Skip to content

Commit

Permalink
Fixed Import Survey
Browse files Browse the repository at this point in the history 
User right cannot be set higher as parent rights
Implemented "Edit Current User Group"

git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/phpsurveyor@2070 b72ed6b6-b9f8-46b5-92b4-906544132732
  • Loading branch information
Dennis committed Sep 18, 2006
1 parent 16a473b commit 6e8d88d
Show file tree
Hide file tree
Showing 3 changed files with 106 additions and 43 deletions.
121 changes: 83 additions & 38 deletions admin/html.php
View file
Expand Up @@ -657,7 +657,7 @@
}
}

if (($ugid && !$surveyid) || $action == "editusergroups" || $action == "addusergroup" || $action=="usergroupindb")
if (($ugid && !$surveyid) || $action == "editusergroups" || $action == "addusergroup" || $action=="usergroupindb" || $action == "editusergroup")
{
if($ugid)
{
Expand Down Expand Up @@ -1339,80 +1339,84 @@
{
$usersummary = "<table width='100%' border='0'>\n\t<tr><td colspan='8' bgcolor='black' align='center'>\n"
. "\t\t<strong>$setfont<font color='white'>"._("Set User Rights").": ".$_POST['user']."</td></tr>\n";

if($_SESSION['USER_RIGHT_CREATE_SURVEY']) {
$usersummary .= "\t\t<th align='center'>create survey</th>\n";
}
if($_SESSION['USER_RIGHT_CONFIGURATOR']) {
$usersummary .= "\t\t<th align='center'>configurator</th>\n";
}
if($_SESSION['USER_RIGHT_CREATE_USER']) {
$usersummary .= "\t\t<th align='center'>create user</th>\n";
}
if($_SESSION['USER_RIGHT_DELETE_USER']) {
$usersummary .= "\t\t<th align='center'>delete user</th>\n";
}
if($_SESSION['USER_RIGHT_MOVE_USER']) {
$usersummary .= "\t\t<th align='center'>move user</th>\n";
}
if($_SESSION['USER_RIGHT_MANAGE_TEMPLATE']) {
$usersummary .= "\t\t<th align='center'>manage template</th>\n";
}
if($_SESSION['USER_RIGHT_MANAGE_LABEL']) {
$usersummary .= "\t\t<th align='center'>manage label</th>\n";
}


foreach ($_SESSION['userlist'] as $usr)
{
{
if ($usr['uid'] == $_POST['uid'])
{
$squery = "SELECT create_survey, configurator, create_user, delete_user, move_user, manage_template, manage_label FROM {$dbprefix}users WHERE uid={$usr['parent_id']}"; // added by Dennis
$sresult = $connect->Execute($squery);
$parent = $sresult->FetchRow();

if($parent['create_survey']) {
$usersummary .= "\t\t<th align='center'>create survey</th>\n";
}
if($parent['configurator']) {
$usersummary .= "\t\t<th align='center'>configurator</th>\n";
}
if($parent['create_user']) {
$usersummary .= "\t\t<th align='center'>create user</th>\n";
}
if($parent['delete_user']) {
$usersummary .= "\t\t<th align='center'>delete user</th>\n";
}
if($parent['move_user']) {
$usersummary .= "\t\t<th align='center'>move user</th>\n";
}
if($parent['manage_template']) {
$usersummary .= "\t\t<th align='center'>manage template</th>\n";
}
if($parent['manage_label']) {
$usersummary .= "\t\t<th align='center'>manage label</th>\n";
}

$usersummary .="\t\t<th></th>\n\t</tr>\n"
."\t<tr><form method='post' action='$scriptname'></tr>"
."<form action='$scriptname' method='post'>\n";
//content
if($_SESSION['USER_RIGHT_CREATE_SURVEY']) {
if($parent['create_survey']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"create_survey\" value=\"create_survey\"";
if($usr['create_survey']) {
$usersummary .= " checked ";
}
$usersummary .="></td>\n";
}
if($_SESSION['USER_RIGHT_CONFIGURATOR']) {
if($parent['configurator']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"configurator\" value=\"configurator\"";
if($usr['configurator']) {
$usersummary .= " checked ";
}
$usersummary .="></td>\n";
}
if($_SESSION['USER_RIGHT_CREATE_USER']) {
if($parent['create_user']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"create_user\" value=\"create_user\"";
if($usr['create_user']) {
$usersummary .= " checked ";
}
$usersummary .="></td>\n";
}
if($_SESSION['USER_RIGHT_DELETE_USER']) {
if($parent['delete_user']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"delete_user\" value=\"delete_user\"";
if($usr['delete_user']) {
$usersummary .= " checked ";
}
$usersummary .="></td>\n";
}
if($_SESSION['USER_RIGHT_MOVE_USER']) {
if($parent['move_user']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"move_user\" value=\"move_user\"";
if($usr['move_user']) {
$usersummary .= " checked ";
}
$usersummary .="></td>\n";
}
if($_SESSION['USER_RIGHT_MANAGE_TEMPLATE']) {
if($parent['manage_template']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"manage_template\" value=\"manage_template\"";
if($usr['manage_template']) {
$usersummary .= " checked ";
}
$usersummary .="></td>\n";
}
if($_SESSION['USER_RIGHT_MANAGE_LABEL']) {
if($parent['manage_label']) {
$usersummary .= "\t\t<td align='center'><input type=\"checkbox\" name=\"manage_label\" value=\"manage_label\"";
if($usr['manage_label']) {
$usersummary .= " checked ";
Expand All @@ -1426,16 +1430,16 @@
."<input type='hidden' name='action' value='userrights'>"
."<input type='hidden' name='uid' value='{$_POST['uid']}'></td></tr>"
."</form>"
. "</table>\n";
. "</table>\n";
continue;
}
}
}
} // if
} // foreach
} // if
else
{
include("access_denied.php");
}
}
} // if

if($action == "setnewparents")
{
Expand Down Expand Up @@ -1631,7 +1635,32 @@
include("access_denied.php");
}
}


if ($action == "editusergroup")
{
$query = "SELECT * FROM ".db_table_name('user_groups')." WHERE ugid = ".$_GET['ugid']." AND creator_id = ".$_SESSION['loginID']." LIMIT 1";
$result = db_execute_assoc($query);
while ($esrow = $result->FetchRow())
{
$esrow = array_map('htmlspecialchars', $esrow);
$usersummary = "<form action='$scriptname' name='editusergroup' method='post'>"
. "<table width='100%' border='0'>\n\t<tr><td colspan='2' bgcolor='black' align='center'>\n"
. "\t\t<strong>$setfont<font color='white'>"._("Edit Group for Creator ID")."(".$_SESSION['loginID'].")</font></font></strong></td></tr>\n"
. "\t<tr>\n"
. "\t\t<td align='right' width='20%'>$setfont<strong>"._("Name:")."</strong></font></td>\n"
. "\t\t<td><input type='text' size='50' name='name' value=\"{$esrow['name']}\"></td></tr>\n"
. "\t<tr><td align='right'>$setfont<strong>"._("Description:")."</strong>(optional)</font></td>\n"
. "\t\t<td><textarea cols='50' rows='4' name='description'>{$esrow['description']}</textarea></td></tr>\n"
. "\t<tr><td colspan='2' align='center'><input type='submit' value='"._("Update User Group")."'>\n"
. "\t<input type='hidden' name='action' value='editusergroupindb'>\n"
. "\t<input type='hidden' name='creator_id' value='$creator_id'>\n"
. "\t<input type='hidden' name='ugid' value='$ugid'>\n"
. "\t</td></tr>\n"
. "</table>\n"
. "\t</form>\n";
}
}

if ($action == "delusergroup")
{
$usersummary = "<br /><strong>"._("Deleting User Group")."</strong><br />\n";
Expand Down Expand Up @@ -1699,7 +1728,23 @@
. "<br /><a href='$scriptname?action=addusergroup'>"._("Continue")."</a><br />&nbsp;\n";
}
}

if ($action == "editusergroupindb"){
$usersummary = "<br /><strong>"._("Edit User Group Successful!")."</strong><br />\n";
$ugid = $_POST['ugid'];
$name = $_POST['name'];
$description = $_POST['description'];

if(updateusergroup($name, $description, $ugid))
{
$usersummary .= "<br />"._("Name").": {$name}<br />\n";
$usersummary .= _("Description: ").$description."<br />\n";
$usersummary .= "<br /><a href='$scriptname?action=editusergroups&amp;ugid={$ugid}'>"._("Continue")."</a><br />&nbsp;\n";
}
else $usersummary .= "<br /><strong>"._("Failed to update!")."</strong><br />\n"
. "<br /><a href='$scriptname?action=editusergroups'>"._("Continue")."</a><br />&nbsp;\n";
}

if ($action == "editusergroups")
{
if(isset($_GET['ugid']))
Expand Down
19 changes: 14 additions & 5 deletions admin/importsurvey.php
View file
Expand Up @@ -308,11 +308,16 @@

// A regex could do alot better here but I am bad on that so I am using the simple way.
$insert=$tablearray[0];
$start = strpos(strtolower ($insert), 'values');
$start = strpos($insert, '(',$start)+1;
$end = strpos($insert, ',',$start);
$insert = substr($insert,0,$start).$newsid.substr($insert,$end,strlen($insert));

//$start = strpos(strtolower ($insert), 'values');
//$start = strpos($insert, '(',$start)+1;
//$end = strpos($insert, ',',$start);
//$insert = substr($insert,0,$start).$newsid.substr($insert,$end,strlen($insert));

$sfieldorders=convertToArray($insert, "`, `", "(`", "`)");
$sfieldcontents=convertToArray($insert, "', '", "('", "')");
$creator_id_pos=array_search("creator_id", $sfieldorders);
$creator_id=$sfieldcontents[$creator_id_pos];
$insert = str_replace("('$surveyid', '$creator_id',", "('$newsid', '{$_SESSION['loginID']}',", $insert);
$insert = str_replace("INTO surveys", "INTO {$dbprefix}surveys", $insert); //handle db prefix
$iresult = $connect->Execute($insert) or die("<br />"._("Import of this survey file failed")."<br />\n<font size='1'>[$insert]</font><hr>$tablearray[0]<br /><br />\n" . $connect->ErrorMsg() . "</body>\n</html>");

Expand Down Expand Up @@ -638,6 +643,10 @@
}
}

// DO SURVEY_RIGHTS
$isrquery = "INSERT INTO {$dbprefix}surveys_rights VALUES($newsid,".$_SESSION['loginID'].",1,1,1,1,1,1)";
$isrresult = $connect->Execute($isrquery) or die("<strong>"._("Error")."</strong> Failed to insert survey rights<br />\n$isrquery<br />\n".$connect->ErrorMsg()."</body>\n</html>");

echo "<br />\n<strong><font color='green'>"._("Success")."</font></strong><br />\n";
echo "<strong><u>"._("Survey Import Summary")."</u></strong><br />\n";
echo "<ul>\n\t<li>"._("Surveys").": $countsurveys</li>\n";
Expand Down
9 changes: 9 additions & 0 deletions common.php
View file
Expand Up @@ -2643,4 +2643,13 @@ function getusergrouplist()
//else {$selecter = "\t\t\t<option value='-1'>"._("None")."</option>\n".$selecter;}
return $selecter;
}

function updateusergroup($name, $description, $ugid)
{
global $dbprefix, $scriptname, $connect;

$uquery = "UPDATE ".db_table_name('user_groups')." SET name = '$name', description = '$description' WHERE ugid =$ugid";
// TODO
return $connect->Execute($uquery) or die($connect->ErrorMsg()) ;
}
?>

0 comments on commit 6e8d88d

Please sign in to comment.