function sendOutput($out)
{
    global $json;
    $output = $json->encode($out);
    header("Content-Type: text/x-json");
    echo $output;
}
$resultObj = array();
$data = array();
$e = new mb_notice("command: " . $queryObj->command);
$user = new User();
switch ($queryObj->command) {
    case 'delete':
        $applicationId = $queryObj->parameters->applicationId;
        // get all of the users applications
        $allowedApplicationArray = $user->getApplicationsByPermission(0);
        if (in_array($applicationId, $allowedApplicationArray)) {
            $sql = "DELETE FROM gui_treegde WHERE fkey_gui_id = \$1";
            $v = array($applicationId);
            $t = array("s");
            $res = db_prep_query($sql, $v, $t);
            $resultObj["success"] = "Deletion successful. " . $sql . " (" . $applicationId . ")";
        } else {
            $resultObj["error"] = "Access denied to application " . $applicationId . ".";
        }
        break;
    case 'getApplications':
        // get all of the users applications
        $allowedApplicationArray = $user->getApplicationsByPermission(0);
        // get all of the users applications that contain treeGDE
        $sql = "SELECT DISTINCT gui_id FROM gui WHERE " . "gui_id IN (";
 /**
  * Selects all WMS of the current user from the database.
  * Then it creates the corresponding WMS object and returns
  * these objects as an array.
  * 
  * @return wms[]
  * @param $appId String
  */
 public static function selectMyWmsByApplication($appId)
 {
     // check if user is permitted to access the application
     $currentUser = new User(Mapbender::session()->get("mb_user_id"));
     $appArray = $currentUser->getApplicationsByPermission(false);
     if (!in_array($appId, $appArray)) {
         $e = new mb_warning("class_wms.php: selectMyWmsByApplication(): User '" . $currentUser . "' is not allowed to acces application '" . $appId . "'.");
         return array();
     }
     // get WMS of this application
     $sql = "SELECT fkey_wms_id FROM gui_wms WHERE " . "fkey_gui_id = \$1 ORDER BY gui_wms_position";
     $v = array($appId);
     $t = array('s');
     $res = db_prep_query($sql, $v, $t);
     // instantiate PHP objects and store in array
     $wmsArray = array();
     while ($row = db_fetch_array($res)) {
         $currentWms = new wms();
         $currentWms->createObjFromDB($appId, $row["fkey_wms_id"]);
         array_push($wmsArray, $currentWms);
     }
     return $wmsArray;
 }
<?php

# License:
# Copyright (c) 2009, Open Source Geospatial Foundation
# This program is dual licensed under the GNU General Public License
# and Simplified BSD license.
# http://svn.osgeo.org/mapbender/trunk/mapbender/license/license.txt
require_once dirname(__FILE__) . "/../php/mb_validateSession.php";
require_once dirname(__FILE__) . "/../classes/class_gui.php";
require_once dirname(__FILE__) . "/../classes/class_user.php";
$ajaxResponse = new AjaxResponse($_POST);
switch ($ajaxResponse->getMethod()) {
    case "sql":
        $application = new gui($ajaxResponse->getParameter("applicationId"));
        $user = new User();
        $apps = $user->getApplicationsByPermission();
        if (in_array($application->id, $apps)) {
            $sql = $application->toSql();
            $resultObj = array("sql" => $sql);
            $ajaxResponse->setResult($resultObj);
            $ajaxResponse->setSuccess(true);
            break;
        }
        $ajaxResponse->setSuccess(false);
        $ajaxResponse->setMessage(_mb("You are not allowed to access this application."));
        break;
    default:
        $ajaxResponse->setSuccess(false);
        $ajaxResponse->setMessage(_mb("An unknown error occured."));
        break;
}
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
require_once dirname(__FILE__) . "/../php/mb_validateSession.php";
require_once dirname(__FILE__) . "/../classes/class_administration.php";
require_once dirname(__FILE__) . "/../classes/class_user.php";
$editApplicationId = $_REQUEST["editApplicationId"];
$user = new User(Mapbender::session()->get("mb_user_id"));
$myApplicationArray = $user->getApplicationsByPermission(false);
if (!in_array($editApplicationId, $myApplicationArray)) {
    die("You are not allowed to edit the application '" . $editApplicationId . "'");
}
?>
<html>
<head>
<style type="text/css">
.ui-selecting {
  border-width:thin;
  border-style:solid;
  border-color:red;
  background-color:transparent;
  font-size:9px;
}
.ui-selected {
 /**
  * @deprecated
  */
 function getGuisByPermission($mb_user_id, $ignorepublic)
 {
     $e = new mb_notice("administration->getGuisByPermission is deprecated, use user->getApplicationsByPermission instead!");
     $user = new User($mb_user_id);
     return $user->getApplicationsByPermission($ignorepublic);
 }