$obj_role = new user_role_links(); $obj_role->get_user_role_links($role); $arrLink = $obj_role->dump['link_id']; $numLinks = $obj_role->num_rows; $obj_role->close_db(); //Assign permissions to user $dbh = new data_abstraction(); foreach ($arrLink as $link_id) { $dbh->set_query_type('SELECT'); $dbh->set_table('user_passport'); $dbh->set_fields('username, link_id'); $dbh->set_where("username='******' AND link_id='" . quote_smart($link_id) . "'"); $dbh->make_query(); if ($dbh->num_rows == 0) { $dbh->set_query_type('INSERT'); $dbh->set_values("'" . quote_smart($Username) . "','" . quote_smart($link_id) . "'"); $dbh->make_query(); } } $dbh->close_db(); } $message = 'Success! User passport has been updated.'; $message_type = 'system'; } } $html_writer = new html(); $html_writer->draw_header('Set User Passports', $message, $message_type); ?> <div class="container"> <fieldset class="container_invisible">
$data_con->set_where("username='******'"); $data_con->make_query(); $data_con->close_db(); } if (count($link) > 0) { $data_con = new data_abstraction(); $data_con->set_query_type('INSERT'); $data_con->set_table('user_passport'); $data_con->set_fields('username, link_id'); $arr_values = array(); for ($a = 0; $a < $numLinks; $a++) { if (isset($link[$a])) { $arr_values[] = "'" . quote_smart($Username) . "', '{$link[$a]}'"; } } $data_con->set_values($arr_values); $data_con->make_query(); $data_con->close_db(); } //Finally: since a custom permission operation was done, set role to 0 (no role assigned) $dbh = new data_abstraction(); $dbh->set_query_type('UPDATE'); $dbh->set_table('user'); $dbh->set_update("role_id='0'"); $dbh->set_where("username='******'"); $dbh->make_query(); $dbh->close_db(); $Role = 'No Role Assigned'; $message = 'Passport settings succesfully updated'; $message_type = 'system'; $SHOW_MODULES = TRUE;
//Insert new report $dbh = new data_abstraction(); $dbh->set_query_type('INSERT'); $dbh->set_table('cobalt_reporter'); $dbh->set_fields('`module_name`, `report_name`, `username`, `show_field`, `operator`, `text_field`, `sum_field`, `count_field`, `group_field1`, `group_field2`, `group_field3`'); $dbh->set_values('?,?,?,?,?,?,?,?,?,?,?'); $bind_params = array('sssssssssss', $arr_params['module_name'], $_POST['saved_report_title'], $_SESSION['user'], $arr_params['show_field'], $arr_params['operator'], $arr_params['text_field'], $arr_params['sum_field'], $arr_params['count_field'], $arr_params['group_field1'], $arr_params['group_field2'], $arr_params['group_field3']); $dbh->stmt_prepare($bind_params); $dbh->stmt_execute(); $show_field = $_POST['show_field']; $operator = $_POST['operator']; $text_field = $_POST['text_field']; if (isset($_POST['sum_field'])) { $sum_field = $_POST['sum_field']; } if (isset($_POST['count_field'])) { $count_field = $_POST['count_field']; } if (isset($_POST['group_field1'])) { $group_field1 = $_POST['group_field1']; }
function log_action($action, $module = '') { if (isset($_SESSION['user'])) { $username = quote_smart($_SESSION['user']); } else { $username = '******'; } if ($module == '') { $module = $_SERVER['SCRIPT_NAME']; } $date = date("m-d-Y"); $real_time = date("G:i:s"); $new_date = explode("-", $date); $new_time = explode(":", $real_time); $timestamp = mktime($new_time[0], $new_time[1], $new_time[2], $new_date[0], $new_date[1], $new_date[2]); $date_time = date("l, F d, Y -- h:i:s a"); $ip_address = get_ip(); $action = quote_smart($action); $data_con = new data_abstraction(); $data_con->set_query_type('INSERT'); $data_con->set_table('system_log'); $data_con->set_fields('ip_address, user, datetime, action, module'); $data_con->set_values("'{$ip_address}', '{$username}', '{$timestamp}', '{$action}', '{$module}'"); $data_con->make_query(TRUE, FALSE); }
} else { $data_con = new data_abstraction(); $data_con->set_query_type('DELETE'); $data_con->set_table('user_role_links'); $data_con->set_where("role_id='" . quote_smart($role_id) . "'"); $data_con->make_query(); $data_con->close_db(); } //FIXME: Make this a batch insert instead of a looped single insert. $data_con = new data_abstraction(); $data_con->set_query_type('INSERT'); for ($a = 0; $a < $numLinks; $a++) { if (isset($link[$a])) { $data_con->set_table('user_role_links'); $data_con->set_fields('role_id, link_id'); $data_con->set_values("'" . quote_smart($role_id) . "', '{$link[$a]}'"); $data_con->make_query(); } } $data_con->close_db(); $message = 'Role privileges succesfully updated'; $message_type = 'system'; } } $html_writer = new html(); $html_writer->draw_header('Role Permissions', $message, $message_type); $html_writer->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html_writer->draw_hidden('role_id'); $html_writer->draw_hidden('role_name'); ?> <div class="container">