$sql = "SELECT username, role FROM users WHERE id = {$id}";
$result = $db->query($sql);
$results = $result->fetch_assoc();
return $results;
}
function updateRole($role, $id)
{
$db = new mysqli(SERVERNAME, USERNAME, PASSWORD, DBNAME);
$sql = "UPDATE users SET role='{$role}' WHERE id = {$id}";
$result = $db->query($sql);
$db->close();
}
if (isset($_POST['role'])) {
$role = $_POST['role'];
$id = $_POST['id'];
updateRole($role, $id);
header("Location: users.php");
}
if (isset($_GET['id'])) {
$id = $_GET['id'];
$results = getRole($id);
$role = $results["role"];
$username = $results["username"];
if ($role == "admin") {
$selected = '<option value="moderator">Moderator</option>
<option selected="selected" value="admin">Admin</option>';
} elseif ($role == "moderator") {
$selected = '<option selected="selected" value="moderator">Moderator</option>
<option value="admin">Admin</option>';
}
}
function ProcessRoleAddEdit()
{
$errors = "";
if (empty($_POST["Name"])) {
$errors .= "<li>Error, field \"Name\" is blank.</li>";
}
if ($errors == "") {
$RoleID = $_POST["RoleID"];
$name = $_POST["Name"];
$desc = $_POST["Description"];
if (empty($RoleID)) {
// No RoleID means we are processing an ADD
$RoleID = addRole($name, $desc);
} else {
$hasAttributes = $_POST["hasAttributes"];
updateRole($RoleID, $name, $desc, $hasAttributes);
}
$results = getAllRoles();
include '../security/manage_roles_form.php';
} else {
displayError($errors);
}
}
$roleid = $_REQUEST['roleid'];
$query = 'select rolename from vtiger_role where rolename=? and roleid !=?';
$params = array($rolename, $roleid);
}
$result = $adb->pquery($query, $params);
if ($adb->num_rows($result) > 0) {
echo $mod_strings['LBL_ROLENAME_EXIST'];
die;
} else {
echo 'SUCCESS';
die;
}
}
$parentRoleId = $_REQUEST['parent'];
//Inserting values into Role Table
if (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'edit') {
$roleId = $_REQUEST['roleid'];
$selected_col_string = $_REQUEST['selectedColumnsString'];
$profile_array = explode(';', $selected_col_string);
updateRole($roleId, $rolename, $profile_array);
} elseif (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'create') {
$selected_col_string = $_REQUEST['selectedColumnsString'];
$profile_array = explode(';', $selected_col_string);
//Inserting into vtiger_role Table
$roleId = createRole($rolename, $parentRoleId, $profile_array);
if ($roleId != '') {
insertRole2Picklist($roleId, $parentRoleId);
}
}
$loc = "Location: index.php?action=listroles&module=Settings&parenttab=Settings";
header($loc);
/************************************************************
* 角色
************************************************************/
require_once dirname(__FILE__) . '/common/commonFunc.php';
$conn = createConn();
// 创建数据库连接
$op = $_GET['op'];
// 操作类型
$roleId = isset($_GET['roleId']) ? $_GET['roleId'] : "";
switch ($op) {
case "checkRole":
checkRole($roleId);
break;
case "updateRole":
updateRole($roleId);
$statusCode = "200";
$message = "修改角色成功";
$callbackType = "closeCurrent";
$navTabId = "oa3";
$rel = $forwardUrl = $confirmMsg = "";
break;
}
mysql_close($conn);
include dirname(__FILE__) . '/common/message.php';
/**
*检验角色名是否已存在
**/
function checkRole($roleId)
{
$roleName = isset($_GET['roleName']) ? test_input($_GET['roleName']) : "";
function processRole($action, $id, $name, $description)
{
if ($action == 'showoption') {
$roleOpt = roleOption($id);
echo $roleOpt;
return;
}
if ($action == 'show' || $action == 'add') {
$roleDetail = showRole($action, $id);
echo json_encode(array('form' => $roleDetail));
return;
}
$show_id = updateRole($action, $id, $name, $description);
if ($action == 'update' || $action == 'addnew') {
$roleDetail = showRole('show', $show_id);
$roleOpt = roleOption($show_id);
$rt = array('form' => $roleDetail, 'Opt' => $roleOpt, 'msg' => 'Role added/updated');
echo json_encode($rt);
return;
}
if ($action == 'delete') {
if (isset($show_id)) {
$rt['msg'] = $show_id;
echo json_encode($rt);
return;
}
$roleOpt = roleOption(0);
$rt = array('form' => '', 'Opt' => $roleOpt, 'msg' => 'Role deleted');
echo json_encode($rt);
return;
}
}
