Newer
Older
This function checks if a user has the parmissions $perm for the data record with the ID $record_id
If record_id = 0, the the permissions are tested against the defaults of the form file.
*/
function checkPerm($record_id,$perm) {
global $app;
if($record_id > 0) {
// Add backticks for incomplete table names.
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
if(stristr($this->formDef['db_table'],'.')) {
$escape = '';
} else {
$escape = '`';
}
$sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm);
if($record = $app->db->queryOneRecord($sql)) {
return true;
} else {
return false;
}
} else {
$result = false;
if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true;
if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true;
if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true;
// if preset == 0, everyone can insert a record of this type
if($this->formDef["auth_preset"]["userid"] == 0 AND $this->formDef["auth_preset"]["groupid"] == 0 AND (@stristr($this->formDef["auth_preset"]["perm_user"],$perm) OR @stristr($this->formDef["auth_preset"]["perm_group"],$perm))) $result = true;
return $result;
}
}
function getNextTab() {
// Which tab is shown
if($this->errorMessage == '') {
// If there is no error
if(isset($_REQUEST["next_tab"]) && $_REQUEST["next_tab"] != '') {
// If the next tab is known
$active_tab = $_REQUEST["next_tab"];
} else {
// else use the default tab
$active_tab = $this->formDef['tab_default'];
}
} else {
// Show the same tab again in case of an error
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
$active_tab = $_SESSION["s"]["form"]["tab"];
}
return $active_tab;
}
function getCurrentTab() {
return $_SESSION["s"]["form"]["tab"];
}
function isReadonlyTab($tab) {
if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true) {
return true;
} else {
return false;
}
}
// translation function for forms, tries the form wordbook first and if this fails, it tries the global wordbook
function lng($msg) {
global $app;
if(isset($this->wordbook[$msg])) {
return $this->wordbook[$msg];
} else {
return $app->lng($msg);
}
}
}