extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-08 23:19:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make edit use class for owner check, make add use acl and access field

Browse Source
This commit is contained in:
Miles Lott 2001-03-24 15:21:56 +00:00
parent 058d9bcb2e
commit 7676f0576c
2 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
addressbook/add.php
View File

@ -141,7 +141,13 @@
$fields["note"] = $notes;
$fields["label"] = $label;
addressbook_add_entry($phpgw_info["user"]["account_id"],$fields);
if ($access == True) {
$fields["access"] = 'private';
} else {
$fields["access"] = 'public';
}
addressbook_add_entry($phpgw_info["user"]["account_id"],$fields,$fields["access"]);
$ab_id = addressbook_get_lastid();
Header("Location: " . $phpgw->link("/addressbook/view.php","ab_id=$ab_id&order=$order&sort=$sort&filter=$filter&start=$start"));

17
addressbook/edit.php
View File

@ -25,10 +25,9 @@
$this = CreateObject('phpgwapi.contacts');
// First, make sure they have permission to this entry
$phpgw->db->query("select owner from phpgw_addressbook where id='$ab_id'");
$phpgw->db->next_record();
$check = addressbook_read_entry($ab_id,array('owner' => 'owner'));
if (! $this->check_perms($this->grants[$phpgw->db->f('owner')],PHPGW_ACL_EDIT) && $phpgw->db->f('owner') != $phpgw_info['user']['account_id'])
if (! $this->check_perms($this->grants[$check[0]['owner']],PHPGW_ACL_EDIT) && $check[0]['owner'] != $phpgw_info['user']['account_id'])
{
Header("Location: " . $phpgw->link('/addressbook/index.php',"cd=16&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
$phpgw->common->phpgw_exit();
@ -151,11 +150,17 @@
$fields["note"] = $notes;
$fields["label"] = $label;
if ($access == True) {
$fields["access"] = 'private';
} else {
$fields["access"] = 'public';
}
$userid = $phpgw_info["user"]["account_id"];
addressbook_update_entry($ab_id,$userid,$fields);
addressbook_update_entry($ab_id,$userid,$fields,$fields['access']);
Header("Location: " . $phpgw->link("/addressbook/view.php","ab_id=$ab_id&order=$order&sort=$sort&filter=$filter&start=$start"));
Header("Location: " . $phpgw->link("/addressbook/view.php","ab_id=$ab_id&order=$order&sort=$sort&filter=$filter&start=$start&query=$query"));
$phpgw->common->phpgw_exit();
}
@ -169,7 +174,7 @@
$t->set_var("lang_cancel",lang("cancel"));
$t->set_var("lang_delete",lang("delete"));
$t->set_var("lang_submit",lang("submit"));
$t->set_var("cancel_link",'<form method="POST" action="'.$phpgw->link("/addressbook/index.php","sort=$sort&order=$order&filter=$filter&start=$start") . '">');
$t->set_var("cancel_link",'<form method="POST" action="'.$phpgw->link("/addressbook/index.php","sort=$sort&order=$order&filter=$filter&start=$start&query=$query") . '">');
$t->set_var("delete_link",'<form method="POST" action="'.$phpgw->link("/addressbook/delete.php","ab_id=$ab_id") . '">');
$t->parse("out","edit");