function CheckPermission($module, $action) { $settings = new Lan_permission_settings(); $permission = new Lan_permission(); /** $permission->whereAdd("module = '$module'"); $permission->whereAdd("action = '$action'"); $settings->mode_id = $_SESSION["lanmode"]; $addedGroup = false; if(isset($_SESSION['groups'])){ foreach($_SESSION['groups'] as $k => $v) { $settings->whereAdd("group_id = " . $v, "OR"); $addedGroup = true; } } if(!$addedGroup) return false; $settings->joinAdd($permission,"LEFT");**/ if (isset($_SESSION['groups'])) { $groups = ""; //"( group_id = 1 ) OR ( group_id = 2 ) OR ( group_id = 3 ) OR ( group_id = 4 ) OR ( group_id = 6 )"; $list = $_SESSION['groups']; for ($i = count($list) - 1; $i >= 0; $i--) { if ($i == 0) { $groups .= "( group_id = {$list[$i]} )"; } else { $groups .= "( group_id = {$list[$i]} ) OR"; } } $modeid = $_SESSION["lanmode"]; $settings->query("SELECT count(lan_permission_settings.perset_id) as perset_id FROM {$settings->__table} " . "LEFT JOIN {$permission->__table} ON ({$permission->__table}.permission_id={$settings->__table}.permission_id) " . "WHERE ( {$groups} ) AND ( ( module = '{$module}' ) AND ( action = '{$action}' ) ) AND ( {$settings->__table}.mode_id = {$modeid} )"); if (0 == $settings->fetch()) { return false; } return !streq("0", $settings->perset_id); } return false; }
$groups = array(); $group = new Lan_permission_groups(); $group->find(); while ($group->fetch()) { $groups[] = clone $group; } $master->Smarty->assign("grouplist", $groups); //Find permissions for each mode and group $permissionlist = array(); $permission = new Lan_permission(); $permission->orderBy("module"); $permission->find(); while ($permission->fetch()) { $disallowedlist = array(); foreach ($groups as $group) { $setting = new Lan_permission_settings(); $setting->permission_id = $permission->permission_id; $setting->mode_id = $mode->mode_id; $setting->group_id = $group->permgroup_id; if ($setting->find() != 0) { $disallowedlist[] = $setting->group_id; } } $permission->disallowed = $disallowedlist; $permissionlist[] = clone $permission; } //Mode list $modelist = array(); $mode = new Lan_permission_modes(); $mode->orderBy("mode_name"); $mode->find();
$master->AddError("You do not have permission to access this page!"); $allowed = false; } if ($allowed && isset($_POST["update"])) { $mode = new Lan_permission_modes(); if ($mode->get(GETSafe("mode"))) { //Clear down settings for the current mode $settings = new Lan_permission_settings(); $settings->mode_id = $mode->mode_id; $settings->find(); while ($settings->fetch()) { $settings->delete(); } //Add settings for the current mode foreach ($_POST as $k => $v) { if (!streq("update", $k) || streq("1", $v)) { $values = explode("-", $k); if (2 == count($values)) { // echo "perm " . $values[0] . " group " . $values[1]; $settings = new Lan_permission_settings(); $settings->group_id = $values[1]; $settings->mode_id = $mode->mode_id; $settings->permission_id = $values[0]; $settings->insert(); } } } } else { $master->AddError("Progamtic error, no mode passed?"); } }