menu authorities
This commit is contained in:
Tóth Richárd
48
_class/class_authority.php
Normal file
48
_class/class_authority.php
Normal file
@@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
AUTHORITY CLASS
|
||||
*/
|
||||
|
||||
class authority {
|
||||
private $a_id;
|
||||
private $a_name;
|
||||
private $a_title;
|
||||
|
||||
public function set_a_id($_id) {
|
||||
$this->a_id = $_id;
|
||||
}
|
||||
|
||||
public function get_a_id() {
|
||||
return $this->a_id;
|
||||
}
|
||||
|
||||
public function set_a_name($_name) {
|
||||
$this->a_name = $_name;
|
||||
}
|
||||
|
||||
public function get_a_name() {
|
||||
return $this->a_name;
|
||||
}
|
||||
|
||||
public function set_a_title($_title) {
|
||||
$this->a_title = $_title;
|
||||
}
|
||||
|
||||
public function get_a_title() {
|
||||
return $this->a_title;
|
||||
}
|
||||
|
||||
public function set_a_data_by_id($_id) {
|
||||
global $sql;
|
||||
$a_query = "SELECT * FROM authority WHERE a_id = " . $_id . ";";
|
||||
$a_assoc_array = $sql->assoc_array($a_query);
|
||||
foreach ($a_assoc_array[0] as $field => $value) {
|
||||
$function_name = "set_" . $field;
|
||||
$this->$function_name($value); //alapadatok beállítása
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
@@ -21,10 +21,28 @@ class page {
|
||||
}
|
||||
|
||||
public function get_page_nav() {
|
||||
global $smarty, $sql;
|
||||
global $smarty, $sql, $user;
|
||||
//nem kell if, hanem page alapján beillesztük az id-t
|
||||
if ($this->get_page() == 'admin') {
|
||||
$menus_query = "SELECT * FROM subpage WHERE spage_page_id = 1;";
|
||||
if ($user) {
|
||||
$menus_query = "
|
||||
SELECT
|
||||
*
|
||||
FROM
|
||||
subpage
|
||||
LEFT JOIN
|
||||
authority ON a_name = spage_url
|
||||
JOIN
|
||||
user_authority ON (ua_authority_a_id = a_id
|
||||
OR ua_authority_a_id = 1)
|
||||
WHERE
|
||||
spage_page_id = 1
|
||||
AND ua_user_kid_uk_id = " . $user->get_ua_id() .";
|
||||
";
|
||||
}
|
||||
else {
|
||||
$menus_query = "SELECT * FROM subpage WHERE spage_page_id = 1;";
|
||||
}
|
||||
$menu_assoc_array = $sql->assoc_array($menus_query);
|
||||
$smarty->assign('menus', $menu_assoc_array);
|
||||
}
|
||||
@@ -53,8 +71,22 @@ class page {
|
||||
$smarty->display('nav.tpl');
|
||||
}
|
||||
|
||||
|
||||
|
||||
function findInStructure($id, &$array) {
|
||||
if (array_key_exists($id, $array)) {
|
||||
return $id;
|
||||
}
|
||||
|
||||
foreach ($array as $key => $submenu) {
|
||||
if (in_array($id, $submenu)) {
|
||||
return $key;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function get_page_content() {
|
||||
global $sql, $user, $smarty;
|
||||
global $sql, $user, $smarty, $structure;
|
||||
//var_dump($user);
|
||||
ini_set('include_path', '_include/');
|
||||
//ini_set('include_path', '/var/www/badminton_coach/_include');
|
||||
@@ -63,6 +95,23 @@ class page {
|
||||
//TODO: mi van ha nincs page? átirányítás v 404?
|
||||
//page alapján betölti a tpl-t
|
||||
|
||||
if ($this->is_subpage() && $this->get_page() == 'admin') {
|
||||
if ('create' == $this->get_subpage()) {
|
||||
$toFind = $this->get_id();
|
||||
} elseif (strpos($this->get_subpage(), 'delete') !== false) {
|
||||
//delete_ utáni rész
|
||||
$toFind = substr($this->get_subpage(), 7);
|
||||
}
|
||||
else {
|
||||
$toFind = $this->get_subpage();
|
||||
}
|
||||
$subPage = $this->findInStructure($toFind, $structure);
|
||||
if ('exception' != $subPage && !$user->has_authority_by_name($subPage)) {
|
||||
include('include_access_denied.php');
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
switch ($this->get_page()) {
|
||||
case 'admin':
|
||||
# ADMIN OLDALAK
|
||||
|
||||
@@ -82,6 +82,7 @@ class sql extends mysqli {
|
||||
}
|
||||
|
||||
public function execute_query($_query) {
|
||||
//var_dump($_query);
|
||||
return self::query($_query);
|
||||
}
|
||||
|
||||
|
||||
@@ -19,6 +19,7 @@ class user {
|
||||
private $user_admin;
|
||||
private $logged_in;
|
||||
private $user_type;
|
||||
private $authorities = array();
|
||||
private $user_deleted;
|
||||
|
||||
public function set_ua_id($_uid) {
|
||||
@@ -92,6 +93,16 @@ class user {
|
||||
$this->logged_in = $_login;
|
||||
}
|
||||
|
||||
public function add_ua_authority($_a_id) {
|
||||
$this->authorities[] = $_a_id;
|
||||
}
|
||||
|
||||
public function remove_ua_authority($_a_id) {
|
||||
if (($key = array_search($del_val, $messages)) !== false) {
|
||||
unset($messages[$key]);
|
||||
}
|
||||
}
|
||||
|
||||
public function set_user_data_by_id($_ua_id) {
|
||||
global $sql, $user;
|
||||
$user_data_assoc_array = $sql->assoc_array("select * from user_coach where ua_id = " . $_ua_id);
|
||||
@@ -103,6 +114,11 @@ class user {
|
||||
$this->set_login(true);
|
||||
}
|
||||
|
||||
$authorities_aa = $sql->assoc_array('SELECT * FROM user_authority WHERE ua_user_kid_uk_id = ' . $_ua_id);
|
||||
|
||||
foreach($authorities_aa as $key => $authority) {
|
||||
$this->add_ua_authority($authority['ua_authority_a_id']);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -135,40 +151,77 @@ class user {
|
||||
return $sql->single_variable('select count(distinct trc_id) from training_coach join training on tr_id = trc_training_tr_id where year(tr_date) = '.$_year.' and month(tr_date) = '.$_month.' and trc_coach_uc_id = '.$this->get_ua_id().' and tr_deleted = 0;');
|
||||
}
|
||||
|
||||
public static function create_user($_name, $_password) {
|
||||
public function has_authority($a_id) {
|
||||
global $sql;
|
||||
return $sql->insert_into('user_coach', array(
|
||||
return $sql->num_of_rows('SELECT * FROM user_authority WHERE ua_user_kid_uk_id = ' . $this->get_ua_id() . ' AND ua_authority_a_id = ' . $a_id. ';');
|
||||
}
|
||||
|
||||
public function has_authority_by_name($a_name) {
|
||||
global $sql;
|
||||
return $sql->num_of_rows("SELECT * FROM user_authority JOIN authority ON a_id = ua_authority_a_id WHERE ua_user_kid_uk_id = " . $this->get_ua_id() . " AND (a_name = '" . $a_name. "' OR a_name = 'admin');");
|
||||
}
|
||||
|
||||
public function get_authorities() {
|
||||
return $this->authorities;
|
||||
}
|
||||
|
||||
public static function create_user($_name, $_password, $_authorities = array()) {
|
||||
global $sql;
|
||||
$new_user_id = $sql->insert_into('user_coach', array(
|
||||
'ua_name' => $_name,
|
||||
'ua_password' => $_password
|
||||
)
|
||||
);
|
||||
|
||||
if (is_array($_authorities) && !empty($_authorities)) {
|
||||
foreach ($_authorities as $key => $authority_id) {
|
||||
$sql->insert_into('user_authority', array(
|
||||
'ua_user_kid_uk_id' => $new_user_id,
|
||||
'ua_authority_a_id' => $authority_id,
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
return $new_user_id;
|
||||
}
|
||||
|
||||
public static function update_user($_name, $_password, $_admin, $_ua_id) {
|
||||
public static function update_user($_name, $_password, $_admin, $_ua_id, $_authorities = array()) {
|
||||
global $sql;
|
||||
if ($_password != "-1") {
|
||||
return $sql->update_table('user_coach',
|
||||
$sql->update_table('user_coach',
|
||||
array(
|
||||
'ua_name' => $_name,
|
||||
'ua_admin' => ($_admin?1:0),
|
||||
'ua_password' => $_password
|
||||
'ua_name' => $_name,
|
||||
'ua_admin' => ($_admin?1:0),
|
||||
'ua_password' => $_password
|
||||
),
|
||||
array(
|
||||
'ua_id' => $_ua_id
|
||||
'ua_id' => $_ua_id
|
||||
)
|
||||
);
|
||||
}
|
||||
else {
|
||||
return $sql->update_table('user_coach',
|
||||
$sql->update_table('user_coach',
|
||||
array(
|
||||
'ua_name' => $_name,
|
||||
'ua_admin' => ($_admin?1:0),
|
||||
'ua_name' => $_name,
|
||||
'ua_admin' => ($_admin?1:0),
|
||||
),
|
||||
array(
|
||||
'ua_id' => $_ua_id
|
||||
'ua_id' => $_ua_id
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
$sql->execute_query('DELETE FROM user_authority WHERE ua_user_kid_uk_id = ' . $_ua_id);
|
||||
if (is_array($_authorities) && !empty($_authorities)) {
|
||||
foreach ($_authorities as $key => $authority_id) {
|
||||
$sql->insert_into('user_authority', array(
|
||||
'ua_user_kid_uk_id' => $_ua_id,
|
||||
'ua_authority_a_id' => $authority_id,
|
||||
));
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user