Example #1
0
 function delete() {
     Category::requirePermission("DELETE");
     $link = Database::getConnection();
     $query = "DELETE FROM category WHERE id=".Database::sqlValue($this->id);
     mysql_query($query) or die(Database::formatError($query, Text::getText("QueryFailed")));
     Database::returnConnection($link);
 }
 function getById($id) {
     SecurityPermission::requirePermission("VIEW");
     $sql = "SELECT * from security_permission WHERE id=".Database::sqlValue($id);
     $result = Database::query($sql);
     $r = NULL;
     if ($line = $result->next()) {
         $r = SecurityPermission::build($line);
     }
     return $r;
     
 }
Example #3
0
 function removePermission($resource, $permission) {
     SecurityGroup::requirePermission("CHANGE");
     $group_id = $this->getId();
     $resource_id = $resource->getId();
     $permission_id = $permission->getId();
     $sql = "DELETE FROM security_group_permission
         WHERE group_id = ".Database::sqlValue($group_id)."
         AND resource_id = ".Database::sqlValue($resource_id)."
         AND permission_id = ".Database::sqlValue($permission_id);
     Database::query($sql);
 }
Example #4
0
 function delete() {
     Recipe::requirePermission("DELETE");
     $query = "DELETE FROM recipe WHERE id=".Database::sqlValue($this->id);
     Database::query($query);
     $this->deletePhoto();
 }
Example #5
0
 /**
  * Applies to the instance.
  */
 function hasPermission($resource, $permission)
 {
     $id = $this->id;
     $sql = "SELECT security_group_member.user_id, security_resource.name, security_permission.name\n            FROM security_group_member, security_group_permission, security_permission, security_resource\n            WHERE security_group_member.user_id = " . Database::sqlValue($id) . "\n            AND security_group_member.group_id = security_group_permission.group_id\n            AND security_group_permission.resource_id = security_resource.id\n            AND security_resource.name = " . Database::sqlValue($resource) . "\n            AND security_group_permission.permission_id = security_permission.id\n            AND security_permission.name = " . Database::sqlValue($permission);
     //print $sql;
     $result = Database::query($sql);
     if ($result->next()) {
         //print "OK: $resource::$permission (".$this->getLoginName().")";
         return TRUE;
     } else {
         return FALSE;
     }
 }
Example #6
0
 function deleteAllFromUser($user) {
     $query = "DELETE FROM rating WHERE user_id=".Database::sqlValue($user->getId());
     Database::query($query);
 }
Example #7
0
 function getNonMembers() {
     SecurityGroup::requirePermission("VIEW");
     $id = $this->id;
     $query = "SELECT su.*
         FROM security_user AS su
         LEFT JOIN security_group_member AS sgm
             ON sgm.user_id = su.id AND sgm.group_id = ".Database::sqlValue($id)."
         WHERE sgm.user_id IS NULL";
     if ($this->debug) print $query;
     $result = Database::query($query);
     $members = array();
     while ($line = $result->next()) {
         array_push($members, SecurityUser::build($line));
     }
     return $members;
 }