$mems = authField($tableAdminLevel); foreach ($Field as $i => $col) { $mems['r']['ptable'][$col]['tHR'] = true; } $ms[0] = $mems; $com = $liveDBTable['com']; $com = explode(",", $com); foreach ($com as $key => $value) { $al = explode(":", $value); if ($al[0] == 'al') { $adl = trim($al[1]); $sm = superMaster($_SESSION['adminLevel'], $adl); } else { if ($al[0] == 'o') { $o = $al[1]; $own = $adl != "" ? authObject($o) : $_SESSION['uid'] == $o ? true : false; } } } if (authorizeTransit($_SESSION['adminLevel'], 'Zz0') or authorizeTransit($_SESSION['adminLevel'], 'Zs0') or $own) { $authorizeTransit = TRUE; $liveDBTable['usersData'][$_SESSION['uid']]['fc'] = TRUE; $fc = TRUE; $rc = $rowCount; } elseif ($tableAdminLevel) { $mems['r']['authRows'] = array_unique(array_merge($mems['r']['authRows'], $mems['w']['authRows'])); if ($mems['w']['authRows'][0] == '*') { $authorizeTransit = TRUE; $liveDBTable['usersData'][$_SESSION['uid']]['fc'] = TRUE; $fc = TRUE; $rc = $rowCount;
$query = "SHOW TABLE STATUS LIKE '" . $tn . "'"; $result = mysql_db_query("collegedb2", $query, $dbc); $com = mysql_result($result, '0', 'Comment'); if ($com) { $com = explode(",", $com); $sm = false; $own = false; foreach ($com as $key => $value) { $al = explode(":", $value); if ($al[0] == 'al') { $al = trim($al[1]); $sm = superMaster($_SESSION['adminLevel'], $al); } else { if ($al[0] == 'o') { $al = trim($al[1]); $own = authObject($al); } } } if ($own or $sm or authorizeTransit($_SESSION['adminLevel'], "Zz0")) { $query = "SHOW FULL COLUMNS FROM `" . $tn . "`"; $tResult = mysql_db_query("collegedb2", $query, $dbc); $cc = mysql_num_rows($tResult); for ($j = 0; $j < $cc; $j++) { $Field[$j] = mysql_result($tResult, $j, 'Field'); $query = "SELECT * FROM `" . $tn . "` WHERE `" . $Field[$j] . "` LIKE '" . $searchString . "'"; $sResult = mysql_query($query, $dbc); $sRCount = mysql_num_rows($sResult); if ($sRCount > 0) { $mRows[$tn] = array(); $rRow = array();
function authorityResolver($authStr) { $authEnts = explode(',', $authStr); for ($i = 0; $i < count($authEnts); $i++) { $authorized = TRUE; $aMems = explode('.', $authEnts[$i]); for ($j = 0; $j < count($aMems); $j++) { if ($aMems[$j][0] == 'u') { if ($_SESSION['uid'] == substr($aMems[$j], 1)) { $authorized = ($authorized and TRUE); } else { $authorized = FALSE; } } elseif ($aMems[$j][0] == 'o') { $authorized = ($authorized and authObject(substr($aMems[$j], 1))); } elseif ($aMems[$j][0] == 't') { $authorized = ($authorized and authTask(substr($aMems[$j], 1))); } elseif ($aMems[$j][0] == 'g') { $authorized = ($authorized and authGroup(substr($aMems[$j], 1))); } elseif ($aMems[$j][0] == 'a') { $authorized = ($authorized and authorizeTransit($_SESSION['adminLevel'], substr($aMems[$j], 1))); } else { $authorized = FALSE; } } if ($authorized) { return $authorized; } } return FALSE; }