1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12:
13:
14: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
15:
16: function cCatPerm($widcat, $db = NULL) {
17: global $cfg, $sess, $auth, $group_id, $_arrCatIDs_cCP;
18:
19: if (strpos($auth->auth['perm'], 'admin') !== FALSE) {
20: return true;
21: }
22:
23: if (is_null($db) || !is_object($db)) {
24: $db = cRegistry::getDb();
25: }
26:
27: $group_ids = getGroupIDs($db);
28: $group_ids[] = $db->escape($auth->auth['uid']);
29:
30: if (!is_array($_arrCatIDs_cCP)) {
31: $_arrCatIDs_cCP = array();
32:
33: $sql_inc = " user_id='";
34: $sql_inc .= implode("' OR user_id='", $group_ids) . "' ";
35: $sql = "SELECT idcat FROM " . $cfg['tab']['rights'] . "
36: WHERE idarea=6 AND idaction=359 AND ($sql_inc)";
37:
38: $db->query($sql);
39:
40: while ($db->nextRecord()) {
41: $_arrCatIDs_cCP[$db->f('idcat')] = '';
42: }
43: }
44:
45: return array_key_exists($widcat, $_arrCatIDs_cCP);
46: }
47:
48: function getGroupIDs(&$db) {
49: global $cfg, $sess, $auth, $group_id, $_arrGroupIDs_gGI;
50:
51: if (is_array($_arrGroupIDs_gGI)) {
52: return $_arrGroupIDs_gGI;
53: }
54:
55: $sql = "SELECT group_id FROM " . $cfg["tab"]["groupmembers"] . " WHERE user_id='" . $db->escape($auth->auth["uid"]) . "'";
56: $db->query($sql);
57:
58: $_arrGroupIDs_gGI = array();
59:
60: while ($db->nextRecord())
61: $_arrGroupIDs_gGI[] = $db->f('group_id');
62:
63: return $_arrGroupIDs_gGI;
64: }
65:
66: ?>