\r
//if admin or TA w/ right privs, can manage all links\r
//if ($_SESSION['is_admin'] || $_SESSION['privileges'] > 0) {\r
- if (authenticate(AT_PRIV_GROUPS, true)) {\r
+ if (authenticate(AT_PRIV_GROUPS+AT_PRIV_LINKS, true)) {\r
return true;\r
}\r
\r
function manage_links() {\r
global $db;\r
\r
- if (authenticate(AT_PRIV_GROUPS, true)) {\r
+ if (authenticate(AT_PRIV_GROUPS, true) && authenticate(AT_PRIV_LINKS, true)) { //course and group links\r
return LINK_CAT_AUTH_ALL;\r
- } else if (!empty($_SESSION['groups'])) {\r
+ } else if (authenticate(AT_PRIV_GROUPS, true)) { //all group links\r
+ return LINK_CAT_AUTH_GROUP;\r
+ } else if (authenticate(AT_PRIV_LINKS, true)) { //course links\r
+ return LINK_CAT_AUTH_COURSE;\r
+ } else if (!empty($_SESSION['groups'])) { //particular group links\r
//find a group that uses links\r
foreach ($_SESSION['groups'] as $group_id) {\r
$sql = "SELECT modules FROM ".TABLE_PREFIX."groups WHERE group_id=$group_id";\r
if ($_SERVER['PHP_SELF'] == $_base_path.'links/add.php') {\r
$sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE (owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.") ORDER BY parent_id, name";\r
} else if ($manage) {\r
- if ( authenticate(AT_PRIV_GROUPS, true) ) { //everything but group-named cats\r
+ $sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE ";\r
+ if ( authenticate(AT_PRIV_GROUPS, true) && authenticate(AT_PRIV_COURSE, true) ) { \r
if ($list) {\r
- $sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE (owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.") OR (owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP." AND name<>'') ORDER BY parent_id, name";\r
+ $sql .= "(owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.") OR (owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP." AND name<>'')";\r
} else {\r
+ $sql .= "(owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.") OR (owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP.")";\r
+ }\r
\r
- $sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE (owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.") OR (owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP.") ORDER BY parent_id, name";\r
+ } else if ( authenticate(AT_PRIV_LINKS, true) ) {\r
+ $sql .= "(owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.")";\r
+ if (!empty($groups)) {\r
+ $sql .= " OR (owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP.")"; \r
}\r
- } else if (!empty($groups)) { \r
- if ($list) { //only group subcats\r
- $sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP." AND name<>'' ORDER BY parent_id, name";\r
- } else { //only group cats and subcats \r
- $sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP." ORDER BY parent_id, name";\r
+ } else if ( authenticate(AT_PRIV_GROUPS, true) || !empty($groups) ) { \r
+ if ($list) {\r
+ $sql .= "(owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP." AND name<>'')";\r
+ } else {\r
+ $sql .= "(owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP.")";\r
}\r
- } \r
-\r
+ } \r
+ $sql .= " ORDER BY parent_id, name";\r
} else {\r
if (!empty($groups)) {\r
$sql = "SELECT * FROM ".TABLE_PREFIX."links_categories WHERE (owner_id=$_SESSION[course_id] AND owner_type=".LINK_CAT_COURSE.") OR (owner_id IN ($groups) AND owner_type=".LINK_CAT_GROUP.") ORDER BY parent_id, name";\r
$result = mysql_query($sql, $db);\r
\r
while ($row = mysql_fetch_assoc($result)) {\r
-\r
//if group, get name\r
if (empty($row['name'])) {\r
$row['name'] = get_group_name($row['owner_id']);\r
$categories[0][] = $row['cat_id'];\r
}\r
}\r
- \r
- //sort($categories, SORT_STRING);\r
-\r
- //debug($categories);\r
\r
return $categories;\r
}\r