Commit 5c078011 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Change showexp to look at admin status, and display all experiments.

parent 22eb2fa8
......@@ -90,6 +90,26 @@ function USERERROR($message, $death) {
}
}
#
# Is this user an admin type?
#
function ISADMIN($uid) {
global $TBDBNAME;
$query_result = mysql_db_query($TBDBNAME,
"SELECT admin FROM users WHERE uid='$uid'");
if (! $query_result) {
$err = mysql_error();
TBERROR("Database Error getting admin status for $uid: $err\n", 1);
}
$row = mysql_fetch_row($query_result);
$admin = $row[0];
return $admin;
}
#
# Beware empty spaces (cookies)!
#
......
......@@ -19,6 +19,8 @@ if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
}
LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
#
# Verify form arguments.
#
......@@ -51,11 +53,13 @@ $exprow = mysql_fetch_array($query_result);
# Verify that this uid is a member of the project for the experiment
# being displayed.
#
$query_result = mysql_db_query($TBDBNAME,
if (!$isadmin) {
$query_result = mysql_db_query($TBDBNAME,
"SELECT pid FROM proj_memb WHERE uid=\"$uid\" and pid=\"$exp_pid\"");
if (mysql_num_rows($query_result) == 0) {
USERERROR("You are not a member of Project $exp_pid for ".
"Experiment: $exp_eid.", 1);
if (mysql_num_rows($query_result) == 0) {
USERERROR("You are not a member of Project $exp_pid for ".
"Experiment: $exp_eid.", 1);
}
}
?>
......
......@@ -19,15 +19,27 @@ if ( ereg("php3\?([[:alnum:]]+)",$REQUEST_URI,$Vals) ) {
}
LOGGEDINORDIE($uid);
$isadmin = ISADMIN($uid);
#
# Show a menu of all experiments for all projects that this uid
# is a member of.
# is a member of. Or, if an admin type person, show them all!
#
$projmemb_result = mysql_db_query($TBDBNAME,
"SELECT * FROM proj_memb WHERE uid=\"$uid\"");
if (mysql_num_rows($projmemb_result) == 0) {
USERERROR("You are not a member of any Projects, so you cannot ".
"show any experiment information", 1);
if ($isadmin) {
$projmemb_result = mysql_db_query($TBDBNAME,
"SELECT DISTINCT pid FROM proj_memb");
if (mysql_num_rows($projmemb_result) == 0) {
USERERROR("There are no experiments to ".
"show any experiment information", 1);
}
}
else {
$projmemb_result = mysql_db_query($TBDBNAME,
"SELECT pid FROM proj_memb WHERE uid=\"$uid\"");
if (mysql_num_rows($projmemb_result) == 0) {
USERERROR("You are not a member of any Projects, so you cannot ".
"show any experiment information", 1);
}
}
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment