bug 981: Commit changes from INOPIAE bug-981
authorMichael Tänzer <neo@nhng.de>
Tue, 24 Apr 2012 22:55:05 +0000 (00:55 +0200)
committerMichael Tänzer <neo@nhng.de>
Tue, 24 Apr 2012 22:55:05 +0000 (00:55 +0200)
- wot/35 now accessible by all Org Admins, not only master accounts
- more info on wot/35

Signed-off-by: Michael Tänzer <neo@nhng.de>
includes/account.php
includes/account_stuff.php
pages/account/35.php

index 554713e..db30329 100644 (file)
                $orgid = 0;
        }
 
-       if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34 ||
-               $id == 35 || $oldid == 35)
+       if($id == 32 || $oldid == 32 || $id == 33 || $oldid == 33 || $id == 34 || $oldid == 34)
        {
                $query = "select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'";
                $_macc = mysql_num_rows(mysql_query($query));
                }
        }
 
+       if($id == 35 || $oldid == 35)
+       {
+               $query = "select 1 from `org` where `memid`='".intval($_SESSION['profile']['id'])."'";
+               $is_orguser = mysql_num_rows(mysql_query($query));
+               if($_SESSION['profile']['orgadmin'] != 1 && $is_orguser <= 0)
+               {
+                       showheader(_("My CAcert.org Account!"));
+                       echo _("You don't have access to this area.");
+                       showfooter();
+                       exit;
+               }
+       }
+
        if($id == 33 && $_SESSION['profile']['orgadmin'] != 1)
        {
                $orgid = intval($_SESSION['_config']['orgid']);
index 108bd57..794266a 100644 (file)
@@ -209,7 +209,7 @@ function hideall() {
       <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
     </div>
 <? } ?>
-<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."' and `masteracc`='1'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
+<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
     <div class="relatedLinks">
       <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
       <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
index 3a4714f..05c7f2b 100644 (file)
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
+
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
-  <tr>
-    <td colspan="3" class="title"><?=_("Organisations")?></td>
-  </tr>
-  <tr>
-    <td class="DataTD">#</td>
-    <td class="DataTD"><?=_("Organisation")?></td>
-    <td class="DataTD"><?=_("Admins")?></td>
-  </tr>
-<?
-       $query = "select * from `orginfo`,`org` where `orginfo`.`id`=`org`.`orgid` and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
-       $res = mysql_query($query);
-       while($row = mysql_fetch_assoc($res))
-       {
-               //number of admins for the org
-               $r2 = mysql_query("select * from `org` where `orgid`='".intval($row['id'])."'");
-               $admincount = mysql_num_rows($r2);
 
-               // number of domains for the org
-               $r2 = mysql_query("select * from `orgdomains` where `orgid`='".intval($row['id'])."'");
-               $domcount = mysql_num_rows($r2);
-?>
-  <tr>
-    <td class="DataTD"><?=intval($row['id'])?></td>
-    <td class="DataTD"><?=($row['O'])?>, <?=($row['ST'])?> <?=sanitizeHTML($row['C'])?></td>
-    <td class="DataTD"><a href="account.php?id=32&amp;orgid=<?=$row['id']?>"><?=_("Admins")?> (<?=$admincount?>)</a></td>
-  </tr>
 <?
-       // display the domains of each organisation
-       $query3 = "select * from `orgdomains` where `orgid`='".intval($row['id'])."'";
-       $res3 = mysql_query($query3);
-       while($detailorg = mysql_fetch_assoc($res3))
+$query = "select *
+                       from `orginfo`,`org`
+                       where `orginfo`.`id`=`org`.`orgid`
+                       and `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+while($row = mysql_fetch_assoc($res))
+{
+       ?>
+       <tr>
+               <td colspan="3" class="title"><?=_("Organisation")?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Organisation Name")?>:</td>
+               <td colspan="2" class="DataTD" ><b><?=$row['O']?></b></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Contact Email")?>:</td>
+               <td colspan="2" class="DataTD"><?=($row['contact'])?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Town/Suburb")?>:</td>
+               <td colspan="2" class="DataTD"><?=($row['L'])?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("State/Province")?>:</td>
+               <td colspan="2" class="DataTD"><?=($row['ST'])?></td>
+       </tr>
+       <tr>
+               <td class="DataTD"><?=_("Country")?>:</td>
+               <td colspan="2" class="DataTD"><?=($row['C'])?></td>
+       </tr>
+       <?
+       
+       //domain info
+       $query = "select `domain` from `orgdomains` where `orgid`='".intval($row['id'])."'";
+       $res1 = mysql_query($query);
+       while($domain = mysql_fetch_assoc($res1))
+       {
+               ?>
+               <tr>
+                       <td class="DataTD"><?=_("Domain")?></td>
+                       <td colspan="2" class="DataTD"><?=sanitizeHTML($domain['domain'])?></td>
+               </tr>
+               <?
+       }
+       
+       ?>
+       <tr>
+               <td class="DataTD"><?=_("Administrator")?></td>
+               <td class="DataTD"><?=_("Master Account")?></td>
+               <td class="DataTD"><?=_("Department")?></td>
+       </tr>
+       <?
+       
+       //org admins
+       $query = "select * from `org` where `orgid`='".intval($row['id'])."'";
+       $res2 = mysql_query($query);
+       while($org = mysql_fetch_assoc($res2))
        {
-?>
-  <tr>
-    <td class="DataTD"><?=intval($detailorg['id'])?></td>
-    <td class="DataTD"><?=_("Domain available")?></td>
-    <td class="DataTD"><?=sanitizeHTML($detailorg['domain'])?></td>
-  </tr>                
-<? } } ?>
+               $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($org['memid'])."'"));
+               ?> 
+               <tr>
+                       <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+                       <td class="DataTD"><?=($org['masteracc'])?></td>
+                       <td class="DataTD"><?=($org['OU'])?></td>
+               </tr>
+               <?
+               
+               if(intval($org['masteracc']) === 1 &&
+                                intval($org['memid']) === intval($_SESSION['profile']['id']))
+               { 
+                       $master="account.php?id=32&amp;orgid=".intval($row['id']);
+                       ?>
+                       <tr>
+                               <td colspan="3" class="DataTD"><a href="<?=$master ?>"><?=_("Edit")?></a></td>
+                       </tr>
+                       <?
+               }
+       } 
+} ?>
 </table>