diff --git a/src/admin/charts.php b/src/admin/charts.php index f43ff69..514d1a0 100644 --- a/src/admin/charts.php +++ b/src/admin/charts.php @@ -54,6 +54,13 @@ IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' ); // --- BEGIN Custom Code +// --- Set Helpervariable for non-ADMIN users +if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + $content['READONLY_ISUSERONLY'] = "disabled"; +else + $content['READONLY_ISUSERONLY'] = ""; +// --- + if ( isset($_GET['op']) ) { if ($_GET['op'] == "add") @@ -81,6 +88,14 @@ if ( isset($_GET['op']) ) $content['userid'] = null; $content['CHECKED_ISUSERONLY'] = ""; $content['CHARTID'] = ""; + + // --- Can only create a USER source! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + { + $content['userid'] = $content['SESSION_USERID']; + $content['CHECKED_ISUSERONLY'] = "checked"; + } + // --- // --- Check if groups are available $content['SUBGROUPS'] = GetGroupsForSelectfield(); @@ -129,11 +144,17 @@ if ( isset($_GET['op']) ) CreateChartFields($content['chart_field']); // COMMON Fields - if ( $myChart['userid'] != null ) + $content['userid'] = $myChart['userid']; + if ( $content['userid'] != null ) $content['CHECKED_ISUSERONLY'] = "checked"; else $content['CHECKED_ISUSERONLY'] = ""; + // --- Can only EDIT own views! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 && $content['userid'] == NULL ) + DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_NOTALLOWEDTOEDIT'] ); + // --- + // --- Check if groups are available $content['SUBGROUPS'] = GetGroupsForSelectfield(); if ( is_array($content['SUBGROUPS']) ) @@ -233,11 +254,20 @@ if ( isset($_POST['op']) ) } else { - $content['userid'] = "null"; - if ( isset ($_POST['groupid']) && $_POST['groupid'] != -1 ) - $content['groupid'] = intval($_POST['groupid']); - else - $content['groupid'] = "null"; + // --- Can only create a USER source! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + { + $content['userid'] = $content['SESSION_USERID']; + $content['groupid'] = "null"; + } + else + { + $content['userid'] = "null"; + if ( isset ($_POST['groupid']) && $_POST['groupid'] != -1 ) + $content['groupid'] = intval($_POST['groupid']); + else + $content['groupid'] = "null"; + } } // --- Check mandotary values diff --git a/src/admin/searches.php b/src/admin/searches.php index f8bd39d..c1bd0f1 100644 --- a/src/admin/searches.php +++ b/src/admin/searches.php @@ -53,6 +53,14 @@ IncludeLanguageFile( $gl_root_path . '/lang/' . $LANG . '/admin.php' ); // --- // --- BEGIN Custom Code + +// --- Set Helpervariable for non-ADMIN users +if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + $content['READONLY_ISUSERONLY'] = "disabled"; +else + $content['READONLY_ISUSERONLY'] = ""; +// --- + if ( isset($_GET['op']) ) { if ($_GET['op'] == "add") @@ -70,6 +78,14 @@ if ( isset($_GET['op']) ) $content['userid'] = null; $content['CHECKED_ISUSERONLY'] = ""; $content['SEARCHID'] = ""; + + // --- Can only create a USER source! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + { + $content['userid'] = $content['SESSION_USERID']; + $content['CHECKED_ISUSERONLY'] = "checked"; + } + // --- // --- Check if groups are available $content['SUBGROUPS'] = GetGroupsForSelectfield(); @@ -100,11 +116,17 @@ if ( isset($_GET['op']) ) { $content['SEARCHID'] = $mysearch['ID']; $content['DisplayName'] = $mysearch['DisplayName']; + $content['userid'] = $mysearch['userid']; $content['SearchQuery'] = $mysearch['SearchQuery']; - if ( $mysearch['userid'] != null ) + if ( $content['userid'] != null ) $content['CHECKED_ISUSERONLY'] = "checked"; else $content['CHECKED_ISUSERONLY'] = ""; + + // --- Can only EDIT own views! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 && $content['userid'] == NULL ) + DieWithFriendlyErrorMsg( $content['LN_ADMIN_ERROR_NOTALLOWEDTOEDIT'] ); + // --- // --- Check if groups are available $content['SUBGROUPS'] = GetGroupsForSelectfield(); @@ -199,11 +221,20 @@ if ( isset($_POST['op']) ) } else { - $content['userid'] = "null"; - if ( isset ($_POST['groupid']) && $_POST['groupid'] != -1 ) - $content['groupid'] = intval($_POST['groupid']); - else - $content['groupid'] = "null"; + // --- Can only create a USER source! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + { + $content['userid'] = $content['SESSION_USERID']; + $content['groupid'] = "null"; + } + else + { + $content['userid'] = "null"; + if ( isset ($_POST['groupid']) && $_POST['groupid'] != -1 ) + $content['groupid'] = intval($_POST['groupid']); + else + $content['groupid'] = "null"; + } } // --- Check mandotary values diff --git a/src/admin/views.php b/src/admin/views.php index 8d1e893..6a25ab7 100644 --- a/src/admin/views.php +++ b/src/admin/views.php @@ -305,11 +305,20 @@ if ( isset($_POST['op']) ) } else { - $content['userid'] = "null"; - if ( isset ($_POST['groupid']) && $_POST['groupid'] != -1 ) - $content['groupid'] = intval($_POST['groupid']); - else - $content['groupid'] = "null"; + // --- Can only create a USER source! + if ( !isset($_SESSION['SESSION_ISADMIN']) || $_SESSION['SESSION_ISADMIN'] == 0 ) + { + $content['userid'] = $content['SESSION_USERID']; + $content['groupid'] = "null"; + } + else + { + $content['userid'] = "null"; + if ( isset ($_POST['groupid']) && $_POST['groupid'] != -1 ) + $content['groupid'] = intval($_POST['groupid']); + else + $content['groupid'] = "null"; + } } // --- Check mandotary values diff --git a/src/templates/admin/admin_charts.html b/src/templates/admin/admin_charts.html index fd9bed3..8bcfe54 100644 --- a/src/templates/admin/admin_charts.html +++ b/src/templates/admin/admin_charts.html @@ -121,7 +121,7 @@ {LN_GEN_GROUPONLY} - diff --git a/src/templates/admin/admin_searches.html b/src/templates/admin/admin_searches.html index 8eecd9a..5971492 100644 --- a/src/templates/admin/admin_searches.html +++ b/src/templates/admin/admin_searches.html @@ -84,7 +84,7 @@ {LN_GEN_GROUPONLY} -