[Mapbender-commits] r8349 - branches/2.7/http/php

svn_mapbender at osgeo.org svn_mapbender at osgeo.org
Fri May 11 03:43:18 EDT 2012 

Author: verenadiewald
Date: 2012-05-11 00:43:18 -0700 (Fri, 11 May 2012)
New Revision: 8349

Modified:
   branches/2.7/http/php/mod_editElementVars.php
   branches/2.7/http/php/mod_editElements.php
Log:
http://trac.osgeo.org/mapbender/ticket/856

Modified: branches/2.7/http/php/mod_editElementVars.php
===================================================================
--- branches/2.7/http/php/mod_editElementVars.php	2012-05-11 07:41:50 UTC (rev 8348)
+++ branches/2.7/http/php/mod_editElementVars.php	2012-05-11 07:43:18 UTC (rev 8349)
@@ -37,6 +37,7 @@
 }
 
 //import_request_variables("PG");
+require_once(dirname(__FILE__)."/../classes/class_administration.php");
 ?>
 
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
@@ -133,6 +134,27 @@
 
 <?php
 
+if((isset($myDelete) && $myDelete == '1') || (isset($mySave) && $mySave == '1')){
+    $checkAdmin = new administration();
+    $myOwnedGuis = $checkAdmin->getGuisByOwner(Mapbender::session()->get("mb_user_id"),true);
+    $modOwnerAlert = false;
+    $ownerAlert = "You do not have the permission to change the elements of this application.";
+    
+    if(!in_array($fkey_gui_id, $myOwnedGuis)) {
+    if($modOwnerAlert == false){
+    		$modOwnerAlert = true;
+    	}
+    }
+    if($modOwnerAlert == true){
+    	unset($myDelete);
+    	unset($mySave);
+    	echo "<script language='JavaScript'>";
+    	echo "alert('".$ownerAlert."');";
+    	echo "</script>";
+    
+    }
+}
+
 # handle database updates etc.....
 
 if(isset($mySave) && ($mySave == '1')){

Modified: branches/2.7/http/php/mod_editElements.php
===================================================================
--- branches/2.7/http/php/mod_editElements.php	2012-05-11 07:41:50 UTC (rev 8348)
+++ branches/2.7/http/php/mod_editElements.php	2012-05-11 07:43:18 UTC (rev 8349)
@@ -129,6 +129,29 @@
    -->
 </style>
 <?php
+
+if((isset($myDelete) && $myDelete == '1') || (isset($mySave) && ($mySave == '1' || $mySave == '2')) || (isset($myDuplicate) && $myDuplicate == '1')){
+    $checkAdmin = new administration();
+    $myOwnedGuis = $checkAdmin->getGuisByOwner(Mapbender::session()->get("mb_user_id"),true);
+    $modOwnerAlert = false;
+    $ownerAlert = "You do not have the permission to change the elements of this application.";
+    
+    if($_POST["originGuiOfSelectedElement"] && !in_array($_POST["originGuiOfSelectedElement"], $myOwnedGuis)) {
+    if($modOwnerAlert == false){
+    		$modOwnerAlert = true;
+    	}
+    }
+    if($modOwnerAlert == true){
+    	unset($myDelete);
+    	unset($mySave);
+    	unset($myDuplicate);
+    	echo "<script language='JavaScript'>";
+    	echo "alert('".$ownerAlert."');";
+    	echo "</script>";
+    
+    }
+}
+	
 # handle database updates etc.....
 if((isset($mySave) && ($mySave == '1' || $mySave == '2')) || isset($myDuplicate)) {
 	# check module-permission ---------------------------------------------------------
@@ -303,7 +326,7 @@
 
 }
 if(isset($myDelete) && $myDelete == '1'){
-	$sql = "DELETE FROM gui_element WHERE e_id = $1 AND fkey_gui_id = $2";   
+    $sql = "DELETE FROM gui_element WHERE e_id = $1 AND fkey_gui_id = $2";   
 	$v = array($e_id_,$guiList1);
 	$t = array('s','s');
 	$res = db_prep_query($sql,$v,$t);

More information about the Mapbender_commits mailing list