1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
|
<?php
class permission {
function permission() {
}
function guest() {
global $db;
$sql_input = $db->sql_query("select guestperm from boardsettings where s_user='$_SESSION[account]'");
$status = $sql_input[0][0];
return $status;
}
// Rechte eines einzelnen Users in Variable speichern !!!
function user_permission($userid) {
global $db;
$permission = $db->sql_query("select permissions from userprofil where id='$userid' and s_user='$_SESSION[account]'");
if ($permission[0][0] == "") {
$permission[0][0] = $this->guest();
};
return $permission[0][0];
}
// Aus welcher Klasse stammt der User ? (Gast,User,Mod,Admin)
function get_class() {
global $db;
$stat = $this->user_permission($_SESSION[userid]);
$userid = $_SESSION[userid];
$userp = $stat[0][0];
$mod = $db->sql_query("select id from mods where userid='$userid' and s_user='$_SESSION[account]'");
if ($userid == "") {
$status = "0"; // Gast
} else {
$status = "1"; // User
//Mod aus einer Kathegorie noch herausfinden
if($userp == "6") {
$status = "2"; // Mod
}
if ($userp == "7") {
$status = "3"; // Admin
}
}
return $status;
}
// *********************** prüft Userrechte
function check_user($handling) {
global $db;
$perm = $this->user_permission($_SESSION[userid]);
$status = "0";
if ($perm >= $handling){ $status = "1"; };
$userid = $_SESSION[userid];
$sql_input = $db->sql_query("select groupid from groups_user where userid='$userid' and s_user='$_SESSION[account]'");
$groupid = $sql_input[0][0];
if ($groupid != "") {
$sql_input = $db->sql_query("select permission from groups where id='$groupid' and s_user='$_SESSION[account]'");
if ($sql_input[0][0] >= $handling) { $status = "1"; };
};
return $status;
}
// *********************** prüft Zutritt für gesellschaft
function check_entry($catid) {
global $db;
$status = "0";
$user = $this->get_class();
$cat = $db->sql_query("select rechte from cats where id='$catid' and s_user='$_SESSION[account]'");
$cat = $cat[0][0];
if ($user >= $cat) { $status = "1"; } else {
$status = "0";
};
return $status;
}
// *********************** prüft bei kathegorie besondere rechte eines users
function check_special_user($catid,$handling) {
global $db;
$sql_input = $db->sql_query("select * from cats_permtouser where catid='$catid' and s_user='$_SESSION[account]'");
$max = count($sql_input);
for ($i=0;$i<$max;$i++) {
if ($_SESSION[userid] == $sql_input[$i][3]) {
if ($sql_input[$i][2] >= $handling) { $status = "1"; } else { $status = "0"; };
};
}
return $status;
}
// *********************** prüft bei kathegorie besondere rechte einer gruppe
function check_special_group($catid,$handling) {
global $db;
$userid = $_SESSION[userid];
$sql_input = $db->sql_query("select * from cats_permtogroup where catid='$catid' and s_user='$_SESSION[account]'");
$max = count($sql_input);
for ($i=0;$i<$max;$i++) {
$groupid = $sql_input[$i][2];
$sql_input4 = $db->sql_query("select * from groups_user where groupid='$groupid' and s_user='$_SESSION[account]'");
$max = count($sql_input4);
for ($e=0;$e<$max;$e++) {
if ($sql_input4[$e][1] == $userid) {
if ($sql_input[$i][4] >= $handling) { $status = "1"; } else { $status = "0"; };
};
}
}
return $status;
}
// *********************** prüft bei kathegorie besondere rechte einee gesellschaft
function check_special_class($catid,$handling) {
global $db;
$userclass = $this->get_class();
$sql_input = $db->sql_query("select kid,permission from cats_permtoclass where catid='$catid' and s_user='$_SESSION[account]'");
$max = count($sql_input);
for ($i=0;$i<$max;$i++) {
if ($sql_input[$i][0] == $userclass) {
if ($sql_input[$i][1] >= $handling) { $status = "1"; } else { $status = "0"; };
};
}
return $status;
}
function check($catid,$handling) {
$permission = "0";
if ($this->check_entry($catid) == "1") {
if ($this->check_user($handling) == "1") { $permission = "1"; };
} elseif ($this->check_entry($catid) == "0") {
$permission = "0";
};
if ($this->check_special_class($catid,$handling) == "1") {
$permission = "1";
} elseif ($this->check_special_class($catid,$handling) == "0") {
$permission = "0";
};
if ($_SESSION[userid] != "") {
if ($this->check_special_group($catid,$handling) == "1") {
$permission = "1";
} elseif ($this->check_special_group($catid,$handling) == "0") {
$permission = "0";
};
if ($this->check_special_user($catid,$handling) == "1") {
$permission = "1";
} elseif ($this->check_special_user($catid,$handling) == "0") {
$permission = "0";
};
};
return $permission;
}
}
?> |