/** * init chooses the functionality by using $_GET['id'] * * @return void */ public function init() { // set pagename $this->tpl->assign('pagename', parent::lang('class.ProtocolView#page#init#name')); // switch $_GET['id'] if set if ($this->get('id') !== false) { // check rights // get class $class = get_class(); // get naviitems $navi = $class::connectnavi(); // get rights from db $rights = Rights::get_authorized_entries('navi'); $naviid = 0; // walk through secondlevel-entries to find actual entry for ($i = 0; $i < count($navi['secondlevel']); $i++) { if ($navi['secondlevel'][$i]['getid'] == $this->get('id')) { // store id and break $naviid = $navi['secondlevel'][$i]['id']; break; } } // check if naviid is member of authorized entries if (in_array($naviid, $rights)) { switch ($this->get('id')) { case 'listall': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#listall'))); $this->tpl->assign('main', $this->listall()); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); break; case 'new': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#new'))); $this->tpl->assign('main', $this->new_entry()); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', true); $this->tpl->assign('tinymce', true); break; case 'details': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#details'))); $this->tpl->assign('main', $this->details($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); break; case 'edit': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#edit'))); $this->tpl->assign('main', $this->edit($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', true); $this->tpl->assign('tinymce', true); break; case 'show': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#show'))); $this->tpl->assign('main', $this->show($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); break; case 'topdf': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#topdf'))); $this->tpl->assign('main', $this->topdf($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); break; case 'delete': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#topdf'))); $this->tpl->assign('main', $this->delete($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', true); break; case 'correct': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#correct'))); $this->tpl->assign('main', $this->correct($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', true); break; case 'showdecisions': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#title#decisions'))); $this->tpl->assign('main', $this->decisions($this->get('pid'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); break; default: // id set, but no functionality $errno = $GLOBALS['Error']->error_raised('GETUnkownId', 'entry:' . $this->get('id'), $this->get('id')); $GLOBALS['Error']->handle_error($errno); // smarty $this->tpl->assign('title', ''); $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); break; } } else { // error not authorized $errno = $GLOBALS['Error']->error_raised('NotAuthorized', 'entry:' . $this->get('id'), $this->get('id')); $GLOBALS['Error']->handle_error($errno); // smarty $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#Error#NotAuthorized'))); $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); $this->tpl->assign('tinymce', false); } } else { // id not set // smarty-title $this->tpl->assign('title', $this->title(parent::lang('class.ProtocolView#init#default#title'))); // smarty-main $this->tpl->assign('main', $this->defaultContent()); // smarty-jquery $this->tpl->assign('jquery', true); // smarty-hierselect $this->tpl->assign('hierselect', false); // smarty-tiny_mce $this->tpl->assign('tinymce', false); } // global smarty // head $this->tpl->assign('head', $this->get_head()); // manualjquery $this->tpl->assign('manualjquery', $this->get_jquery()); // navi $this->tpl->assign('data', $this->navi(basename($_SERVER['SCRIPT_FILENAME']))); $this->tpl->assign('active', $this->get('id')); $this->tpl->assign('file', basename($_SERVER['SCRIPT_FILENAME'])); // logininfo $this->tpl->assign('logininfo', $this->put_userinfo()); // smarty-display $this->tpl->display('smarty.main.tpl'); }
/** * init chooses the functionality by using $_GET['id'] * * @return void */ public function init() { // set pagename $this->tpl->assign('pagename', parent::lang('class.CalendarView#page#init#name')); // switch $_GET['id'] if set if ($this->get('id') !== false) { // check rights // get class $class = get_class(); // get naviitems $navi = $class::connectnavi(); // get rights from db $rights = Rights::get_authorized_entries('navi'); $naviid = 0; // walk through secondlevel-entries to find actual entry for ($i = 0; $i < count($navi['secondlevel']); $i++) { if ($navi['secondlevel'][$i]['getid'] == $this->get('id')) { // store id and break $naviid = $navi['secondlevel'][$i]['id']; break; } } // check if naviid is member of authorized entries if (in_array($naviid, $rights)) { switch ($this->get('id')) { case 'listall': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#listall#title'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); // prepare dates $from = strtotime('yesterday'); $to = strtotime('next year'); // check $_GET['from'] and $_GET['to'] if ($this->get('from') !== false) { $from = strtotime($this->get('from')); } if ($this->get('to') !== false) { $to = strtotime($this->get('to')); } $this->tpl->assign('main', $this->listall($to, $from)); break; case 'new': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#new#title'))); $this->tpl->assign('main', $this->new_entry()); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', true); break; case 'details': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#details#title'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', true); // if cid does not exist, error if (Calendar::check_id($this->get('cid'))) { // smarty $this->tpl->assign('main', $this->details($this->get('cid'))); } else { // error $errno = $GLOBALS['Error']->error_raised('CidNotExists', 'details', $this->get('cid')); $GLOBALS['Error']->handle_error($errno); $this->add_output(array('main' => $GLOBALS['Error']->to_html($errno)), true); // smarty $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); } break; case 'edit': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#edit#title'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', true); // if cid does not exist, error if (Calendar::check_id($this->get('cid'))) { // smarty $this->tpl->assign('main', $this->edit($this->get('cid'))); $this->add_output(array('main' => $this->edit($this->get('cid')))); } else { // error $errno = $GLOBALS['Error']->error_raised('CidNotExists', 'edit', $this->get('cid')); $GLOBALS['Error']->handle_error($errno); // smarty $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); } break; case 'delete': // smarty $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#delete#title'))); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', true); // if cid does not exist, error if (Calendar::check_id($this->get('cid'))) { // smarty $this->tpl->assign('main', $this->delete($this->get('cid'))); } else { // error $errno = $GLOBALS['Error']->error_raised('CidNotExists', 'delete', $this->get('cid')); $GLOBALS['Error']->handle_error($errno); // smarty $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); } break; default: // id set, but no functionality $errno = $GLOBALS['Error']->error_raised('GETUnkownId', 'entry:' . $this->get('id'), $this->get('id')); $GLOBALS['Error']->handle_error($errno); // smarty $this->tpl->assign('title', ''); $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); break; } } else { // error not authorized $errno = $GLOBALS['Error']->error_raised('NotAuthorized', 'entry:' . $this->get('id'), $this->get('id')); $GLOBALS['Error']->handle_error($errno); // smarty $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#Error#NotAuthorized'))); $this->tpl->assign('main', $GLOBALS['Error']->to_html($errno)); $this->tpl->assign('jquery', true); $this->tpl->assign('hierselect', false); } } else { // id not set // smarty-title $this->tpl->assign('title', $this->title(parent::lang('class.CalendarView#init#default#title'))); // smarty-pagecaption $this->tpl->assign('pagecaption', $this->defaultContent()); // smarty-main $this->tpl->assign('main', ''); // smarty-jquery $this->tpl->assign('jquery', true); // smarty-hierselect $this->tpl->assign('hierselect', false); } // global smarty // head $this->tpl->assign('head', $this->get_head()); // manualjquery $this->tpl->assign('manualjquery', $this->get_jquery()); // navi $this->tpl->assign('data', $this->navi(basename($_SERVER['SCRIPT_FILENAME']))); $this->tpl->assign('active', $this->get('id')); $this->tpl->assign('file', basename($_SERVER['SCRIPT_FILENAME'])); // logininfo $this->tpl->assign('logininfo', $this->put_userinfo()); // smarty-display $this->tpl->display('smarty.main.tpl'); }
/** * read_defaults adds the default-values and last-used-value to the * given array * * @param array $options array to add default- and last-used-values */ public function read_defaults(&$element) { // get db-object $db = Db::newDb(); // get defaults // prepare sql $sql = "SELECT d.id,d.name\n\t\t\t\tFROM defaults AS d\n\t\t\t\tWHERE category='" . $this->get_category() . "'\n\t\t\t\tAND d.valid=1\t\t\n\t\t\t\tORDER BY d.name ASC"; // execute $result = $db->query($sql); // add first option $element->addOption('--', 0); // add default-optgroup $dOptgroup = $element->addOptgroup(parent::lang('class.Field#read_defaults#defaults#separator')); while (list($id, $name) = $result->fetch_array(MYSQL_NUM)) { // check name length $truncName = ''; if (strlen($name) > 30) { $truncName = substr($name, 0, 27) . '...'; } else { $truncName = $name; } // add options $dOptgroup->addOption($truncName, 'd' . $id, array('title' => $name)); } // get last-used // get authorized calendar-ids $ids = Rights::get_authorized_entries($this->get_table()); // prepare sql $sql = "SELECT v.id,v.table_id,v.value\n\t\t\t\tFROM value AS v,field AS f\n\t\t\t\tWHERE v.table_name='" . $this->get_table() . "'\n\t\t\t\tAND f.type='" . $this->get_type() . "'\n\t\t\t\tAND f.id=v.field_id\n\t\t\t\tORDER BY v.id DESC\n\t\t\t\tLIMIT 30"; // execute $result = $db->query($sql); // add last-optgroup $lOptgroup = $element->addOptgroup(parent::lang('class.Field#read_defaults#lastUsed#separator')); while (list($id, $table_id, $value) = $result->fetch_array(MYSQL_NUM)) { // check rights if (in_array((int) $table_id, $ids)) { // replace linebreak $value = str_replace(array("\r\n", "\r", "\n"), " ", $value); // check value length $truncValue = ''; if (strlen($value) > 30) { $truncValue = substr($value, 0, 27) . '...'; } else { $truncValue = $value; } // add options $lOptgroup->addOption($truncValue, 'l' . $id); } } }
/** * navi */ protected function navi($file) { // read php-files from / $filenames = array(); $dh = opendir($_SERVER['DOCUMENT_ROOT'] . '/' . $_SESSION['GC']->get_config('relative_path')); while ($entry = readdir($dh)) { // check if file, .php-extension and !test.php if (is_file($_SERVER['DOCUMENT_ROOT'] . '/' . $_SESSION['GC']->get_config('relative_path') . $entry) && substr($entry, -4) == '.php' && $entry != 'test.php') { $filenames[] = $entry; } } closedir($dh); // get class-names from filelist for ($i = 0; $i < count($filenames); $i++) { // only use files excluding "index.php" if ($filenames[$i] != 'index.php') { // remove extension and set naviitem $classname = ucfirst(substr($filenames[$i], 0, -4)) . 'View'; $navi = $classname::connectnavi(); // check if array if (!is_array($navi)) { $errno = $GLOBALS['Error']->error_raised('CannotGetNavi', 'class:' . $classname); $GLOBALS['Error']->handle_error($errno); } $naviitems[$navi['firstlevel']['position']] = $navi; } else { // set navi for index-page $navi = MainView::connectnavi(); // check if array if (!is_array($navi)) { $errno = $GLOBALS['Error']->error_raised('CannotGetNavi', 'class:MainView'); $GLOBALS['Error']->handle_error($errno); } $naviitems[$navi['firstlevel']['position']] = $navi; } } // firstlevel // get authorized navi-entries $navi_entries = Rights::get_authorized_entries('navi'); // prepare data for smarty $data = array(); // walk through $naviitems and build navi for ($i = 0; $i < count($naviitems); $i++) { // simplify $firstlevel = $naviitems[$i]['firstlevel']; // check rights if (!in_array(md5($firstlevel['class']), $navi_entries)) { continue; } // check visibility if ($firstlevel['show'] === false) { continue; } // set firstlevel // smarty $data[] = array('level' => 0, 'href' => $firstlevel['file'], 'title' => parent::lang('class.' . $firstlevel['class'] . '#connectnavi#firstlevel#name'), 'content' => parent::lang($firstlevel['name'])); // walk through secondlevel $secondlevel = $naviitems[$i]['secondlevel']; for ($j = 0; $j < count($secondlevel); $j++) { // check rights if (!in_array(md5($firstlevel['class'] . '|' . $secondlevel[$j]['getid']), $navi_entries)) { continue; } // check visibility if ($secondlevel[$j]['show'] === false) { continue; } // smarty $data[] = array('level' => 1, 'href' => $secondlevel[$j]['getid'] == 'login' && $this->get('id') != 'login' && $this->get('id') != 'logout' ? $firstlevel['file'] . '?id=' . $secondlevel[$j]['getid'] . '&r=' . base64_encode($_SERVER['REQUEST_URI']) : $firstlevel['file'] . '?id=' . $secondlevel[$j]['getid'], 'title' => parent::lang($secondlevel[$j]['name']), 'content' => parent::lang($secondlevel[$j]['name']), 'id' => $secondlevel[$j]['getid'], 'file' => $firstlevel['file']); } } // return return $data; }
/** * return_calendars returns an array containing all calendar-id the * user has rights to * * @return array array containing the calendar_ids the user has rights to */ public static function return_calendars() { // get ids $return = Rights::get_authorized_entries('calendar'); // return return $return; }
/** * return_protocol returns an array containing all protocols the * user has rights to * * @return array array containing the protocol_ids the user has rights to */ public static function return_protocols() { // get ids $return = Rights::get_authorized_entries('protocol'); // return return $return; }
/** * return_my_inventory returns an array containing all inventories the * user has rights to and movements are in progress * * @return array array containing the inventory_ids the user has rights to and has movements on it */ public static function return_my_inventories() { // prepare return $return = array(); // get ids $all = Rights::get_authorized_entries('inventory'); // get db-object $db = Db::newDb(); // check movements on each entry for ($i = 0; $i < count($all); $i++) { // get user_id and action $action = Inventory::movement_last_row($db, $all[$i], 'action'); $user_id = Inventory::movement_last_row($db, $all[$i], 'user_id', 3); // check action if ($action[0] == 'taken') { // check user_id if ($user_id[0] == $_SESSION['user']->userid() || $user_id[1] == $_SESSION['user']->userid() && $user_id[0] != $user_id[2]) { $return[] = $all[$i]; } } else { // check user_id if ($user_id[0] == $_SESSION['user']->userid() || $user_id[1] == $_SESSION['user']->userid()) { $return[] = $all[$i]; } } } // return return $return; }