Legend:
- Unmodified
- Added
- Removed
-
base.php
r17 r18 5 5 global $Database, $Types, $Config; 6 6 7 //if(!CheckPermission('Read', $List['Id'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 7 if(!CheckPermission('Read', $List['ItemId'])) 8 { 9 if($Column != '') return(''); 10 else return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 11 } 8 12 9 13 if($Title == '') $Output = '<div>'.$List['Title'].'</div>'; … … 33 37 if(array_key_exists('OrderColumn', $_GET)) 34 38 { 35 if($_SESSION['OrderColumn'] == $_GET['OrderColumn']) // Same column => reverse orde d39 if($_SESSION['OrderColumn'] == $_GET['OrderColumn']) // Same column => reverse order 36 40 $_SESSION['OrderDirection'] = ($_SESSION['OrderDirection'] + 1) % 2; 37 41 if($_SESSION['OrderTable'] != $List['TableName']) // Different table => set ascending order … … 65 69 } 66 70 } 67 $Output .= '<td><a href="?Action=ViewItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'"><img border="0" src="images/view.png" alt="Zobrazit" title="Zobrazit"></a> <a href="?Action=EditItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'"><img border="0" src="images/edit.png" alt="Editovat" title="Editovat"></a> <a href="?Action=DeleteItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'"><img border="0" src="images/delete.png" alt="Smazat" title="Smazat"></a></td></tr>'; 71 $Output .= '<td>'; 72 if(CheckPermission('Read', $List['ItemId'])) $Output .= '<a href="?Action=ViewItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'"><img border="0" src="images/view.png" alt="Zobrazit" title="Zobrazit"></a>'; 73 if(CheckPermission('Write', $List['ItemId'])) $Output .= ' <a href="?Action=EditItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'"><img border="0" src="images/edit.png" alt="Editovat" title="Editovat"></a>'; 74 if(CheckPermission('Write', $List['ItemId'])) $Output .= ' <a href="?Action=DeleteItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'"><img border="0" src="images/delete.png" alt="Smazat" title="Smazat"></a>'; 75 $Output .= '</td></tr>'; 68 76 } 69 77 $Output .= '</table>'; 70 78 $PageList = PagesList($Page, $TotalItemCount); 71 79 if(strlen($PageList) != 0) $Output .= $PageList.'<br />'; 72 $Output .= ' <a href="?Action=AddItem&Table='.$List['TableName'].$ColumnSelection.'">Přidat</a> '.$FullListLink;80 if(CheckPermission('Write', $List['ItemId'])) $Output .= ' <a href="?Action=AddItem&Table='.$List['TableName'].$ColumnSelection.'">Přidat</a> '.$FullListLink; 73 81 return($Output); 74 82 } … … 86 94 $Output .= '<th><a href="?OrderColumn='.$Item['Name'].'">'.$Item['TextBefore'].'</a></th>'; 87 95 } 88 $Output .= '<th><a href="?OrderColumn=Author">Autor</a></th><th><a href="?OrderColumn=CreationTime">Čas vytvoření</a></th><th> Akce</th></tr>';96 $Output .= '<th><a href="?OrderColumn=Author">Autor</a></th><th><a href="?OrderColumn=CreationTime">Čas vytvoření</a></th><th><a href="?OrderColumn=CreationTime">Čas odstranění</a></th><th>Akce</th></tr>'; 89 97 90 98 $Where = ' AND (ItemId='.$Id.')'; … … 127 135 } 128 136 } 129 echo($TypeNames['PointerOneToUser']); 130 $Item = array('Name' => 'Author', 'Type' => $TypeNames['PointerOneToUser']); 137 //print_r($TypeNames); 138 //print_r($Types); 139 $Item = array('Name' => 'Author', 'Type' => $TypeNames['PointerToUser']); 140 //print_r($Item); 131 141 $ItemType = explode('|', $Types[$Item['Type']]['Parameters']); 132 142 $Type = $Types[$ItemType[0]]; … … 136 146 $Output .= '<td>'.$Value.'</td>'; 137 147 138 $Output .= '<td>'.$DbRow['CreationTime'].'</td> ';148 $Output .= '<td>'.$DbRow['CreationTime'].'</td><td>'.$DbRow['DeletionTime'].'</td>'; 139 149 $Output .= '<td><a href="?Action=ViewItem&Table='.$List['TableName'].'&Item='.$DbRow['Id'].'"><img border="0" src="images/view.png" alt="Zobrazit" title="Zobrazit"></a></td></tr>'; 140 150 } … … 149 159 global $Database, $Types; 150 160 161 if(!CheckPermission('Write', $List['ItemId'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 151 162 $DbResult = $Database->select($List['TableName'], '*', 'ItemId='.$Id.' ORDER BY Id DESC LIMIT 1'); 152 163 while($DbRow = $DbResult->fetch_array()) … … 184 195 global $Database, $Types, $System, $LogActionType; 185 196 197 if(!CheckPermission('Write', $List['ItemId'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 186 198 $DbResult = $Database->select($List['TableName'], '*', 'ItemId='.$Id.' ORDER BY Id DESC LIMIT 1'); 187 199 while($DbRow = $DbResult->fetch_array()) … … 220 232 global $Database, $Types; 221 233 234 if(!CheckPermission('Write', $List['ItemId'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 222 235 $DefinitionItems = array(); 223 236 $AfterTableOutput = ''; … … 260 273 global $Database, $Types, $System, $LogActionType; 261 274 275 if(!CheckPermission('Write', $List['ItemId'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 262 276 $DefinitionItems = array(); 263 277 $AfterTableOutput = ''; … … 298 312 global $Database, $Types, $Lists; 299 313 314 if(!CheckPermission('Read', $List['ItemId'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 300 315 $Output = ''; 301 316 $DbResult = $Database->select($List['TableName'], '*', 'ItemId='.$Id.' ORDER BY Id DESC LIMIT 1'); … … 317 332 ); 318 333 $Output .= $Form->ShowReadOnlyForm(); 319 $Output .= '<a href="?Action=EditItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'">Editovat</a> ';334 if(CheckPermission('Write', $List['ItemId'])) $Output .= '<a href="?Action=EditItem&Table='.$List['TableName'].'&Item='.$DbRow['ItemId'].'">Editovat</a> '; 320 335 321 336 if(($Column != '') and ($ColumnValue != 0)) … … 344 359 global $Database, $Lists, $System, $LogActionType; 345 360 361 if(!CheckPermission('Write', $List['ItemId'])) return(SystemMessage('Řízení přístupu', 'Nemáte dostatečná oprávnění')); 346 362 $System->Modules['Log']->Add($List['Id'], $Id, $LogActionType['Delete']); 347 363 $System->Modules['DatabaseList']->DeleteItem($List['TableName'], $Id); … … 359 375 while($DbRow = $DbResult->fetch_assoc()) 360 376 { 361 $ Output .= '<strong>'.$DbRow['Name'].'</strong><br />';377 $Group = ''; 362 378 $DbResult2 = $Database->query('SELECT t1.* FROM `SystemList` AS t1 LEFT JOIN `SystemList` AS t2 ON t1.ItemId=t2.ItemId AND t1.Id < t2.Id WHERE (t2.ItemId IS NULL) AND (t1.DeletionTime IS NULL) AND (t1.`Menu` = '.$DbRow['ItemId'].')'); 363 379 while($DbRow2 = $DbResult2->fetch_assoc()) 364 380 { 365 //if(($List['System'] == $System) and ($List['VisibleInMenu'] == 1))366 //if(CheckPermission('Read', $List['Id']))367 $Output .= '<a href="?Action=ShowList&Table='.$DbRow2['TableName'].'">'.$DbRow2['Title'].'</a><br />';368 }369 $Output .='<br />';381 if(CheckPermission('Read', $DbRow2['ItemId'])) 382 $Group .= '<a href="?Action=ShowList&Table='.$DbRow2['TableName'].'">'.$DbRow2['Title'].'</a><br />'; 383 } 384 if($Group != '') 385 $Output .= '<strong>'.$DbRow['Name'].'</strong><br />'.$Group.'<br />'; 370 386 } 371 387 $Output .= '<br />'; … … 440 456 $List = array( 441 457 'Id' => $DbRow['Id'], 458 'ItemId' => $DbRow['ItemId'], 442 459 'TableName' => $DbRow['TableName'], 443 460 'Title' => $DbRow['Title'], 444 'System' => $DbRow['System'],445 'VisibleInMenu' => $DbRow['VisibleInMenu'],446 461 'Items' => $Items, 447 462 ); … … 513 528 global $Database, $System; 514 529 515 $DbResult = $Database->query('SELECT t1.* FROM `Permission` AS t1 LEFT JOIN `Permission` AS t2 ON t1.ItemId=t2.ItemId AND t1.Id < t2.Id WHERE (t2.ItemId IS NULL) AND t1.PermissionGroup = (SELECT PermissionGroup.Id FROM PermissionGroup WHERE PermissionGroup.Id=(SELECT User.PermissionGroup FROM User WHERE User.ItemId='.$System->Modules['User']->User['Id'].' ORDER BY User.Id DESC LIMIT 1) ORDER BY PermissionGroup.Id DESC LIMIT 1) AND t1.DeletionTime IS NULL AND t1.List='.$ListId); 530 $Result = FALSE; 531 //return(TRUE); 532 $DbResult = $Database->query('SELECT t1.* FROM `Permission` AS t1 LEFT JOIN `Permission` AS t2 ON t1.ItemId=t2.ItemId AND t1.Id < t2.Id WHERE (t2.ItemId IS NULL) AND t1.PermissionGroup = (SELECT PermissionGroup.Id FROM PermissionGroup WHERE PermissionGroup.Id=(SELECT User.PermissionGroup FROM User WHERE User.ItemId='.$System->Modules['User']->User['ItemId'].' ORDER BY User.Id DESC LIMIT 1) ORDER BY PermissionGroup.Id DESC LIMIT 1) AND t1.DeletionTime IS NULL AND t1.List='.$ListId); 516 533 if($DbResult->num_rows > 0) 517 534 { … … 519 536 switch($DbRow['Right']) 520 537 { 521 case 0: return(array('Read' => FALSE, 'Write' => FALSE)); 522 case 1: return(array('Read' => TRUE, 'Write' => FALSE)); 523 case 2: return(array('Read' => TRUE, 'Write' => TRUE)); 524 } 525 } 538 case 0: $Privileges = array('Read' => FALSE, 'Write' => FALSE); break; 539 case 1: $Privileges = array('Read' => TRUE, 'Write' => FALSE); break; 540 case 2: $Privileges = array('Read' => TRUE, 'Write' => TRUE); break; 541 } 542 $Result = $Privileges[$Right]; 543 } 544 //print_r($Privileges); 545 //echo($DbRow['Right'].' '.$Result.'<br>'); 546 return($Result); 526 547 } 527 548
Note:
See TracChangeset
for help on using the changeset viewer.