/** * Return if the user can access the update page * @param User $user the user to evaluate * @param string $function the requested function * @return if the user can access the update page */ function validate_function(&$user, $function) { if (Auth::isAdmin() || $user->get_isadmin()) { return true; } if ($function == 'editPerms' || $function == 'resetPass') { return $user->is_group_admin(); } return false; }
* License: GPL, see LICENSE */ include_once 'lib/Template.class.php'; include_once 'lib/Utility.class.php'; include_once 'templates/cpanel.template.php'; if (!Auth::is_logged_in()) { Auth::print_login_msg(); // Check if user is logged in } $t = new Template(translate('My Control Panel')); $db = new DBEngine(); $t->printHTMLHeader(); $t->printWelcome(); $t->startMain(); $user = new User(Auth::getCurrentID()); $is_group_admin = $user->is_group_admin(); $t->startNavLinkTable(); $t->showNavLinksTable(Auth::isAdmin()); $t->endNavLinkTable(); $t->splitTable(); $order = array('number'); $announcements = $db->get_announcements(mktime()); if ($announcements) { showAnnouncementTable($announcements, $db->get_err()); printCpanelBr(); } // Valid order values in reservation retreival $order = array('start_date', 'name', 'starttime', 'endtime', 'created', 'modified'); $res = $db->get_user_reservations(Auth::getCurrentID(), CmnFns::get_value_order($order), CmnFns::get_vert_order()); showReservationTable($res, $db->get_err()); // Print out My Reservations
/** * Prints out reservation info depending on what parameters * were passed in through the query string * @param none */ function present_reservation($resid) { global $Class; // Get info about this reservation $res = new $Class($resid, false, false, $_GET['scheduleid']); // Load the properties if ($resid == null) { $res->resource = new Resource($_GET['machid']); $res->start_date = $_GET['start_date']; $res->end_date = $_GET['start_date']; $res->user = new User(Auth::getCurrentID()); $res->is_pending = $_GET['pending']; $res->start = $_GET['starttime']; $res->end = $_GET['endtime']; } $cur_user = new User(Auth::getCurrentID()); $res->adminMode = Auth::isAdmin() || $cur_user->get_isadmin() || $cur_user->is_group_admin($res->user->get_groupids()); if (Auth::isAdmin() || $cur_user->get_isadmin()) { $res->is_pending = false; } $res->set_type($_GET['type']); $res->print_res(); }
* Copyright (C) 2003 - 2007 phpScheduleIt * License: GPL, see LICENSE */ include_once 'lib/Template.class.php'; include_once 'lib/Group.class.php'; include_once 'lib/User.class.php'; include_once 'lib/Utility.class.php'; include_once 'templates/usergroup.template.php'; $t = new Template(translate('Manage Groups')); $t->printHTMLHeader(); $t->startMain(); if (!isset($_POST['submit'])) { $user = new User($_GET['memberid']); $cur_user = new User(); $cur_user->userid = Auth::getCurrentID(); if (!Auth::isAdmin() && !$cur_user->is_group_admin($user->get_groupids())) { CmnFns::do_error_box(translate('This is only accessable to the administrator')); die; } print_edit((bool) $_GET['edit'] && Auth::isAdmin(), $user); } else { if (!Auth::isAdmin()) { CmnFns::do_error_box(translate('This is only accessable to the administrator')); die; } $to_add = isset($_POST['add_groups']) ? $_POST['add_groups'] : array(); update_groups($_POST['memberid'], $to_add); } $t->endMain(); $t->printHTMLFooter(); /**
if (isset($_SESSION['sessionID']) && !empty($_SESSION['sessionID'])) { if ($id == null) { // No id was passed in, so use the current user's id $id = $_SESSION['sessionID']; } } $msg = ''; $show_form = true; // Check login status if ($edit && !Auth::is_logged_in()) { $auth->print_login_msg(true); $auth->clean(); // Clean out any lingering sessions } else { if (!$edit && !(bool) $conf['app']['allowSelfRegistration']) { $isAdmin = $curUser->is_group_admin(array($id)) || Auth::isAdmin(); if (!$isAdmin) { // Only the administrator can create users CmnFns::do_error_box(translate('This is only accessable to the administrator'), '', true); } } } // If we are editing and have not yet submitted an update if ($edit && !isset($_POST['update'])) { $user = new User($id); $data = $user->get_user_data(); $data['emailaddress'] = $data['email']; // Needed to be the same as the form } else { $data = CmnFns::cleanPostVals(); }
include_once 'lib/Auth.class.php'; include_once 'lib/Utility.class.php'; if (!Auth::is_logged_in()) { die; } $id = isset($_POST['resid']) ? $_POST['resid'] : null; $is_blackout = isset($_GET['is_blackout']) && $_GET['is_blackout'] == '1'; if ($is_blackout) { $Class = 'Blackout'; } else { $Class = 'Reservation'; } $res = new $Class($id); if ($id != null) { $cur_user = new User(Auth::getCurrentID()); $res->adminMode = Auth::isAdmin() || $cur_user->get_isadmin() || $cur_user->is_group_admin($res->user->get_groupids()); } else { $res->adminMode = Auth::isAdmin(); } $repeat_dates = process_reservation($res); $errors = array(); $helper = new Utility(); $orig_resources = isset($_POST['orig_resources']) && count($_POST['orig_resources']) > 0 ? $_POST['orig_resources'] : array(); $selected_resources = isset($_POST['selected_resources']) && count($_POST['selected_resources']) > 0 ? $_POST['selected_resources'] : array(); $resources_to_add = $helper->getAddedItems($orig_resources, $selected_resources); if ($res->check_startdate()) { if ($res->check_times()) { if ($res->check_min_max()) { for ($i = 0; $i < count($repeat_dates); $i++) { $res->start_date = $repeat_dates[$i]; if ($res->is_repeat) {