function addRole($googleId, $newRole, $con)
{
global $PRIMARY_ADMIN_USER;
$query = mysql_query("select roles from users where googleid='{$googleId}' limit 1;", $con);
if (!$query) {
return;
}
if ($row = mysql_fetch_assoc($query)) {
$roles = explode("|", $row["roles"]);
foreach ($roles as $role) {
if ($role === $newRole) {
return;
}
}
$roles[count($roles)] = $newRole;
$roles = implode("|", $roles);
mysql_query("update users set roles='{$roles}' where googleid='{$googleId}' limit 1");
} else {
mysql_query("insert into users (googleid, roles) values ('{$googleId}','{$newRole}');", $con);
//grant the administrator role to the primary admin
if (strcmp($PRIMARY_ADMIN_USER, $googleId) == 0) {
addRole($googleId, "ROLE_ADMIN", $con);
}
}
}
/**
* Add a node to a view. Requires login
*
* @param string $viewid
* @param string $nodeid
* @param string $xpos.
* @param string $ypos.
* @param string $groupid (optional) the id of the group to add the node to.
*
* @return View with new node and connection in or Error
*/
function addNodeToViewAndConnect($viewid, $focalnodeid, $nodeid, $xpos, $ypos, $linktypename, $direction, $groupid = "")
{
global $USER;
// make sure current user in group, if group set.
if (isset($groupid) && $groupid != "") {
$group = new Group($groupid);
if (!$group instanceof Error) {
if (!$group->ismember($USER->userid)) {
$error = new Error();
return $error->createNotInGroup($group->name);
}
}
}
$node = new CNode($nodeid);
$node = $node->load();
if (!$node instanceof Error) {
if (isset($groupid) && $groupid != "") {
$node->addGroup($groupid);
}
$view = new View($viewid);
$viewnode = $view->addNode($nodeid, $xpos, $ypos);
if (!$viewnode instanceof Error) {
// Connect to focal node
$focalnode = new CNode($focalnodeid);
$focalnode = $focalnode->load();
if (!$focalnode instanceof Error) {
$focalrole = getRoleByName($focalnode->role->name);
$focalroleid = $focalrole->roleid;
$role = getRoleByName($node->role->name);
if ($role instanceof Error) {
$role = addRole($node->role->name);
}
$roleid = $role->roleid;
$lt = getLinkTypeByLabel($linktypename);
$linkType = $lt->linktypeid;
// connection always public, so drawing determined by node privacy.
if ($direction == 'from') {
$connection = addConnection($node->nodeid, $roleid, $linkType, $focalnodeid, $focalroleid, 'N', "");
} else {
$connection = addConnection($focalnodeid, $focalroleid, $linkType, $node->nodeid, $roleid, 'N', "");
}
if (!$connection instanceof Error) {
// add to group
if (isset($groupid) && $groupid != "") {
$connection->addGroup($groupid);
}
$viewcon = $view->addConnection($connection->connid);
return $view;
} else {
return $connection;
}
} else {
return $focalnode;
}
} else {
return $viewnode;
}
} else {
return $node;
}
}
<?php
die;
header('Content-type: application/json');
require_once "include.php";
require_once "../../configuration.php";
require_once "../../include.php";
session_start();
$con = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (!$con) {
die("-2");
}
if (!mysql_select_db($MYSQL_DATABASE, $con)) {
mysql_close($con);
die("-3");
}
if (!hasRole($_GET["googleid"], "ROLE_USER", $con)) {
mysql_close($con);
die("-4");
}
$paymentObject = executePayment(getPaypalAccessToken(), $_SESSION["paypalPaymentId"], $_GET["PayerID"]);
if ($paymentObject->state === "approved") {
addRole($_GET["googleid"], "ROLE_PRO", $con);
//grant user pro
echo json_encode($paymentObject);
} else {
echo "-1";
}
unset($_SESSION["paypalPaymentId"]);
mysql_close($con);
$action = $_GET['action'];
} else {
$action = null;
}
if (isset($_GET['value'])) {
$value = $_GET['value'];
} else {
$value = null;
}
if (isset($_GET['value2'])) {
$value2 = $_GET['value2'];
} else {
$value2 = null;
}
if ($action == "create") {
$id = addRole($value);
echo json_encode(array("id" => $id));
return;
} else {
if ($action == "remove") {
removeRole($value);
echo json_encode(array("message" => "done"));
return;
} else {
if ($action == "addPermission") {
$ret = addPermissionToRole($value, $value2);
if ($ret == FALSE) {
echo json_encode(array("message" => "error, could not add permission to role"));
} else {
echo json_encode(array("message" => "done"));
}
<?php
require_once "../configuration.php";
require_once "../include.php";
$con = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (!$con) {
die("-2");
}
if (!mysql_select_db($MYSQL_DATABASE, $con)) {
mysql_close($con);
die("-3");
}
$query = mysql_query("select googleid from gameLibrary where 1;", $con);
$used = array();
while ($row = mysql_fetch_assoc($query)) {
if (isset($used[$row["googleid"]])) {
continue;
}
$used[$row['googleid']] = true;
addRole($row['googleid'], "ROLE_USER", $con);
}
addRole('116661379917790523031', "ROLE_ADMIN", $con);
mysql_close($con);
die("1");
<?php
header('Content-type: application/json');
require_once "../configuration.php";
require_once "../include.php";
if ($AUTO_ESCAPE) {
$google_token = stripslashes($_GET["googletoken"]);
} else {
$google_token = $_GET["googletoken"];
}
$google_id = getGoogleId($google_token);
if ($google_id == null) {
die("-1");
}
$con = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (!$con) {
die("-2");
}
if (!mysql_select_db($MYSQL_DATABASE, $con)) {
mysql_close($con);
die("-3");
}
addRole($google_id, "ROLE_USER", $con);
echo json_encode(getRoles($google_id, $con));
mysql_close($con);
include '../../../include/cp_header.php';
include_once 'admin_header.php';
include_once XHELP_CLASS_PATH . '/xhelpPageNav.php';
global $xoopsModule, $xoopsModuleConfig;
$module_id = $xoopsModule->getVar('mid');
$displayName =& $xoopsModuleConfig['xhelp_displayName'];
// Determines if username or real name is displayed
$aLimitByS = array('10' => 10, '15' => 15, '20' => 20, '25' => 25, '50' => 50, '100' => 100);
$aLimitByD = array('1' => 1, '2' => 2, '3' => 3, '4' => 4, '5' => 5, '10' => 10);
$op = 'default';
if (isset($_REQUEST['op'])) {
$op = $_REQUEST['op'];
}
switch ($op) {
case "addRole":
addRole();
break;
case "clearOrphanedStaff":
clearOrphanedStaff();
break;
case "clearRoles":
clearRoles();
break;
case "customDept":
customDept();
break;
case "editRole":
editRole();
break;
case "editStaff":
editStaff();
function ProcessRoleAddEdit()
{
$errors = "";
if (empty($_POST["Name"])) {
$errors .= "<li>Error, field \"Name\" is blank.</li>";
}
if ($errors == "") {
$RoleID = $_POST["RoleID"];
$name = $_POST["Name"];
$desc = $_POST["Description"];
if (empty($RoleID)) {
// No RoleID means we are processing an ADD
$RoleID = addRole($name, $desc);
} else {
$hasAttributes = $_POST["hasAttributes"];
updateRole($RoleID, $name, $desc, $hasAttributes);
}
$results = getAllRoles();
include '../security/manage_roles_form.php';
} else {
displayError($errors);
}
}
<?php
/**
* Created by PhpStorm.
* User: lenovo
* Date: 2015/11/21
* Time: 21:46
*/
include_once "tools.php";
include_once 'SQLSafe.php';
$SQLSafe = new SQLSafe();
$roleName = $_POST['roleName'];
$roleAuthority = $_POST['roleAuthority'];
function addRole($roleName, $roleAuthority)
{
$conn = tools::connectDatabase();
$roleID = tools::getMaxRoleID() + 1;
mysqli_query($conn, "INSERT INTO Roles(RoleID,RoleName,Auth_Authority,Auth_Info,Auth_Job,Auth_Attendance,Auth_Training,Auth_Evaluation,Auth_RP,Auth_Role,Auth_Encrypt) VALUES ('{$roleID}','{$roleName}','{$roleAuthority['0']}','{$roleAuthority['1']}','{$roleAuthority['2']}','{$roleAuthority['3']}','{$roleAuthority['4']}','{$roleAuthority['5']}','{$roleAuthority['6']}','{$roleAuthority['7']}','{$roleAuthority['8']}')");
echo "success";
}
addRole($roleName, $roleAuthority);
