| | |
|---|
| | | global $app, $conf; |
|---|
| | | |
|---|
| | | $userid = $app->functions->intval($userid); |
|---|
| | | $client = $app->db->queryOneRecord("SELECT client.limit_client FROM sys_user, client WHERE sys_user.userid = $userid AND sys_user.client_id = client.client_id"); |
|---|
| | | $client = $app->db->queryOneRecord("SELECT client.limit_client FROM sys_user, client WHERE sys_user.userid = ? AND sys_user.client_id = client.client_id", $userid); |
|---|
| | | if($client['limit_client'] != 0) { |
|---|
| | | return true; |
|---|
| | | } else { |
|---|
| | |
|---|
| | | $groupid = $app->functions->intval($groupid); |
|---|
| | | |
|---|
| | | if($userid > 0 && $groupid > 0) { |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $userid"); |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ?", $userid); |
|---|
| | | $groups = explode(',', $user['groups']); |
|---|
| | | if(!in_array($groupid, $groups)) $groups[] = $groupid; |
|---|
| | | $groups_string = implode(',', $groups); |
|---|
| | | $sql = "UPDATE sys_user SET groups = '$groups_string' WHERE userid = $userid"; |
|---|
| | | $app->db->query($sql); |
|---|
| | | $sql = "UPDATE sys_user SET groups = ? WHERE userid = ?"; |
|---|
| | | $app->db->query($sql, $groups_string, $userid); |
|---|
| | | return true; |
|---|
| | | } else { |
|---|
| | | return false; |
|---|
| | |
|---|
| | | |
|---|
| | | // simple query cache |
|---|
| | | if($this->client_limits===null) |
|---|
| | | $this->client_limits = $app->db->queryOneRecord("SELECT client.* FROM sys_user, client WHERE sys_user.userid = $userid AND sys_user.client_id = client.client_id"); |
|---|
| | | $this->client_limits = $app->db->queryOneRecord("SELECT client.* FROM sys_user, client WHERE sys_user.userid = ? AND sys_user.client_id = client.client_id", $userid); |
|---|
| | | |
|---|
| | | // isn't client -> no limit |
|---|
| | | if(!$this->client_limits) |
|---|
| | |
|---|
| | | $groupid = $app->functions->intval($groupid); |
|---|
| | | |
|---|
| | | if($userid > 0 && $groupid > 0) { |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $userid"); |
|---|
| | | $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ", $userid); |
|---|
| | | $groups = explode(',', $user['groups']); |
|---|
| | | $key = array_search($groupid, $groups); |
|---|
| | | unset($groups[$key]); |
|---|
| | | $groups_string = implode(',', $groups); |
|---|
| | | $sql = "UPDATE sys_user SET groups = '$groups_string' WHERE userid = $userid"; |
|---|
| | | $app->db->query($sql); |
|---|
| | | $sql = "UPDATE sys_user SET groups = ? WHERE userid = ?"; |
|---|
| | | $app->db->query($sql, $groups_string, $userid); |
|---|
| | | return true; |
|---|
| | | } else { |
|---|
| | | return false; |
|---|
