Example #1
0
<?php

// check project permissions and set project_id SESSION variable
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
auth();
$return = array('error' => false, 'errorText' => '');
$proj_id = validID($_POST['project']) ? $_POST['project'] : 0;
$q = new myQuery("SELECT perm\n                  FROM project_user\n                  WHERE user_id='{$_SESSION['user_id']}'\n                    AND project_id='{$proj_id}'");
if ($q->get_num_rows() == 1) {
    $return['perm'] = $q->get_one();
    $_SESSION['project_id'] = $proj_id;
} else {
    $return['error'] = true;
    $return['errorText'] = 'You do not have permission to access this project.';
}
scriptReturn($return);
exit;
Example #2
0
    return true;
}
function isUS($id)
{
    $sqlGetUSID = "SELECT id FROM countries WHERE short_name = 'US';";
    $resultUSID = mysql_query($sqlGetUSID) or die('died getting us id: ' . mysql_error());
    while ($usID = mysql_fetch_assoc($resultUSID)) {
        $us_id = $usID['id'];
    }
    if ($us_id == $id) {
        return true;
    }
    return false;
}
$reseller_id = null;
if (!isset($_REQUEST['id']) || isset($_REQUEST['id']) && !validID($_REQUEST['id'])) {
    //redirect to reseller list page because this id was not filled out
    header('location: index.php?message=badid');
} else {
    $reseller_id = $_REQUEST['id'];
}
if ($GLOBALS['debug']) {
    echo "<br />createdby: " . $GLOBALS['cookie'] . "<br />";
}
$myReseller = new Reseller($reseller_id);
if (isset($_POST['modify'])) {
    $myReseller->editReseller();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Example #3
0
function check_null($var, $format = array())
{
    if (is_array($format)) {
        if (in_array($var, $format)) {
            return $var;
        }
    } else {
        if ('numeric' == $format) {
            if (is_numeric($var)) {
                return $var;
            }
        } else {
            if ('id' == $format) {
                if (validID($var)) {
                    return $var;
                }
            } else {
                if ('integer' == $format) {
                    if (is_integer($var)) {
                        return $var;
                    }
                }
            }
        }
    }
    return 'null';
}
Example #4
0
<?php

// add an owner to a project
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
auth();
$return = array('error' => false, 'errorText' => '');
$user = $_SESSION['user_id'];
$project = validID($_POST['project']) ? $_POST['project'] : 0;
$adduser = validID($_POST['owner']) ? $_POST['owner'] : 0;
$perm = in_array($_POST['perm'], array('all', 'read-only')) ? $_POST['perm'] : 'all';
$q = new myQuery("SELECT 1 \n                  FROM project_user AS pu\n                  LEFT JOIN project AS p ON p.id=project_id\n                  WHERE project_id='{$project}' \n                    AND pu.user_id='{$user}' \n                    AND (perm = 'all' OR p.user_id='{$user}')");
if ($q->get_affected_rows() > 0) {
    $q = new myQuery("REPLACE INTO project_user (project_id, user_id, perm) VALUES ('{$project}', '{$adduser}', '{$perm}')");
    if ($q->get_affected_rows() == 0) {
        $return['error'] = true;
        $return['errorText'] = "This user could not be added to this project";
    }
} else {
    $return['error'] = true;
    $return['errorText'] = "You do not have permission to add users to this project";
}
scriptReturn($return);
exit;
?>