From d6c4867b7332b43482105587ac9943803fe1e3ec Mon Sep 17 00:00:00 2001 From: Max Kremmel Date: Tue, 10 Jan 2006 21:17:06 +0000 Subject: merge recent changes into HEAD --- BitPermUser.php | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) (limited to 'BitPermUser.php') diff --git a/BitPermUser.php b/BitPermUser.php index 2019890..dc77be1 100644 --- a/BitPermUser.php +++ b/BitPermUser.php @@ -1,6 +1,6 @@ - * @version $Revision: 1.11 $ + * @version $Revision: 1.12 $ * @package users * @subpackage BitPermUser */ @@ -544,6 +544,15 @@ class BitPermUser extends BitUser { } + function getUnassignedPerms() { + $query = "SELECT up.`perm_name` AS `hash_key`, up.* + FROM `".BIT_DB_PREFIX."users_permissions` up + LEFT JOIN `".BIT_DB_PREFIX."users_grouppermissions` ugp ON( up.`perm_name` = ugp.`perm_name` ) + WHERE ugp.`group_id` IS NULL + ORDER BY `package`, `perm_name` ASC"; + return( $this->mDb->getAssoc( $query ) ); + } + // If the request has a ticket, some form action is being processed, and we need to validate we have a matched ticket to avoid XSS function isAdmin( $pCheckTicket=FALSE ) { $ret = FALSE; @@ -757,13 +766,11 @@ class BitPermUser extends BitUser { function assignPermissionToGroup( $perm, $pGroupId ) { $gBitCache = new BitCache(); $gBitCache->removeCached("allperms"); - $query = "delete from `".BIT_DB_PREFIX."users_grouppermissions` where `group_id` = ? - and `perm_name` = ?"; + $query = "DELETE FROM `".BIT_DB_PREFIX."users_grouppermissions` WHERE `group_id` = ? AND `perm_name` = ?"; $result = $this->mDb->query($query, array($pGroupId, $perm)); - $query = "insert into `".BIT_DB_PREFIX."users_grouppermissions`(`group_id`, `perm_name`) - values(?, ?)"; + $query = "INSERT INTO `".BIT_DB_PREFIX."users_grouppermissions`(`group_id`, `perm_name`) VALUES(?, ?)"; $result = $this->mDb->query($query, array($pGroupId, $perm)); - return true; + return TRUE; } -- cgit v1.3