function getDDAdminRole($rid = 0, $uid = "") { $r = Roles::getInstance(); $roles = $r->getAll(); $user_rank = getUserRoleRank(); $rank = Roles::getInstance()->getRoleRankById($rid); $disabled = $user_rank <= $rank ? "disabled" : ""; echo "<select class='DDAdminRole form-control input-sm' {$disabled} data-uid='{$uid}'>"; foreach ($roles as $k => $v) { $select = $rid == $v['rid'] ? "selected" : ""; $disabled = $user_rank <= $v['rank'] ? "disabled" : ""; echo "<option value='" . $v['rid'] . "' {$select} {$disabled} class='{$disabled}'>" . $v['rname'] . "</option>"; } echo '</select>'; }
function deleteBank($bid) { $sql = "select count(*) cnt from banks where bid = {$bid}"; $o = queryScalar($sql); if ($o->cnt == 0) { return -1; } $sql = ""; $sql .= "select "; $sql .= "banks.bid, "; $sql .= "CASE WHEN banks.uid = 0 then 0 ELSE users.uid END uid, "; $sql .= "CASE WHEN banks.uid = 0 then (select rank from roles where rname = 'superadmin') ELSE roles.rank END rank "; $sql .= "from banks left join users on banks.uid = users.uid left join roles on roles.rid = users.rid "; $sql .= "where banks.bid = {$bid} "; $o = queryScalar($sql); if ($o->uid == S("user")["uid"] || $o->rank <= getUserRoleRank()) { $sql = "delete from banks where bid = {$bid}"; $res = mysql_query($sql); return 1; } else { return -2; } }
function fbAuth($fbid, $token) { $sql = "SELECT * FROM users where fbid = '{$fbid}'"; $row = querySingle($sql); if ($row) { updateSingle('users', 'fbtoken', $token, 'uid = ' . $row["uid"]); $this->uid = $row["uid"]; $this->email = $row["email"]; $this->name = $row["name"]; $this->fbid = $row["fbid"]; $this->fbtoken = $row["fbtoken"]; $this->avt = $row["avt"]; $this->rid = $row["rid"]; $_SESSION["user"] = $row; $_SESSION["user"]["nickname"] = empty($_SESSION["user"]["name"]) ? $_SESSION["user"]["email"] : $_SESSION["user"]["name"]; getUserRoleRank(); return true; } else { return false; } }