iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add more security groups and create groups

This commit is contained in:
Angelo Cuccato 2010-01-26 22:38:19 +01:00
parent ec21c8ade1
commit c6c14dc740
6 changed files with 64 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
DB/UserCVS.sql
View File

@ -18,7 +18,7 @@
DROP TABLE IF EXISTS `UserCVS`;
CREATE TABLE `UserCVS` (
`UID` int(11) NOT NULL default '0',
`GroupID` int(11) default NULL,
`GroupID` int(11) default '-2',
`index.php` char(1) NOT NULL default 'G',
`logout.php` char(1) NOT NULL default 'G',
`faq.php` char(1) NOT NULL default 'G',
@ -47,7 +47,9 @@ CREATE TABLE `UserCVS` (
`admin/schichtplan_druck.php` char(1) NOT NULL default 'G',
`admin/user.php` char(1) NOT NULL default 'G',
`admin/userChangeNormal.php` char(1) NOT NULL default 'G',
`admin/userSaveNormal.php` char(1) NOT NULL default 'G',
`admin/userChangeSecure.php` char(1) NOT NULL default 'G',
`admin/userSaveSecure.php` char(1) NOT NULL default 'G',
`admin/userSaveNormal.php` char(1) NOT NULL default 'G',
`admin/userSaveSecure.php` char(1) NOT NULL default 'G',
`admin/group.php` char(1) NOT NULL default 'G',

13
www-ssl/admin/group.php
View File

@ -16,10 +16,10 @@ if (!IsSet($_GET["enterGID"]))
// anzahl zeilen
$Zeilen = mysql_num_rows($Erg);
echo "<table width=\"100%\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
echo "<table class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
echo "<tr class=\"contenttopic\">\n";
echo "\t<td>Groupname</td>\n";
echo "\t<td>-</td>\n";
echo "\t<td>Link</td>\n";
echo "</tr>\n";
for ($n = 0 ; $n < $Zeilen ; $n++) {
@ -30,6 +30,15 @@ if (!IsSet($_GET["enterGID"]))
mysql_result($Erg, $n, "UID")."&Type=Secure\">change</a></td>\n";
echo "</tr>\n";
}
// new form
echo "<tr class=\"content\">\n";
echo "\t<form action=\"userSaveSecure.php?new=newGroup\" method=\"POST\">\n";
echo "\t\t<td><input name=\"GroupName\" type=\"text\" value=\"--new group--\"></td>\n";
echo "\t\t<td><input type=\"submit\" name=\"Send\" value=\"Save\"></td>\n";
echo "\t</form>\n";
echo "</tr>\n";
echo "\t</table>\n";
// Ende Userliste
}

2
www-ssl/admin/user.php
View File

@ -11,8 +11,6 @@ if (!IsSet($_GET["enterUID"]))
echo "<a href=\"../makeuser.php\">Neuen Engel eintragen</a><br><br>\n";
echo "\n<a href=\"./user.php?enterUID=-1&Type=Secure\">Edit logout User</a><br><br>\n";
if( !isset($_GET["OrderBy"]) ) $_GET["OrderBy"] = "Nick";
$SQL = "SELECT * FROM `User` ORDER BY `". $_GET["OrderBy"]. "` ASC";
$Erg = mysql_query($SQL, $con);

2
www-ssl/admin/userChangeSecure.php
View File

@ -16,7 +16,7 @@ if (IsSet($_GET["enterUID"]))
"Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
"bereits sein T-Shirt erhalten hat.<br><br>\n";
echo "<form action=\"./userChangeSecure.php?action=change\" method=\"POST\">\n";
echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n";
echo "<table border=\"0\">\n";
echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n";

1
www-ssl/admin/userSaveNormal.php
View File

@ -9,7 +9,6 @@ include ("../../includes/funktion_db.php");
if (IsSet($_GET["action"]))
{
SetHeaderGo2Back();
echo "Gesendeter Befehl: ". $_GET["action"]. "<br>";

56
www-ssl/admin/userSaveSecure.php
View File

@ -7,12 +7,20 @@ include ("../../includes/funktion_db_list.php");
include ("../../includes/crypt.php");
include ("../../includes/funktion_db.php");
if (IsSet($_GET["action"]))
if( !IsSet($_POST["enterUID"]) )
{
$Right = "N";
} elseif( $_POST["enterUID"] > 0 ) {
$Right = $_SESSION['CVS'][ "admin/user.php"];
} else {
$Right = $_SESSION['CVS'][ "admin/group.php"];
}
if ( ($Right=="Y") && IsSet($_GET["action"]))
{
SetHeaderGo2Back();
echo "Gesendeter Befehl: ". $_GET["action"]. "<br>";
switch ($_GET["action"])
{
case "change":
@ -31,7 +39,9 @@ if (IsSet($_GET["action"]))
if( $CVS_Data_Name == "GroupID")
{
if( $_POST["enterUID"] > 0 )
$SQL2.= "`$CVS_Data_Name` = ". $_POST["GroupID"].", ";
$SQL2.= "`$CVS_Data_Name` = '". $_POST["GroupID"]."', ";
else
$SQL2.= "`$CVS_Data_Name` = NULL, ";
} else {
$SQL2.= "`$CVS_Data_Name` = '". $_POST[$CVS_Data_i]."', ";
}
@ -90,9 +100,41 @@ if (IsSet($_GET["action"]))
} // end switch
// ende - Action ist gesetzt
}
else
{
} elseif ( IsSet($_GET["new"]) && ($_SESSION['CVS']["admin/group.php"]=="Y") ) {
echo "Gesendeter Befehl: ". $_GET["new"]. "<br>";
switch ($_GET["new"])
{
case "newGroup":
echo "\tGenerate new Group ID...\n";
$SQLid="SELECT MIN(`UID`) FROM `UserCVS`;";
$Erg = mysql_query( $SQLid);
if( mysql_num_rows($Erg) == 1) {
$NewId = mysql_result( $Erg, 0, 0)-1;
$SQLnew1 = "INSERT INTO `UserGroups` (`UID`, `Name`) VALUES ('$NewId', '". $_POST["GroupName"]. "' );";
$SQLnew2 = "INSERT INTO `UserCVS` (`UID`, `GroupID`) VALUES ('$NewId', NULL );";
echo "\t<br>Generate new UserGroup ...\n";
$ErgNew1 = db_query($SQLnew1, "create UserGroups Entry");
if ($ErgNew1 == 1)
{
echo "\t<br>Generate new User rights...\n";
$ErgNew2 = db_query($SQLnew2, "UserCVS Entry");
if ($ErgNew1 == 1) {
echo "\t<br>New group was created.\n";
} else {
echo "Error on creation\n(". mysql_error($con). ")";
}
} else {
echo "Error on creation\n(". mysql_error($con). ")";
}
}
break;
}
} else {
// kein Action gesetzt -> abbruch
echo "Unzul&auml;ssiger Aufruf.<br>Bitte neu editieren...";
}