/** * Generate a SQL statement to set the perm limits * @return string Returns the piece of the SQL statement. * If an error occurs it returns an empty string. */ protected function _getSqlPerms() { static $sql_perms = ''; //perms are allready generated, return the string if ($sql_perms != '') { return $sql_perms; } //init perms with nothing $sql_perms = ' '; //Check if permcheck is enabled if (!$this->colcfg['perm_check_active']) { return $sql_perms; } //TODO make it for other clients/langs work if (TRUE) { $perm = $this->cfg->perm(); } else { //TODO $client, $lang $perm = new cms_perms($client, $lang, TRUE, $this->cfg->perm()->get_group()); } //admin has all perms, no more actions are needed if ($perm->is_admin()) { return $sql_perms; } $fielditem = $this->colcfg['perm_dbfield_id']; $fieldparent = $this->colcfg['perm_dbfield_parent'] != '' ? $this->colcfg['perm_dbfield_parent'] : NULL; $tablename = $this->tables[0]; $clientlang = $this->_getSqlClientLang($this->colcfg['client'], $this->colcfg['lang'], array('client' => 'idclient', 'lang' => 'idlang')); $timestamp = $this->_getSqlTimestamp('created', $this->colcfg['timestamp_from'], $this->colcfg['timestamp_to']); $freefilter = $this->_getSqlFreefilter($this->colcfg['freefilter']); $search = $this->_getSqlSearch($this->colcfg['searchterm'], $this->colcfg['fulltextsearchfileds']); $item = sf_api($this->colcfg['model_path'], $this->colcfg['model']); $idfield = $item->mapFieldToRow('id', $this->tables[0]); $sql = $this->_getPermcheckSql($fielditem, $fieldparent, $tablename, $clientlang, $timestamp, $freefilter, $search); if ($sql === FALSE) { return $sql_perms; } $rs = $this->db->Execute($sql); if ($rs === FALSE || $rs->EOF) { return $sql_perms; } $positives = array(); $negatives = array(); //perms with dependancy if ($this->colcfg['perm_dbfield_parent'] != NULL) { while (!$rs->EOF) { if ($perm->have_perm($this->colcfg['perm_nr'], $this->colcfg['perm_type'], $rs->fields['iditem'], $rs->fields['idparent'])) { array_push($positives, $rs->fields['iditem']); } else { array_push($negatives, $rs->fields['iditem']); } $rs->MoveNext(); } } else { while (!$rs->EOF) { if ($perm->have_perm($this->colcfg['perm_nr'], $this->colcfg['perm_type'], $rs->fields['iditem'])) { array_push($positives, $rs->fields['iditem']); } else { array_push($negatives, $rs->fields['iditem']); } $rs->MoveNext(); } } $rs->Close(); $count_pos = count($positives); $count_neg = count($negatives); if ($count_pos == 0 && $count_neg == 0) { return $sql_perms; } else { if ($count_pos < $count_neg && $count_pos > 0) { $sql_perms = 'AND ' . $this->colcfg['perm_dbfield_id'] . ' IN (' . implode(',', $positives) . ') '; } else { if ($count_neg > 0) { $sql_perms = 'AND ' . $this->colcfg['perm_dbfield_id'] . ' NOT IN (' . implode(',', $negatives) . ') '; } } } return $sql_perms; }
$tpl->setCurrentBlock('EMPTY'); $tmp['LANG_NOGROUPS'] = $cms_lang['group_nogroups']; $tpl->setVariable($tmp); $tpl->parse('EMPTY'); unset($tmp); } // Sprachen zuordnen if ($idgroup) { $sim_perm = new cms_perms($client_id, $idlang, true, $idgroup); $tpl->setCurrentBlock('CONFIG'); $db2 =& new DB_cms(); $sql = "SELECT A.idclient, A.name, B.idlang, B.name AS lang FROM " . $cms_db['clients'] . " A, " . $cms_db['lang'] . " B LEFT JOIN " . $cms_db['clients_lang'] . " C USING(idlang) WHERE A.idclient = C.idclient ORDER BY A.idclient, lang"; $db2->query($sql); while ($db2->next_record()) { $tmp['BGCOLOR'] = $row_bgcolor['project_lang']; $tmp['ENTRY_ICON'] = make_image('but_permission.gif', '', '16', '16'); $tmp['NAME'] = htmlentities($db2->f('name'), ENT_COMPAT, 'UTF-8'); $tmp['DESCRIPTION'] = htmlentities($db2->f('lang'), ENT_COMPAT, 'UTF-8'); if ($sim_perm->have_perm('1', 'lang', $db2->f('idlang'))) { $tmp['BUTTON_CONFIG'] = '<a href="' . sprintf($base_url, 'group_config', $order, $ascdesc) . '&idgroup=' . $idgroup . '&idlang=' . $db2->f('idlang') . '&idclient=' . $db2->f('idclient') . '" onmouseover="on(\'' . $cms_lang['group_langconfig'] . '\');return true;" onmouseout="off()" ;return true;"><img src="tpl/' . $cfg_cms['skin'] . '/img/but_config.gif" border="0" alt="' . $cms_lang['group_langconfig'] . '" title="' . $cms_lang['group_langconfig'] . '" width="16" height="16" /></a>'; $tmp['BUTTON_AKTIVE'] = '<a href="' . sprintf($base_url, 'group', $order, $ascdesc) . '&action=activate_lang&idgroup=' . $idgroup . '&idlang=' . $db2->f('idlang') . '" onmouseover="on(\'' . $cms_lang['group_langoff'] . '\');return true;" onmouseout="off()" ;return true;"><img src="tpl/' . $cfg_cms['skin'] . '/img/but_online.gif" border="0" alt="' . $cms_lang['group_langoff'] . '" title="' . $cms_lang['group_langoff'] . '" width="16" height="16" /></a>'; } else { $tmp['BUTTON_AKTIVE'] = '<a href="' . sprintf($base_url, 'group', $order, $ascdesc) . '&action=activate_lang&idgroup=' . $idgroup . '&idlang=' . $db2->f('idlang') . '" onmouseover="on(\'' . $cms_lang['group_langon'] . '\');return true;" onmouseout="off()" ;return true;"><img src="tpl/' . $cfg_cms['skin'] . '/img/but_offline.gif" border="0" alt="' . $cms_lang['group_langon'] . '" title="' . $cms_lang['group_langon'] . '" width="16" height="16" /></a>'; } $tmp['SPACE'] = '<img src="tpl/' . $cfg_cms['skin'] . '/img/space.gif" width="16" height="16" />'; $tpl->setVariable($tmp); $tpl->parseCurrentBlock(); unset($tmp); } } include 'inc/inc.footer.php';