2020-11-19 22:47:44 +01:00
|
|
|
<?php
|
|
|
|
// Datenbank-Verbindungsparameter
|
|
|
|
require_once (__DIR__. '/../globals.php');
|
|
|
|
|
|
|
|
|
|
|
|
define ( 'R_ADM', 1);
|
|
|
|
define ( 'R_WAI', 2);
|
|
|
|
define ( 'R_KIT', 4);
|
|
|
|
define ( 'R_BAR', 8);
|
|
|
|
define ( 'R_SUP', 16);
|
|
|
|
define ( 'R_PAY', 32);
|
|
|
|
define ( 'R_STA', 64);
|
|
|
|
define ( 'R_BIL', 128);
|
|
|
|
define ( 'R_PRO', 256);
|
|
|
|
define ( 'R_RES', 512);
|
|
|
|
define ( 'R_RAT', 1024);
|
|
|
|
define ( 'R_MAN', 2048);
|
|
|
|
define ( 'R_CP', 4096);
|
2020-11-19 22:59:47 +01:00
|
|
|
define ( 'R_CL', 8192);
|
2020-11-19 23:02:08 +01:00
|
|
|
define ( 'R_CUS', 16384);
|
2020-11-19 23:03:20 +01:00
|
|
|
define ( 'R_DASH', 32768);
|
2020-11-19 22:47:44 +01:00
|
|
|
|
|
|
|
|
|
|
|
class Userrights {
|
|
|
|
|
2020-11-19 23:03:20 +01:00
|
|
|
function setSession($isAdm,$rWait,$rKit,$rBar,$rSupply,$rPay,$rStat,$rBill,$rProd,$rRes,$rRat,$rChangePrice,$rCustomers,$rMan,$rClos,$rDash) {
|
2020-11-19 22:47:44 +01:00
|
|
|
$ret = R_ADM * ($isAdm ? 1:0) | R_WAI * ($rWait ? 1:0) | R_KIT * ($rKit ? 1:0) | R_BAR * ($rBar ? 1:0) | R_SUP * ($rSupply ? 1:0) | R_PAY * ($rPay ? 1:0);
|
2020-11-19 22:59:47 +01:00
|
|
|
$ret |= R_STA * ($rStat ? 1:0) | R_BIL * ($rBill ? 1:0) | R_PRO * ($rProd ? 1:0) | R_RES * ($rRes ? 1:0) | R_RAT * ($rRat ? 1:0) |
|
2020-11-19 23:03:20 +01:00
|
|
|
R_CP * ($rChangePrice ? 1:0) | R_CUS * ($rCustomers ? 1:0) | R_MAN * (($rMan ? 1:0) | R_CL * (($rClos ? 1:0)) | R_DASH * ($rDash ? 1:0));
|
2020-11-19 22:47:44 +01:00
|
|
|
$_SESSION['allrights'] = $ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* At least one of the OR-combined rights in the argument must match with the SESSION-right to return true
|
|
|
|
* @param unknown $rights
|
|
|
|
*/
|
|
|
|
function isCmdAllowedForUser($rights) {
|
|
|
|
if(session_id() == '') {
|
|
|
|
session_start();
|
|
|
|
}
|
|
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
$_SESSION['angemeldet'] = true;
|
|
|
|
if (($rights & $_SESSION['allrights']) > 0) {
|
|
|
|
return true;
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* can the current call the currentCmd
|
|
|
|
*/
|
|
|
|
function canUserCallCommands($currentCmd, $cmdArray,$right) {
|
2020-11-19 22:59:47 +01:00
|
|
|
session_start();
|
|
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
|
|
// no user logged in
|
|
|
|
return false;
|
2020-11-19 22:47:44 +01:00
|
|
|
} else {
|
|
|
|
// user is logged in
|
|
|
|
if (in_array($currentCmd, $cmdArray)) {
|
2020-11-19 22:59:47 +01:00
|
|
|
// yes, the current command is in the set of commands to test!
|
2020-11-19 22:47:44 +01:00
|
|
|
if ($_SESSION[$right]) {
|
|
|
|
return true;
|
2020-11-19 22:59:47 +01:00
|
|
|
}
|
2020-11-19 22:47:44 +01:00
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2020-11-19 22:59:47 +01:00
|
|
|
function isCurrentUserAdmin() {
|
2020-11-19 22:47:44 +01:00
|
|
|
if(session_id() == '') {
|
|
|
|
session_start();
|
2020-11-19 22:59:47 +01:00
|
|
|
}
|
|
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
|
|
// no user logged in
|
|
|
|
return false;
|
|
|
|
} else {
|
|
|
|
return ($_SESSION['is_admin']);
|
|
|
|
}
|
2020-11-19 22:47:44 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function hasCurrentUserRight($whichRight) {
|
|
|
|
if(session_id() == '') {
|
|
|
|
session_start();
|
|
|
|
}
|
|
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
|
|
// no user logged in
|
|
|
|
return false;
|
|
|
|
} else {
|
|
|
|
return ($_SESSION[$whichRight]);
|
|
|
|
}
|
|
|
|
}
|
2020-11-19 23:11:33 +01:00
|
|
|
}
|