROM user_gruppe_zuordnung ugz
INNER JOIN user_gruppe ug ON ug.gruppe_id=ugz.gruppe_id INNER JOIN user_gruppe ug ON ug.gruppen_id=ugz.gruppen_id
INNER JOIN user u ON ugz.user_id=u.id WHERE ug.gruppe_name = \''.$ugname.'\';'; INNER JOIN user u ON ugz.user_id=u.id WHERE ug.gruppen_name = \''.$ugname.'\';';
$usergroups_qry = mysql_query($sqlqry); $usergroups_qry = mysql_query($sqlqry);
?> ?>
<table width="80%"> <table width="80%">
@ -174,11 +174,11 @@ function displayUserGroups($action, $name, $ugname, $delete, $add) {
<th>Usergruppe</th> <th>Usergruppe</th>
<th>Beschreibung</th> <th>Beschreibung</th>
<?php <?php
$usergroups_qry = mysql_query('SELECT gruppe_name, gruppe_beschreibung FROM user_gruppe ug;'); $usergroups_qry = mysql_query('SELECT gruppen_name, gruppen_beschreibung FROM user_gruppe ug;');
while($row = mysql_fetch_assoc($usergroups_qry)){ while($row = mysql_fetch_assoc($usergroups_qry)){
echo '<tr><td align="center"><a href="' echo '<tr><td align="center"><a href="'
.$_SERVER['PHP_SELF'].'?choose=usergroups&action=show&ugname='.$row['gruppe_name'].'">' .$_SERVER['PHP_SELF'].'?choose=usergroups&action=show&ugname='.$row['gruppen_name'].'">'
.$row['gruppe_name'].'</a></td><td>'.$row['gruppe_beschreibung'].'</td></tr>'; .$row['gruppen_name'].'</a></td><td>'.$row['gruppen_beschreibung'].'</td></tr>';
} }
?> ?>

16
ag/include/usergroup.inc.php
Unescape View File

@ -7,8 +7,8 @@
*/ */
//Konstanten //Konstanten
define("Admin", 1); define("admin", 1);
define("Tester", 2); define("tester", 2);
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php'); include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
@ -17,14 +17,14 @@ function getUserGroups($user) {
$groups = array(); $groups = array();
//prüfen welcher wert für user steht (id oder name) //prüfen welcher wert für user steht (id oder name)
if(validateInteger($user, null) != null) { if(is_numeric($user)) {
$test = 'SELECT ug.gruppe_name, ug.gruppe_id FROM user_gruppe_zuordnung as ugz $test = 'SELECT ug.gruppen_name, ug.gruppen_id FROM user_gruppe_zuordnung as ugz
INNER JOIN user_gruppe as ug ON ugz.gruppe_id=ug.gruppe_id INNER JOIN user_gruppe as ug ON ugz.gruppen_id=ug.gruppen_id
WHERE ugz.user_id = \''.$user.'\''; WHERE ugz.user_id = \''.$user.'\'';
$qry = mysql_query($test); $qry = mysql_query($test);
} else if (validateString($user) != null) { } else if (validateString($user) != null) {
$test = 'SELECT ug.gruppe_name, ug.gruppe_id FROM user_gruppe_zuordnung as ugz $test = 'SELECT ug.gruppen_name, ug.gruppen_id FROM user_gruppe_zuordnung as ugz
INNER JOIN user_gruppe as ug ON ugz.gruppe_id=ug.gruppe_id INNER JOIN user_gruppe as ug ON ugz.gruppen_id=ug.gruppen_id
INNER JOIN user as u ON u.id=ugz.user_id INNER JOIN user as u ON u.id=ugz.user_id
WHERE u.nickname = \''.$user.'\''; WHERE u.nickname = \''.$user.'\'';
$qry = mysql_query($test); $qry = mysql_query($test);
@ -32,7 +32,7 @@ function getUserGroups($user) {
$i = 0; $i = 0;
while ($result = mysql_fetch_assoc($qry)) { while ($result = mysql_fetch_assoc($qry)) {
$groups[$i] = array("gruppe_id" => $result['gruppe_id'], "gruppe_name" => $result['gruppe_name']); $groups[$i] = array("gruppen_id" => $result['gruppen_id'], "gruppen_name" => $result['gruppen_name']);
$i++; $i++;
} }

Write Preview
Loading…
Cancel
Save