function List_Permissions($perm_id, $master_id, $group_id, $category_id, $slave_id, $role, $bd) { if (!empty($perm_id)) { $condition .= " AND (rel_id='{$perm_id}')"; } if (!empty($master_id)) { $condition .= " AND (master_id = '{$master_id}')"; } if (!empty($group_id)) { $condition .= " AND (master_group = {$group_id})"; } if (!empty($category_id)) { $condition .= " AND (master_category = '{$category_id}')"; } if (!empty($slave_id)) { $condition .= " AND (slave_id = '{$slave_id}')"; } if (!empty($role)) { $condition .= " AND (rel_type = '{$role}')"; } $query = "SELECT * FROM relationships WHERE (rel_id IS NOT NULL){$condition}"; $result = $bd->Query($query); $permissions = ""; $num_permissions = $bd->NumberOfRows($result); if ($num_permissions) { for ($i = 0; $i < $num_permissions; $i++) { $permissions[$i][0] = $bd->FetchResult($result, $i, 'rel_id'); $permissions[$i][1] = $bd->FetchResult($result, $i, 'master_id'); if ($permissions[$i][1]) { $person = List_People($permissions[$i][1], '', '', '', '', $bd); $permissions[$i][2] = $person[0][1]; } else { $permissions[$i][2] = ''; } $permissions[$i][3] = $bd->FetchResult($result, $i, 'master_group'); if ($permissions[$i][3] > 0) { $group = $permissions[$i][3]; $query1 = "SELECT name FROM groups WHERE group_id = {$group}"; $result1 = $bd->Query($query1); $permissions[$i][4] = $bd->FetchResult($result1, 0, 'name'); } else { $permissions[$i][3] = ''; $permissions[$i][4] = ''; } $permissions[$i][5] = $bd->FetchResult($result, $i, 'master_category'); if ($permissions[$i][5]) { $cat = List_Categories($permissions[$i][5], '', $bd); $result1 = $bd->Query($query1); $permissions[$i][6] = $cat[0][1]; } else { $permissions[$i][6] = ''; } $permissions[$i][7] = $bd->FetchResult($result, $i, 'slave_id'); $permissions[$i][9] = $bd->FetchResult($result, $i, 'rel_type'); $role = $permissions[$i][9]; if ($role == 'course') { $course = List_Courses($permissions[$i][7], '', '', '', '', '', '', $bd); $permissions[$i][8] = $course[0][1]; } else { $room = List_Rooms($permissions[$i][7], '', '', '', '', $bd); $permissions[$i][8] = $room[0][1]; } } } return $permissions; }
$commentaries = $bd->FetchResult($result, 0, 'commentaries'); $image_enable = $bd->FetchResult($result1, 0, 'public_types'); $image_enable = "{$image_enable}"; $type_array = $role . "_type"; } else { $query = "SELECT * FROM accounts WHERE account_id = '{$account_id}'"; $result = $bd->Query($query); $query1 = "SELECT * FROM people WHERE account_id = '{$account_id}'"; $result1 = $bd->Query($query1); $name = $_POST['name']; $dep_id = $bd->FetchResult($result1, 0, 'dep_id'); $role = $bd->FetchResult($result, 0, 'role'); $email = $_POST['email']; $url = $_POST['url']; $category_id = $bd->FetchResult($result1, 0, 'category'); $cat = List_Categories($category_id, '', $bd); $cur_password = $_POST['cur_password']; $category = $cat[0][1]; $commentaries = $_POST['commentaries']; $type_array = $role . "_type"; $image_enable = ""; for ($i = 0; $cfg[$type_array][$i]; $i++) { $field_type = $cfg[$type_array][$i]; if ($_POST[$field_type] == 'on') { $image_enable .= "1"; } else { $image_enable .= "0"; } } if (!User_Authenticate_Password($account_id, $cur_password, $bd)) { $error[$num_errors++] = "The Current Password is Wrong";
exit; } if (!empty($_POST['create'])) { $categories[0][0] = ''; $categories[0][1] = $_POST['name']; $categories[0][2] = $_POST['description']; echo $_POST['description']; switch (User_Validate_Simple_Field($categories[0][1], 30)) { case 0: $error[$num_errors++] = "The Name must be filled"; break; case -2: $error[$num_errors++] = "There are invalid characteres at the name"; break; case 1: $current = List_Categories('', $categories[0][1], $bd); if ($current) { $error[$num_errors++] = "This category name is already in use"; } break; } if (empty($error)) { Insert_Category($categories[0][1], $categories[0][2], $bd); $alert[$num_alerts++] = "New Category Inserted Successfully"; include "adm_categories.php"; exit; } } $result_xsl = "xsl/" . $default_xsl . "/adm_categories_new.xsl"; } else { $error[$num_errors++] = "Invalid Session ID";
$error[$num_errors++] = "There are invalid characteres at the Lecturer"; break; } $current = List_Courses('', '', $courses[0][3], $courses[0][4], '', $courses[5], $courses[0][6], $bd); if ($current) { $error[$num_errors++] = 'This course already exists'; } if (empty($error)) { Insert_Course($courses[0][0], $courses[0][1], $courses[0][2], $courses[0][3], $courses[0][4], $courses[0][6], $courses[0][5], $courses[0][7], $bd); $alert[$num_alerts++] = "New Course Inserted Successfully"; include "adm_acc_courses.php"; exit; } } $result_xsl = "xsl/" . $default_xsl . "/adm_acc_courses_new.xsl"; $category = List_Categories('', $cfg['professor_category'], $bd); $people = List_People('', '', '', '', $category[0][0], $bd); } else { $error[$num_errors++] = "Invalid Session ID"; include "logout.php"; exit; } $smarty->assign("nrpTransform", $result_xsl); $smarty->assign("nrpSchErrors", $error); $smarty->assign("nrpSchAlerts", $alert); $smarty->assign("nrpSessId", $complete_sess_id); $smarty->assign("nrpUserId", $account_id); $smarty->assign("nrpCourses", $courses); $smarty->assign("nrpPeople", $people); $result_xml = $smarty->fetch("xml/adm_acc_courses.xml"); require "./inc/proc_transform.php";
case -2: $error[$num_errors++] = "There are invalid characteres at the url"; break; } if (empty($error)) { $comp_person = List_People($people[0][0], '', '', '', '', $bd); Update_Person($people[0][0], $people[0][1], $people[0][2], $people[0][5], $people[0][3], $people[0][6], $comp_person[0][7], $people[0][8], $bd); $alert[$num_alerts++] = "Person Updated Successfully"; include "adm_acc_people.php"; exit; } } else { $people = List_People($_GET['account_id'], '', '', '', '', $bd); } $departments = List_Departments('', '', '', $bd); $categories = List_Categories('', '', $bd); $result_xsl = "xsl/" . $default_xsl . "/adm_acc_people_modify.xsl"; } else { $error[$num_errors++] = "Invalid Session ID"; include "logout.php"; exit; } $smarty->assign("nrpTransform", $result_xsl); $smarty->assign("nrpSchErrors", $error); $smarty->assign("nrpSchAlerts", $alert); $smarty->assign("nrpSessId", $complete_sess_id); $smarty->assign("nrpUserId", $account_id); $smarty->assign("nrpPeople", $people); $smarty->assign("nrpCategories", $categories); $smarty->assign("nrpDepartments", $departments); $result_xml = $smarty->fetch("xml/adm_acc_people.xml");
$current = List_Categories('', $categories[0][1], $bd); if ($current) { if ($current[0][0] != $categories[0][0]) { $error[$num_errors++] = "This category name is already in use"; } } break; } if (empty($error)) { Update_Category($categories[0][0], $categories[0][1], $categories[0][2], $bd); $alert[$num_alerts++] = "Category Updated Successfully"; include "adm_categories.php"; exit; } } else { $categories = List_Categories($_GET['cat_id'], '', $bd); } $result_xsl = "xsl/" . $default_xsl . "/adm_categories_modify.xsl"; } else { $error[$num_errors++] = "Invalid Session ID"; include "logout.php"; exit; } $smarty->assign("nrpTransform", $result_xsl); $smarty->assign("nrpSchErrors", $error); $smarty->assign("nrpSchAlerts", $alert); $smarty->assign("nrpMasterSessId", $master_session); $smarty->assign("nrpSessId", $complete_sess_id); $smarty->assign("nrpUserId", $account_id); $smarty->assign("nrpCategories", $categories); $result_xml = $smarty->fetch("xml/adm_categories.xml");