<?php
$user_admin=$_COOKIE["user_admin"];
include("kurs/datenbankanbindung.php"); // fügt die Datenbankanbindung ein: Sys:\php\includes\kurs\datenbankanbindung.php
// Rechteüberprüfung
$db = dbconnect();
if ($user_admin == ""){ require("index.php"); exit;} //Wenn man nicht angemeldet ist, darf man nicht auf die Seite
$result = $db->query("SELECT 1 FROM sozkom_admin_rechte, sozkom_admin_rechte_zuord , sozkom_admin where sozkom_admin_rechte.sozkom_admin_rolle = sozkom_admin_rechte_zuord.sozkom_admin_rolle AND sozkom_admin_rechte_zuord.faid = sozkom_admin.faid AND sozkom_admin.user = '$user_admin' AND sozkom_admin_rechte_zuord.sozkom_admin_rolle = 'a_admrecht'");
$row = $result->fetch_array();
if ($row[0] != 1){ include("kurs/rechte.php"); exit;}
// Rechteüberprüfung ende
if (isset($_GET['action']))
$action = $_GET['action'];
else
$action = "";
switch($action){
default:
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Administratorenrechte</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<font class=\"hd\">Administratorenrechte</font><br>
<font class=\"sh\">für das Veranstaltungssystem</font><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td>
<form action="; echo $_SERVER['PHP_SELF'] . "?action=dozbearb"; echo" method=\"POST\" name=\"beleg\">
<table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse; border-width: 0\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"115\">
<tr>
<td width=\"25%\">
</td>
<td width=\"25%\"> </td>
<td width=\"25%\">
<p>
</td>
<td width=\"25%\">
<p>
</td>
</tr>
<tr>
<td width=\"25%\">
<p>
</td>
<td width=\"50%\" colspan=\"2\">
<p align=\"center\">
";
$db = dbconnect();
$query = "SELECT faid, nachname, vorname FROM sozkom_admin ORDER BY nachname";
$result = $db->query ($query)
or die ("Cannot execute query");
echo "<select size=\"5\" name=\"adminre\">";
while ($row = $result->fetch_array()){
echo "<option value=\"".$row[faid]."\">".$row['nachname'].", ".$row['vorname']." ".$row['doz_titel']." </option>\n";
}
echo "</select>";
echo "
</td>
<td width=\"25%\">
<p>
</td>
</tr>
<tr>
<td width=\"25%\">
<p>
</td>
<td width=\"50%\" colspan=\"2\">
</td>
<td width=\"25%\">
<p>
</td>
</tr>
<tr>
<td width=\"25%\">
</td>
<td width=\"50%\"colspan=\"2\" align=\"center\">
<input type=\"submit\" value=\"Abschicken\" name=\"B1\"></td>
<td width=\"25%\">
</td>
</tr>
</table>
</form>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
break;
case "dozbearb":
setcookie("ck_admre",$_POST[adminre]); // Inhalt doz_nr
echo"
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Administratorrechte</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_top.gif\" valign=\"top\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<font class=\"hd\">Administratorrechte bearbeiten</font><br>
<font class=\"sh\">STRG-Taste für Mehrfachauswahl - $_POST[admre]</font><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></font></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td>
<form action="; echo $_SERVER['PHP_SELF'] . "?action=dozbearb1"; echo" method=\"POST\" name=\"beleg1\">
<table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" style=\"border-collapse: collapse; border-width: 0\" bordercolor=\"#111111\" width=\"100%\" id=\"AutoNumber1\" height=\"115\">
<tr>
<td width=\"25%\">
</td>
<td width=\"25%\"> </td>
<td width=\"25%\">
<p>
</td>
<td width=\"25%\">
<p>
</td>
</tr>
<tr>
<td width=\"25%\">
<p>
</td>
<td width=\"50%\" colspan=\"2\">
<p align=\"center\">
";
$db = dbconnect();
$query = "SELECT sozkom_admin_rolle, Beschreibung FROM sozkom_admin_rechte ORDER BY sort_order ASC";
$result = $db->query ($query)
or die ("Cannot execute query");
echo "<select size=\"15\" name=\"admre[]\" multiple>";
while ($row = $result->fetch_array()){
$db = dbconnect();
$bearb_adm = $db->query ("SELECT 1
FROM sozkom_admin_rechte_zuord, sozkom_admin
WHERE sozkom_admin_rechte_zuord.faid = sozkom_admin.faid
AND sozkom_admin.faid='$_POST[adminre]'
AND sozkom_admin_rolle = '$row[sozkom_admin_rolle]'");
$admin = $bearb_adm->fetch_array();
echo "<option value=\"".$row[sozkom_admin_rolle]."\""; if($admin[0] == 1){echo "selected";} echo">".$row['Beschreibung']." </option>\n";
}
echo "</select>
</td>
<td width=\"25%\">
<p>
</td>
</tr>
<tr>
<td width=\"25%\">
<p>
</td>
<td width=\"50%\" colspan=\"2\">
</td>
<td width=\"25%\">
<p>
</td>
</tr>
<tr>
<td width=\"25%\">
</td>
<td width=\"50%\"colspan=\"2\" align=\"center\">
<input type=\"submit\" value=\"Markierte Rechte vergeben\" name=\"B1\"></td>
<td width=\"25%\">
</td>
</tr>
</table>
</form>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
break;
case "dozbearb1":
$db = dbconnect();
$ck_admre = $_COOKIE["ck_admre"];
$sql_del = $db->query("DELETE FROM sozkom_admin_rechte_zuord WHERE faid = $ck_admre");
$admin_re = $_POST[admre];
for ($i=0;$i<sizeof($admin_re);$i++) {
$sql = $db->query ("INSERT INTO sozkom_admin_rechte_zuord (sozkom_admin_rolle, faid)
VALUES
('$admin_re[$i]', $ck_admre)
");
}
echo "
<html>
<head>
<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">
<link rel=\"stylesheet\" href=\"../styles_pc.css\" type=\"text/css\">
<title>Bearbeiten erfolgreich</title>
</head>
<body>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"100%\" cellpadding=\"0\" height=\"100%\" id=\"table1\">
<tr>
<td>
<div align=\"center\">
<table cellspacing=\"0\" cellpadding=\"0\" width=\"550\" border=\"0\">
<tr>
<td width=\"10\" background=\"../images/box_e1.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"3%\" background=\"../images/box_top.gif\" valign=\"top\"></td>
<td width=\"95%\" background=\"../images/box_top.gif\">
<img height=\"10\" src=\"../images/blank.gif\" width=\"1\"><br>
<span class=\"sh\">Bearbeiten erfolgreich</span><br>
<img height=\"5\" src=\"../images/blank.gif\" width=\"1\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e2.gif\">
<img height=\"40\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td width=\"1%\" background=\"../images/box_l.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
<td colspan=\"2\"><br>
<p align=\"center\"><b>Die Änderungen wurden erfolgreich vorgenommen</b>
</p>
<p align=\"center\"><a href=".$_SERVER['PHP_SELF'] .">
<img border=\"0\" src=\"../images/zurueck.gif\" width=\"77\" height=\"22\"></a><br>
</p>
<p></p>
<p></p>
<p></p>
<p></p>
<p><br>
</p>
</td>
<td width=\"1%\" background=\"../images/box_r.gif\">
<img height=\"1\" src=\"../images/blank.gif\" width=\"22\"></td>
</tr>
<tr>
<td nowrap=\"nowrap\" align=\"left\" width=\"1%\" background=\"../images/box_e3.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"></td>
<td nowrap=\"nowrap\" align=\"left\" width=\"98%\" background=\"../images/box_bottom.gif\" colspan=\"2\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"8\"></td>
<td nowrap=\"nowrap\" align=\"right\" width=\"1%\" background=\"../images/box_e4.gif\">
<img height=\"16\" src=\"../images/blank.gif\" width=\"22\"> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</body>
</html>";
} // Ende Action script
?>