--- branches/paul/admin/delete.phtml 2004/03/07 19:15:27 66
+++ branches/paul/admin/delete.phtml 2004/03/18 19:24:54 67
@@ -11,7 +11,6 @@
require_once ($GLOBAL_ADMIN_INC."forms.php");
-
// HTML header
printf("\n");
printf("\n");
@@ -20,6 +19,16 @@
printf("\n");
+// Default access settings
+$sess_time_human = "";
+$sess_staff_account = "";
+$sess_staff_id = 0;
+$sess_access_level = 0;
+$sess_access = "";
+$sess_last_name = "";
+$sess_first_name = "";
+
+
// Page header
require_once ($GLOBAL_ADMIN_HEADER);
@@ -34,6 +43,7 @@
// Load user session variables
$sess_time_human = $sessionClass->time_human;
$sess_staff_account = $sessionClass->staff_account;
+ $sess_staff_id = $accessClass->staff_id;
$sess_access_level = $accessClass->access_level;
$sess_access = $accessClass->access;
$sess_last_name = $accessClass->last_name;
@@ -42,113 +52,141 @@
}
-// If the cookie is set and access level is appropriate
+/********************************************
+** Functions requiring author level access **
+********************************************/
if(isset($libsession) && $sess_access_level >= 20) {
// Determine which transaction function to call
switch ($transaction){
- // Delete
- case "deleteCampus":
- deleteCampus($con, $campus_id);
- break;
- case "deleteCoursesub":
- deleteCoursesub($con, $coursesub_id);
- break;
- case "deleteFaculty":
- deleteFaculty($con, $faculty_id);
- break;
- case "deleteFeature":
- deleteFeature($con, $feature_id);
- break;
- case "deleteInfotype":
- deleteInfotype($con, $infotype_id);
- break;
- case "deleteLibunit":
- deleteLibunit($con, $libunit_id);
- break;
- case "deleteLibunitStaff":
- deleteLibunitStaff($con, $key_list_array, $libunit_id);
- break;
- case "deleteLocation":
- deleteLocation($con, $delMessage, $location_id);
- break;
- case "deleteMasterinfotype":
- deleteMasterinfotype($con, $masterinfotype_id);
- break;
- case "deleteMastersubject":
- deleteMastersubject($con, $mastersubject_id);
- break;
+ // Delete
case "deleteResFeature":
- deleteResFeature($con, $key_list_array, $resource_id);
+ deleteResFeature($key_list_array, $resource_id);
break;
case "deleteResLoc":
- deleteResLoc($con, $key_list_array, $resource_id);
+ deleteResLoc($key_list_array, $resource_id);
break;
case "deleteResMastersubject":
- deleteResMastersubject($con, $key_list_array, $resource_id);
+ deleteResMastersubject($key_list_array, $resource_id);
break;
case "deleteResource":
- if (authResourceDelete($con, $resource_id, $sess_access_level, $sess_staff_account))
- deleteResource($con, $delMessage, $resource_id);
+ if (authResourceDelete($resource_id, $sess_access_level, $sess_staff_account))
+ deleteResource($delMessage, $resource_id);
else require_once ($GLOBAL_NO_ACCESS);
break;
case "deleteResourceConfirm":
- if (authResourceDelete($con, $resource_id, $sess_access_level, $sess_staff_account))
- deleteResourceConfirm($con, $resource_id);
+ if (authResourceDelete($resource_id, $sess_access_level, $sess_staff_account))
+ deleteResourceConfirm($resource_id);
else require_once ($GLOBAL_NO_ACCESS);
break;
- case "deleteService":
- deleteService($con, $delMessage, $service_id);
- break;
- case "deleteServicetype":
- deleteServicetype($con, $servicetype_id);
- break;
- case "deleteServLoc":
- deleteServLoc($con, $key_list_array, $service_id);
- break;
- case "deleteServServtype":
- deleteServServtype($con, $key_list_array, $service_id);
- break;
- case "deleteStaff":
- deleteStaff($con, $delMessage, $staff_id);
- break;
- case "deleteStaffLibunit":
- deleteStaffLibunit($con, $key_list_array, $staff_id);
- break;
- case "deleteStaffSub":
- deleteStaffSub($con, $key_list_array, $staff_id);
- break;
- case "deleteStafftitle":
- deleteStafftitle($con, $stafftitle_id);
- break;
- case "deleteStyle":
- deleteStyle($con, $style_id);
- break;
case "deleteSubject":
- deleteSubject($con, $delMessage, $subject_id);
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ deleteSubject($delMessage, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
case "deleteSubCoursesub":
- deleteSubCoursesub($con, $key_list_array, $subject_id);
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ deleteSubCoursesub($key_list_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
case "deleteSubLoc":
- deleteSubLoc($con, $key_list_array, $subject_id);
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ deleteSubLoc($key_list_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
case "deleteSubMaster":
- deleteSubMaster($con, $key_list_array, $subject_id);
- break;
- case "deleteSubStaff":
- deleteSubStaff($con, $key_list_array, $subject_id);
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ deleteSubMaster($key_list_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
- case "deleteTerm":
- deleteTerm($con, $term_id);
+ case "deleteSubStaff":
+ if (authSubject($sess_access_level, $sess_staff_id, $subject_id))
+ deleteSubStaff($key_list_array, $subject_id);
+ else require_once ($GLOBAL_NO_ACCESS);
break;
- }
+ } // end author deletes
- // Link to return to admin console
- adminReturn($sess_access_level);
-} // logged in
+ /*********************************************
+ ** Functions requiring manager level access **
+ *********************************************/
+
+ if(isset($libsession) && $sess_access_level >= 100) {
+
+ // Determine which transaction function to call
+ switch ($transaction){
+ case "deleteCampus":
+ deleteCampus($campus_id);
+ break;
+ case "deleteCoursesub":
+ deleteCoursesub($coursesub_id);
+ break;
+ case "deleteFaculty":
+ deleteFaculty($faculty_id);
+ break;
+ case "deleteFeature":
+ deleteFeature($feature_id);
+ break;
+ case "deleteInfotype":
+ deleteInfotype($infotype_id);
+ break;
+ case "deleteLibunit":
+ deleteLibunit($libunit_id);
+ break;
+ case "deleteLibunitStaff":
+ deleteLibunitStaff($key_list_array, $libunit_id);
+ break;
+ case "deleteLocation":
+ deleteLocation($delMessage, $location_id);
+ break;
+ case "deleteMasterinfotype":
+ deleteMasterinfotype($masterinfotype_id);
+ break;
+ case "deleteMastersubject":
+ deleteMastersubject($mastersubject_id);
+ break;
+ case "deleteService":
+ deleteService($delMessage, $service_id);
+ break;
+ case "deleteServicetype":
+ deleteServicetype($servicetype_id);
+ break;
+ case "deleteServLoc":
+ deleteServLoc($key_list_array, $service_id);
+ break;
+ case "deleteServServtype":
+ deleteServServtype($key_list_array, $service_id);
+ break;
+ case "deleteStaff":
+ deleteStaff($delMessage, $staff_id);
+ break;
+ case "deleteStaffLibunit":
+ deleteStaffLibunit($key_list_array, $staff_id);
+ break;
+ case "deleteStaffSub":
+ deleteStaffSub($key_list_array, $staff_id);
+ break;
+ case "deleteStafftitle":
+ deleteStafftitle($stafftitle_id);
+ break;
+ case "deleteStyle":
+ deleteStyle($style_id);
+ break;
+ case "deleteTerm":
+ deleteTerm($term_id);
+ break;
+ case "deleteVendor":
+ deleteVendor($vendor_id);
+ break;
+ } // end manager deletes
+
+ } // end manager functions
+
+ // Link to return to admin console
+ adminReturn($sess_access_level);
+
+} // end logged in at author or higher
// No access
else require_once ($GLOBAL_NO_ACCESS);