Login   Register  
PHP Classes
elePHPant
Icontem

File: phpsecureweb/groupsModify.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Bulent Tezcan  >  phpsecureweb  >  phpsecureweb/groupsModify.php  >  Download  
File: phpsecureweb/groupsModify.php
Role: Application script
Content type: text/plain
Description: deals with groups modifications
Class: phpsecureweb
Allow users certain rights, login with password.
Author: By
Last change:
Date: 12 years ago
Size: 2,452 bytes
 

Contents

Class file image Download
<?php
    
/*
    * @author Bulent Tezcan. bulent@greenpepper.ca
    */

    
require_once "Security.class.php";

    require_once 
"Groups.class.php";

    
session_start();

    
$Groups = new Groups();
    
$mySecurity = new Security( );
    
    
#
    # This should be added in every script. Ofcourse the action name
    # will be different for each script.
    #
    
if ($mySecurity-> isNotAllowedTo('Modify Group') and
            
$mySecurity-> isNotAllowedTo('View Group') and
            
$mySecurity-> isNotAllowedTo('Add Group') and
            
$mySecurity-> isNotAllowedTo('Delete Group'))
    {
        if (
$mySecurity-> isAllowedTo('Show Admin Menu'))
            
$mySecurity-> GotoThisPage"adminmenu.php" );
        else
            
$mySecurity-> GotoThisPage"login.php" );
    }

    
ob_start( );

    
#
    # If the user manually enters some groupid, we should check if it does exist
    # originally in their database query......
    #
    
if (!array_key_exists $_GET['groupId'], 
                                                    
$_SESSION['groups_read_from_table']))
    {
        
$mySecurity-> GotoThisPage"bogus.php" );
    }

    include 
"header.inc.php";
    
    
$FormElements $_POST['form_GroupsForm'];

    if (
$FormElements["B_clear"])
        unset (
$FormElements);

    if (
$_GET['mode'] == 'edit')
    {
        if (
$mySecurity-> isAllowedTo('Modify Group'))
        {
            
# we can modify the Group name
            
if ($FormElements["B_submit"])
            {
                if (
$Groups-> UpdateGroup($FormElements,$_GET['groupId']))
                    
$mySecurity-> GotoThisPage"groups.php" );
            }
        }
        else
            
$mySecurity-> GotoNotAuthorized( );
    }
    elseif (
$_GET['mode'] == 'delete')
    {
        if (
$mySecurity-> isAllowedTo('Delete Group'))
        {
            
# we can delete the Group
            
if ($FormElements["B_submit"])
            {
                if (
$Groups-> DeleteGroup($_GET['groupId']))
                    
$mySecurity-> GotoThisPage"groups.php" );
            }
        }
        else
            
$mySecurity-> GotoNotAuthorized( );
    }
    else
    {
        
$mySecurity-> GotoThisPage"adminmenu.php" );
    }
    
    if (
$FormElements["B_cancel"])
    {
        
$mySecurity-> GotoThisPage"groups.php" );
    }

    if (!
is_array($FormElements))
    {
        
$ObjectResult $Groups-> GetGroup($_GET['groupId']);

        
$FormElements['groupname'] = $ObjectResult->fields("groupname");
        
$FormElements['groupId'] = $ObjectResult->fields("groupid");
        
$FormElements['hierarchy'] = $ObjectResult->fields("hierarchy");
    }

    echo 
$Groups->SendGroupsForm($FormElements,$_GET['mode']);

    
    include 
"donate.inc.php";

    include 
"footer.inc.php";

    
ob_end_flush( );

    return 
true;
?>