示例#1
0
 public static function checkRights($page, $action, $token)
 {
     loadClass('status');
     loadClass('token');
     loadClass('action');
     loadClass('right');
     loadClass('customer');
     if (is_null($action)) {
         Functions::setResponse(400);
     }
     $pagename = str_replace('.php', '', basename($page));
     $actionName = $pagename . '-' . $action;
     $whereClause = 'name=:name';
     $params = array(array('id' => ':name', 'value' => $actionName));
     $result = Action::search($whereClause, $params);
     if (!count($result)) {
         echo 'Please update actions and rights!';
         Functions::setResponse(500);
     }
     $action = $result[0];
     define('LOGGED_OUT_STATUS', 'standard');
     $loggedOut = false;
     if (is_null($token) || strtolower($token) == 'none') {
         $loggedOut = true;
     } else {
         $whereClause = 'value=:value';
         $params = array(array('id' => ':value', 'value' => $token));
         $result = Token::search($whereClause, $params);
         if (!count($result)) {
             Functions::setResponse(498);
         } else {
             $token = $result[0];
             $customer = new Customer($token->get('customerId'));
             $status = new Status($customer->get('statusId'));
         }
     }
     if ($loggedOut) {
         $whereClause = 'name=:name';
         $params = array(array('id' => ':name', 'value' => LOGGED_OUT_STATUS));
         $result = Status::search($whereClause, $params);
         if (!count($result)) {
             Functions::setResponse(500);
         }
         $status = $result[0];
     }
     $whereClause = 'action_id=:action_id AND status_id=:status_id';
     $params = array(array('id' => ':action_id', 'value' => $action->get('id')), array('id' => ':status_id', 'value' => $status->get('id')));
     $result = Right::search($whereClause, $params);
     if (!count($result)) {
         Functions::setResponse(401);
     }
     if ($result[0]->get('right') == 'deny') {
         Functions::setResponse(401);
     }
 }
示例#2
0
function deleteDrink($id)
{
    if (is_null($id)) {
        Functions::setResponse(400);
    }
    try {
        $c = new Drink($id);
        $c->delete();
        return true;
    } catch (RuntimeException $e) {
        Functions::setResponse(404);
    }
}
示例#3
0
function deleteStatus($id)
{
    if (is_null($id)) {
        Functions::setResponse(400);
    }
    try {
        $s = new Status($id);
        $s->delete();
        return true;
    } catch (RuntimeException $e) {
        Functions::setResponse(404);
    }
}
示例#4
0
 public static function getSQLTableName($tableName)
 {
     $tables = array('action' => 'actions', 'customer' => 'customers', 'status' => 'status', 'drink' => 'drinks', 'entry' => 'entries', 'right' => 'rights', 'sell' => 'sells', 'token' => 'tokens', 'totalentries' => 'total_entries', 'totalsells' => 'total_sells', 'balance' => 'balances', 'effectiveright' => 'effective_rights', 'favdrink' => 'favdrinks');
     if (isset($tables[$tableName])) {
         return $tables[$tableName];
     } else {
         if (DEBUG) {
             echo 'Fatal error : Unable to load the table name for class ' . $className . ' !';
         }
         Functions::setResponse(500);
     }
     return;
 }
示例#5
0
 public static function reportSqlBugIfExists($errorArray)
 {
     if ($errorArray[0] == '0000') {
         return;
     }
     $message = 'SQL_STATE : ' . $errorArray[0] . "\n<br />";
     $message .= 'Error code : ' . $errorArray[1] . "\n<br />\n<br />";
     $message .= $errorArray[2];
     if (DEBUG) {
         echo $message;
     }
     Functions::setResponse(500);
 }
示例#6
0
function getCustomerHistory($id)
{
    if (is_null($id)) {
        Functions::setResponse(400);
    }
    try {
        $c = new Customer($id);
        $whereClause = 'customer_id = :cid';
        $params = array(array('id' => ':cid', 'value' => $id, 'type' => PDO::PARAM_INT));
        return Entry::search($whereClause, $params);
    } catch (RuntimeException $e) {
        if (!isset($c)) {
            Functions::setResponse(404);
        }
    }
}
示例#7
0
function searchRight($actionId, $statusId)
{
    if (is_null($actionId) || is_null($statusId)) {
        Functions::setResponse(400);
    }
    $whereClause = 'action_id=:action_id AND status_id=:status_id';
    $params = array(array('id' => ':action_id', 'value' => $actionId), array('id' => ':status_id', 'value' => $statusId));
    $result = Right::search($whereClause, $params);
    if (!count($result)) {
        Functions::setResponse(404);
    }
    return $result[0];
}
示例#8
0
function getFavDrink($id)
{
    if (is_null($id)) {
        Functions::setResponse(400);
    }
    $whereClause = 'customer_id = :cid';
    $params = array(array('id' => ':cid', 'value' => $cid));
    $result = FavDrink::search($whereClause, $params);
    return count($result) ? $result[0] : null;
}
示例#9
0
loadClass('right');
loadClass('action');
loadClass('status');
/* Load SQL Views */
/* <controller> */
/* <functions> */
if (isset($_GET['name'], $_GET['checked'])) {
    $name = explode('-', $_GET['name']);
    $right = $_GET['checked'] == 'true' ? 'allow' : 'deny';
    $st = $name[1];
    $ac = $name[3];
    $whereClause = 'action_id = :ac AND status_id = :st';
    $params = array(array('id' => ':ac', 'value' => $ac), array('id' => ':st', 'value' => $st));
    $result = Right::search($whereClause, $params);
    if (!count($result)) {
        Functions::setResponse(404);
    }
    $ri = $result[0];
    $ri->set('right', $right);
    $ri->save();
}
$rights = Right::searchForAll();
$actions = Action::searchForAll();
$status = Status::searchForAll();
$aArr = array();
$sArr = array();
$rArr = array();
foreach ($actions as $a) {
    $aArr[$a->get('id')] = $a->get('name');
    $rArr[$a->get('id')] = array();
}