FishEye: file osCommerce/branches/hpdl/oscommerce/admin/includes/applications/administrators/classes/administrators.php

Annotated File View

hpdl	1200	1	<?php
		2	/*
		3	$Id: $
		4
		5	osCommerce, Open Source E-Commerce Solutions
		6	http://www.oscommerce.com
		7
hpdl	1295	8	Copyright (c) 2007 osCommerce
hpdl	1200	9
		10	Released under the GNU General Public License
		11	*/
		12
		13	define('OSC_ADMINISTRATORS_ACCESS_MODE_ADD', 'add');
		14	define('OSC_ADMINISTRATORS_ACCESS_MODE_SET', 'set');
		15	define('OSC_ADMINISTRATORS_ACCESS_MODE_REMOVE', 'remove');
		16
		17	class osC_Administrators_Admin {
		18	function getData($id) {
		19	global $osC_Database;
		20
		21	$Qadmin = $osC_Database->query('select id, user_name from :table_administrators where id = :id');
		22	$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
		23	$Qadmin->bindInt(':id', $id);
		24	$Qadmin->execute();
		25
		26	$modules = array( 'access_modules' => array() );
		27
		28	$Qaccess = $osC_Database->query('select module from :table_administrators_access where administrators_id = :administrators_id');
		29	$Qaccess->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		30	$Qaccess->bindInt(':administrators_id', $id);
		31	$Qaccess->execute();
		32
		33	while ( $Qaccess->next() ) {
		34	$modules['access_modules'][] = $Qaccess->value('module');
		35	}
		36
		37	$data = array_merge($Qadmin->toArray(), $modules);
		38
		39	unset($modules);
		40	$Qaccess->freeResult();
		41	$Qadmin->freeResult();
		42
		43	return $data;
		44	}
		45
		46	function save($id = null, $data, $modules = null) {
		47	global $osC_Database;
		48
		49	$error = false;
		50
		51	$Qcheck = $osC_Database->query('select id from :table_administrators where user_name = :user_name');
		52
		53	if ( is_numeric($id) ) {
		54	$Qcheck->appendQuery('and id != :id');
		55	$Qcheck->bindInt(':id', $id);
		56	}
		57
		58	$Qcheck->appendQuery('limit 1');
		59	$Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
		60	$Qcheck->bindValue(':user_name', $data['username']);
		61	$Qcheck->execute();
		62
		63	if ($Qcheck->numberOfRows() < 1) {
		64	$osC_Database->startTransaction();
		65
		66	if ( is_numeric($id) ) {
		67	$Qadmin = $osC_Database->query('update :table_administrators set user_name = :user_name');
		68
		69	if ( isset($data['password']) && !empty($data['password']) ) {
		70	$Qadmin->appendQuery('and user_password = :user_password');
		71	$Qadmin->bindValue(':user_password', osc_encrypt_string(trim($data['password'])));
		72	}
73
74	$Qadmin->appendQuery('where id = :id');
75	$Qadmin->bindInt(':id', $id);
76	} else {
77	$Qadmin = $osC_Database->query('insert into :table_administrators (user_name, user_password) values (:user_name, :user_password)');
78	$Qadmin->bindValue(':user_password', osc_encrypt_string(trim($data['password'])));
79	}
80
81	$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
82	$Qadmin->bindValue(':user_name', $data['username']);
hpdl	1295	83	$Qadmin->setLogging($_SESSION['module'], $id);
hpdl	1200	84	$Qadmin->execute();
		85
		86	if ( !$osC_Database->isError() ) {
		87	if ( !is_numeric($id) ) {
		88	$id = $osC_Database->nextID();
		89	}
		90	} else {
		91	$error = true;
		92	}
		93
		94	if ( $error === false ) {
		95	if ( !empty($modules) ) {
		96	if ( in_array('*', $modules) ) {
		97	$modules = array('*');
		98	}
		99
		100	foreach ($modules as $module) {
		101	$Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1');
		102	$Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		103	$Qcheck->bindInt(':administrators_id', $id);
		104	$Qcheck->bindValue(':module', $module);
		105	$Qcheck->execute();
		106
		107	if ( $Qcheck->numberOfRows() < 1 ) {
		108	$Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)');
		109	$Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		110	$Qinsert->bindInt(':administrators_id', $id);
		111	$Qinsert->bindValue(':module', $module);
hpdl	1295	112	$Qinsert->setLogging($_SESSION['module'], $id);
hpdl	1200	113	$Qinsert->execute();
		114
		115	if ( $osC_Database->isError() ) {
		116	$error = true;
		117	break;
		118	}
		119	}
		120	}
		121	}
		122	}
		123
		124	if ( $error === false ) {
		125	$Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id');
		126
		127	if ( !empty($modules) ) {
		128	$Qdel->appendQuery('and module not in (":module")');
		129	$Qdel->bindRaw(':module', implode('", "', $modules));
		130	}
		131
		132	$Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		133	$Qdel->bindInt(':administrators_id', $id);
hpdl	1295	134	$Qdel->setLogging($_SESSION['module'], $id);
hpdl	1200	135	$Qdel->execute();
		136
		137	if ( $osC_Database->isError() ) {
		138	$error = true;
		139	}
		140	}
		141
		142	if ( $error === false ) {
		143	$osC_Database->commitTransaction();
		144
		145	return true;
		146	} else {
		147	$osC_Database->rollbackTransaction();
		148
		149	return false;
		150	}
		151	} else {
		152	return -1;
		153	}
		154	}
		155
		156	function delete($id) {
		157	global $osC_Database;
		158
		159	$osC_Database->startTransaction();
		160
		161	$Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id');
		162	$Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		163	$Qdel->bindInt(':administrators_id', $id);
hpdl	1295	164	$Qdel->setLogging($_SESSION['module'], $id);
hpdl	1200	165	$Qdel->execute();
		166
		167	if ( !$osC_Database->isError() ) {
		168	$Qdel = $osC_Database->query('delete from :table_administrators where id = :id');
		169	$Qdel->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
		170	$Qdel->bindInt(':id', $id);
hpdl	1295	171	$Qdel->setLogging($_SESSION['module'], $id);
hpdl	1200	172	$Qdel->execute();
		173
		174	if ( !$osC_Database->isError() ) {
		175	$osC_Database->commitTransaction();
		176
		177	return true;
		178	}
		179	}
		180
		181	$osC_Database->rollbackTransaction();
		182
		183	return false;
		184	}
		185
		186	function setAccessLevels($id, $modules, $mode = OSC_ADMINISTRATORS_ACCESS_MODE_ADD) {
		187	global $osC_Database;
		188
		189	$error = false;
		190
		191	if ( in_array('*', $modules) ) {
		192	$modules = array('*');
		193	}
		194
		195	$osC_Database->startTransaction();
		196
		197	if ( ($mode == OSC_ADMINISTRATORS_ACCESS_MODE_ADD) \|\| ($mode == OSC_ADMINISTRATORS_ACCESS_MODE_SET) ) {
		198	foreach ($modules as $module) {
		199	$execute = true;
		200
		201	if ( $module != '*' ) {
		202	$Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1');
		203	$Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		204	$Qcheck->bindInt(':administrators_id', $id);
		205	$Qcheck->bindValue(':module', '*');
		206	$Qcheck->execute();
		207
		208	if ( $Qcheck->numberOfRows() === 1 ) {
		209	$execute = false;
		210	}
		211	}
		212
		213	if ( $execute === true ) {
		214	$Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1');
		215	$Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		216	$Qcheck->bindInt(':administrators_id', $id);
		217	$Qcheck->bindValue(':module', $module);
		218	$Qcheck->execute();
		219
		220	if ( $Qcheck->numberOfRows() < 1 ) {
		221	$Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)');
		222	$Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		223	$Qinsert->bindInt(':administrators_id', $id);
		224	$Qinsert->bindValue(':module', $module);
hpdl	1295	225	$Qinsert->setLogging($_SESSION['module'], $id);
hpdl	1200	226	$Qinsert->execute();
		227
		228	if ( $osC_Database->isError() ) {
		229	$error = true;
		230	break;
		231	}
		232	}
		233	}
		234	}
		235	}
		236
		237	if ( $error === false ) {
		238	if ( ($mode == OSC_ADMINISTRATORS_ACCESS_MODE_REMOVE) \|\| ($mode == OSC_ADMINISTRATORS_ACCESS_MODE_SET) \|\| in_array('*', $modules) ) {
		239	if ( !empty($modules) ) {
		240	$Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id');
		241
		242	if ( $mode == OSC_ADMINISTRATORS_ACCESS_MODE_REMOVE ) {
		243	if ( !in_array('*', $modules) ) {
		244	$Qdel->appendQuery('and module in (":module")');
		245	$Qdel->bindRaw(':module', implode('", "', $modules));
		246	}
		247	} else {
		248	$Qdel->appendQuery('and module not in (":module")');
		249	$Qdel->bindRaw(':module', implode('", "', $modules));
		250	}
		251
		252	$Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS);
		253	$Qdel->bindInt(':administrators_id', $id);
hpdl	1295	254	$Qdel->setLogging($_SESSION['module'], $id);
hpdl	1200	255	$Qdel->execute();
		256
		257	if ( $osC_Database->isError() ) {
		258	$error = true;
		259	break;
		260	}
		261	}
		262	}
		263	}
		264
		265	if ( $error === false ) {
		266	$osC_Database->commitTransaction();
		267
		268	return true;
		269	}
		270
		271	$osC_Database->rollbackTransaction();
		272
		273	return false;
		274	}
		275	}
		276	?>

FishEye

View

Diff

Annotations

Annotated File View