From 1a5d32fbbe96ab2d936693020bb24bed4a1af78e Mon Sep 17 00:00:00 2001
From: Karl 'vollmerk' Vollmer <vollmer@ampache.org>
Date: Thu, 12 Jul 2007 05:45:48 +0000
Subject: fixed level updating for admin preferences

---
 lib/class/user.class.php              |  4 ++--
 lib/class/vainfo.class.php            |  2 +-
 lib/preferences.php                   | 16 +++++++++++-----
 templates/show_preference_box.inc.php | 10 +++++++++-
 4 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/lib/class/user.class.php b/lib/class/user.class.php
index d2afc339..d6c6ae69 100644
--- a/lib/class/user.class.php
+++ b/lib/class/user.class.php
@@ -138,7 +138,7 @@ class User {
 		}
 
 	
-		$sql = "SELECT preference.name, preference.description, preference.catagory, user_preference.value " . 
+		$sql = "SELECT preference.name, preference.description, preference.catagory, preference.level, user_preference.value " . 
 			"FROM preference INNER JOIN user_preference ON user_preference.preference=preference.id " .
 			"WHERE user_preference.user='$user_id' $user_limit";
 		$db_results = Dba::query($sql);
@@ -148,7 +148,7 @@ class User {
 			$type = $r['catagory'];
 			$admin = false;
 			if ($type == 'system') { $admin = true; }
-			$type_array[$type][$r['name']] = array('name'=>$r['name'],'description'=>$r['description'],'value'=>$r['value']);
+			$type_array[$type][$r['name']] = array('name'=>$r['name'],'level'=>$r['level'],'description'=>$r['description'],'value'=>$r['value']);
 			ksort($type_array[$type]); 
 			$results[$type] = array ('title'=>ucwords($type),'admin'=>$admin,'prefs'=>$type_array[$type]);
 		} // end while
diff --git a/lib/class/vainfo.class.php b/lib/class/vainfo.class.php
index 85b12659..c7197054 100755
--- a/lib/class/vainfo.class.php
+++ b/lib/class/vainfo.class.php
@@ -92,7 +92,7 @@ class vainfo {
 			$this->_raw = $this->_getID3->analyze($this->filename);
 		} 
 		catch (Exception $error) { 
-			debug_event('getid3',$e->message,'1'); 
+			debug_event('getid3',$error->message,'1'); 
 		} 
 
 		/* Figure out what type of file we are dealing with */
diff --git a/lib/preferences.php b/lib/preferences.php
index 3b150e00..22555ddd 100644
--- a/lib/preferences.php
+++ b/lib/preferences.php
@@ -140,6 +140,7 @@ function update_preferences($pref_id=0) {
 function update_preference($user_id,$name,$pref_id,$value) { 
 
 	$apply_check = "check_" . $name;
+	$level_check = "level_" . $name; 
 
 	/* First see if they are an administrator and we are applying this to everything */
 	if ($GLOBALS['user']->has_access(100) AND make_bool($_REQUEST[$apply_check])) { 
@@ -147,6 +148,11 @@ function update_preference($user_id,$name,$pref_id,$value) {
 		$db_results = Dba::query($sql);
 		return true;
 	}
+
+	/* Check and see if they are an admin and the level def is set */
+	if ($GLOBALS['user']->has_access(100) AND make_bool($_REQUEST[$level_check])) { 
+		update_preference_level($pref_id,$_REQUEST[$level_check]); 
+	} 
 	
 	/* Else make sure that the current users has the right to do this */
 	if (has_preference_access($name)) { 
@@ -493,13 +499,13 @@ function get_preferences() {
  * This function updates the level field in the preferences table
  * this has nothing to do with a users actuall preferences
  */
-function update_preference_level($name,$level) { 
+function update_preference_level($pref_id,$level) { 
 
-	$name 	= sql_escape($name);
-	$level 	= sql_escape($level);
+	$name 	= Dba::escape($pref_id);
+	$level 	= Dba::escape($level);
 
-	$sql = "UPDATE preferences SET `level`='$level' WHERE `name`='$name'";
-	$db_results = mysql_query($sql,dbh());
+	$sql = "UPDATE `preference` SET `level`='$level' WHERE `id`='$pref_id'";
+	$db_results = Dba::query($sql);
 
 	return true;
 
diff --git a/templates/show_preference_box.inc.php b/templates/show_preference_box.inc.php
index 7fa4ae72..b6f2f169 100644
--- a/templates/show_preference_box.inc.php
+++ b/templates/show_preference_box.inc.php
@@ -47,7 +47,15 @@ if (($GLOBALS['user']->has_access(100) OR !Config::get('use_auth')) AND $_REQUES
 		<?php if ($is_admin) { ?>
 			<td align="center"><input type="checkbox" name="check_<?php echo $pref['name']; ?>" value="1" /></td>
 			<td align="center">
-
+				<?php $name = 'on_' . $pref['level']; ${$name} = 'selected="selected"';  ?> 
+				<select name="level_<?php echo $pref['name']; ?>">
+					<option value="5" <?php echo $on_5; ?>><?php echo _('Guest'); ?></option> 
+					<option value="25" <?php echo $on_25; ?>><?php echo _('User'); ?></option>
+					<option value="50" <?php echo $on_50; ?>><?php echo _('Content Manager'); ?></option>
+					<option value="75" <?php echo $on_75; ?>><?php echo _('Catalog Manager'); ?></option>
+					<option value="100" <?php echo $on_100; ?>><?php echo _('Admin'); ?></option>
+				</select> 
+				<?php unset(${$name}); ?>
 			</td>
 		<?php } ?>
 	</tr>
-- 
cgit