function sendOutput($out) { global $json; $output = $json->encode($out); header("Content-Type: text/x-json"); echo $output; } $resultObj = array(); $data = array(); $e = new mb_notice("command: " . $queryObj->command); $user = new User(); switch ($queryObj->command) { case 'delete': $applicationId = $queryObj->parameters->applicationId; // get all of the users applications $allowedApplicationArray = $user->getApplicationsByPermission(0); if (in_array($applicationId, $allowedApplicationArray)) { $sql = "DELETE FROM gui_treegde WHERE fkey_gui_id = \$1"; $v = array($applicationId); $t = array("s"); $res = db_prep_query($sql, $v, $t); $resultObj["success"] = "Deletion successful. " . $sql . " (" . $applicationId . ")"; } else { $resultObj["error"] = "Access denied to application " . $applicationId . "."; } break; case 'getApplications': // get all of the users applications $allowedApplicationArray = $user->getApplicationsByPermission(0); // get all of the users applications that contain treeGDE $sql = "SELECT DISTINCT gui_id FROM gui WHERE " . "gui_id IN (";
/** * Selects all WMS of the current user from the database. * Then it creates the corresponding WMS object and returns * these objects as an array. * * @return wms[] * @param $appId String */ public static function selectMyWmsByApplication($appId) { // check if user is permitted to access the application $currentUser = new User(Mapbender::session()->get("mb_user_id")); $appArray = $currentUser->getApplicationsByPermission(false); if (!in_array($appId, $appArray)) { $e = new mb_warning("class_wms.php: selectMyWmsByApplication(): User '" . $currentUser . "' is not allowed to acces application '" . $appId . "'."); return array(); } // get WMS of this application $sql = "SELECT fkey_wms_id FROM gui_wms WHERE " . "fkey_gui_id = \$1 ORDER BY gui_wms_position"; $v = array($appId); $t = array('s'); $res = db_prep_query($sql, $v, $t); // instantiate PHP objects and store in array $wmsArray = array(); while ($row = db_fetch_array($res)) { $currentWms = new wms(); $currentWms->createObjFromDB($appId, $row["fkey_wms_id"]); array_push($wmsArray, $currentWms); } return $wmsArray; }
<?php # License: # Copyright (c) 2009, Open Source Geospatial Foundation # This program is dual licensed under the GNU General Public License # and Simplified BSD license. # http://svn.osgeo.org/mapbender/trunk/mapbender/license/license.txt require_once dirname(__FILE__) . "/../php/mb_validateSession.php"; require_once dirname(__FILE__) . "/../classes/class_gui.php"; require_once dirname(__FILE__) . "/../classes/class_user.php"; $ajaxResponse = new AjaxResponse($_POST); switch ($ajaxResponse->getMethod()) { case "sql": $application = new gui($ajaxResponse->getParameter("applicationId")); $user = new User(); $apps = $user->getApplicationsByPermission(); if (in_array($application->id, $apps)) { $sql = $application->toSql(); $resultObj = array("sql" => $sql); $ajaxResponse->setResult($resultObj); $ajaxResponse->setSuccess(true); break; } $ajaxResponse->setSuccess(false); $ajaxResponse->setMessage(_mb("You are not allowed to access this application.")); break; default: $ajaxResponse->setSuccess(false); $ajaxResponse->setMessage(_mb("An unknown error occured.")); break; }
# any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. require_once dirname(__FILE__) . "/../php/mb_validateSession.php"; require_once dirname(__FILE__) . "/../classes/class_administration.php"; require_once dirname(__FILE__) . "/../classes/class_user.php"; $editApplicationId = $_REQUEST["editApplicationId"]; $user = new User(Mapbender::session()->get("mb_user_id")); $myApplicationArray = $user->getApplicationsByPermission(false); if (!in_array($editApplicationId, $myApplicationArray)) { die("You are not allowed to edit the application '" . $editApplicationId . "'"); } ?> <html> <head> <style type="text/css"> .ui-selecting { border-width:thin; border-style:solid; border-color:red; background-color:transparent; font-size:9px; } .ui-selected {
/** * @deprecated */ function getGuisByPermission($mb_user_id, $ignorepublic) { $e = new mb_notice("administration->getGuisByPermission is deprecated, use user->getApplicationsByPermission instead!"); $user = new User($mb_user_id); return $user->getApplicationsByPermission($ignorepublic); }