Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Last updated: 1/16/2013 @ 10:49am by Andrew
- */
- class role_restrictions {
- private $debug = 0;
- private $errStr = '';
- private $display_title = '';
- private $return_url = '';
- private $image_url = '';
- private $return_link_display_text = '';
- private $program_base_url = '';
- private $program_name = '';
- private $dbh = '';
- private $dbprefix = '';
- private $username = '';
- private $admin_functions = array();
- private $existing_roles = array('_total'=>0);
- private $existing_role_assignments = array('_total'=>0, 'username'=>array());
- private $all_post_form_inputs_used_in_this_class = array(
- 'doCmd',
- 'ra_new_username',
- 'ra_new_role_name',
- 'ra_new_role_desc',
- );
- function __construct(&$dbh, $username, $return_url, $return_link_display_text='Return to Previous Page', $display_title='Role Admin Page', $admin_functions=array('types','assignments'), $debug=0, $dbprefix=''){
- $this->set_debug($debug);
- $this->set_dbh($dbh);
- $this->set_dbprefix($dbprefix);
- $this->set_username($username);
- $this->set_return_url($return_url);
- $this->set_image_url();
- $this->set_return_link_display_text($return_link_display_text);
- $this->set_display_title($display_title);
- $this->set_admin_functions($admin_functions);
- }
- function process_any_commands(){
- $this->prevent_undefined_index_notices($this->all_post_form_inputs_used_in_this_class);
- if($_POST['doCmd'] == 'draw_role_restrictions_admin_page'){$this->draw_admin_page();}
- if($_POST['doCmd'] == 'role_restrictions_delete_user'){$this->delete_user();}
- if($_POST['doCmd'] == 'role_restrictions_update_role_assignments'){$this->update_role_assignments();}
- if($_POST['doCmd'] == 'role_restrictions_add_user'){$this->add_user();}
- if($_POST['doCmd'] == 'role_restrictions_delete_role'){$this->delete_role();}
- if($_POST['doCmd'] == 'role_restrictions_update_roles'){$this->update_roles();}
- if($_POST['doCmd'] == 'role_restrictions_add_role'){$this->add_role();}
- }
- function draw_admin_page($msg=''){
- // prevent annoying undefined index notices
- $this->prevent_undefined_index_notices($this->all_post_form_inputs_used_in_this_class);
- $this->sanitize_inputs();
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- ?>
- <html>
- <head>
- <title><?php echo $this->display_title; ?></title>
- <script>
- <?php
- if(in_array('types', $this->admin_functions)){
- ?>
- function deleteRole(role){
- if(confirm("Confirmation Needed:\n\nAre you sure you want to remove the "+role+" role?\n")){
- document.mainform.doCmd.value='role_restrictions_delete_role';
- document.mainform.rr_role.value=role;
- document.mainform.submit();
- }
- }
- function saveRoleChanges(){
- document.mainform.doCmd.value='role_restrictions_update_roles';
- document.mainform.submit();
- }
- function addRole(){
- document.mainform.doCmd.value='role_restrictions_add_role';
- document.mainform.submit();
- }
- <?php
- }
- if(in_array('assignments', $this->admin_functions)){
- ?>
- function deleteUsername(user){
- if(confirm("Confirmation Needed:\n\nAre you sure you want to remove "+user+"?\n")){
- document.mainform.doCmd.value='role_restrictions_delete_user';
- document.mainform.rr_username.value=user;
- document.mainform.submit();
- }
- }
- function saveChanges(){
- document.mainform.doCmd.value='role_restrictions_update_role_assignments';
- document.mainform.submit();
- }
- function addUser(){
- document.mainform.doCmd.value='role_restrictions_add_user';
- document.mainform.submit();
- }
- <?php
- }
- ?>
- </script>
- </head>
- <body>
- <form name="mainform" action="<?php echo $this->return_url; ?>" method="post">
- <input type="hidden" name="doCmd" value="" />
- <input type="hidden" name="rr_username" value="" />
- <input type="hidden" name="rr_role" value="" />
- <div align="center">
- <h2><?php echo $this->display_title; ?></h2>
- <a href="<?php echo $this->return_url; ?>"><?php echo $this->return_link_display_text; ?></a><br /> <br />
- <?php
- if($msg != ''){
- ?>
- <table cellpadding="0" cellspacing="0" border="1">
- <tr><td>
- <table cellpadding="0" cellspacing="0" border="0">
- <tr><td><h2>Messages:</h2></td></tr>
- <tr><td><blockquote><?php echo $msg; ?></blockquote></td></tr>
- </table>
- </td></tr>
- </table>
- <br /> <br />
- <?php
- }
- ?>
- <?php
- $roles = array_keys($this->existing_roles['role_name']);
- natcasesort($roles);
- if(in_array('types', $this->admin_functions)){
- ?>
- <table cellpadding="5" cellspacing="0" border="0" style="text-align:center;">
- <tr><th>Roles</th></tr>
- <tr><td>
- <table cellpadding="5" cellspacing="0" border="1" style="text-align:center;">
- <tr><th>Role Name</th><th>Role Description</th><th>Delete?</th></tr>
- <?php
- foreach ($roles as $role){
- ?>
- <tr>
- <td><input type="text" name="role_name-=-<?php echo $this->existing_roles['role_name'][$role]['ID']; ?>" value="<?php echo $role; ?>" onchange="alert('Changing role names in an established program can cause your program to stop working!');" /></td>
- <td><input type="text" name="role_desc-=-<?php echo $this->existing_roles['role_name'][$role]['ID']; ?>" value="<?php echo $this->existing_roles['role_name'][$role]['desc']; ?>" /></td>
- <td><a href="javascript: deleteRole('<?php echo $role; ?>');"><img border="0" src="<?php echo $this->image_url; ?>/red-x.png"/></a></td>
- </tr>
- <?php
- }
- ?>
- </table>
- <tr><td><input type="button" name="b2" value="Save Role Type Changes" onclick="saveRoleChanges();" /></td></tr>
- </table>
- <br /> <br />
- <table cellpadding="5" cellspacing="0" border="0" style="text-align:center;">
- <tr><th>Add New Role</th></tr>
- <tr><td>
- <table cellpadding="5" cellspacing="0" border="1" style="text-align:center;">
- <tr><th>Role Name</th><th>Role Description</th></tr>
- <tr>
- <td><input type="text" name="ra_new_role_name" value="<?php echo $_POST['ra_new_role_name']; ?>" /></td>
- <td><input type="text" name="ra_new_role_desc" value="<?php echo $_POST['ra_new_role_desc']; ?>" /></td>
- </tr>
- </table>
- <tr><td><input type="button" name="b2" value="Add New Role" onclick="addRole();" /></td></tr>
- </table>
- <br /> <br />
- <?php
- }
- if(in_array('assignments', $this->admin_functions)){
- ?>
- <table cellpadding="5" cellspacing="0" border="0" style="text-align:center;">
- <tr><th>Assign Roles</th></tr>
- <tr><td>
- <table cellpadding="5" cellspacing="0" border="1" style="text-align:center;">
- <?php
- $new_role_cells = '';
- $table_header = "<tr><th>Username</th>";
- foreach ($roles as $role){
- $table_header .= "<th>".$role."</th>";
- $chk = '';
- if(array_key_exists('ra_new-=-'.$role, $_POST)){
- if($_POST['ra_new-=-'.$role]==1){
- $chk = ' checked="checked"';
- }
- }
- $new_role_cells .= '<td><input type="checkbox" name="ra_new-=-'.$role.'" value="1"'.$chk.' /></td>';
- }
- echo $table_header;
- echo "<th>Delete?</th></tr>\n";
- $usernames = array_keys($this->existing_role_assignments['username']);
- natcasesort($usernames);
- foreach ($usernames as $username){
- ?>
- <tr><td><?php echo $username; ?></td>
- <?php
- foreach ($roles as $role){
- $chk = array_key_exists($role, $this->existing_role_assignments['username'][$username]['role_name'])?' checked="checked"':'';
- ?>
- <td><input type="checkbox" name="ra-=-<?php echo $username.'-=-'.$role; ?>" value="1"<?php echo $chk; ?> /></td>
- <?php
- } // end foreach role
- ?>
- <td><a href="javascript: deleteUsername('<?php echo $username; ?>');"><img border="0" src="<?php echo $this->image_url; ?>/red-x.png"/></a></td>
- </tr>
- <?php
- } // end foreach username
- ?>
- </table>
- <tr><td><input type="button" name="b2" value="Save Changes" onclick="saveChanges();" /></td></tr>
- </table>
- <br /> <br />
- <table cellpadding="5" cellspacing="0" border="0" style="text-align:center;">
- <tr><th>Add User</th></tr>
- <tr><td>
- <table cellpadding="5" cellspacing="0" border="1" style="text-align:center;">
- <?php echo $table_header; ?>
- <tr>
- <td><input type="text" name="ra_new_username" value="<?php echo $_POST['ra_new_username']; ?>" /></td>
- <?php echo $new_role_cells; ?>
- </tr>
- </table>
- <tr><td><input type="button" name="b3" value="Add User" onclick="addUser()" /></td></tr>
- </table>
- <?php
- }
- ?>
- </div>
- </form>
- </body>
- </html>
- <?php
- exit;
- }
- private function delete_role() {
- $msg = '';
- // sanitize inputs
- if($_POST['rr_role'] == ''){
- $msg .= "<font color=red>• No role name given to delete</font><br />\n";
- }else{
- preg_match('/([\w\.-]+)/', $_POST['rr_role'], $matches);
- if($matches[1] != $_POST['rr_role']){
- $msg .= "<font color=red>• The role name given was invalid. Valid characters are: a-z A-Z 0-9 _ . -</font><br />\n";
- }
- $_POST['rr_role'] = $matches[1];
- }
- if($msg != ''){
- $this->draw_admin_page($msg);
- }
- $this->get_existing_roles();
- // remove all role assignments for this role
- $statement = "delete from ".$this->dbprefix."role_assignments where role_type_ID=".$this->existing_roles['role_name'][$_POST['rr_role']]['ID'];
- $sth = $this->dbh->query($statement);
- if($this->dbh->error){
- $this->draw_admin_page("<font color=red>•Function: delete_role() attempting delete role_assignments (".$statement.") , error: ".$this->dbh->error."</font><br />\n");
- }
- // remove the role_type record
- $statement = "delete from ".$this->dbprefix."role_types where role_type_name='".$_POST['rr_role']."'";
- $sth = $this->dbh->query($statement);
- if($this->dbh->error){
- $this->draw_admin_page("<font color=red>•Function: delete_role() attempting delete role (".$statement.") , error: ".$this->dbh->error."</font><br />\n");
- }
- $this->get_existing_roles(true);
- $this->draw_admin_page("•Successfully deleted ".$_POST['rr_role']." role<br />\n");
- }
- private function update_roles() {
- $msg = '';
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- foreach ($this->existing_roles['ID'] as $roleID => $role_details){
- if( $_POST['role_name-=-'.$roleID] != $this->existing_roles['ID'][$roleID]['role_name'] or $_POST['role_desc-=-'.$roleID] != $this->existing_roles['ID'][$roleID]['desc'] ){
- if($_POST['role_name-=-'.$roleID] == ''){
- $msg .= "• The Role Name can't be blank<br />\n";
- continue;
- }
- //echo "changing name from (".$this->existing_roles['ID'][$roleID]['role_name'].") to (".$_POST['role_name-=-'.$roleID].") <br />\nchanging desc from (".$this->existing_roles['ID'][$roleID]['desc'].") to (".$_POST['role_desc-=-'.$roleID].") <br />\n";
- $statement = "update ".$this->dbprefix."role_types set role_type_name='".$_POST['role_name-=-'.$roleID]."', role_type_desc='".$_POST['role_desc-=-'.$roleID]."' where role_type_ID=".$roleID;
- $sth = $this->dbh->query($statement);
- if($this->dbh->error){
- $this->draw_admin_page("<font color=red>•Function: update_roles() attempting update (".$statement.") , error: ".$this->dbh->error."</font><br />\n");
- }
- $msg .= "• Successfully updated the ".$_POST['role_name-=-'.$roleID]." roll<br />\n";
- }
- } // end foreach roleID
- $this->get_existing_roles(true);
- $this->draw_admin_page($msg);
- }
- private function add_role() {
- $msg = '';
- $this->get_existing_roles();
- // sanitize the input
- if($_POST['ra_new_role_name'] == ''){
- $msg .= "• The new role name field was blank <br />\n";
- }else{
- preg_match('/([\w\.-]+)/', $_POST['ra_new_role_name'], $matches);
- if($_POST['ra_new_role_name'] != $matches[1]){
- $msg .= "• The new role name conntained invalid characters. Valid characters are: a-z A-Z 0-9 _ . - <br />\n";
- }
- $_POST['ra_new_role_name'] = $matches[1];
- }
- preg_match('/([\w\s\.!@#\$\%^&\*\+\?\/:-]+)/', $_POST['ra_new_role_desc'], $matches);
- if($_POST['ra_new_role_desc'] != $matches[1]){
- $msg .= "• The new role description conntained invalid characters. Valid characters are: a-z A-Z 0-9 . - {space} ! @ # \$ % ^ & * + ? / : <br />\n";
- }
- $_POST['ra_new_role_desc'] = $matches[1];
- // does this role already exist?
- if(array_key_exists($_POST['ra_new_role_name'], $this->existing_roles['role_name'])){
- $msg .= "• The role name specified (".$_POST['ra_new_role_name'].") already exists <br />\n";
- }
- if($msg != ''){
- $this->draw_admin_page($msg);
- }
- $insert_statement = "INSERT INTO ".$this->dbprefix."role_types (role_type_name, role_type_desc) VALUES (?,?)";
- $dm = '';
- $this->dbh->insert($insert_statement, array($_POST['ra_new_role_name'], $_POST['ra_new_role_desc']), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- $msg .= "• Added New Role: ".$_POST['ra_new_role_name']."<br />\n";
- $_POST['ra_new_role_name'] = '';
- $_POST['ra_new_role_desc'] = '';
- $this->get_existing_roles(true);
- $this->draw_admin_page($msg);
- }
- private function add_user(){
- $msg = '';
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- // sanitize the input
- if($_POST['ra_new_username'] == ''){
- $msg .= "• The new username field was blank <br />\n";
- }else{
- preg_match('/([\w\.-]+)/', $_POST['ra_new_username'], $matches);
- if($_POST['ra_new_username'] != $matches[1]){
- $msg .= "• The new username conntained invalid characters. Valid characters are: a-z A-Z 0-9 _ . - <br />\n";
- }
- $_POST['ra_new_username'] = strtolower($matches[1]);
- }
- // does this user already exist?
- if(array_key_exists($_POST['ra_new_username'], $this->existing_role_assignments['username'])){
- $msg .= "• The username specified (".$_POST['ra_new_username'].") already exists <br />\n";
- }
- if($msg != ''){
- $this->draw_admin_page($msg);
- }
- $insert_statement = "INSERT INTO ".$this->dbprefix."role_assignments (role_type_ID, role_assignment_username) VALUES (?,?)";
- $roles_assigned = 0;
- foreach ($this->existing_roles['role_name'] as $role => $role_details){
- if(array_key_exists('ra_new-=-'.$role, $_POST)){
- $dm = '';
- $this->dbh->insert($insert_statement, array($this->existing_roles['role_name'][$role]['ID'], $_POST['ra_new_username']), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- $msg .= "• Added ".$_POST['ra_new_username']." to $role<br />\n";
- $roles_assigned++;
- $_POST['ra_new-=-'.$role]='';
- }
- }
- if($roles_assigned==0){
- $this->draw_admin_page("• Unable to add user (".$_POST['ra_new_username']."), no roles where selected.");
- }
- $_POST['ra_new_username'] = '';
- $this->get_existing_role_assignments(true);
- $this->draw_admin_page($msg);
- }
- function assign_user_to_role($username, $rolename, &$errStr=''){
- $errStr='';
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- if(array_key_exists($username, $this->existing_role_assignments['username'])){
- $errStr = "Username already exists";
- return false;
- }
- if(! array_key_exists($rolename, $this->existing_roles['role_name'])){
- $errStr = "Role does not exist";
- return false;
- }
- $dm = '';
- $insert_statement = "INSERT INTO ".$this->dbprefix."role_assignments (role_type_ID, role_assignment_username) VALUES (?,?)";
- $this->dbh->insert($insert_statement, array($this->existing_roles['role_name'][$rolename]['ID'], $username), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- $this->get_existing_role_assignments(true);
- return true;
- }
- function update_user_roles($username, $roles, &$errStr=''){
- $errStr='';
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- $delete_statement = "DELETE FROM ".$this->dbprefix."role_assignments WHERE role_assignment_username=?";
- $this->dbh->delete($delete_statement, array($username), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- $insert_statement = "INSERT INTO ".$this->dbprefix."role_assignments (role_type_ID, role_assignment_username) VALUES (?,?)";
- foreach($roles as $role){
- $this->dbh->insert($insert_statement, array($this->existing_roles['role_name'][$role]['ID'], $username), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- }
- $this->get_existing_role_assignments(true);
- return true;
- }
- private function update_role_assignments(){
- $msg = '';
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- $insert_statement = "INSERT INTO ".$this->dbprefix."role_assignments (role_type_ID, role_assignment_username) VALUES (?,?)";
- $delete_statement = "DELETE FROM ".$this->dbprefix."role_assignments WHERE role_assignment_username=? and role_type_ID=?";
- foreach ($this->existing_role_assignments['username'] as $username => $assigned_role_details){
- foreach($this->existing_roles['role_name'] as $role => $role_details){
- if(array_key_exists('ra-=-'.$username.'-=-'.$role, $_POST)){
- // add user to this role assignment, if needed
- if(! array_key_exists($role, $this->existing_role_assignments['username'][$username]['role_name']) ){
- // need to add
- $dm = '';
- $this->dbh->insert($insert_statement, array($this->existing_roles['role_name'][$role]['ID'], $username), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- $msg .= "• Added $username to $role<br />\n";
- }
- }else{
- // remove this user from this role assignment, if needed
- if(array_key_exists($role, $this->existing_role_assignments['username'][$username]['role_name'])){
- // need to remove
- $dm = '';
- $this->dbh->delete($delete_statement, array($username, $this->existing_roles['role_name'][$role]['ID']), $this->debug, $dm);
- if($this->debug){echo "$dm <br />\n";}
- $msg .= "• Removed $username from $role<br />\n";
- }
- }
- } // end foreach role
- } // end foreach user
- $this->get_existing_role_assignments(true);
- $this->draw_admin_page($msg);
- }
- function delete_username($username, &$errStr=''){
- // remove the record
- $statement = "delete from ".$this->dbprefix."role_assignments where role_assignment_username='".$username."'";
- $sth = $this->dbh->query($statement);
- if($this->dbh->error){
- $errStr = $this->dbh->error;
- return false;
- }
- $this->get_existing_role_assignments(true);
- return true;
- }
- private function delete_user(){
- $msg = '';
- // sanitize inputs
- if($_POST['rr_username'] == ''){
- $msg .= "<font color=red>• No username Given to Delete</font><br />\n";
- }else{
- preg_match('/([\w\.-]+)/', $_POST['rr_username'], $matches);
- if($matches[1] != $_POST['rr_username']){
- $msg .= "<font color=red>• The username given was invalid. Valid characters are: a-z A-Z 0-9 _ . -</font><br />\n";
- }
- $_POST['rr_username'] = $matches[1];
- }
- if($msg != ''){
- $this->draw_admin_page($msg);
- }
- // remove the record
- $statement = "delete from ".$this->dbprefix."role_assignments where role_assignment_username='".$_POST['rr_username']."'";
- $sth = $this->dbh->query($statement);
- if($this->dbh->error){
- $this->draw_admin_page("<font color=red>•Function: delete_user() attempting delete user roles (".$statement.") , error: ".$this->dbh->error."</font><br />\n");
- }
- $this->get_existing_role_assignments(true);
- $this->draw_admin_page("•Successfully deleted ".$_POST['rr_username']." roles<br />\n");
- }
- private function sanitize_inputs(){
- if(! $_POST['ra_new_username'] == ''){
- preg_match('/([\w\.-]+)/', $_POST['ra_new_username'], $matches);
- $_POST['ra_new_username'] = $matches[1];
- }
- if(! $_POST['ra_new_role_name'] == ''){
- preg_match('/([\w\.-]+)/', $_POST['ra_new_role_name'], $matches);
- $_POST['ra_new_role_name'] = $matches[1];
- }
- if(! $_POST['ra_new_role_desc'] == ''){
- preg_match('/([\w\s\.!@#\$\%^&\*\+\?\/:-]+)/', $_POST['ra_new_role_desc'], $matches);
- $_POST['ra_new_role_desc'] = $matches[1];
- }
- return true;
- }
- function has_role($roles, $username=''){
- if($this->debug){
- echo "routine: has_role('$roles', '$username')<br />\n";
- }
- return $this->restrict_to($roles, $username, true);
- }
- function get_user_roles($username){
- if($this->debug){
- echo "routine: get_user_roles('$username')<br />\n";
- }
- $this->errStr='';
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- if($this->determine_username($username) == false){die("class_role_restrictions: restrict_to: Unable to determine Username");}
- if( array_key_exists($this->username, $this->existing_role_assignments['username']) ){
- return $this->existing_role_assignments['username'][$this->username]['role_name'];
- }else{
- return array();
- }
- }
- function restrict_to($roles, $username='', $return_result=false){
- if($this->debug){
- echo "routine: restrict_to('$roles', '$username', ".($return_result?'1':'0').")<br />\n";
- }
- $this->errStr='';
- $roles_a = preg_split('/[^\w\.-]+/',$roles);
- $this->get_existing_roles();
- $this->get_existing_role_assignments();
- if($this->determine_username($username) == false){die("class_role_restrictions: restrict_to: Unable to determine Username");}
- if( array_key_exists($this->username, $this->existing_role_assignments['username']) ){
- foreach($roles_a as $role_name){
- if($this->debug){
- echo "looking for |$role_name| for user ".$this->username." in this array:<br /> <pre>";
- var_dump($this->existing_role_assignments['username'][$this->username]['role_name']);
- echo "</pre><br />Was it in there? \n";
- }
- if(array_key_exists($role_name, $this->existing_role_assignments['username'][$this->username]['role_name'])){
- if($this->debug){echo "YES<br />\n";}
- return true;
- }
- if($this->debug){echo "NO<br />\n";}
- }
- }
- if($return_result){return false;}
- $this->draw_not_authorized_to_use($this->username, $roles);
- }
- private function determine_username($username){
- if($username==''){
- if($this->username==''){
- $this->errStr='determine_username: ERROR: Missing username';
- if($this->debug){echo $this->errStr."<br />\n";}
- return false;
- }
- }else{
- $this->set_username($username);
- }
- if($this->debug){echo "determine_username: using username: ".$this->username."<br />\n";}
- return true;
- }
- function get_roles($force_refresh=false){
- $this->get_existing_roles($force_refresh);
- return $this->existing_roles;
- }
- /**
- * private function: get_existing_roles()
- *
- * populates the private $existing_roles array:
- *
- * $this->existing_roles = array (
- * '_total' => 1,
- *
- * 'ID' => array (
- * '120' => array (
- * 'ID' => 120,
- * 'name' => "Admin",
- * 'desc' => "For administrators blah blah ..."
- * )
- * ),
- *
- * 'name' => array (
- * 'Admin' => array (
- * 'ID' => 120,
- * 'name' => "Admin",
- * 'desc' => "For administrators blah blah ..."
- * )
- * )
- * )
- *
- * @param bool $force_refresh
- * false = uses previously retrieved db values,
- * true = will query the db for the values regardless of the existence of any previously stored values
- */
- private function get_existing_roles($force_refresh=false){
- if($this->debug){
- echo "routine: get_existing_roles(".($force_refresh?'1':'0').")<br />\n";
- }
- $this->errStr = '';
- if($force_refresh or $this->existing_roles['_total']==0){
- if($this->debug){
- echo "getting roles from DB <br />\n";
- }
- $this->existing_roles = array('_total'=>0); // clear the array
- $stmt = $this->dbh->select("SELECT role_type_ID, role_type_name, role_type_desc FROM ".$this->dbprefix."role_types", $row, array(), $this->debug>1?'1':0, $dm);
- if($this->debug){ echo $dm; }
- while($stmt->fetch()){
- if($row['role_type_name'] == ''){continue;}
- $this->existing_roles['ID'][$row['role_type_ID']]=array('ID'=>$row['role_type_ID'], 'role_name'=>$row['role_type_name'], 'desc'=>$row['role_type_desc']);
- $this->existing_roles['role_name'][$row['role_type_name']]=array('ID'=>$row['role_type_ID'], 'role_name'=>$row['role_type_name'], 'desc'=>$row['role_type_desc']);
- $this->existing_roles['_total']++;
- }
- }elseif($this->debug){
- echo "Using cached roles <br />\n";
- }
- if($this->debug){
- echo "Available Roles: <br />\n";
- var_dump($this->existing_roles);
- echo "<br />";
- }
- return true;
- }
- function get_role_assignments($force_refresh=false){
- $this->get_existing_role_assignments($force_refresh);
- return $this->existing_role_assignments;
- }
- /**
- * private function: get_existing_role_assignments()
- *
- * populates the private $existing_role_assignments array:
- *
- * $this->existing_role_assignments = array (
- * '_total' => 2,
- *
- * 'ID' => array (
- * '120' => array ( // 'ID' of role
- * "jsmoe", // usernames assigned to this role
- * "blah"
- * )
- * ),
- *
- * 'name' => array (
- * 'Admin' => array ( // 'name' of role
- * "jsmoe", // usernames assigned to this role
- * "blah"
- * )
- * ),
- *
- * 'username' => array (
- * 'jsmoe' => array ( // username who has role(s) assigned
- * 'ID' => array (
- * 120, // 'ID' of role assigned to username
- * 434
- * ),
- * 'name' => array (
- * "Admin", // 'name' of role assigned to username
- * "Auditor"
- * )
- * )
- * )
- * )
- *
- * @param bool $force_refresh
- * false = uses previously retrieved db values,
- * true = will query the db for the values regardless of the existence of any previously stored values
- */
- private function get_existing_role_assignments($force_refresh=false){
- if($this->debug){
- echo "routine: get_existing_role_assignments(".($force_refresh?'1':'0').")<br />\n";
- }
- $this->errStr = '';
- if($force_refresh or $this->existing_role_assignments['_total']==0){
- $this->get_existing_roles(); // make sure this has been populated
- if($this->debug){
- echo "getting assignments from DB <br />\n";
- }
- $this->existing_role_assignments = array('_total'=>0, 'username'=>array()); // clear the array
- $stmt = $this->dbh->select("SELECT role_assignment_ID, role_type_ID, role_assignment_username FROM ".$this->dbprefix."role_assignments", $row, array(), $this->debug>1?'1':0, $dm);
- if($this->debug){ echo $dm; }
- while($stmt->fetch()){
- //echo $row['role_assignment_username'].', '.$row['role_type_ID']. ', '.$this->existing_roles['ID'][$row['role_type_ID']]['name']."<br />\n";
- if($row['role_assignment_username'] == ''){continue;}
- $this->existing_role_assignments['ID'][$row['role_type_ID']]['username'][$row['role_assignment_username']]=$row['role_assignment_username'];
- $this->existing_role_assignments['ID'][$row['role_type_ID']]['role_name']=$this->existing_roles['ID'][$row['role_type_ID']]['role_name'];
- $this->existing_role_assignments['role_name'][$this->existing_roles['ID'][$row['role_type_ID']]['role_name']]['ID']=$row['role_type_ID'];
- $this->existing_role_assignments['role_name'][$this->existing_roles['ID'][$row['role_type_ID']]['role_name']]['username'][$row['role_assignment_username']]=$row['role_assignment_username'];
- $this->existing_role_assignments['username'][$row['role_assignment_username']]['ID'][$row['role_type_ID']]=$this->existing_roles['ID'][$row['role_type_ID']]['role_name'];
- $this->existing_role_assignments['username'][$row['role_assignment_username']]['role_name'][$this->existing_roles['ID'][$row['role_type_ID']]['role_name']]=$row['role_type_ID'];
- $this->existing_role_assignments['_total']++;
- }
- /*
- $sth = $this->dbh->query("SELECT role_assignment_ID, role_type_ID, role_assignment_username FROM ".$this->dbprefix."role_assignments");
- if($this->dbh->error){
- $this->errStr = $this->dbh->error;
- return false;
- }
- while ($row = $sth->fetch_object()) {
- //echo $row->role_assignment_username.', '.$row->role_type_ID. ', '.$this->existing_roles['ID'][$row->role_type_ID]['name']."<br />\n";
- if($row->role_assignment_username == ''){continue;}
- $this->existing_role_assignments['ID'][$row->role_type_ID]['username'][$row->role_assignment_username]=$row->role_assignment_username;
- $this->existing_role_assignments['ID'][$row->role_type_ID]['role_name']=$this->existing_roles['ID'][$row->role_type_ID]['role_name'];
- $this->existing_role_assignments['role_name'][$this->existing_roles['ID'][$row->role_type_ID]['role_name']]['ID']=$row->role_type_ID;
- $this->existing_role_assignments['role_name'][$this->existing_roles['ID'][$row->role_type_ID]['role_name']]['username'][$row->role_assignment_username]=$row->role_assignment_username;
- $this->existing_role_assignments['username'][$row->role_assignment_username]['ID'][$row->role_type_ID]=$this->existing_roles['ID'][$row->role_type_ID]['role_name'];
- $this->existing_role_assignments['username'][$row->role_assignment_username]['role_name'][$this->existing_roles['ID'][$row->role_type_ID]['role_name']]=$row->role_type_ID;
- $this->existing_role_assignments['_total']++;
- }
- $sth->free_result();
- */
- }elseif($this->debug){
- echo "Using cached assignments<br />\n";
- }
- if($this->debug){
- echo "Role Assignments: <br />\n";
- var_dump($this->existing_role_assignments);
- echo "<br />";
- }
- return true;
- }
- private function draw_not_authorized_to_use($username, $required_role, $feature='') {
- ?>
- <p>Sorry, you need the "<?php echo $required_role?>" role(s) to access this <?php echo $feature==''?'page':'feature ('.$feature.')'; ?>.</p>
- <p><a href="javascript: history.go(-1)">Return to the previous page?</a></p>
- <?php
- exit;
- }
- private function parse_return_url(){
- if(preg_match('/(.+)\/([\w\.-]+\.php)/',$this->return_url,$matches)){
- $this->set_program_name($matches[2]);
- $this->set_program_base_url($matches[1]);
- }elseif($this->debug){
- echo "role_restrictions_object->private function parse_return_url_for_program_name(): Unable to determine program name from program url (".$this->return_url.")<br />\n";
- }
- return true;
- }
- private function prevent_undefined_index_notices($potential_keys){
- foreach ($potential_keys as $v){
- $_POST[$v] = isset($_POST[$v])?$_POST[$v]:'';
- }
- return true;
- }
- function set_return_url($return_url){
- $this->return_url = $return_url;
- if($this->debug){echo 'role_restrictions_object->set_return_url('.$this->return_url.");<br />\n";}
- $this->parse_return_url();
- return true;
- }
- function set_image_url($image_url=''){
- if($image_url==''){
- $this->image_url = $this->program_base_url.'/images';
- }else{
- $this->image_url = $image_url;
- }
- return true;
- }
- function set_return_link_display_text($return_link_display_text){
- $this->return_link_display_text = $return_link_display_text;
- if($this->debug){echo 'role_restrictions_object->set_return_link_display_text('.$this->return_link_display_text.");<br />\n";}
- return true;
- }
- function set_program_name($program_name){
- $this->program_name = $program_name;
- if($this->debug){echo 'role_restrictions_object->set_program_name('.$this->program_name.");<br />\n";}
- return true;
- }
- function set_program_base_url($program_base_url){
- $this->program_base_url = $program_base_url;
- if($this->debug){echo 'role_restrictions_object->set_program_base_url('.$this->program_base_url.");<br />\n";}
- return true;
- }
- function set_dbh($dbh){
- $this->dbh = $dbh;
- if($this->debug){echo 'role_restrictions_object->set_dbh('.(is_object($this->dbh)?'db_object':'unknown').");<br />\n";}
- return true;
- }
- function set_dbprefix($dbprefix){
- $this->dbprefix = $dbprefix;
- if($this->debug){echo 'role_restrictions_object->set_dbprefix('.$this->dbprefix.");<br />\n";}
- return true;
- }
- function set_display_title($display_title){
- $this->display_title = $display_title;
- if($this->debug){echo 'role_restrictions_object->set_display_title('.$this->display_title.");<br />\n";}
- return true;
- }
- function set_debug($debug){
- $this->debug = $debug?$debug:0;
- if($this->debug){echo 'role_restrictions_object->set_debug('.$this->debug.");<br />\n";}
- return true;
- }
- function set_username($username){
- $this->username = $username;
- if($this->debug){echo 'role_restrictions_object->set_username('.$this->username.");<br />\n";}
- return true;
- }
- function set_admin_functions($admin_functions){
- $this->admin_functions = $admin_functions;
- if($this->debug){echo 'role_restrictions_object->set_admin_functions('; echo var_dump($this->admin_functions); echo ");<br />\n";}
- return true;
- }
- }
- /*
- CREATE TABLE role_types (
- role_type_ID int(11) AUTO_INCREMENT NOT NULL,
- role_type_name varchar(255) NOT NULL,
- role_type_desc varchar(255) NULL,
- PRIMARY KEY(role_type_ID)
- )
- GO
- CREATE TABLE role_assignments (
- role_assignment_ID int(11) AUTO_INCREMENT NOT NULL,
- role_type_ID int(11) NOT NULL,
- role_assignment_username varchar(255) NOT NULL,
- PRIMARY KEY(role_assignment_ID)
- )
- GO
- CREATE TABLE role_feature_types (
- feature_type_ID int(11) AUTO_INCREMENT NOT NULL,
- feature_type_name varchar(255) NOT NULL,
- feature_type_desc varchar(255) NULL,
- PRIMARY KEY(feature_type_ID)
- )
- GO
- CREATE TABLE role_feature_assignments (
- feature_assignment_ID int(11) AUTO_INCREMENT NOT NULL,
- role_type_ID int(11) NOT NULL,
- feature_type_ID int(11) NOT NULL,
- PRIMARY KEY(feature_assignment_ID)
- )
- GO
- */
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement