/* table connections */
if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' &&
- !empty($_POST['table'])) {
- if (check_permissions($_POST['table']))
+ !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') {
+ if (check_permissions(substr($_GET['id'],5)))
return true;
else
format_ajax(array('error' => 'No permission to access data'));
format_ajax(array('error' => 'No permission to access data'));
}
+ return true;
}
function sanitise_filename($file)
return mask($_GET['mask']);
}
- $masks = array('sys_user','sys_group','sys_mask',
- 'anbaugeraete','arbeitsarten','personal','materialien','gebiet','geraete',
- 'kostenstellen','materialverbrauch','einsatz');
- $ret = '';
- foreach ($masks as $m)
- $ret .= sprintf('<a href="index.php?mask=%s">%s</a><br>', $m, $m);
+ $ret = '<div style="height: 600px; font-size: large; font-weight: bold;">Willkommen in der Kostenrechnung der Friesoyther Wasseracht!</div>';
return $ret;
}
return $html;
}
+function grid_sql_join($mask)
+{
+ $ret = '';
+ if (array_key_exists('join', $mask)) {
+ foreach ($mask['join'] as $line) {
+ if (strtolower(substr($line,0,4)) == 'left')
+ $ret .= ' LEFT JOIN ' . substr($line,5);
+ else
+ $ret .= ' JOIN ' . $line;
+ }
+ }
+ return $ret;
+}
+
function grid_sql($name, $mask)
{
$fields = array();
$_SESSION['grid_' . $name] = sprintf("SELECT %s FROM %s",
implode(',', $fields), $mask['table']);
- if (array_key_exists('join', $mask)) $_SESSION['grid_' . $name] .= ' JOIN ' . join(' JOIN ', $mask['join']);
+ if (array_key_exists('join', $mask)) $_SESSION['grid_' . $name] .= grid_sql_join($mask);
if (array_key_exists('where', $mask)) $_SESSION['grid_' . $name] .= ' WHERE ' . $mask['where'];
}