public function getViews() { $globaluser = Session::getActiveUserIsGlobal(); $Data = array(); $Data[] = array('id' => 0, 'name' => _('TXT_GLOBAL_LAYER'), 'active' => Helper::getViewId() == 0 ? true : false); if ($globaluser == 1) { $sql = 'SELECT V.idview AS id, V.name, V.storeid FROM view V ORDER BY V.name ASC '; $stmt = Db::getInstance()->prepare($sql); $stmt->execute(); while ($rs = $stmt->fetch()) { $Data[] = array('id' => $rs['id'], 'name' => $rs['name'], 'active' => Helper::getViewId() == $rs['id'] ? true : false); } } else { $sql = 'SELECT UGV.viewid, V.name FROM usergroupview UGV LEFT JOIN view V ON UGV.viewid = V.idview WHERE UGV.userid = :userid'; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('userid', Session::getActiveUserid()); $stmt->execute(); while ($rs = $stmt->fetch()) { $Data[] = array('id' => $rs['viewid'], 'name' => $rs['name'], 'active' => Helper::getViewId() == $rs['id'] ? true : false); } } return $Data; }
protected function checkControllerRightMenu($name, $action, $layer) { $globaluser = Session::getActiveUserIsGlobal(); if ($globaluser == 0) { if (Helper::getViewId() > 0) { $sql = 'SELECT permission FROM `right` R LEFT JOIN controller C ON C.idcontroller = R.controllerid LEFT JOIN usergroupview UGV ON UGV.groupid = R.groupid WHERE C.name = :name AND C.enable = 1 AND UGV.userid = :userid AND C.mode = 1 AND UGV.viewid = :viewid'; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('name', $name); $stmt->bindValue('userid', Session::getActiveUserid()); $stmt->bindValue('viewid', Helper::getViewId()); } else { $sql = 'SELECT permission FROM `right` R LEFT JOIN controller C ON C.idcontroller = R.controllerid LEFT JOIN usergroupview UGV ON UGV.groupid = R.groupid WHERE C.name = :name AND C.enable = 1 AND UGV.userid = :userid AND C.mode = 1 AND UGV.viewid IN (' . implode(',', Helper::getViewIds()) . ')'; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('name', $name); $stmt->bindValue('userid', Session::getActiveUserid()); } } else { $sql = 'SELECT permission FROM `right` R LEFT JOIN controller C ON C.idcontroller = R.controllerid WHERE name = :name AND `enable` = 1 AND groupid = :groupid AND mode = 1'; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('name', $name); $stmt->bindValue('groupid', Session::getActiveUserGroupid()); } $stmt->execute(); $rs = $stmt->fetch(); if ($rs) { if (($rs['permission'] & $this->_RIGHTS[$action]) == $this->_RIGHTS[$action]) { $this->_CONTROLLERRIGHTS[$name][(int) $layer] = $rs['permission']; return $rs['permission']; } return false; } return false; }