IQM: comparison fhiiqm/recht

equal deleted inserted replaced

-:1ed6fbdf4237
+:3ebe66308a00
+<?php
+/**
+* @author Bettina Schwarzer, Fritz-Haber-Institut
+* @copyright 10/2011
+*
+* INSERT/UPDATE/DELETE Rechte
+*/
+error_reporting(E_ALL ^ E_NOTICE);
+session_start();
+if (! isset($_SESSION["userid"]))
+{
+include_once ("inc/func_lib.inc.php");
+login($_SERVER["PHP_SELF"]);
+exit;
+}
+if (is_null($_SESSION["recht"]) || (!is_null($_SESSION["recht"]) && !in_array("rte",$_SESSION["recht"]) && !in_array("rtr",$_SESSION["recht"])))
+{
+header("Location: start.php");
+exit;
+}
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
+<link type="text/css" href="/fhiiqm/css/db.css" rel="Stylesheet" />
+<link type="text/css" href="/fhiiqm/css/jquery/ui-lightness/jquery-ui-1.8.16.custom.css" rel="Stylesheet" />
+<script type="text/javascript" src="/fhiiqm/js/jquery/jquery-1.6.2.min.js"></script>
+<script type="text/javascript" src="/fhiiqm/js/jquery/jquery-ui-1.8.16.custom.min.js"></script>
+	<title>Nutzer &amp; Rechte</title>
+</head>
+<body>
+<script>
+$(document).ready(function() {
+$("#persknr").focus();
+$("#persknr").autocomplete({
+source: "/fhiiqm/inc/ma_list_ac.inc.php",
+			minLength: 2,
+select: function(event,ui){$("#pid").val(ui.item.id);}
+		});
+$("input").filter("long20").addClass("long20");
+});
+</script>
+<?php
+echo "&nbsp;";
+echo "<div class=\"float-br smaller\" valign='top'>";
+echo "&nbsp;&nbsp;&nbsp;user: " . $_SESSION["userid"];
+echo "&nbsp;&nbsp;&nbsp;<a class='sc' href='/fhiiqm/logout.php' title='Session beenden'>logout</a></div>\n";
+echo "<div class=\"float-r\"><img src=\"img/user_go.png\" border=\"0\" alt=\"User, Rechte eingeben\" title=\"User, Rechte eingeben\"/></div>\n";
+	include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php");
+	if (!isset($dbc) || !$dbc) $dbc = new dbconnection();
+	$pget   = $_GET["pid"];
+$ok     = $_POST["ok"];
+	$ins	= $_POST["ins"];
+	$del	= $_POST["del"];
+$rt     = $_POST["rt"];
+if (!$rt['okn']) $ok=false;
+// print_r($rt); echo "$ins, $del<br />";
+if (!$ok || (!$ins && !$del))
+{
+if ($pget && !$ins && !$del)
+{
+// Daten zu Mitarbeiter bereitstellen
+$rt["pid"] = $pget;
+$sql = "SELECT userid FROM fhiiqm.userweb WHERE persknr = $pget";
+if ($userid = $dbc->querySingleItem($sql))
+{
+$rt["userid"] = $userid;
+$sql = "SELECT CONCAT (nachname, ', ',vorname) AS ma FROM fhiiqm.Mitarbeiter WHERE persknr = $pget";
+if ($result = $dbc -> queryObjectArray($sql))
+foreach ($result as $row)
+$rt["pers"] = $row->ma;
+$sql = "SELECT recht_ID FROM fhiiqm.user_recht WHERE userid = '$userid'";
+if ($resr = $dbc -> queryObjectArray($sql))
+foreach ($resr as $row)
+$rt["recht"][] = $row->recht_ID;
+$sql = "SELECT prod_group_ID FROM fhiiqm.user_prodgroup WHERE userid = '$userid'";
+if ($resg = $dbc -> queryObjectArray($sql))
+foreach ($resg as $row)
+$rt["prodg"][] = $row->prod_group_ID;
+}
+}
+include_once("form/recht_form.inc.php");
+if ($ins || $del)
+		{
+		  	if ($ins) $frage = "Alle Angaben ok?"; else $frage = "Nutzer und seine Rechte wirklich löschen?";
+			echo "<tr>
+			  <td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
+			        <td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
+			        if ($ok)  echo "checked";
+			echo "></td>\n</tr>\n";
+		}
+if (!is_null($_SESSION["recht"]) && in_array("rte", $_SESSION["recht"]))
+{
+		if ($pget || $rt["pget"]) $sub = "&auml;ndern"; else $sub = "eingeben";
+echo "<tr>\n";
+		echo "
+		  <td>&nbsp;</td>
+		  <td><input class=\"button\" type=\"submit\" value=\"$sub\" name=\"ins\" title=\"$sub\" />";
+if ($pget || $rt["pget"])
+echo "&nbsp;&nbsp;&nbsp;<input class=\"button\" type=\"submit\" value=\"l&ouml;schen\" name=\"del\" title=\"delete\" />";
+echo  "</td>\n";;
+		echo "</tr>\n";
+}
+echo "</table>\n";
+echo "</div>\n";
+if (!is_null($_SESSION["recht"]) && !in_array("rte", $_SESSION["recht"]))
+echo "<p>&nbsp;&nbsp;&nbsp;<a href=\"recht_list.php\" target=\"_self\" title=\"Nutzerliste\">&laquo; zur Nutzerliste</a></p>\n";
+echo "</form>\n";
+}
+elseif ($ok && ($ins || $del))
+{
+echo "<div align='center'>\n";
+//daten speichern
+if ($ins == "eingeben")
+{
+// pruefen, ob userid schon existiert
+$sql = "SELECT persknr, userid FROM fhiiqm.userweb WHERE userid = '" . $rt["userid"] . "'";
+if ($result = $dbc ->queryObjectArray($sql))
+{
+foreach ($result as $row)
+{
+echo "<p class='red'>User-ID <b>" . $rt["userid"] ."</b> ist schon vorhanden!</p>";
+$erruid = 1;
+}
+}
+}
+else
+{
+// alte Rechte loeschen
+$sql = "DELETE FROM fhiiqm.user_recht WHERE userid ='" . $rt["userid"] . "'";
+$resr = $dbc -> execute($sql);
+$sql = "DELETE FROM fhiiqm.user_prodgroup WHERE userid ='" . $rt["userid"] . "'";
+$resp = $dbc -> execute($sql);
+if (!$resr || !$resp) $erruid = 1;
+}
+if ($del)
+{
+// User loeschen
+$sql = "DELETE FROM fhiiqm.userweb WHERE userid ='" . $rt["userid"] . "'";
+$res = $dbc -> execute($sql);
+if ($res)
+echo "<p class='green'><b>User-ID '".$rt["userid"]."' und zugeordete Rechte wurden gel&ouml;scht.</b></p>\n";
+else
+echo "<p class='red'><b>L&ouml;schen von User-ID '".$rt["userid"]."' und zugeordeter Rechte ist fehlgeschlagen.</b></p>\n";
+$erruid = 1;    //
+}
+if (!$erruid)
+{   // Rechte speichern
+$stmt = $dbc -> stmtinit();
+if (is_object($stmt))
+{
+$result = 1;
+if ($ins == "eingeben")
+{
+$stmt -> prepare("INSERT INTO fhiiqm.userweb (persknr, userid) VALUES (?,?)");
+$stmt -> bind_param('is',$rt["pid"],$rt["userid"]);
+$result = $stmt -> execute();
+if ($stmt->error) echo "error userweb: " . $stmt->errno." -> ".$stmt->error . "<br><br>\n";
+$stmt -> reset();
+}
+if ($result)
+{
+$resr = 1;
+if (is_array($rt["recht"]) && !is_null($rt["recht"]))
+{
+$stmt -> prepare("INSERT INTO fhiiqm.user_recht (userid,recht_ID) VALUES (?,?)");
+foreach ($rt["recht"] as $re)
+{
+$stmt -> bind_param('ss',$rt["userid"],$re);
+$resr = $stmt -> execute();
+}
+$stmt -> reset();
+}
+if ($stmt->error) echo "error user_recht: " . $stmt->errno." -> ".$stmt->error . "<br><br>\n";
+$resp = 1;
+if (is_array($rt["prodg"]) && !is_null($rt["prodg"]))
+{
+echo "userid = " . $rt["userid"] . "<br />";
+$stmt -> prepare("INSERT INTO fhiiqm.user_prodgroup (userid,prod_group_ID) VALUES (?,?)");
+foreach ($rt["prodg"] as $re)
+{
+$stmt -> bind_param('ss',$rt["userid"],$re);
+$resp = $stmt -> execute();
+}
+}
+if ($stmt->error) echo "error user_prodgroup: " . $stmt->errno." -> ".$stmt->error . "<br><br>\n";
+}
+$stmt -> close();
+}
+if ($result && $resr && $resp)
+echo "<p class='green'><b>User-ID '".$rt["userid"]."' und zugeordete Rechte wurden erfolgreich gespeichert.</b></p>\n";
+else
+echo "<p class='red'><b>Speichern von User-ID '".$rt["userid"]."' und zugeordeter Rechte war nicht erfolgreich.</b></p>\n";
+}
+$dbc -> close();
+echo "</div>\n";
+echo "<p>&nbsp;&nbsp;&nbsp;<a href=\"".$_SERVER["PHP_SELF"]."\" target=\"_self\" title=\"Rechte erfassen\">Weiteren User & Rechte erfassen</a></p>\n";
+echo "<p>&nbsp;&nbsp;&nbsp;<a href='/fhiiqm/recht_list.php' title='Nutzerliste'>zur Nutzerliste</a></p>";
+}
+?>
+</body>
+</html>

changeset 16	3ebe66308a00
child 17	f990704af47b