<?php
// check project permissions and set project_id SESSION variable
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
auth();
$return = array('error' => false, 'errorText' => '');
$proj_id = validID($_POST['project']) ? $_POST['project'] : 0;
$q = new myQuery("SELECT perm\n FROM project_user\n WHERE user_id='{$_SESSION['user_id']}'\n AND project_id='{$proj_id}'");
if ($q->get_num_rows() == 1) {
$return['perm'] = $q->get_one();
$_SESSION['project_id'] = $proj_id;
} else {
$return['error'] = true;
$return['errorText'] = 'You do not have permission to access this project.';
}
scriptReturn($return);
exit;
return true;
}
function isUS($id)
{
$sqlGetUSID = "SELECT id FROM countries WHERE short_name = 'US';";
$resultUSID = mysql_query($sqlGetUSID) or die('died getting us id: ' . mysql_error());
while ($usID = mysql_fetch_assoc($resultUSID)) {
$us_id = $usID['id'];
}
if ($us_id == $id) {
return true;
}
return false;
}
$reseller_id = null;
if (!isset($_REQUEST['id']) || isset($_REQUEST['id']) && !validID($_REQUEST['id'])) {
//redirect to reseller list page because this id was not filled out
header('location: index.php?message=badid');
} else {
$reseller_id = $_REQUEST['id'];
}
if ($GLOBALS['debug']) {
echo "<br />createdby: " . $GLOBALS['cookie'] . "<br />";
}
$myReseller = new Reseller($reseller_id);
if (isset($_POST['modify'])) {
$myReseller->editReseller();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
function check_null($var, $format = array())
{
if (is_array($format)) {
if (in_array($var, $format)) {
return $var;
}
} else {
if ('numeric' == $format) {
if (is_numeric($var)) {
return $var;
}
} else {
if ('id' == $format) {
if (validID($var)) {
return $var;
}
} else {
if ('integer' == $format) {
if (is_integer($var)) {
return $var;
}
}
}
}
}
return 'null';
}
<?php
// add an owner to a project
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
auth();
$return = array('error' => false, 'errorText' => '');
$user = $_SESSION['user_id'];
$project = validID($_POST['project']) ? $_POST['project'] : 0;
$adduser = validID($_POST['owner']) ? $_POST['owner'] : 0;
$perm = in_array($_POST['perm'], array('all', 'read-only')) ? $_POST['perm'] : 'all';
$q = new myQuery("SELECT 1 \n FROM project_user AS pu\n LEFT JOIN project AS p ON p.id=project_id\n WHERE project_id='{$project}' \n AND pu.user_id='{$user}' \n AND (perm = 'all' OR p.user_id='{$user}')");
if ($q->get_affected_rows() > 0) {
$q = new myQuery("REPLACE INTO project_user (project_id, user_id, perm) VALUES ('{$project}', '{$adduser}', '{$perm}')");
if ($q->get_affected_rows() == 0) {
$return['error'] = true;
$return['errorText'] = "This user could not be added to this project";
}
} else {
$return['error'] = true;
$return['errorText'] = "You do not have permission to add users to this project";
}
scriptReturn($return);
exit;
?>