File manager - Edit - /home/autoph/public_html/pms_v1/config/updateAccessRights.php
Back
<?php include_once("../../../cfg/conn.php"); include ("../functions/users.php"); //error_reporting(0); if(isset($_POST['role'])){ $adminUserID = $_POST['adminUserID']; $role = $_POST['role']; $getModuleID = $_POST['getModuleID']; $canView = $_POST['canView']; $canAdd = $_POST['canAdd']; $canEdit = $_POST['canEdit']; $canDelete = $_POST['canDelete']; $canPrint = $_POST['canPrint']; $canDownload = $_POST['canDownload']; $searchID = $_POST['searchID']; $addNewData = 0; echo "<br>Role ID: ".$role; // echo "<br>canView ID: ".$canView; // echo "<br>canAdd ID: ".$canAdd; // echo "<br>canEdit ID: ".$canEdit; // echo "<br>canDelete ID: ".$canDelete; // echo "<br>Profile ID: ".$searchID; // echo "<br>module ID: ".$getModuleID; switch($role){ case '3': $checkIfExist = "SELECT * FROM `user_profile_data` WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; $qIfExist = mysqli_query($conn,$checkIfExist); $rowCount = mysqli_num_rows($qIfExist); if($rowCount > 0){ while($row = mysqli_fetch_array($qIfExist)){ $newData = $row['can_view']; } if($newData == 1){ $addNewData = 0; }else{ $addNewData = 1; } //Save New Access with New View data value $save = "UPDATE `user_profile_data` SET `can_view` = '$addNewData',`updated_by` ='$adminUserID' WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; if ($conn->query($save) === TRUE) { //echo "New record created successfully"; } else { //echo "Error: " . $sql . "<br>" . $conn->error; } }else{ //INSERT new moudle to user_profile_data as new record $sql = "INSERT INTO user_profile_data (`id`,`profile_id`, `module_id`, `can_view`,`can_add`,`can_edit`,`can_delete`,`updated_by`,`print`,`download`) VALUES ('','$searchID','$getModuleID','1', '0', '0','0','$adminUserID','0','0')"; if($conn->query($sql)){ //Option to show success message }else{ //Option to show sql error } } break; //========================================================== case '4': $checkIfExist = "SELECT * FROM `user_profile_data` WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; $qIfExist = mysqli_query($conn,$checkIfExist); $rowCount = mysqli_num_rows($qIfExist); if($rowCount > 0){ while($row = mysqli_fetch_array($qIfExist)){ $newData = $row['can_add']; } if($newData == 1){ $addNewData = 0; }else{ $addNewData = 1; } //Save New Access with New View data value $save = "UPDATE `user_profile_data` SET `can_add` = '$addNewData',`updated_by` ='$adminUserID' WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; if ($conn->query($save) === TRUE) { //echo "New record created successfully"; } else { //echo "Error: " . $sql . "<br>" . $conn->error; } }else{ //INSERT new moudle to user_profile_data as new record $sql = "INSERT INTO user_profile_data (`id`,`profile_id`, `module_id`, `can_view`,`can_add`,`can_edit`,`can_delete`,`updated_by`,`print`,`download`) VALUES ('','$searchID','$getModuleID','0', '1', '0','0','$adminUserID','0','0')"; if($conn->query($sql)){ //Option to show success message }else{ //Option to show sql error } } break; //========================================================== case '5': $checkIfExist = "SELECT * FROM `user_profile_data` WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; $qIfExist = mysqli_query($conn,$checkIfExist); $rowCount = mysqli_num_rows($qIfExist); if($rowCount > 0){ while($row = mysqli_fetch_array($qIfExist)){ $newData = $row['can_edit']; } if($newData == 1){ $addNewData = 0; }else{ $addNewData = 1; } //Save New Access with New View data value $save = "UPDATE `user_profile_data` SET `can_edit` = '$addNewData',`updated_by` ='$adminUserID' WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; if ($conn->query($save) === TRUE) { //echo "New record created successfully"; } else { //echo "Error: " . $sql . "<br>" . $conn->error; } }else{ //INSERT new moudle to user_profile_data as new record $sql = "INSERT INTO user_profile_data (`id`,`profile_id`, `module_id`, `can_view`,`can_add`,`can_edit`,`can_delete`,`updated_by`,`print`,`download`) VALUES ('','$searchID','$getModuleID','0', '0', '1','0','$adminUserID','0','0')"; if($conn->query($sql)){ //Option to show success message }else{ //Option to show sql error } } break; //========================================================== case '6': $checkIfExist = "SELECT * FROM `user_profile_data` WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; $qIfExist = mysqli_query($conn,$checkIfExist); $rowCount = mysqli_num_rows($qIfExist); if($rowCount > 0){ while($row = mysqli_fetch_array($qIfExist)){ $newData = $row['can_delete']; } if($newData == 1){ $addNewData = 0; }else{ $addNewData = 1; } //Save New Access with New View data value $save = "UPDATE `user_profile_data` SET `can_delete` = '$addNewData',`updated_by` ='$adminUserID' WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; if ($conn->query($save) === TRUE) { //echo "New record created successfully"; } else { //echo "Error: " . $sql . "<br>" . $conn->error; } }else{ //INSERT new moudle to user_profile_data as new record $sql = "INSERT INTO user_profile_data (`id`,`profile_id`, `module_id`, `can_view`,`can_add`,`can_edit`,`can_delete`,`updated_by`,`print`,`download`) VALUES ('','$searchID','$getModuleID','0', '0', '0','1','$adminUserID','0','0')"; if($conn->query($sql)){ //Option to show success message }else{ //Option to show sql error } } break; //========================================================== case '7': $checkIfExist = "SELECT * FROM `user_profile_data` WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; $qIfExist = mysqli_query($conn,$checkIfExist); $rowCount = mysqli_num_rows($qIfExist); if($rowCount > 0){ while($row = mysqli_fetch_array($qIfExist)){ $newData = $row['print']; } if($newData == 1){ $addNewData = 0; }else{ $addNewData = 1; } //Save New Access with New View data value $save = "UPDATE `user_profile_data` SET `print` = '$addNewData',`updated_by` ='$adminUserID' WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; if ($conn->query($save) === TRUE) { //echo "New record created successfully"; } else { //echo "Error: " . $sql . "<br>" . $conn->error; } }else{ //INSERT new moudle to user_profile_data as new record $sql = "INSERT INTO user_profile_data (`id`,`profile_id`, `module_id`, `can_view`,`can_add`,`can_edit`,`can_delete`,`updated_by`,`print`,`download`) VALUES ('','$searchID','$getModuleID','0', '0', '0','0','$adminUserID','1','0')"; if($conn->query($sql)){ //Option to show success message }else{ //Option to show sql error } } break; //========================================================== case '8': $checkIfExist = "SELECT * FROM `user_profile_data` WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; $qIfExist = mysqli_query($conn,$checkIfExist); $rowCount = mysqli_num_rows($qIfExist); if($rowCount > 0){ while($row = mysqli_fetch_array($qIfExist)){ $newData = $row['download']; } if($newData == 1){ $addNewData = 0; }else{ $addNewData = 1; } //Save New Access with New View data value $save = "UPDATE `user_profile_data` SET `download` = '$addNewData',`updated_by` ='$adminUserID' WHERE `profile_id`='$searchID' AND `module_id` = '$getModuleID' AND `deleted`=0"; if ($conn->query($save) === TRUE) { //echo "New record created successfully"; } else { //echo "Error: " . $sql . "<br>" . $conn->error; } }else{ //INSERT new moudle to user_profile_data as new record $sql = "INSERT INTO user_profile_data (`id`,`profile_id`, `module_id`, `can_view`,`can_add`,`can_edit`,`can_delete`,`updated_by`,`print`,`download`) VALUES ('','$searchID','$getModuleID','0', '0', '0','0','$adminUserID','0','1')"; if($conn->query($sql)){ //Option to show success message }else{ //Option to show sql error } } break; //========================================================== } } $conn->close(); ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings