projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Changed login.gif icon.
[fa-stable.git]
/
admin
/
db
/
security_db.inc
diff --git
a/admin/db/security_db.inc
b/admin/db/security_db.inc
index 55e56b556ae7fcab6f6b0fc52e8cd872b6a183cf..70027c2e7c3b489f161edbf05e23dea6b1b18815 100644
(file)
--- a/
admin/db/security_db.inc
+++ b/
admin/db/security_db.inc
@@
-13,53
+13,54
@@
function get_security_role($id)
{
function get_security_role($id)
{
- $sql = "SELECT * FROM ".TB_PREF."security_roles WHERE id=
'$id'"
;
+ $sql = "SELECT * FROM ".TB_PREF."security_roles WHERE id=
".(int)$id
;
$ret = db_query($sql, "could not retrieve security roles");
$row = db_fetch($ret);
$ret = db_query($sql, "could not retrieve security roles");
$row = db_fetch($ret);
- $row['areas'] = explode(';', $row['areas']);
- $row['modules'] = explode(';', $row['modules']);
+ if ($row != false) {
+ $row['areas'] = explode(';', $row['areas']);
+ $row['sections'] = explode(';', $row['sections']);
+ }
return $row;
}
//--------------------------------------------------------------------------------------------------
return $row;
}
//--------------------------------------------------------------------------------------------------
-function add_security_role($name, $description, $
module
s, $areas)
+function add_security_role($name, $description, $
section
s, $areas)
{
{
- $sql = "INSERT INTO ".TB_PREF."security_roles (role, description,
module
s, areas)
+ $sql = "INSERT INTO ".TB_PREF."security_roles (role, description,
section
s, areas)
VALUES ("
.db_escape($name).","
.db_escape($description).","
VALUES ("
.db_escape($name).","
.db_escape($description).","
- .db_escape(implode(';',
$module
s)).","
- .db_escape(implode(';',$areas)).")";
+ .db_escape(implode(';',
$section
s)).","
+ .db_escape(implode(';',
$areas)).")";
db_query($sql, "could not add new security role");
}
//--------------------------------------------------------------------------------------------------
db_query($sql, "could not add new security role");
}
//--------------------------------------------------------------------------------------------------
-function update_security_role($id, $name, $description, $
module
s, $areas)
+function update_security_role($id, $name, $description, $
section
s, $areas)
{
$sql = "UPDATE ".TB_PREF."security_roles SET role=".db_escape($name)
.",description=".db_escape($description)
{
$sql = "UPDATE ".TB_PREF."security_roles SET role=".db_escape($name)
.",description=".db_escape($description)
- .",
modules=".db_escape(implode(';',$module
s))
- .",areas=".db_escape(implode(';',$areas))
- ." WHERE id=
$id"
;
+ .",
sections=".db_escape(implode(';', $section
s))
+ .",areas=".db_escape(implode(';',
$areas))
+ ." WHERE id=
".(int)$id
;
db_query($sql, "could not update role");
}
//--------------------------------------------------------------------------------------------------
function delete_security_role($id)
{
db_query($sql, "could not update role");
}
//--------------------------------------------------------------------------------------------------
function delete_security_role($id)
{
- $sql = "DELETE FROM ".TB_PREF."security_roles WHERE id=
$id"
;
+ $sql = "DELETE FROM ".TB_PREF."security_roles WHERE id=
".(int)$id
;
db_query($sql, "could not delete role");
}
//--------------------------------------------------------------------------------------------------
function check_role_used($id) {
db_query($sql, "could not delete role");
}
//--------------------------------------------------------------------------------------------------
function check_role_used($id) {
- $sql = "SELECT count(*) FROM ".TB_PREF."users WHERE
full_access=$id"
;
+ $sql = "SELECT count(*) FROM ".TB_PREF."users WHERE
role_id=".(int)$id
;
$ret = db_query($sql, 'cannot check role usage');
$row = db_fetch($ret);
return $row[0];
}
$ret = db_query($sql, 'cannot check role usage');
$row = db_fetch($ret);
return $row[0];
}
-?>
\ No newline at end of file