Support custom save function

[misc/kostenrechnung] / lib / general.php

diff --git a/lib/general.php b/lib/general.php
index 7c5d5f3..2332e59 100644 (file)
--- a/lib/general.php
+++ b/lib/general.php
@@ -19,7 +19,6 @@ function check_permissions($name)
                 . "JOIN sys_group_mask ON sys_mask.id = sys_group_mask.mask "
                 . "WHERE sys_group_mask.gid = %d AND fname = '%s'",
                 $_SESSION['sys']['group'], pg_escape_string($name));
-  error_log($sql);
 
   $sth = pg_query($sql);
 
@@ -77,8 +76,8 @@ function check_session()
 
   /* table connections */
   if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' &&
-      !empty($_POST['table'])) {
-    if (check_permissions($_POST['table']))
+      !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') {
+    if (check_permissions(substr($_GET['id'],5)))
       return true;
     else
       format_ajax(array('error' => 'No permission to access data'));
@@ -87,7 +86,7 @@ function check_session()
   /* ajax calls */
   if (substr($_SERVER["SCRIPT_FILENAME"],-9) == '/ajax.php' &&
       !empty($_POST['source'])) {
-    if (check_permissions(substr($_POST['source'],5)))
+    if (check_permissions($_POST['source']))
       return true;
     else
       format_ajax(array('error' => 'No permission to access data'));
@@ -159,12 +158,7 @@ function process()
     return mask($_GET['mask']);
   }
 
-  $masks = array('sys_user','sys_group','sys_mask',
-                'anbaugeraete','arbeitsarten','personal','materialien','gebiet','geraete',
-                'kostenstellen','materialverbrauch','einsatz');
-  $ret = '';
-  foreach ($masks as $m)
-    $ret .= sprintf('<a href="index.php?mask=%s">%s</a><br>', $m, $m);
+  $ret = '<div style="height: 600px; font-size: large; font-weight: bold;">Willkommen in der Kostenrechnung der Friesoyther Wasseracht!</div>';
   
   return $ret;
 }
@@ -193,6 +187,20 @@ function debug_info()
   return $html;
 }
 
+function grid_sql_join($mask)
+{
+  $ret = '';
+  if (array_key_exists('join', $mask)) {
+    foreach ($mask['join'] as $line) {
+      if (strtolower(substr($line,0,4)) == 'left')
+       $ret .= ' LEFT JOIN ' . substr($line,5);
+      else
+       $ret .= ' JOIN ' . $line;
+    }
+  }
+  return $ret;
+}
+
 function grid_sql($name, $mask)
 {
   $fields = array();
@@ -205,7 +213,7 @@ function grid_sql($name, $mask)
 
   $_SESSION['grid_' . $name] = sprintf("SELECT %s FROM %s",
                                       implode(',', $fields), $mask['table']);
-  if (array_key_exists('join', $mask)) $_SESSION['grid_' . $name] .= ' JOIN ' . join(' JOIN ', $mask['join']);
+  if (array_key_exists('join', $mask)) $_SESSION['grid_' . $name] .= grid_sql_join($mask);
   if (array_key_exists('where', $mask)) $_SESSION['grid_' . $name] .= ' WHERE ' . $mask['where'];
 }