function edit()
{
$mainframe = JFactory::getApplication();
$db = JFactory::getDBO();
$user = JFactory::getUser();
$task = JRequest::getVar('task');
$cid = JRequest::getVar('cid', array(0), '', 'array');
$option = JRequest::getCmd('option');
$section = JRequest::getVar('section');
JArrayHelper::toInteger($cid, array(0));
// Prüfen ob User Berechtigung zum editieren hat //
$row = JTable::getInstance('users', 'TableCLM');
$row->load($cid[0]);
$id = $row->jid;
$jid = $user->get('id');
//$gid = key($user->get('groups')); // 6 = Manager ; 7 = Admin; 8 = Superadmin ; 2= registered
// mit key wird hier nur der erste Schluessel (nicht content, obwohl derzeit identisch!)
// geliefert, beim späteren Zurückschreiben fehlen dann alle weiteren Rechte.
// besser also folgende Version nutzen:
$gids = $user->get('groups');
$gid = 0;
foreach ($gids as $key => $value) {
$ivalue = intval($value);
if ($ivalue == 2 || $ivalue == 6 || $ivalue == 7 || $ivalue == 8) {
if ($ivalue > $gid) {
// Reihenfolge der Values von oben beachten !
$gid = $ivalue;
}
}
}
$sid = $row->sid;
$clmAccess = clm_core::$access;
$usertypestring = $clmAccess->usertypelist();
// usertypes, die der aktive user ändern darf
// illegaler Einbruchversuch über URL !
// evtl. mitschneiden !?!
$saison = JTable::getInstance('saisons', 'TableCLM');
$saison->load($sid);
if ($task != 'add' && $saison->published == "0" && $clmAccess->access('BE_user_general')) {
JError::raiseWarning(500, JText::_('USERS_USER_BEAR'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg, "message");
}
if ($cid[0] == "" and $task == 'edit') {
JError::raiseWarning(500, JText::_('USERS_FALSCH'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg, "message");
}
$user_publish = new JUser($id);
// Es können keine Admin / Superadmin geändert werden von nicht-Superadmin-User
// Fehler: get('gid') existiert nicht mehr
// also erst wie oben gid laden, dann mit neuer gid prüfen
//if ( $user_publish->get('gid') > 6 AND $gid < 8 )
$newgid = 0;
$newgids = $user_publish->get('groups');
foreach ($newgids as $key => $value) {
$ivalue = intval($value);
if ($ivalue == 2 || $ivalue == 6 || $ivalue == 7 || $ivalue == 8) {
if ($ivalue > $newgid) {
// Reihenfolge der Values von oben beachten !
$newgid = $ivalue;
}
}
}
if ($newgid > 6 and $gid < 8) {
JError::raiseWarning(500, JText::_('USERS_NO_JOMMLA_ADMIN'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg, "message");
}
if (!$clmAccess->compare($row->usertype)) {
JError::raiseWarning(500, JText::_('USERS_BENUTZER'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg, "message");
}
if ($task == 'edit') {
// do stuff for existing records
$row->checkout($user->get('id'));
} else {
// do stuff for new records
$row->published = 0;
$row->aktive = 0;
}
// Vereinefilter laden
$vereinlist = CLMFilterVerein::vereine_filter(0);
$filter_vid = $mainframe->getUserStateFromRequest("{$option}.filter_vid", 'filter_vid', 0, 'string');
if ($filter_vid != "0") {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $filter_vid);
} else {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $row->zps);
}
// Publishliste
$lists['published'] = JHTML::_('select.booleanlist', 'published', 'class="inputbox"', $row->published);
// Saisonliste
if ($task == "edit") {
$season_list[] = JHTML::_('select.option', $sid, clm_core::$db->saison->get($sid)->name, 'sid', 'name');
$lists['saison'] = JHTML::_('select.genericlist', $season_list, 'sid', 'class="inputbox" size="1"', 'sid', 'name', $row->sid);
$sql = " SELECT u.* FROM #__users as u " . " LEFT JOIN #__clm_user as a ON u.id = a.jid AND a.sid IN ('" . $sid . "')" . " WHERE a.name IS NULL";
} else {
$season_list[] = JHTML::_('select.option', clm_core::$access->getSeason(), clm_core::$db->saison->get(clm_core::$access->getSeason())->name, 'sid', 'name');
$lists['saison'] = JHTML::_('select.genericlist', $season_list, 'sid', 'class="inputbox" size="1"', 'sid', 'name', clm_core::$access->getSeason());
$sql = " SELECT u.* FROM #__users as u " . " LEFT JOIN #__clm_user as a ON u.id = a.jid AND a.sid IN ('" . clm_core::$access->getSeason() . "')" . " WHERE a.name IS NULL";
}
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
$jid_list[] = JHTML::_('select.option', '0', JText::_('USERS_USER_AUSW'), 'id', 'name');
$jid_list = array_merge($jid_list, $db->loadObjectList());
$lists['jid'] = JHTML::_('select.genericlist', $jid_list, 'pid', 'class="inputbox" size="1"', 'id', 'name', $row->jid);
// Funktionsliste
$sql = 'SELECT usertype, name FROM #__clm_usertype ';
$sql .= ' WHERE published = 1 ';
if ($usertypestring != "") {
$sql .= 'AND usertype OUT (' . $usertypestring . ' ) ';
}
$sql .= ' ORDER BY ordering ';
$db->setQuery($sql);
$usertypelist[] = JHTML::_('select.option', '', JText::_('USERS_TYP'), 'usertype', 'name');
$usertypelist = array_merge($usertypelist, $db->loadObjectList());
$lists['usertype'] = JHTML::_('select.genericlist', $usertypelist, 'usertype', 'class="inputbox" size="1"', 'usertype', 'name', $row->usertype);
require_once JPATH_COMPONENT . DS . 'views' . DS . 'users.php';
CLMViewUsers::user($row, $lists, $option);
}
function edit()
{
global $mainframe, $option;
$db =& JFactory::getDBO();
$user =& JFactory::getUser();
$task = JRequest::getVar('task');
$cid = JRequest::getVar('cid', array(0), '', 'array');
$option = JRequest::getCmd('option');
$section = JRequest::getVar('section');
JArrayHelper::toInteger($cid, array(0));
// Prüfen ob User Berechtigung zum editieren hat //
$row =& JTable::getInstance('users', 'TableCLM');
$row->load($cid[0]);
$id = $row->jid;
$jid = $user->get('id');
$gid = $user->get('gid');
$sid = $row->sid;
// illegaler Einbruchversuch über URL !
// evtl. mitschneiden !?!
$saison =& JTable::getInstance('saisons', 'TableCLM');
$saison->load($sid);
if ($saison->archiv == "1" and CLM_usertype !== 'admin') {
JError::raiseWarning(500, JText::_('USERS_USER_BEAR'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg);
}
if ($cid[0] == "" and $task == 'edit') {
JError::raiseWarning(500, JText::_('USERS_FALSCH'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg);
}
$acl =& JFactory::getACL();
$objectID = $acl->get_object_id('users', $id, 'ARO');
$groups = $acl->get_object_groups($objectID, 'ARO');
$this_group = strtolower($acl->get_group_name($groups[0], 'ARO'));
// User 62 (1. Superadmin) kann von niemanden geändert werden
$user_publish = new JUser($id);
if ($user_publish->get('id') == 62 and $user->get('id') != 62) {
JError::raiseWarning(500, JText::_('USERS_USER_NO'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg);
}
// Es können keine Admin / Superadmin geändert werden von nicht-Superadmin-User
if ($user_publish->get('gid') > 23 and $gid < 25) {
JError::raiseWarning(500, JText::_('USERS_NO_JOMMLA_ADMIN'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg);
}
// User kann nur niedrigere CLM-Berechtigungen ändern
$sql = "SELECT usertype, user_clm, jid FROM #__clm_user WHERE jid =" . $jid;
$db->setQuery($sql);
$clmuser = $db->loadObjectList();
if ($clmuser[0]->user_clm <= $row->user_clm and $jid != $row->jid and $gid != 25) {
JError::raiseWarning(500, JText::_('USERS_BENUTZER'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg);
}
if ($task == 'edit') {
// do stuff for existing records
$row->checkout($user->get('id'));
} else {
// do stuff for new records
$row->published = 0;
$row->aktive = 0;
}
// Vereinefilter laden
require_once JPATH_COMPONENT . DS . 'controllers' . DS . 'filter_vereine.php';
$vereinlist = CLMFilterVerein::vereine_filter(0);
$filter_vid = $mainframe->getUserStateFromRequest("{$option}.filter_vid", 'filter_vid', 0, 'string');
if ($filter_vid != "0") {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $filter_vid);
} else {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $row->zps);
}
// Publishliste
$lists['published'] = JHTML::_('select.booleanlist', 'published', 'class="inputbox"', $row->published);
// Saisonliste
if ($task == "edit") {
$sql = 'SELECT id as sid, name FROM #__clm_saison WHERE id=' . $sid;
} else {
$sql = 'SELECT id as sid, name FROM #__clm_saison WHERE archiv =0';
}
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
if ($task != "edit") {
$saisonlist[] = JHTML::_('select.option', '0', JText::_('USERS_SAISON'), 'sid', 'name');
$saisonlist = array_merge($saisonlist, $db->loadObjectList());
} else {
$saisonlist = $db->loadObjectList();
}
$lists['saison'] = JHTML::_('select.genericlist', $saisonlist, 'sid', 'class="inputbox" size="1"', 'sid', 'name', $row->sid);
// Joomla Nutzer ohne CLM Account
$sql = " SELECT u.* FROM #__users as u " . " LEFT JOIN #__clm_user as a ON u.id = a.jid " . " WHERE a.name IS NULL";
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
$jid_list[] = JHTML::_('select.option', '0', JText::_('USERS_USER_AUSW'), 'id', 'name');
$jid_list = array_merge($jid_list, $db->loadObjectList());
$lists['jid'] = JHTML::_('select.genericlist', $jid_list, 'pid', 'class="inputbox" size="1"', 'id', 'name', $row->jid);
// Funktionsliste
// sich selbst bearbeiten
if ($row->jid == $jid) {
$sql = "SELECT user_clm as user_clm, name " . " FROM #__clm_usertype WHERE user_clm < " . ($clmuser[0]->user_clm + 1);
} else {
// Admin
if ($clmuser[0]->usertype == 'admin') {
$sql = "SELECT user_clm as user_clm, name " . " FROM #__clm_usertype ";
} else {
$sql = "SELECT user_clm as user_clm, name " . " FROM #__clm_usertype WHERE user_clm < " . $clmuser[0]->user_clm;
}
}
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
$usertypelist[] = JHTML::_('select.option', '0', JText::_('USERS_TYP'), 'user_clm', 'name');
$usertypelist = array_merge($usertypelist, $db->loadObjectList());
$lists['user_clm'] = JHTML::_('select.genericlist', $usertypelist, 'user_clm', 'class="inputbox" size="1"', 'user_clm', 'name', $row->user_clm);
require_once JPATH_COMPONENT . DS . 'views' . DS . 'users.php';
CLMViewUsers::user($row, $lists, $option);
}
