Subversion-Projekte lars-tiefland.content-management

<?php

    /**
     * @package   Content-management
     * @author    Lars Tiefland <tiefland@weban.de>
     * @copyright 2010 Webagentur Niewerth
     * @license   propietary http://www.weban.de
     * @version   $Rev: 3879 $
     * @filesource
     * 
     */

    /**
     * 
     * @package   Content-management
     * @author    Lars Tiefland <tiefland@weban.de>
     * @copyright 2010 Webagentur Niewerth
     */

    // SVN: $Id: admin_web_rechte.php 3879 2011-09-06 13:12:02Z tiefland $

    $self = basename( $PHP_SELF );
    $Tab = "Access";
    require_once "connect.php";
    // -------------------------
    // Sonderrechte abchecken
    if ( ( $site == "weban.de" ) or ( $_SERVER["SERVER_NAME"] == "server" ) )
    {
    }
    else
    {
        exit;
    }
    // -------------------------
    require_once "Weban_Smarty.class.php";
    $GLOBALS["ui"] = new Weban_Smarty();
    $GLOBALS["ui"]->compile_dir = $_SERVER["DOCUMENT_ROOT"] .
        "/templates_c/";
    $GLOBALS["ui"]->use_sub_dirs = true;

    if ( $action == "update" )
    {
        /*$query="delete from webs_properties where webs = $ID";
        $result = mysql_query ($query) or die (mysql_errno().": ".mysql_error()."<hr>$query<hr>");*/

        if ( isset( $modules ) )
        {
            foreach ( $modules as $m_id => $tools )
            {
                $m_name = getModuleName( $m_id );
                foreach ( $tools as $t_id => $properties )
                {
                    foreach ( $properties as $elem => $val )
                    {
                        $p_name = getPropertyName( $elem );
                        $query = "
                            SELECT 
                                * 
                            FROM 
                                webs_properties 
                            WHERE 
                                webs=$ID 
                            AND 
                                properties=$elem
                        ";
                        $result = mysql_query( $query );
                        $anz = mysql_num_rows( $result );
                        $row = mysql_fetch_assoc( $result );
                        if ( $anz && !$val )
                        {
                            $query = "
                                DELETE FROM 
                                    webs_properties 
                                WHERE 
                                    webs = $ID 
                                AND 
                                    properties=$elem
                            ";
                        } elseif ( $val && !$anz )
                        {
                            $query = "
                                INSERT INTO 
                                    webs_properties 
                                        (webs,properties,Bezeichnung) 
                                    VALUES 
                                        ($ID,$elem,'$Bezeichnung[$elem]')
                            ";
                            /*
                            $f_name = $m_name . "/" . $p_name . ".sql";
                            if ( file_exists( $f_name ) )
                            {
                            echo "Lese $f_name<br>";
                            $cont = file_get_contents( $f_name );
                            $cont = explode( ";", $cont );
                            foreach ( $cont as $sql )
                            {
                            if ( $sql && $sql[0] != "-" )
                            {
                            $res = mysql_query( $sql );
                            }
                            }
                            }
                            */
                        } elseif ( $Bezeichnung[$elem] != $row["Bezeichnung"] )
                        {
                            $query = "
                                UPDATE 
                                    webs_properties 
                                SET 
                                    Bezeichnung='$Bezeichnung[$elem]' 
                                WHERE 
                                    webs=$ID 
                                AND 
                                    properties=$elem
                            ";
                        }
                        $result = mysql_query( $query ) or die( mysql_errno
                            () . ": " . mysql_error() . "<hr>$query<hr>" );
                    }
                }
            }
        }
        unset( $modules );
    }

    $query_site = "
        SELECT 
            * 
        FROM 
            webs 
        WHERE 
            ID = $ID
    ";
    $result_site = mysql_query( $query_site ) or die( mysql_errno() . ": " .
        mysql_error() . "<hr>$query_site<hr>" );
    $web = mysql_fetch_assoc( $result_site );
    $query = "
        SELECT 
            webs_properties.* 
        FROM 
            webs_properties,
            webs 
        WHERE 
            webs.ID = $ID 
        AND 
            webs_properties.webs = webs.ID
    ";
    $result = mysql_query( $query ) or die( mysql_errno() . ": " .
        mysql_error() . "<hr>$query<hr>" );
    while ( $zeile = mysql_fetch_assoc( $result ) )
    {
        $web["webs_properties"][$zeile["properties"]] = $zeile["Bezeichnung"];
    }
    $query = "
        SELECT 
            *
        FROM 
            modules 
        ORDER BY 
            rang
    ";
    $result_modules = mysql_query( $query ) or die( mysql_errno() . ": " .
        mysql_error() );
    while ( $module = mysql_fetch_assoc( $result_modules ) )
    {
        $query = "
            SELECT 
                tools.* 
            FROM 
                tools 
            WHERE 
                tools.modules = $module[ID] 
            ORDER BY 
                tools.rang
        ";
        $result_tools = mysql_query( $query ) or die( mysql_errno() . ": " .
            mysql_error() );
        while ( $tool = mysql_fetch_assoc( $result_tools ) )
        {
            $query = "
                SELECT 
                    properties.* 
                FROM 
                    properties 
                WHERE 
                    properties.tools = $tool[ID] 
                ORDER BY 
                    properties.rang
            ";
            $result_properties = mysql_query( $query ) or die( mysql_errno() .
                ": " . mysql_error() );
            while ( $property = mysql_fetch_assoc( $result_properties ) )
            {
                $property["beschreibung"] = htmlspecialchars( str_replace( "'",
                    '"', $property["beschreibung"] ), ENT_QUOTES );
                $property["beschreibung"] = preg_replace( "/[\r\n]/", "<br>",
                    $property["beschreibung"] );
                $property["beschreibung"] = str_replace( "<br><br>", "<br>",
                    $property["beschreibung"] );
                $tool["properties"][] = $property;
            }
            $module["tools"][] = $tool;
        }
        $modules[] = $module;
    }
    $algos = array( "", "crypt", "md5", "sha1" );
    if ( function_exists( "hash" ) )
    {
        $algos[] = "sha256";
        $algos[] = "sha512";
    }
    $GLOBALS["ui"]->assign( "algos", $algos );
    $GLOBALS["ui"]->assign( "modules", $modules );
    $GLOBALS["ui"]->assign( "web", $web );
    $GLOBALS["ui"]->display( "admin_web_rechte.tpl" );

    function getModuleName( $m_id )
    {
        $sql = "SELECT
                interner_name
            FROM
                content_management.modules
            WHERE
                id=$m_id
        ";
        $res = mysql_query( $sql );
        $row = mysql_fetch_assoc( $res );
        return $row["interner_name"];
    }
    function getPropertyName( $p_id )
    {
        $sql = "SELECT
                interner_name
            FROM
                content_management.properties
            WHERE
                id=$p_id
        ";
        $res = mysql_query( $sql );
        $row = mysql_fetch_assoc( $res );
        return $row["interner_name"];
    }
?>