username . ' attempted to update ' . $name . ' but does not have sufficient permissions','3'); } return false; } // update /** * has_access * This checks to see if the current user has access to modify this preference * as defined by the preference name */ public static function has_access($preference) { // Nothing for those demo thugs if (Config::get('demo_mode')) { return false; } $preference = Dba::escape($preference); $sql = "SELECT `level` FROM `preference` WHERE `name`='$preference'"; $db_results = Dba::query($sql); if ($GLOBALS['user']->has_access($data['level'])) { return true; } return false; } // has_access /** * id_from_name * This takes a name and returns the id */ public static function id_from_name($name) { $name = Dba::escape($name); $sql = "SELECT `id` FROM `preference` WHERE `name`='$name'"; $db_results = Dba::query($sql); $row = Dba::fetch_assoc($db_results); return $row['id']; } // id_from_name /** * name_from_id * This returns the name from an id, it's the exact opposite * of the function above it, amazing! */ public static function name_from_id($id) { $id = Dba::escape($id); $sql = "SELECT `name` FROM `preference` WHERE `id`='$id'"; $db_results = Dba::query($sql); $row = Dba::fetch_assoc($db_results); return $row['name']; } // name_from_id /** * insert * This inserts a new preference into the preference table * it does NOT sync up the users, that should be done independtly */ public static function insert($name,$description,$default,$level,$type,$catagory) { // Clean em up $name = Dba::escape($name); $description = Dba::escape($description); $default = Dba::escape($default); $level = Dba::escape($level); $type = Dba::escape($type); $catagory = Dba::escape($catagory); $sql = "INSERT INTO `preference` (`name`,`description`,`value`,`level`,`catagory`) " . "VALUES ('$name','$description','$default','$level','$catagory')"; $db_results = Dba::query($sql); if (!$db_results) { return false; } return true; } // insert } // end Preference class