function checkSharedRights($shareId)
{
if (!strlen($this->parentData['item_id'])) {
echo '<script type="text/javascript">alert("Error: No parent found.")</script>';
exit;
} else {
// Check shareid and itemid match
$query = "SELECT {$_SESSION['RealS_prefix']}share.*, {$_SESSION['RealS_prefix']}subjects.*, {$_SESSION['RealS_prefix']}share_type.*, {$_SESSION['RealS_prefix']}cohorts.cohort_name, {$_SESSION['RealS_prefix']}members.mb_type\r\n\t\t\t FROM {$_SESSION['RealS_prefix']}share\r\n\t \t\t \tLEFT JOIN {$_SESSION['RealS_prefix']}members ON {$_SESSION['RealS_prefix']}members.mb_id = {$_SESSION['RealS_prefix']}share.share_member\r\n\t\t\t \tLEFT JOIN {$_SESSION['RealS_prefix']}share_cohort ON {$_SESSION['RealS_prefix']}share_cohort.share_cohort_share = {$_SESSION['RealS_prefix']}share.share_id\r\n\t\t\t \tLEFT JOIN {$_SESSION['RealS_prefix']}cohorts ON {$_SESSION['RealS_prefix']}cohorts.cohort_id = {$_SESSION['RealS_prefix']}share_cohort.share_cohort_cohort\r\n\t\t\t \tLEFT JOIN {$_SESSION['RealS_prefix']}subjects ON {$_SESSION['RealS_prefix']}share.share_subject = {$_SESSION['RealS_prefix']}subjects.subject_id\r\n\t\t\t \tLEFT JOIN {$_SESSION['RealS_prefix']}share_type ON {$_SESSION['RealS_prefix']}share_type.invite_type_id = {$_SESSION['RealS_prefix']}share.share_type\r\n\t\t\t WHERE share_item = " . $this->parentData['item_id'] . "\r\n\t\t\t \tAND share_id = " . $shareId;
$mysql = new mysqlquery();
$share_data = $mysql->runsql($query);
$this->shareData = $share_data[0];
$this->sharePublic = $share_data[0]['share_public'];
$this->shareType = $share_data[0]['invite_type_name'];
$this->cohortName = $share_data[0]['cohort_name'];
// Debugging
//die($query);
$_SESSION['RealS_usertype'] = 'learner';
// Check share rights
if (!strlen($_SESSION['USER']->id) && $this->sharePublic == 0) {
// Not logged in and not public
require_once "main/failed.php";
exit(0);
} elseif (count($this->shareData) == 0) {
// Wrong share id
echo '<script type="text/javascript">alert(\'Wrong share id.\')</script>';
exit;
} elseif ($this->shareData['share_active'] == "PENDING" || $this->shareData['share_active'] == "DECLINED") {
// Not accepted
echo '<script type="text/javascript">alert(\'You can not view a ' . $this->shareData['share_active'] . ' share. Please check your sharing request status for this item.\')</script>';
exit;
} elseif (strlen($_SESSION['USER']->id)) {
if ($this->shareData['share_member'] == $_SESSION['USER']->id) {
// You are the sharer
$this->shareComment = 1;
$this->sharer = 1;
if ($this->shareData['mb_type'] == 'mentor') {
$this->shareMentor = 1;
$_SESSION['RealS_usertype'] = 'mentor';
}
} else {
if ($this->shareData['share_permission'] == $_SESSION['USER']->id) {
// You are the request mentor
$this->shareComment = 1;
$this->shareMentor = 1;
$_SESSION['RealS_usertype'] = 'mentor';
} else {
if (isset($_SESSION['USER']->id)) {
// Check if you are an additional share mentor
$query = "SELECT {$_SESSION['RealS_prefix']}share_mentor.share_mentor_mentor, {$_SESSION['RealS_prefix']}share_mentor.share_mentor_status\r\n\t\t\t\t\t FROM {$_SESSION['RealS_prefix']}share\r\n\t\t\t\t\t INNER JOIN {$_SESSION['RealS_prefix']}share_mentor ON {$_SESSION['RealS_prefix']}share.share_id = {$_SESSION['RealS_prefix']}share_mentor.share_mentor_share\r\n\t\t\t\t\t WHERE {$_SESSION['RealS_prefix']}share_mentor.share_mentor_mentor = " . $_SESSION['USER']->id . "\r\n\t\t\t\t\t AND {$_SESSION['RealS_prefix']}share_mentor.share_mentor_share=" . $shareId;
// Debugging
//die($query . '-' . $_SESSION['USER']->id);
$mysql = new mysqlquery();
$result = $mysql->runsql($query);
if (count($result) > 0) {
// You are an additional mentor of this item
$this->shareComment = 1;
$this->shareMentor = 1;
$_SESSION['RealS_usertype'] = 'mentor';
if ($result[0]['share_mentor_mentor'] == $_SESSION['USER']->id && $result[0]['share_mentor_status'] == 'NEW') {
// Update status
$query = "UPDATE {$_SESSION['RealS_prefix']}share_mentor\r\n\t\t\t\t\t\t\t SET share_mentor_status = 'OLD'\r\n\t\t\t\t\t\t\t WHERE share_mentor_share = " . $this->shareData['share_id'] . "\r\n\t\t\t\t\t\t\t AND share_mentor_mentor = " . $_SESSION['USER']->id;
$mysql = new mysqlquery();
$result = $mysql->runsql2($query);
}
}
}
}
}
}
// Allow public shares
if (strlen($_SESSION['USER']->id)) {
// Update sharer status
if ($this->shareData['share_member'] == $_SESSION['USER']->id && $this->shareData['share_status'] == 'NEW') {
//update status
$query = "UPDATE {$_SESSION['RealS_prefix']}share\r\n\t\t\t\t\t SET share_status = 'OLD'\r\n\t\t\t\t\t WHERE share_id = " . $this->shareData['share_id'];
$mysql = new mysqlquery();
$result = $mysql->runsql2($query);
}
// Check if you are part of cohort
$query = "SELECT {$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_member, {$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_status\r\n\t\t\t\t FROM {$_SESSION['RealS_prefix']}share\r\n\t\t\t\t \tINNER JOIN {$_SESSION['RealS_prefix']}share_cohort_members ON {$_SESSION['RealS_prefix']}share.share_id = {$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_share\r\n\t\t\t\t WHERE {$_SESSION['RealS_prefix']}share_cohort_members.s_c_m_member = " . $_SESSION['USER']->id . "\r\n\t\t\t\t \tAND {$_SESSION['RealS_prefix']}share.share_id = " . $shareId;
$mysql = new mysqlquery();
$result = $mysql->runsql($query);
if (count($result) > 0) {
// This is shared with you
$this->shareComment = 1;
$this->shareMember = 1;
if ($result[0]['s_c_m_member'] == $_SESSION['USER']->id && $result[0]['s_c_m_status'] == 'NEW') {
// Update cohort member status
$query = "UPDATE {$_SESSION['RealS_prefix']}share_cohort_members\r\n\t\t\t\t\t\t SET s_c_m_status = 'OLD'\r\n\t\t\t\t\t\t WHERE s_c_m_share = " . $this->shareData['share_id'] . "\r\n\t\t\t\t\t\t AND s_c_m_member = " . $_SESSION['USER']->id;
$mysql = new mysqlquery();
$result = $mysql->runsql2($query);
}
} else {
if ($this->sharer == 0 && $this->shareMentor == 0 && $this->sharePublic == 0) {
// Nothing to do with you and not public
echo '<script type="text/javascript">alert(\'You may need to login to view this page.\')</script>';
exit;
}
}
}
}
}
