Commit 14cadaeb authored by jlopez's avatar jlopez
Browse files

Fix bugs

parent 0d11160e
......@@ -112,7 +112,7 @@ if($action == "create") {
$down = FALSE;
if(($cnt->author == $author) || ($cnt->visibility == 1)) {
$down = TRUE;
} else if($author == "admin") {
} else if($db->getGradeWithLogin($_SESSION['username'])->name != $db->getMaxGrades()->name) {
$down = TRUE;
}
......
......@@ -5,7 +5,7 @@ define("PAGE","actionDistribution");
session_start ();
if(!isset($_SESSION['username'])) {
if(!isset($_SESSION['manage'])) {
header("Location: ../login.php");
}
......@@ -18,8 +18,8 @@ $today = date("Y-m-d G:i:s");
$action = NULL;
$id = NULL;
$version = NULL;
$manager = NULL;
$version = NULL;
$manager = NULL;
$active = 0;
......
......@@ -5,7 +5,7 @@ define("PAGE","actionGrade");
session_start ();
if(!isset($_SESSION['username'])) {
if(!isset($_SESSION['manage'])) {
header("Location: ../login.php");
}
......
......@@ -5,14 +5,18 @@ define("PAGE","actionLabel");
session_start ();
if(!isset($_SESSION['username'])) {
if(!isset($_SESSION['manage'])) {
header("Location: ../login.php");
}
require_once '../dao/DBquery.php';
$db = new DBquery();
$action = NULL;
$id = NULL;
......
......@@ -43,6 +43,11 @@ if($passcode == 1) {
if($ldappasscode == 1) {
$_SESSION['username'] = $login;
$_SESSION['usercode'] = 3;
if($db->getGradeWithLogin($_SESSION['username'])->name == $db->getMaxGrades()->name) {
$_SESSION['manage'] = 1;
}
header("Location: ../index.php");
} else {
header("Location: ../login.php");
......
......@@ -5,7 +5,7 @@ define("PAGE","actionManager");
session_start ();
if(!isset($_SESSION['username'])) {
if(!isset($_SESSION['manage'])) {
header("Location: ../login.php");
}
......
......@@ -5,7 +5,7 @@ define("PAGE","actionSection");
session_start ();
if(!isset($_SESSION['username'])) {
if(!isset($_SESSION['manage'])) {
header("Location: ../login.php");
}
......
......@@ -5,7 +5,7 @@ define("PAGE","actionUser");
session_start ();
if(!isset($_SESSION['username'])) {
if(!isset($_SESSION['manage'])) {
header("Location: ../login.php");
}
......
......@@ -107,7 +107,7 @@ $containers = $db->getContainers();
if(!$container->visibility) {
if($container->author != $_SESSION['username']) {
if($_SESSION['username'] != "admin") {
if($db->getGradeWithLogin($_SESSION['username'])->name != $db->getMaxGrades()->name) {
continue;
}
}
......@@ -153,7 +153,7 @@ $containers = $db->getContainers();
echo '<td>' . $container->description . '</td>';
echo '<td>';
//echo '<div class="btn-group" mr-3><a class="btn btn-success btn-sm" href="#" >show</a></div>';
echo '<div class="btn-group" mr-3><a class="btn btn-primary btn-sm" href="./action/action_container.php?action=download&containerid='.$container->ID.'">dowload</a></div>';
......
......@@ -154,7 +154,18 @@ class DBquery
$results = array();
while($row = mysqli_fetch_assoc($result)){
$m = new Grade($row['ID'], $row['name'], $row['level']);
array_push($results, $m);
return $m;
}
return $results;
}
public function getMaxGrades() {
$sql = "SELECT * FROM `Grade` ORDER BY `level` ASC LIMIT 1;";
$result = mysqli_query($this->dbh, $sql);
$results = array();
while($row = mysqli_fetch_assoc($result)){
$m = new Grade($row['ID'], $row['name'], $row['level']);
return $m;
}
return $results;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment