11 |
require_once ($GLOBAL_ADMIN_INC."forms.php"); |
require_once ($GLOBAL_ADMIN_INC."forms.php"); |
12 |
|
|
13 |
|
|
|
|
|
14 |
// HTML header |
// HTML header |
15 |
printf("<HTML>\n"); |
printf("<HTML>\n"); |
16 |
printf("<HEAD>\n"); |
printf("<HEAD>\n"); |
19 |
printf("</HEAD>\n"); |
printf("</HEAD>\n"); |
20 |
|
|
21 |
|
|
22 |
|
// Default access settings |
23 |
|
$sess_time_human = ""; |
24 |
|
$sess_staff_account = ""; |
25 |
|
$sess_staff_id = 0; |
26 |
|
$sess_access_level = 0; |
27 |
|
$sess_access = ""; |
28 |
|
$sess_last_name = ""; |
29 |
|
$sess_first_name = ""; |
30 |
|
|
31 |
|
|
32 |
// Page header |
// Page header |
33 |
require_once ($GLOBAL_ADMIN_HEADER); |
require_once ($GLOBAL_ADMIN_HEADER); |
34 |
|
|
43 |
// Load user session variables |
// Load user session variables |
44 |
$sess_time_human = $sessionClass->time_human; |
$sess_time_human = $sessionClass->time_human; |
45 |
$sess_staff_account = $sessionClass->staff_account; |
$sess_staff_account = $sessionClass->staff_account; |
46 |
|
$sess_staff_id = $accessClass->staff_id; |
47 |
$sess_access_level = $accessClass->access_level; |
$sess_access_level = $accessClass->access_level; |
48 |
$sess_access = $accessClass->access; |
$sess_access = $accessClass->access; |
49 |
$sess_last_name = $accessClass->last_name; |
$sess_last_name = $accessClass->last_name; |
52 |
} |
} |
53 |
|
|
54 |
|
|
55 |
// If the cookie is set and access level is appropriate |
/******************************************** |
56 |
|
** Functions requiring author level access ** |
57 |
|
********************************************/ |
58 |
if(isset($libsession) && $sess_access_level >= 20) { |
if(isset($libsession) && $sess_access_level >= 20) { |
59 |
|
|
60 |
// Determine which transaction function to call |
// Determine which transaction function to call |
61 |
switch ($transaction){ |
switch ($transaction){ |
62 |
|
|
63 |
// Updates |
// Updates |
|
case "updateCoursesub": |
|
|
updateCoursesub($con, $campus_id, $cip_code, $coursesub, $coursesub_descr, $coursesub_id); |
|
|
break; |
|
|
case "updateFaculty": |
|
|
updateFaculty($con, $faculty_email, $faculty_firstname, $faculty_id, |
|
|
$faculty_lastname, $faculty_account); |
|
|
break; |
|
|
case "updateFeature": |
|
|
updateFeature($con, $feature, $feature_id, $image_alt, $image_path); |
|
|
break; |
|
|
case "updateInfotype": |
|
|
updateInfotype($con, $infotype, $infotype_id, $masterinfotype_id, $mastersubject_id); |
|
|
break; |
|
|
case "updateLibunit": |
|
|
updateLibunit($con, $head_staff_id, $libunit, $libunit_abbrev, $libunit_id); |
|
|
break; |
|
|
case "updateLocation": |
|
|
updateLocation($con, $address1, $address2, $address3, $address4, $campus, |
|
|
$hoursURL, $location, $location_descr, $location_id, $mainURL, $mapURL, $referenceURL, $telephone); |
|
|
break; |
|
|
case "updatePassword": |
|
|
updatePassword($con, $password, $password_confirm, $staff_id); |
|
|
break; |
|
64 |
case "updateResource": |
case "updateResource": |
65 |
updateResource($con, $annotation, $author, $call_no, $cat_num, $coverage_detail, |
updateResource($annotation, $author, $call_no, $cat_num, $coverage_detail, |
66 |
$edition, $infotype_id, $key_id, $other_title, $pub_date, $publisher, |
$edition, $guide_url, $infotype_id, $key_id, $other_title, $pub_date, $publisher, |
67 |
$sess_staff_account, $sources_indexed, $title, $url); |
$resource_message, $resource_status, $sess_staff_account, $sources_indexed, $title, $url, |
68 |
break; |
$vendor_id); |
|
case "updateService": |
|
|
updateService($con, $address1, $address2, $address3, $address4, $email, $fax, |
|
|
$nonaff, $service, $serviceDescr, $service_id, $serviceURL, $telephone); |
|
|
break; |
|
|
case "updateSingleField": |
|
|
updateSingleField($con, $display, $display_field, $key_field, |
|
|
$key_id, $newValue, $table); |
|
|
break; |
|
|
case "updateStaff": |
|
|
updateStaff($con, $access_id, $first_name, $last_name, $sess_access_level, |
|
|
$staff_account, $staff_email, $staff_id, $stafftitle_id); |
|
|
break; |
|
|
case "updateStyle": |
|
|
updateStyle($con, $css_file, $footer_file, $header_file, $style_id, $style_title); |
|
69 |
break; |
break; |
70 |
case "updateSubject": |
case "updateSubject": |
71 |
updateSubject($con, $subject, $subject_descr, $subject_id, $sublocation_id); |
if (authSubject($sess_access_level, $sess_staff_id, $subject_id)) |
72 |
break; |
updateSubject($subject, $subject_descr, $subject_id, $sublocation_id); |
73 |
|
else require_once ($GLOBAL_NO_ACCESS); |
74 |
|
break; |
75 |
|
|
76 |
|
} // end author updates |
77 |
|
|
78 |
|
|
79 |
|
/********************************************* |
80 |
|
** Functions requiring manager level access ** |
81 |
|
*********************************************/ |
82 |
|
if(isset($libsession) && $sess_access_level >= 100) { |
83 |
|
|
84 |
|
// Determine which transaction function to call |
85 |
|
switch ($transaction){ |
86 |
|
case "updateCoursesub": |
87 |
|
updateCoursesub($campus_id, $cip_code, $coursesub, $coursesub_descr, $coursesub_id); |
88 |
|
break; |
89 |
|
case "updateFaculty": |
90 |
|
updateFaculty($faculty_email, $faculty_firstname, $faculty_id, |
91 |
|
$faculty_lastname, $faculty_account); |
92 |
|
break; |
93 |
|
case "updateFeature": |
94 |
|
updateFeature($feature, $feature_id, $image_alt, $image_path); |
95 |
|
break; |
96 |
|
case "updateInfotype": |
97 |
|
updateInfotype($infotype, $infotype_id, $masterinfotype_id, $mastersubject_id); |
98 |
|
break; |
99 |
|
case "updateLibunit": |
100 |
|
updateLibunit($head_staff_id, $libunit, $libunit_abbrev, $libunit_id); |
101 |
|
break; |
102 |
|
case "updateLocation": |
103 |
|
updateLocation($address1, $address2, $address3, $address4, $campus, |
104 |
|
$hoursURL, $location, $location_descr, $location_id, $mainURL, $mapURL, $referenceURL, $telephone); |
105 |
|
break; |
106 |
|
case "updatePassword": |
107 |
|
updatePassword($password, $password_confirm, $staff_id); |
108 |
|
break; |
109 |
|
case "updateService": |
110 |
|
updateService($address1, $address2, $address3, $address4, $email, $fax, |
111 |
|
$nonaff, $service, $serviceDescr, $service_id, $serviceURL, $telephone); |
112 |
|
break; |
113 |
|
case "updateSingleField": |
114 |
|
updateSingleField($display, $display_field, $key_field, |
115 |
|
$key_id, $newValue, $table); |
116 |
|
break; |
117 |
|
case "updateStaff": |
118 |
|
updateStaff($access_id, $first_name, $last_name, $sess_access_level, |
119 |
|
$staff_account, $staff_email, $staff_id, $stafftitle_id); |
120 |
|
break; |
121 |
|
case "updateStyle": |
122 |
|
updateStyle($css_file, $footer_file, $header_file, $style_id, $style_title); |
123 |
|
break; |
124 |
|
case "updateVendor": |
125 |
|
updateVendor($vendor, $vendor_descr, $vendor_id, $vendor_message, $vendor_status); |
126 |
|
break; |
127 |
|
|
128 |
|
// Other functions |
129 |
|
case "purgePassword": |
130 |
|
purgePassword($staff_id); |
131 |
|
break; |
132 |
|
} // end manager updates |
133 |
|
|
134 |
// Other functions |
} // end manager functions |
135 |
case "purgePassword": |
|
136 |
purgePassword($con, $staff_id); |
// Link to return to admin console |
137 |
break; |
adminReturn($sess_access_level); |
|
} |
|
|
|
|
|
// Link to return to admin console |
|
|
adminReturn($sess_access_level); |
|
138 |
|
|
139 |
} // logged in |
} // end logged in at author or higher |
140 |
|
|
141 |
// No access |
// No access |
142 |
else require_once ($GLOBAL_NO_ACCESS); |
else require_once ($GLOBAL_NO_ACCESS); |