X-Git-Url: https://git.infodrom.org/?p=misc%2Fkostenrechnung;a=blobdiff_plain;f=lib%2Fgeneral.php;h=837a4b8a807222931fa55f7821d19d3a603d3990;hp=279b7018c8afec14590fc29db6088748bce1312f;hb=deaf08b6e3fc5c35d139b83db7f4951f4685eb30;hpb=8c1907e75871bb1fdcf74c20461f2f9b99a692dd
diff --git a/lib/general.php b/lib/general.php
index 279b701..837a4b8 100644
--- a/lib/general.php
+++ b/lib/general.php
@@ -1,16 +1,111 @@
'No permission to access data'));
+ }
+
+ /* table connections */
+ if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' &&
+ !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') {
+ if (check_permissions(substr($_GET['id'],5)))
+ return true;
+ else
+ format_ajax(array('error' => 'No permission to access data'));
+ }
+
+ /* ajax calls */
+ if (substr($_SERVER["SCRIPT_FILENAME"],-9) == '/ajax.php' &&
+ !empty($_POST['source'])) {
+ if (check_permissions($_POST['source']))
+ return true;
+ else
+ format_ajax(array('error' => 'No permission to access data'));
+ }
+
+}
+
function sanitise_filename($file)
{
return str_replace('./','x',$file);
}
-function load_mask($name, $prefix = '')
+function load_mask($name)
{
global $mask;
+ global $jscode;
$name = sanitise_filename($name);
- $file = $prefix . 'masks/' . $name . '.php';
+ $file = $_SESSION['sys']['basedir'] . 'masks/' . $name . '.php';
if (!file_exists($file))
return false;
@@ -26,6 +121,19 @@ function connect_db()
pg_connect($dsn);
}
+function query_db($sql)
+{
+ $sth = pg_query($sql);
+
+ if ($sth === false) return false;
+
+ $result = array();
+ while ($row = pg_fetch_assoc($sth))
+ $result[] = $row;
+
+ return $result;
+}
+
function load_js($jsfiles, $jscode)
{
$ret = '';
@@ -40,28 +148,59 @@ function load_js($jsfiles, $jscode)
function process()
{
+ if (!empty($_GET['login'])) {
+ require_once('lib/login.php');
+ return mask_login();
+ }
+
if (!empty($_GET['mask'])) {
require_once('lib/mask.php');
return mask($_GET['mask']);
}
- $masks = array('sys_user','sys_group','sys_mask',
- 'anbaugeraete','arbeitsarten','personal','materialien','gebiet','geraete',
- 'kostenstellen','materialverbrauch','einsatz');
- $ret = '';
- foreach ($masks as $m)
- $ret .= sprintf('%s
', $m, $m);
+ $ret = '
\n\$_SESSION = " . var_export($_SESSION,true) . "\n"; $html .= "\n\$_COOKIE = " . var_export($_COOKIE,true) . "\n\n"; + $html .= $debug_info; $html .= '