PHP Classes

File: phpsecureweb/groupsModify.php

Recommend this page to a friend!
  Classes of Bulent Tezcan   phpsecureweb   phpsecureweb/groupsModify.php   Download  
File: phpsecureweb/groupsModify.php
Role: Application script
Content type: text/plain
Description: deals with groups modifications
Class: phpsecureweb
Allow users certain rights, login with password.
Author: By
Last change:
Date: 22 years ago
Size: 2,452 bytes
 

Contents

Class file image Download
<?php
    /*
    * @author Bulent Tezcan. [email protected]
    */

    require_once "Security.class.php";

    require_once "Groups.class.php";

    session_start();

    $Groups = new Groups();
    $mySecurity = new Security( );
   
    #
    # This should be added in every script. Ofcourse the action name
    # will be different for each script.
    #
    if ($mySecurity-> isNotAllowedTo('Modify Group') and
            $mySecurity-> isNotAllowedTo('View Group') and
            $mySecurity-> isNotAllowedTo('Add Group') and
            $mySecurity-> isNotAllowedTo('Delete Group'))
    {
        if ($mySecurity-> isAllowedTo('Show Admin Menu'))
            $mySecurity-> GotoThisPage( "adminmenu.php" );
        else
            $mySecurity-> GotoThisPage( "login.php" );
    }

    ob_start( );

    #
    # If the user manually enters some groupid, we should check if it does exist
    # originally in their database query......
    #
    if (!array_key_exists ( $_GET['groupId'],
                                                    $_SESSION['groups_read_from_table']))
    {
        $mySecurity-> GotoThisPage( "bogus.php" );
    }

    include "header.inc.php";
   
    $FormElements = $_POST['form_GroupsForm'];

    if ($FormElements["B_clear"])
        unset ($FormElements);

    if ($_GET['mode'] == 'edit')
    {
        if ($mySecurity-> isAllowedTo('Modify Group'))
        {
            # we can modify the Group name
            if ($FormElements["B_submit"])
            {
                if ($Groups-> UpdateGroup($FormElements,$_GET['groupId']))
                    $mySecurity-> GotoThisPage( "groups.php" );
            }
        }
        else
            $mySecurity-> GotoNotAuthorized( );
    }
    elseif ($_GET['mode'] == 'delete')
    {
        if ($mySecurity-> isAllowedTo('Delete Group'))
        {
            # we can delete the Group
            if ($FormElements["B_submit"])
            {
                if ($Groups-> DeleteGroup($_GET['groupId']))
                    $mySecurity-> GotoThisPage( "groups.php" );
            }
        }
        else
            $mySecurity-> GotoNotAuthorized( );
    }
    else
    {
        $mySecurity-> GotoThisPage( "adminmenu.php" );
    }
   
    if ($FormElements["B_cancel"])
    {
        $mySecurity-> GotoThisPage( "groups.php" );
    }

    if (!is_array($FormElements))
    {
        $ObjectResult = $Groups-> GetGroup($_GET['groupId']);

        $FormElements['groupname'] = $ObjectResult->fields("groupname");
        $FormElements['groupId'] = $ObjectResult->fields("groupid");
        $FormElements['hierarchy'] = $ObjectResult->fields("hierarchy");
    }

    echo $Groups->SendGroupsForm($FormElements,$_GET['mode']);

   
    include "donate.inc.php";

    include "footer.inc.php";

    ob_end_flush( );

    return true;
?>