forked from udsaxman/Sapphirev2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
TDSInEditAccess.php
120 lines (88 loc) · 4.49 KB
/
TDSInEditAccess.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
session_start();
include('header.html');
?>
<!-- InstanceBeginEditable name="content" -->
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<form action="processAccess.php"
method="post">
<fieldset>
<legend>Access</legend>
<?php
include 'connection.php';
include 'functions.php';
$powerRequired = 100;
$powerRequired = CheckAccess('edit_access');
if (isset($_SESSION["userName"]) && $_SESSION["userName"] != "") {
$theName = $_SESSION["userName"];
if (isset($_SESSION["power"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted($theName);
} else {
AccessDenied();
}
} else {
AccessDenied();
}
}
function AccessGranted($adminName)
{
global $mysqli;
$sql = "Select
access_id, access_page, access_power
From
Access";
$result = $mysqli->query($sql);
while ($row = $result->fetch_array(MYSQLI_BOTH)) {
$AccessLevels[] = $row;
}
$result->free();
echo "<input type ='text' readonly='readonly' name ='warning' size='70' value ='Be Careful with how you set these values or people might complain!!!' />";
echo "<br />";
echo "<br />";
echo "<br />";
echo "<label>Your Username:</label>";
echo $adminName;
echo "<br />";
echo "<br />";
echo "<table class='Display' border=''>";
echo "<tr>";
echo "<th>Page</th>";
echo "<th>Current Power</th>";
echo "<th>New Power</th>";
echo "</tr>";
//$accessCount = count($AccessLevels["access_id"]);
foreach($AccessLevels as $access){
echo "<tr>";
echo "<td>" . $access['access_page'] . "</td>";
echo "<td>" . $access['access_power'] . "</td>";
echo "<input type='hidden' name='newPower[".$access['access_id']."][id]' value ='".$access['access_id']."'/></td>";
//create an array of access values - way easier than counting stuff
echo "<td><input type ='text' name ='newPower[".$access['access_id']."][power]' value ='" . $access['access_power'] . "' /></td>";
echo "</tr>";
}
echo "</table>";
echo "<br />";
echo "<br />";
echo "<input type = 'submit' value = 'Submit Changes' />";
}
function AccessDenied()
{
echo "You are not allowed to view this page";
}
?>
</fieldset>
</form>
</div>
<!-- InstanceEndEditable -->
<?php include('footer.html'); ?>
</DIV>
</td>
</tr>
</table>
</body>
<!-- InstanceEnd --></html>