}
function db_list_anmeldungen(){
- $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE lower(uname)=lower(?)');
- $prep->execute(array($GLOBALS['uname'],));
if($GLOBALS['lvl'] >= 2){
$prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen');
$prep->execute();
+ }else{
+ $prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE lower(uname)=lower(?)');
+ $prep->execute(array($GLOBALS['uname'],));
}
return $prep->fetchAll();
}
function db_get_person($id){
$prep = $GLOBALS['dbc']->prepare('SELECT * FROM anmeldungen WHERE id = ?');
$prep->execute(array($id,));
- return $prep->fetch();
+ $ret = $prep->fetch();
+ if($ret !== FALSE && $ret['uname'] != $GLOBALS['uname'] && $GLOBALS['lvl'] < 2) throw new Exception('PERMISSION_ERROR');
+ return $ret;
}
function db_delete_person($id){
$prep = $GLOBALS['dbc']->prepare('DELETE FROM anmeldungen WHERE id = ? and lower(uname) = ?');
$prep->execute(array($id,$GLOBALS['uname']));
}
- return $prep->rowCount();
+ if($prep->rowCount() != 1)throw new Exception('NOTHING_DELETED');
}
function db_store_person($id, $pdata){
$p = db_get_person($id);
if($p !== FALSE && $p['id'] == $id){
- // found, we do updating, if uname == uname.
- if($p['uname'] == $GLOBALS['uname'] || $GLOBALS['lvl'] >= 2){
- if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
- if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0;
- if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
- if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
- if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
- $prep = $GLOBALS['dbc']->prepare('UPDATE anmeldungen SET nname=?, vname=?, gebdatum=?, nationaliaet=?, sprachen=?, analphabet=?, '.
- 'bemerkungen=?, vorwissen=?, fotoerlaubnis=?, videoerlaubnis=?, status=?,termin=? WHERE id=?');
- $prep->execute(array($pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'],
- $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $pdata['status'], $pdata['termin'], $p['id']));
- return $prep->rowCount();
- }
+ // found, we do updating. We are permitted, as there was no exception rtrieving the personinfo.
+ if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
+ if($pdata['fotoerlaubnis'] == '')$pdata['fotoerlaubnis'] = 0;
+ if($pdata['videoerlaubnis'] == '')$pdata['videoerlaubnis'] = 0;
+ if($pdata['vorwissen'] == '')$pdata['vorwissen'] = 0;
+ if($pdata['gebdatum'] == '')$pdata['gebdatum'] = '1900-01-01';
+ $prep = $GLOBALS['dbc']->prepare('UPDATE anmeldungen SET nname=?, vname=?, gebdatum=?, nationaliaet=?, sprachen=?, analphabet=?, '.
+ 'bemerkungen=?, vorwissen=?, fotoerlaubnis=?, videoerlaubnis=?, status=?,termin=? WHERE id=?');
+ $prep->execute(array($pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'], $pdata['analphabet'],
+ $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $pdata['status'], $pdata['termin'], $p['id']));
+ if($prep->rowCount() != 1)throw new Exception('UPDATE_FAILED');
+ return $id;
}else{
// inserting a new person.
if($pdata['analphabet'] == '')$pdata['analphabet'] = 0;
vorwissen, fotoerlaubnis, videoerlaubnis, status, termin) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) returning id;');
$prep->execute(array($GLOBALS['uname'], $pdata['nname'], $pdata['vname'], $pdata['gebdatum'], $pdata['nationaliaet'], $pdata['sprachen'],
$pdata['analphabet'], $pdata['bemerkungen'], $pdata['vorwissen'], $pdata['fotoerlaubnis'], $pdata['videoerlaubnis'], $pdata['status'], $pdata['termin']));
- $r = $prep->fetchColumn();
- return -$r;
+ return $prep->fetchColumn();
}
}
SomeNet / public repos / fsinf / pub / w2c.git / blobdiff