Commit 5c078011 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Change showexp to look at admin status, and display all experiments.

parent 22eb2fa8
...@@ -90,6 +90,26 @@ function USERERROR($message, $death) { ...@@ -90,6 +90,26 @@ function USERERROR($message, $death) {
} }
} }
#
# Is this user an admin type?
#
function ISADMIN($uid) {
global $TBDBNAME;
$query_result = mysql_db_query($TBDBNAME,
"SELECT admin FROM users WHERE uid='$uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error getting admin status for $uid: $err\n", 1);
}
$row = mysql_fetch_row($query_result);
$admin = $row[0];
return $admin;
}
# #
# Beware empty spaces (cookies)! # Beware empty spaces (cookies)!
# #
......
...@@ -19,6 +19,8 @@ if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) { ...@@ -19,6 +19,8 @@ if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
} }
LOGGEDINORDIE($uid); LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
# #
# Verify form arguments. # Verify form arguments.
# #
...@@ -51,11 +53,13 @@ $exprow = mysql_fetch_array($query_result); ...@@ -51,11 +53,13 @@ $exprow = mysql_fetch_array($query_result);
# Verify that this uid is a member of the project for the experiment # Verify that this uid is a member of the project for the experiment
# being displayed. # being displayed.
# #
$query_result = mysql_db_query($TBDBNAME, if (!$isadmin) {
$query_result = mysql_db_query($TBDBNAME,
"SELECT pid FROM proj_memb WHERE uid=\"$uid\" and pid=\"$exp_pid\""); "SELECT pid FROM proj_memb WHERE uid=\"$uid\" and pid=\"$exp_pid\"");
if (mysql_num_rows($query_result) == 0) { if (mysql_num_rows($query_result) == 0) {
USERERROR("You are not a member of Project $exp_pid for ". USERERROR("You are not a member of Project $exp_pid for ".
"Experiment: $exp_eid.", 1); "Experiment: $exp_eid.", 1);
}
} }
?> ?>
......
...@@ -19,15 +19,27 @@ if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) { ...@@ -19,15 +19,27 @@ if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
} }
LOGGEDINORDIE($uid); LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
# #
# Show a menu of all experiments for all projects that this uid # Show a menu of all experiments for all projects that this uid
# is a member of. # is a member of. Or, if an admin type person, show them all!
# #
$projmemb_result = mysql_db_query($TBDBNAME, if ($isadmin) {
"SELECT * FROM proj_memb WHERE uid=\"$uid\""); $projmemb_result = mysql_db_query($TBDBNAME,
if (mysql_num_rows($projmemb_result) == 0) { "SELECT DISTINCT pid FROM proj_memb");
USERERROR("You are not a member of any Projects, so you cannot ". if (mysql_num_rows($projmemb_result) == 0) {
"show any experiment information", 1); USERERROR("There are no experiments to ".
"show any experiment information", 1);
}
}
else {
$projmemb_result = mysql_db_query($TBDBNAME,
"SELECT pid FROM proj_memb WHERE uid=\"$uid\"");
if (mysql_num_rows($projmemb_result) == 0) {
USERERROR("You are not a member of any Projects, so you cannot ".
"show any experiment information", 1);
}
} }
# #
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment