Limit menu items to permitted ones according to group

[misc/kostenrechnung] / lib / menu.php

diff --git a/lib/menu.php b/lib/menu.php
index c7190c3..e20b4d0 100644 (file)
--- a/lib/menu.php
+++ b/lib/menu.php
@@ -4,15 +4,41 @@ function menu()
 {
   if (empty($_SESSION['sys']['login'])) return '';
 
-  $ret = '<div id="menu">
-  <ul id="nav">
-   <li><a href="./">Start</a></li>
-   <li><a href="./?mask=personal">Personal</a></li>
-   <li><a href="./?mask=overview_gewaesser">Gewässer</a></li>
-   <li><a href="#">Abfragen</a></li>
-  </ul>
-</div>
-';
+  $ret = '<div class="menu">';
+
+  $ret .= '<ul id="menu" class="dropdown">';
+
+  $ret .= '<li><span>Home</span>';
+  $ret .= '<ul>';
+  $ret .= '<li><a href="./" title="Zurück zur Hauptseite">Start</a></li>';
+  $ret .= '<li><a href="./?logout=true" title="Abmelden">Logout</a></li>';
+
+  $sql = "SELECT fname,menutitle,name FROM sys_mask "
+    . "JOIN sys_menu ON sys_mask.menu = sys_menu.id "
+    . "JOIN sys_group_mask ON sys_mask.id = sys_group_mask.mask "
+    . "WHERE sys_group_mask.gid = ".$_SESSION['sys']['group']." "
+    . "ORDER BY sys_menu.priority,sys_menu.name,sys_mask.priority,sys_mask.menutitle";
+  $sth = pg_query($sql);
+
+  if ($sth) {
+    $menu = 'Start';
+
+    while ($row = pg_fetch_assoc($sth)) {
+      if ($menu != $row['name']) {
+       $ret .= '</ul></li>';
+       $ret .= sprintf('<li><span>%s</span>', $row['name']);
+       $ret .= '<ul>';
+       $menu = $row['name'];
+      }
+      $ret .= sprintf('<li><a href="./?mask=%s">%s</a></li>', $row['fname'], $row['menutitle']);
+    }
+    $ret .= '</ul>';
+    $ret .= '</li>';
+  }
+
+  $ret .= '</ul>';
+  $ret .= '</div>';
+
   return $ret;
 }