} else { echo "<status>success</status>"; } $dbtUpdate['tables'][$dbTable]['op']['delColumn']['columnName'] = $columnName; } else { echo '<status>' . $error1 . '</status>'; } } else { echo '<status>user not authorized to delete column</status>'; } break; case 'permitColUsers': if ($authorizeTable) { $colName = sqlinjection_free($_POST['colName']); $drows = explode(',', sqlinjection_free($_POST['rows'])); $rows = dtsRows($drows); $nmStr = sqlinjection_free($_POST['nmembers']); $rORw = sqlinjection_free($_POST['rORw']); $comment = $liveDBTable['cells']['tHR'][$colName]['Comment']; $rq = $liveDBTable['owner']; $type = $liveDBTable['cells']['tHR'][$colName]['Type']; $null = $liveDBTable['cells']['tHR'][$colName]['Null']; $key = $liveDBTable['cells']['tHR'][$colName]['Key']; $default = $liveDBTable['cells']['tHR'][$colName]['Default']; $extra = $liveDBTable['cells']['tHR'][$colName]['Extra']; $fold = -1; $j = -1; $i = 0; while ($comment[$i] != NULL) { if ($comment[$i] == '{') { $fold++;
function prunePermissions($ops, &$liveDBTable) { $root = realpath($_SERVER["DOCUMENT_ROOT"]); require "{$root}/lib/superScripts/db_login.php"; foreach ($ops as $opType => $params) { switch ($opType) { case 'delRows': $dbTable = $params['dbTable']; $dr = $params['rows']; if ($params['columns']) { if ($params['ms']) { foreach ($params['ms'] as $i => $ms) { if ($ms['r']['index'] > -1 or $ms['w']['index'] > -1) { foreach ($ms['r']['gid'] as $key => $gid) { $k = 0; $rows = $ms['r']['rows'][$key]; for ($j = 0; $j < count($rows); $j++) { if ($rows[$j] == $dr[$k]) { unset($rows[$j]); $k++; } } $co[$i][] = "{r" . $gid . ",{" . dtsRows($rows) . "}}"; } foreach ($ms['w']['gid'] as $key => $gid) { $k = 0; $rows = $ms['w']['rows'][$key]; for ($j = 0; $j < count($rows); $j++) { if ($rows[$j] == $dr[$k]) { unset($rows[$j]); $k++; } } $co[$i][] = "{w" . $gid . ",{" . dtsRows($rows) . "}}"; } $co[$i] = implode(",", $co[$i]); if ($co[$i] != $params['columns']['comments'][$i]) { $colName = $params['columns']['field'][$i]; $type = $params['columns']['type'][$i]; $null = $params['columns']['null'][$i]; $default = $params['columns']['default'][$i]; $key = $params['columns']['key'][$i]; $extra = $params['columns']['extra'][$i]; $qn = $null == 'YES' ? ' NULL ' : ' NOT NULL'; $qd = $default != NULL ? ' DEFAULT ' . $default : ''; $qk = $key != '' ? ' KEY ' . $key : ''; $qe = $extra != '' ? ' ' . $extra : ''; $qc = $co[$i] != '' ? " COMMENT '" . $co[$i] . "'" : ''; $query = "ALTER TABLE `" . $dbTable . "` CHANGE `" . $colName . "` `" . $colName . "` " . $type . $qn . $qd . $qe . $qc; $result = mysql_query($query, $dbc); $error = mysql_error($dbc); if (!$error) { $liveDBTable['cells']['tHR'][$colName]['Comment'] = $co[$i]; $queryts = "ALTER TABLE `" . $dbTable . "` CHANGE `" . $colName . "` `" . $colName . "` TIMESTAMP NULL COMMENT '" . strftime('%Y-%m-%d %H:%M:%S') . "'"; $resultts = mysql_query($queryts, $timestampLink); $errorts = mysql_error($timestampLink); $queryu = "ALTER TABLE `" . $dbTable . "` CHANGE `" . $colName . "` `" . $colName . "` INT(13) NULL COMMENT '" . $_SESSION['oid'] . "'"; $resultu = mysql_query($queryu, $uidLink); $erroru = mysql_error($uidLink); } } } } } } break; } } include "{$root}/lib/superScripts/db_logout.php"; return $co; }