function userHasEditLayerDataPerm($layer_tablename, $row_id) { $user = $GLOBALS['user']; if($user->uid) { if(in_array(SITE_ADMIN_ROLE, $user->roles)) { return TRUE; } $user_role = getUserRoleForLayer($layer_tablename); $for_role = $layer_tablename . ' ' . $user_role; $arr_perms = getRoleMLOCATEPerms($for_role); if(in_array("edit any feature", $arr_perms)) { return TRUE; } elseif(in_array("edit own feature", $arr_perms)) { $query = 'SELECT '.AUTO_DBCOL_PREFIX.'created_by FROM "%s" WHERE '.AUTO_DBCOL_PREFIX.'id = %d'; $result = db_query($query, $layer_tablename, $row_id); if(!$result) { return FALSE; } else { $obj = db_fetch_object($result); if($user->uid == $obj->{AUTO_DBCOL_PREFIX.'created_by'}) { return TRUE; } else { return FALSE; } } } } return FALSE; }
function validateFeature($layer_tablename, $row_id) { $user=$GLOBALS['user']; $user_role=getUserRoleForLayer($layer_tablename); if($user->uid && ($user_role == "admin" || $user_role == "validator")) { $query='UPDATE "%s" SET ' . AUTO_DBCOL_PREFIX . 'status = 1, ' . AUTO_DBCOL_PREFIX . 'validated_by = %d, ' . AUTO_DBCOL_PREFIX . 'validated_date = now() WHERE ' . AUTO_DBCOL_PREFIX . 'id = %d'; $result=db_query($query, $layer_tablename, $user->uid, $row_id); if(!$result) { return "Error. Record could not be saved."; } else { return "Record saved."; } } else { return "Error. Your are not authorized."; } }