se/SE/superedit-A_ADM_COMPANY_CHECK.php

<?php
//@2013-06-24 funkcja do sprawdzania czy ktos ma perma do edycji danego ID
//@2013-07-03 sprawdza czy wlascicielem nie jest osoba odpowiedzialna za projekt - wtedy ma dostep do sprawy
//TODO zrobic cache aby nie wyzwalac wkolko zapytan czy jest PERM

function A_ADM_COMPANY_CHECK($TEST_ID,$TEST_TABLE) {
global $thiss,$result,$db;

if(empty($TEST_TABLE)) $TEST_TABLE=$thiss->DETECT_TABLE_NAME;

		if(empty($TEST_ID)) DEBUG_S(-3,'ERROR: function didnt get 1 argument TEST_ID',$TEST_ID,__FILE__,__FUNCTION__,__LINE__);
		
		$exit=false;
		//cache check
		if(isset($_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['ID']))
			if($_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['ID']==$TEST_ID)
				 if($_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['TIMESTAMP']<(date("U")-60))
				 	return(true);
		
		if (!empty($_SESSION[$thiss->DETECT_TABLE_COLUMN]['TYPE']['L_APPOITMENT_USER'])) {
		 	 $sql=" select L_APPOITMENT_USER from `".$TEST_TABLE."` where ID='".$TEST_ID."' ";
		 	 $res=DB::query($sql);
			 while ($h=DB::fetch_array($res)) {
			 	if($_SESSION['ADM_ACCOUNT']==$h['L_APPOITMENT_USER']) {
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['ID']=$TEST_ID;
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['TIMESTAMP']=date("U");
					return(true);
			 	}
			 }
		}
		//dla projektow - gdzie jest P_ID - jedno drzewo w gore
		if (!empty($_SESSION[$thiss->DETECT_TABLE_COLUMN]['TYPE']['P_ID'])) {
		 	 $sql=" select t2.L_APPOITMENT_USER from `".$TEST_TABLE."` as t1 
		 	 	left join `".$TEST_TABLE."` as t2 on t1.P_ID=t2.ID 
		 	 where t1.ID='".$TEST_ID."' ";
		 	 $res=DB::query($sql);
			 while ($h=DB::fetch_array($res)) {
			 	if($_SESSION['ADM_ACCOUNT']==$h['L_APPOITMENT_USER']) {
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['ID']=$TEST_ID;
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['TIMESTAMP']=date("U");
					return(true);
			 	}
			 }
		}
		
		$sql="select A_ADM_COMPANY from `".$TEST_TABLE."` where ID='".$TEST_ID."'";
		$res=DB::query($sql);
		while ($h=DB::fetch_array($res)) {
			if(isset($_SESSION['AUTH_LDAP_CLIENT__LDAP_USERS'])) {
			$com = strtolower($h['A_ADM_COMPANY']);
echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;display:none">com('.$com.') (F.' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($_SESSION['AUTH_LDAP_CLIENT__LDAP_USERS'][$_SESSION['ADM_ACCOUNT']]);echo'</pre>';
			if((in_array($com,$_SESSION['AUTH_LDAP_CLIENT__LDAP_USERS'][$_SESSION['ADM_ACCOUNT']]) )||(in_array($h['A_ADM_COMPANY'],$_SESSION['AUTH_LDAP_CLIENT__LDAP_USERS'][$_SESSION['ADM_ACCOUNT']]) )||empty($h['A_ADM_COMPANY']))  {
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['ID']=$TEST_ID;
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['TIMESTAMP']=date("U");
				return(true);
		    } else { 
				return(false);
			} 
			
			} else if(stristr($h['A_ADM_COMPANY'], $_SESSION['ADM_ACCOUNT'])) {
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['ID']=$TEST_ID;
					$_SESSION[$thiss->DETECT_TABLE_COLUMN]['A_ADM_COMPANY_CHECK']['TIMESTAMP']=date("U");
			   return(true);
			} else {
			    return(false);
			}
		} 
	
	return(false);



}