[feladat @ 103]
Created function to add a so-called sub-owner to a record.
--- a/edit.php Sat Dec 29 14:42:34 2007 +0000
+++ b/edit.php Tue Jan 01 20:36:17 2008 +0000
@@ -27,10 +27,10 @@
if (!is_array($_POST['rowid'])) {
$recordOwnerError = 'No records where selected to assign an sub-owner.';
} else {
- foreach ($_POST["rowid"] as $x_user => $x_value){
- $x_userid = $db->queryOne("SELECT id FROM record_owners WHERE user_id = '".$_POST["userid"]."' AND record_id='".$x_value."'");
+ foreach ($_POST["rowid"] as $x_user => $recordid){
+ $x_userid = $db->queryOne("SELECT id FROM record_owners WHERE user_id = '".$_POST["userid"]."' AND record_id='".$recordid."'");
if (empty($x_userid)) {
- $db->query("INSERT INTO record_owners (user_id, record_id) VALUES ('".$_POST["userid"]."','".$x_value."')");
+ add_record_owner($_GET["id"],$_POST["userid"],$recordid);
}
}
}
--- a/inc/record.inc.php Sat Dec 29 14:42:34 2007 +0000
+++ b/inc/record.inc.php Tue Jan 01 20:36:17 2008 +0000
@@ -148,6 +148,25 @@
}
+function add_record_owner($zoneid,$userid,$recordid)
+{
+ global $db;
+ if (!xs($zoneid))
+ {
+ echo "debug: $zoneid";
+ error(ERR_RECORD_ACCESS_DENIED);
+ }
+ if (is_numeric($zoneid) || is_numeric($userid) || is_numeric($recordid))
+ {
+ $db->query("INSERT INTO record_owners (user_id, record_id) VALUES ('".$userid."','".$recordid."')");
+ return true;
+ }
+ else
+ {
+ error(sprintf(ERR_INV_ARGC, "add_record_owner", "at least one of the arguments is not numeric"));
+ }
+}
+
/*
* Adds a record.
* This function validates it if correct it inserts it into the database.