* by Jan Vales <jan@jvales.net> (aka. Someone <someone@somenet.org>)
*/
-require_once('./settings.php');
+require_once(FUNCS_PATH.'/settings.php');
function db_get_uinfo($user, $pass){
$lvl = -1;
}
function db_list_anmeldungen(){
- $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE lower(uname)=lower(?)');
- $prep->execute(array($GLOBALS['uname'],));
if($GLOBALS['lvl'] >= 2){
$prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen');
$prep->execute();
+ }else{
+ $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE lower(uname)=lower(?)');
+ $prep->execute(array($GLOBALS['uname'],));
}
return $prep->fetchAll();
}
function db_get_person($id){
$prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE id = ?');
$prep->execute(array($id,));
- return $prep->fetch();
+ $ret = $prep->fetch();
+ if($ret !== FALSE && $ret['uname'] != $GLOBALS['uname'] && $GLOBALS['lvl'] < 2) throw new Exception('PERMISSION_ERROR');
+ return $ret;
}
function db_delete_person($id){
$prep = $GLOBALS['dbc']->prepare('DELETE FROM anmeldungen WHERE id = ? and lower(uname) = ?');
$prep->execute(array($id,$GLOBALS['uname']));
}
- return $prep->rowCount();
+ if($prep->rowCount() != 1)throw new Exception('NOTHING_DELETED');
}
function db_store_person($id, $pdata){
$p = db_get_person($id);
if($p !== FALSE && $p['id'] == $id){
- // found, we do updating, if uname == uname.
- if($p['uname'] == $GLOBALS['uname'] || $GLOBALS['lvl'] >= 2){
- if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
- if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0;
- if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
- if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
- if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
- $prep = $GLOBALS['dbc']->prepare('UPDATE anmeldungen SET nname=?, vname=?, gebdatum=?, nationaliaet=?, sprachen=?, analphabet=?, bemerkungen=?, vorwissen=?, fotoerlaubnis=?, videoerlaubnis=? WHERE id=?');
- $prep->execute(array($pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $p['id']));
- return $prep->rowCount();
- }
+ // found, we do updating. We are permitted, as there was no exception rtrieving the personinfo.
+ if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
+ if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0;
+ if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
+ if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
+ if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
+ $prep = $GLOBALS['dbc']->prepare('UPDATE anmeldungen SET nname=?, vname=?, gebdatum=?, nationaliaet=?, sprachen=?, analphabet=?, '.
+ 'bemerkungen=?, vorwissen=?, fotoerlaubnis=?, videoerlaubnis=?, status=?,termin=? WHERE id=?');
+ $prep->execute(array($pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'],
+ $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $pdata['status'], $pdata['termin'], $p['id']));
+ if($prep->rowCount() != 1)throw new Exception('UPDATE_FAILED');
+ return $id;
}else{
// inserting a new person.
if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
- $prep = $GLOBALS['dbc']->prepare('INSERT INTO anmeldungen(uname, nname, vname, gebdatum, nationaliaet, sprachen, analphabet, bemerkungen, vorwissen, fotoerlaubnis, videoerlaubnis) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) returning id;');
- $prep->execute(array($GLOBALS['uname'], $pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis']));
- $r = $prep->fetchColumn();
- return -$r;
+ $prep = $GLOBALS['dbc']->prepare('INSERT INTO anmeldungen(uname, nname, vname, gebdatum, nationaliaet, sprachen, analphabet, bemerkungen,
+ vorwissen, fotoerlaubnis, videoerlaubnis, status, termin) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) returning id;');
+ $prep->execute(array($GLOBALS['uname'], $pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'],
+ $pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $pdata['status'], $pdata['termin']));
+ return $prep->fetchColumn();
}
}
SomeNet / public repos / fsinf / pub / w2c.git / blobdiff