break; } else { $flag = false; } } return $flag; } if (isset($_SESSION['pk_admin'])) { $roles = getRoles($connection); $resources = getResources($connection); $privileges = getPrivileges($connection); if (isset($_POST['role'])) { $roleId = getId('role', $_POST['role'], 'roles'); $resourcePrivileges = getResourcePrivileges($connection, $roleId); } else { $resourcePrivileges = getResourcePrivileges($connection, 1); } // draw a table for the page $content = '<thead><tr><th></th>'; // draw table header (row 1) foreach ($privileges as $key => $value) { $content = $content . '<th>' . $value['privilege'] . '</th>'; } $content = $content . '</tr></thead>'; // draw table content foreach ($resources as $key => $resourceValue) { // add resources to column 1 $content = $content . '<tr><td>' . $resourceValue['resource'] . '</td>'; foreach ($privileges as $key => $privilegeValue) { if (isMarked($resourceValue['id'], $privilegeValue['id'], $resourcePrivileges)) { $attribute = 'checked';
<?php require_once dirname(__DIR__) . '/resources/db_connection.php'; require 'privilege.php'; if (isset($_POST['role'])) { $role = $_POST['role']; $roleId = getId('role', $role, 'roles'); $resourcePrivileges = getResourcePrivileges($connection, $roleId); if (isset($resourcePrivileges)) { removeResourcePrivilege($connection, $roleId); } foreach ($_POST as $key => $value) { if ('role' != $key) { $data = explode('_', $value); $status = insertPrivilege($roleId, $data[0], $data[1]); } } } function getId($element, $elementValue, $tableName) { global $connection; $query = mysqli_query($connection, "SELECT id \n FROM {$tableName}\n WHERE {$element} = '{$elementValue}'"); if ($query and $row = mysqli_fetch_assoc($query)) { return $row['id']; } } function insertPrivilege($role, $resource, $privilege) { global $connection; $query = mysqli_query($connection, "INSERT INTO user_resource_privilege \n (role_id, resource_id, privilege_id)\n VALUES ({$role}, {$resource}, {$privilege})"); if ($query) {