check link before show

main
Angelo Cuccato 14 years ago
parent 3b6e2b24b1
commit 1e47799384

@ -96,8 +96,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('33', 'DE', 'Sprache
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('33', 'EN', 'Language is saved. On the next page it will be active.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('34', 'DE', 'Avatar wurde gesetzt.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('34', 'EN', 'Avatar is saved.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('35', 'DE', '<b>Neue Anfrage:</b>\r\nIn diesem Formular hast du die Möglichkeit, den Erzengeln eine Frage zu stellen. Wenn diese beantwortet ist, wirst du hier darüber informiert. Sollte die Frage von allgemeinem Interesse sein, wird diese in die Engel-FAQ übernommen.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('35', 'EN', '<b>New Question</b>\r\nWith this form you may sumbit questions to our Archangels. Topics of common interest may be added to the FAQ. (Section: answered questions).\r\n');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('35', 'DE', 'Neue Anfrage In diesem Formular hast du die M&ouml;glichkeit, den Erzengeln eine Frage zu stellen. Wenn diese beantwortet ist, wirst du hier dar&uuml;ber informiert. Sollte die Frage von allgemeinem Interesse sein, wird diese in die Engel-FAQ &uuml;bernommen.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('35', 'EN', 'New Question With this form you may sumbit questions to our Archangels. Topics of common interest may be added to the FAQ. (Section: answered questions).\r\n');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('36', 'DE', 'Stelle hier deine Frage');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('36', 'EN', 'Tell us your question');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('37', 'DE', 'Deine Anfrage war:');
@ -325,8 +325,8 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_aktive_Active',
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_add_TextFor', 'EN', 'text for shift');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_add_WriteOK', 'EN', 'Now, you signed up for this shift. Thank you for your cooperation.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_add_Text1', 'EN', 'Here you can sign up for a shift. As commend can you write what you want, it is only for you.');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_colision', 'DE', '&lt;h1&gt;Fehler&lt;/h1&gt;\r\n&Uuml;berschneidung von Schichten:');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_colision', 'EN', '&lt;h1&gt;error&lt;/h1&gt;\r\noverlap on shift:');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_colision', 'DE', 'Fehler &Uuml;berschneidung von Schichten:');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schichtplan_colision', 'EN', 'error noverlap on shift:');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schicht_EmptyShifts', 'DE', 'Die n&auml;chsten 15 freien Schichten:');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('pub_schicht_EmptyShifts', 'EN', 'The next 15 empty shifts:');
INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('inc_schicht_date', 'DE', 'Datum');

@ -50,4 +50,53 @@ if( $DEBUG )
}
function funktion_isLinkAllowed( $PageName)
{
global $_SESSION;
// separate page parameter
$ParameterPos = strpos( $PageName, ".php?");
if( $ParameterPos === FALSE)
{
$pName = $PageName;
}
else
{
$pName = substr( $PageName, 0, $ParameterPos + 4);
}
// check rights
if( (isset( $_SESSION['CVS'][ $pName ]) === TRUE) &&
($_SESSION['CVS'][ $pName ] == "Y") )
{
return TRUE;
}
return FALSE;
}
function funktion_isLinkAllowed_addLink_OrLinkText( $PageName, $LinkText)
{
global $url, $ENGEL_ROOT;
if( funktion_isLinkAllowed( $PageName) === TRUE)
{
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
}
return $LinkText;
}
function funktion_isLinkAllowed_addLink_OrEmpty( $PageName, $LinkText)
{
global $url, $ENGEL_ROOT;
if( funktion_isLinkAllowed( $PageName) === TRUE)
{
return "<a href=\"". $url. $ENGEL_ROOT. $PageName. "\">". $LinkText. "</a>";
}
return "";
}
?>

@ -39,11 +39,9 @@ for( $i=0; $i<mysql_num_rows($Erg); $i++)
if( $_SESSION['UID']>0 )
echo DisplayAvatar( mysql_result( $Erg, $i, "UID"));
// Schow Admin Page
if( $_SESSION['CVS'][ "admin/userChangeNormal.php" ] == "Y" )
echo " <a href=\"./../admin/userChangeNormal.php?enterUID=". mysql_result( $Erg, $i, "UID"). "&Type=Normal\">".
mysql_result( $Erg, $i, "Nick"). "</a>";
else
echo mysql_result( $Erg, $i, "Nick");
echo funktion_isLinkAllowed_addLink_OrLinkText(
"admin/userChangeNormal.php?enterUID=". mysql_result( $Erg, $i, "UID"). "&Type=Normal",
mysql_result( $Erg, $i, "Nick"));
$Tlog = (substr( mysql_result( $Erg, $i, "lastLogIn"), 8, 2) * 60 * 60 * 24) + // Tag
(substr( mysql_result( $Erg, $i, "lastLogIn"), 11, 2) * 60 * 60) + // Stunde

@ -18,11 +18,9 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
///////////////////////////////////////////////////////////////////
// Schow Admin Page
///////////////////////////////////////////////////////////////////
if( $_SESSION['CVS'][ "admin/schichtplan.php" ] == "Y" )
{
$Spalten.= "<a href=\"./../admin/schichtplan.php?action=change&SID=$SID\">edit</a><br>\n\t\t";
}
$Spalten.=funktion_isLinkAllowed_addLink_OrEmpty(
"admin/schichtplan.php?action=change&SID=$SID",
"edit<br>\n\t\t");
///////////////////////////////////////////////////////////////////
// Ausgabe des Schischtnamens
@ -104,28 +102,30 @@ function ausgabe_Feld_Inhalt( $SID, $Man )
foreach( $TempValue["Engel"] as $TempEngelEntry=> $TempEngelID )
{
if( $_SESSION['CVS'][ "admin/userChangeNormal.php" ] == "Y" )
$Spalten.= " <a href=\"./../admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal\">";
if( $_SESSION['CVS'][ "admin/schichtplan.php" ] == "Y" )
if( funktion_isLinkAllowed( "admin/user.php") === TRUE)
{
if( UIDgekommen( $TempEngelID ) == "1")
$Spalten.= "&nbsp;&nbsp;<span style=\"color: blue;\">".
UID2Nick( $TempEngelID ).
($_GET["Icon"]==1? DisplayAvatar( $TempEngelID ): "").
"</span><br>\n\t\t";
else
$Spalten.= "&nbsp;&nbsp;<span style=\"color: red;\">".
UID2Nick( $TempEngelID ).
($_GET["Icon"]==1? DisplayAvatar( $TempEngelID ): "").
"</span><br>\n\t\t";
// add color, wenn Engel "Gekommen"
$TempText=
((UIDgekommen( $TempEngelID ) == "1")
? "<span style=\"color: blue;\">"
: "<span style=\"color: red;\">").
UID2Nick( $TempEngelID). "</span>";
}
else
$Spalten.= "&nbsp;&nbsp;". UID2Nick( $TempEngelID ).
($_GET["Icon"]==1? DisplayAvatar( $TempEngelID ): "").
"<br>\n\t\t";
if( $_SESSION['CVS'][ "admin/userChangeNormal.php" ] == "Y" )
$Spalten.= " </a>";
{
$TempText = UID2Nick( $TempEngelID );
}
// add link to user
$TempText= funktion_isLinkAllowed_addLink_OrLinkText(
"admin/userChangeNormal.php?enterUID=$TempEngelID&Type=Normal",
$TempText);
$Spalten.= "&nbsp;&nbsp;". $TempText.
( ($_GET["Icon"]==1) ? DisplayAvatar( $TempEngelID): "").
"<br>\n\t\t";
}
$Spalten = substr( $Spalten, 0, strlen($Spalten)-7 );
}
@ -205,13 +205,17 @@ function CreateRoomShifts( $raum )
$ErgSonder = mysql_query($SQLSonder, $con);
if( (mysql_num_rows( $ErgSonder) > 1) )
{
if( $_SESSION['CVS'][ "admin/schichtplan.php" ] == "Y" )
if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE )
{
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=". mysql_result($ErgSonder, 0, "SID"). "\">".
mysql_result($ErgSonder, 0, "DateS").
" '". mysql_result($ErgSonder, 0, "Man")."' (RID $raum) (00-24)".
"</a><br>\n\t\t";
for( $i=0; $i<mysql_num_rows( $ErgSonder); $i++)
{
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
mysql_result($ErgSonder, $i, "SID"). "\">".
mysql_result($ErgSonder, $i, "DateS").
" '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-24)".
"</a><br>\n\t\t";
}
}
}
elseif( (mysql_num_rows( $ErgSonder) == 1) )
@ -236,13 +240,17 @@ function CreateRoomShifts( $raum )
$ErgSonder = mysql_query($SQLSonder, $con);
if( (mysql_num_rows( $ErgSonder) > 1) )
{
if( $_SESSION['CVS'][ "admin/schichtplan.php" ] == "Y" )
if( funktion_isLinkAllowed( "admin/schichtplan.php") === TRUE )
{
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=". mysql_result($ErgSonder, 0, "SID"). "\">".
mysql_result($ErgSonder, 0, "DateS").
" '". mysql_result($ErgSonder, 0, "Man")."' (RID $raum) (00-xx)".
"</a><br>\n\t\t";
for( $i=0; $i<mysql_num_rows( $ErgSonder); $i++)
{
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
mysql_result($ErgSonder, $i, "SID"). "\">".
mysql_result($ErgSonder, $i, "DateS").
" '". mysql_result($ErgSonder, $i, "Man")."' (RID $raum) (00-xx)".
"</a><br>\n\t\t";
}
}
}
elseif( (mysql_num_rows( $ErgSonder) == 1) )
@ -297,10 +305,12 @@ function CreateRoomShifts( $raum )
}
else
{
echo Get_Text("pub_schichtplan_colision"). " ".
echo "<h1>". Get_Text("pub_schichtplan_colision"). "</h1> ";
echo "<a href=\"./../admin/schichtplan.php?action=change&SID=".
mysql_result($Erg, $i, "SID"). "\">".
mysql_result($Erg, $i, "DateS").
" '". mysql_result($Erg, $i, "Man"). "' ".
" (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)<br><br>";
" (". mysql_result($Erg, $i, "SID"). " R$raum) (xx-xx)</a><br><br>";
}
}
if( $ZeitZeiger < 24 )

@ -259,7 +259,7 @@ foreach($XMLmain->sub as $EventKey => $Event)
}
else
{
echo "\t<td><a href=\"./schichtplan.php?action=change&SID=$SIDDB\">edit</a></td>\n";
echo "\t<td>". funktion_isLinkAllowed_addLink_OrLinkText("admin/schichtplan.php?action=change&SID=".$SIDDB, "edit"). "</td>\n";
$DS_OK++;
}
echo "\t</tr>\n";
@ -299,7 +299,8 @@ if(mysql_num_rows($Erg2)>0 && $EnableSchudleDB )
"<input name=\"LenDB\" type=\"text\" value=\"$Len\" size=\"1\"readonly></td>\n";
echo "\t<td><input name=\"ManXML\" type=\"text\" value=\"\" size=\"40\"readonly>\n\t\t".
"<input name=\"ManDB\" type=\"text\" value=\"$Man\" size=\"40\"readonly></td>\n";
echo "\t<td><a href=\"./schichtplan.php?action=change&SID=$SID\">edit</a></td>\n";
echo "\t<td>". funktion_isLinkAllowed_addLink_OrLinkText( "admin/schichtplan.php?action=change&SID=".$SID, "edit").
"</td>\n";
echo "\t<tr>\n";
}
echo "</table>";

@ -88,12 +88,16 @@ if (!IsSet($_GET["enterUID"]))
echo "\t<td>".mysql_result($Erg, $n, "Aktiv")."</td>\n";
$Tshirt += mysql_result($Erg, $n, "Tshirt");
echo "\t<td>".mysql_result($Erg, $n, "Tshirt")."</td>\n";
echo "\t<td><a href=\"./userChangeNormal.php?enterUID=".
mysql_result($Erg, $n, "UID")."&Type=Normal\">&Auml;nd.</a></td>\n";
echo "\t<td>";
echo "<a href=\"./userChangeSecure.php?enterUID=".
mysql_result($Erg, $n, "UID")."&Type=Secure\">Secure</a></td>\n";
echo "\t<td>". funktion_isLinkAllowed_addLink_OrEmpty(
"admin/userChangeNormal.php?enterUID=".
mysql_result($Erg, $n, "UID")."&Type=Normal",
"&Auml;nd.").
"</td>\n";
echo "\t<td>". funktion_isLinkAllowed_addLink_OrEmpty(
"admin/userChangeSecure.php?enterUID=".
mysql_result($Erg, $n, "UID")."&Type=Secure",
"Secure").
"</td>\n";
echo "</tr>\n";
}
echo "<tr>".

Loading…
Cancel
Save