function prj_addProjectPermission($postVar, $pid, $checkView, $checkWrite, $checkFull)
{
global $_TABLES;
foreach ($postVar as $val) {
$val = ppApplyFilter($val, false, false);
$ugid = substr($val, 1);
$type = substr($val, 0, 1);
$sql = "select id from {$_TABLES['prj_projPerms']} ";
if ($type == 'G') {
$sql .= "where gid='{$ugid}'";
} else {
$sql .= "where uid='{$ugid}'";
}
$sql .= " and pid='{$pid}' and taskID='0' group by id";
$countRes = DB_query($sql);
list($rid) = DB_fetchArray($countRes);
$cnt = DB_numRows($countRes);
if ($cnt > 0) {
//already have a row.. update
$sql = "select viewRead,writeChange,fullAccess from {$_TABLES['prj_projPerms']} where id='{$rid}'";
$res = DB_query($sql);
list($vr, $wc, $fa) = DB_fetchArray($res);
$vr = (bool) ($vr + $checkView);
$vr = ppApplyFilter($vr, true, true);
$wc = (bool) ($wc + $checkWrite);
$wc = ppApplyFilter($wc, true, true);
$fa = (bool) ($fa + $checkFull);
$fa = ppApplyFilter($fa, true, true);
//we're now holding the new booleans for the database
$sql = "update {$_TABLES['prj_projPerms']} set viewRead='{$vr}', writeChange='{$wc}', fullAccess='{$fa}' where id='{$rid}'";
DB_query($sql);
} else {
//no row, insert
$vr = (bool) $checkView;
$vr = ppApplyFilter($vr, true, true);
$wc = (bool) $checkWrite;
$wc = ppApplyFilter($wc, true, true);
$fa = (bool) $checkFull;
$fa = ppApplyFilter($fa, true, true);
$sql = "insert into {$_TABLES['prj_projPerms']} (pid, uid, gid, viewRead, writeChange, fullAccess) values(";
$sql .= "'{$pid}',";
if ($type == 'U') {
$sql .= "'{$ugid}',";
} else {
$sql .= "'0',";
}
if ($type == 'G') {
$sql .= "'{$ugid}',";
} else {
$sql .= "'0',";
}
$sql .= "'{$vr}',";
$sql .= "'{$wc}',";
$sql .= "'{$fa}'";
$sql .= ")";
DB_query($sql);
}
}
//end foreach
prj_pushDownNewPermissions($pid);
}
case 'add':
//add a permission
if ($_CLEAN['checkView'] == 1 or $_CLEAN['checkWrite'] == 1 or $_CLEAN['checkFull'] == 1) {
prj_addProjectPermission($_POST['usersandgroups'], $pid, $_CLEAN['checkView'], $_CLEAN['checkWrite'], $_CLEAN['checkFull']);
prj_pushDownNewPermissions($pid);
prj_sendNotification($pid, '', 1);
}
break;
case 'edit':
prj_editProjectPermission($_CLEAN['checkView'], $_CLEAN['checkWrite'], $_CLEAN['checkFull'], $_CLEAN['rid']);
prj_pushDownNewPermissions($pid);
break;
case 'delete':
$sql = "delete from {$_TABLES['prj_projPerms']} where id={$_CLEAN['rid']}";
DB_query($sql);
prj_pushDownNewPermissions($pid);
prj_sendNotification($pid, '', 1);
break;
}
//end switch
//*******************************************************************
//main display routine...
//*******************************************************************
$p = new Template($_CONF['path_layout'] . 'nexproject/');
$p->set_file(array('page' => 'projectPermissions.thtml', 'perms' => 'projectPermissionRights.thtml', 'permrec' => 'projectPermRecord.thtml'));
$p->set_var('breadcrumb_trail', prj_breadcrumbs(0, $pid, "Permissions", "Permissions"));
$p->set_var($pluginLangLabels);
$p->set_var('site_url', $_CONF['site_url']);
$p->set_var('layout_url', $_CONF['layout_url'] . "/nexproject");
if ($_CLEAN['showUsersVal'] == '') {
$p->set_var('showUsersVal', 'true');
