public function createChecklist($newClArr)
 {
     $sqlInsert = "";
     $sqlValues = "";
     foreach ($newClArr as $k => $v) {
         $sqlInsert .= ',' . $k;
         if ($v) {
             $sqlValues .= ',"' . $this->cleanInStr($v) . '"';
         } else {
             $sqlValues .= ',NULL';
         }
     }
     $sql = "INSERT INTO fmchecklists (" . substr($sqlInsert, 1) . ") VALUES (" . substr($sqlValues, 1) . ")";
     //echo $sql; exit;
     $newClId = 0;
     if ($this->conn->query($sql)) {
         $newClId = $this->conn->insert_id;
         //Set permissions to allow creater to be an editor
         $this->conn->query('INSERT INTO userroles (uid, role, tablename, tablepk) VALUES(' . $GLOBALS["SYMB_UID"] . ',"ClAdmin","fmchecklists",' . $newClId . ') ');
         //$this->conn->query("INSERT INTO userpermissions (uid, pname) VALUES(".$GLOBALS["symbUid"].",'ClAdmin-".$newClId."') ");
         $newPManager = new ProfileManager();
         $newPManager->setUserName($GLOBALS['USERNAME']);
         $newPManager->authenticate();
     }
     return $newClId;
 }
Exemplo n.º 2
0
<?php

include_once '../config/symbini.php';
include_once $serverRoot . '/classes/PermissionsManager.php';
include_once $serverRoot . '/classes/ProfileManager.php';
header("Content-Type: text/html; charset=" . $charset);
$loginAs = array_key_exists("loginas", $_REQUEST) ? trim($_REQUEST["loginas"]) : "";
$searchTerm = array_key_exists("searchterm", $_REQUEST) ? trim($_REQUEST["searchterm"]) : "";
$userId = array_key_exists("userid", $_REQUEST) ? $_REQUEST["userid"] : "";
$delRole = array_key_exists("delrole", $_REQUEST) ? $_REQUEST["delrole"] : "";
$tablePk = array_key_exists("tablepk", $_REQUEST) ? $_REQUEST["tablepk"] : "";
$userManager = new PermissionsManager();
if ($isAdmin) {
    if ($loginAs) {
        $pHandler = new ProfileManager();
        $pHandler->setUserName($loginAs);
        $pHandler->authenticate();
        header("Location: ../index.php");
    } elseif ($delRole) {
        $userManager->deletePermission($userId, $delRole, $tablePk);
    } elseif (array_key_exists("apsubmit", $_POST)) {
        foreach ($_POST["p"] as $pname) {
            $role = $pname;
            $tablePk = '';
            if (strpos($pname, '-')) {
                $tok = explode('-', $pname);
                $role = $tok[0];
                $tablePk = $tok[1];
            }
            $userManager->addPermission($userId, $role, $tablePk);
        }
Exemplo n.º 3
0
    $useRecaptcha = true;
}
header("Content-Type: text/html; charset=" . $charset);
header('Cache-Control: no-cache, no-cache="set-cookie", no-store, must-revalidate');
header('Pragma: no-cache');
// HTTP 1.0.
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Date in the past
$login = array_key_exists('login', $_POST) ? $_POST['login'] : '';
$emailAddr = array_key_exists('emailaddr', $_POST) ? $_POST['emailaddr'] : '';
$action = array_key_exists("submit", $_REQUEST) ? $_REQUEST["submit"] : '';
$pHandler = new ProfileManager();
$displayStr = '';
//Sanitation
if ($login) {
    if (!$pHandler->setUserName($login)) {
        $login = '';
        $displayStr = 'Invalid login name';
    }
}
if ($emailAddr) {
    if (!$pHandler->validateEmailAddress($emailAddr)) {
        $emailAddr = '';
        $displayStr = 'Invalid login name';
    }
}
if ($action && !preg_match('/^[a-zA-Z0-9\\s_]+$/', $action)) {
    $action = '';
}
if ($action == "Create Login") {
    $okToCreateLogin = true;
 public function createChecklist($postArr)
 {
     $sqlInsert = "";
     $sqlValues = "";
     $fieldArr = array('name' => 's', 'authors' => 's', 'type' => 's', 'locality' => 's', 'publication' => 's', 'abstract' => 's', 'notes' => 's', 'latcentroid' => 'n', 'longcentroid' => 'n', 'pointradiusmeters' => 'n', 'footprintWKT' => 's', 'parentclid' => 'n', 'access' => 's', 'uid' => 'n');
     foreach ($fieldArr as $fieldName => $fieldType) {
         $sqlInsert .= ',' . $fieldName;
         $v = $this->cleanInStr($postArr[$fieldName]);
         if ($fieldName != 'abstract') {
             $v = strip_tags($v, '<i><u><b><a>');
         }
         if ($v) {
             if ($fieldType == 's') {
                 $sqlValues .= ',"' . $v . '"';
             } else {
                 if (is_numeric($v)) {
                     $sqlValues .= ',' . $v;
                 } else {
                     $sqlValues .= ',NULL';
                 }
             }
         } else {
             $sqlValues .= ',NULL';
         }
     }
     $sql = "INSERT INTO fmchecklists (" . substr($sqlInsert, 1) . ") VALUES (" . substr($sqlValues, 1) . ")";
     $newClId = 0;
     if ($this->conn->query($sql)) {
         $newClId = $this->conn->insert_id;
         //Set permissions to allow creater to be an editor
         $this->conn->query('INSERT INTO userroles (uid, role, tablename, tablepk) VALUES(' . $GLOBALS["SYMB_UID"] . ',"ClAdmin","fmchecklists",' . $newClId . ') ');
         //$this->conn->query("INSERT INTO userpermissions (uid, pname) VALUES(".$GLOBALS["symbUid"].",'ClAdmin-".$newClId."') ");
         $newPManager = new ProfileManager();
         $newPManager->setUserName($GLOBALS['USERNAME']);
         $newPManager->authenticate();
     }
     return $newClId;
 }