But to simplify the example I left out the V permission. Because if you add the V permission again it is possible to go into edit mode from the view screen, surpassing the restrictions we had set in the table view. To fix this we have to redefine the edit button on the view screen. This is a little bit harder to do, but with a little effort we can make this work too.
First we have to figure out that we are in the view screen. In the constructor add the following code after $this->Editor->main($data->action,$data->info); .
- Code: Select all
if($data->action == 'view_row')
{
$this->Editor->retArr[] = array('where' => 'javascript', 'value' => 'redefineEditButton(\''.$data->info.'\');');
}
The last code finds if we are in view mode and calls a new javascript function redefineEditButton. Put the new javascript function somewhere in your html page (eg inside the displayHtml function)
- Code: Select all
<script type="text/javascript">
function redefineButtons(id)
{
$$('#viewRowButtons button').each(function(btn)
{
if(btn.innerHTML == 'Edit')
{
$(btn).remove();
}
});
}
</script>
This will remove the edit button from the edit screen and your code is consistent again.
But this is the easy way out. If we go one step further we can also redefine the button and check on the department the row belongs to. Instead of removing the button we can change the onclick event of the button to call a useraction.
- Code: Select all
<script type="text/javascript">
function redefineButtons(id)
{
$$('#viewRowButtons button').each(function(btn)
{
if(btn.innerHTML == 'Edit')
{
$(btn).onclick=function(){toAjaxTableEditor("cond_edit",id);};
}
});
}
</script>
Now all we have left to do is the create the useraction cond_edit and the php function that checks the department setting.
In the iniateEditor function add the user action:
- Code: Select all
$userActions = array('cond_edit' => array(&$this,'conditionalEdit'));
$this->Editor->setConfig('userActions',$userActions);
And as the last step we add the callback function conditionalEdit. Since we only have the id of the record we have to re-query the databse for the department.:
- Code: Select all
function conditionalEdit($id)
{
$sql = "SELECT department FROM employees WHERE id='".$id."'";
$res = mysql_query($sql) or die(mysql_error());
$info = mysql_fetch_assoc($res);
if(! strcmp($info['department'],'Sales'))
{
$this->Editor->retArr[] = array('where' => 'javascript', 'value' =>'toAjaxTableEditor(\'edit_row\',\''.$id.'\');');
} else {
$this->Editor->retArr[] = array('where' => 'javascript', 'value' => 'alert("Only employees from the Sales department can be edited")');
}
}
And here is the complete code for the script
- Code: Select all
<?php
/*
* Mysql Ajax Table Editor
*
* Copyright (c) 2008 Chris Kitchen <info@mysqlajaxtableeditor.com>
* All rights reserved.
*
* See COPYING file for license information.
*
* Download the latest version from
* http://www.mysqlajaxtableeditor.com
*/
require_once('Common.php');
require_once('php/lang/LangVars-en.php');
require_once('php/AjaxTableEditor.php');
class SpecialEdit2 extends Common
{
var $Editor;
function displayHtml()
{
?>
<br />
<div align="left" style="position: relative;"><div id="ajaxLoader1"><img src="images/ajax_loader.gif" alt="Loading..." /></div></div>
<br />
<div id="historyButtonsLayer" align="left">
</div>
<div id="historyContainer">
<div id="information">
</div>
<div id="titleLayer" style="padding: 2px; font-weight: bold; font-size: 18px; text-align: center;">
</div>
<div id="tableLayer" align="center">
</div>
<div id="recordLayer" align="center">
</div>
<div id="searchButtonsLayer" align="center">
</div>
</div>
<script type="text/javascript">
trackHistory = false;
var ajaxUrl = '<?php echo $_SERVER['PHP_SELF']; ?>';
toAjaxTableEditor('update_html','');
</script>
<script type="text/javascript">
function redefineEditButton(id)
{
$$('#viewRowButtons button').each(function(btn)
{
if(btn.innerHTML == 'Edit')
{
$(btn).onclick=function(){toAjaxTableEditor("cond_edit",id);};
}
});
}
</script>
<?php
}
function initiateEditor()
{
$tableColumns['id'] = array('display_text' => 'ID', 'perms' => 'TVQSXO');
$tableColumns['first_name'] = array('display_text' => 'First Name', 'perms' => 'EVCTAXQSHO');
$tableColumns['last_name'] = array('display_text' => 'Last Name', 'perms' => 'EVCTAXQSHO');
$tableColumns['email'] = array('display_text' => 'Email', 'perms' => 'EVCTAXQSHO');
$tableColumns['department'] = array('display_text' => 'Department', 'perms' => 'EVCTAXQSHO', 'select_array' => array('Accounting' => 'Accounting', 'Marketing' => 'Marketing', 'Sales' => 'Sales', 'Production' => 'Production'));
$tableColumns['hire_date'] = array('display_text' => 'Hire Date', 'perms' => 'EVCTAXQSHO', 'display_mask' => 'date_format(hire_date,"%d %M %Y")', 'calendar' => '%d %B %Y','col_header_info' => 'style="width: 250px;"');
$tableName = 'employees';
$primaryCol = 'id';
$errorFun = array(&$this,'logError');
$permissions = 'VEAIDQCSXHO';
$this->Editor = new AjaxTableEditor($tableName,$primaryCol,$errorFun,$permissions,$tableColumns);
$this->Editor->setConfig('tableInfo','cellpadding="1" width="1000" class="mateTable"');
$this->Editor->setConfig('orderByColumn','first_name');
$this->Editor->setConfig('addRowTitle','Add Employee');
$this->Editor->setConfig('editRowTitle','Edit Employee');
$this->Editor->setConfig('removeIcons','E');
$userIcons[] = array('format_fun' => array(&$this,'getEditIcon'));
$this->Editor->setConfig('userIcons',$userIcons);
$userActions = array('cond_edit' => array(&$this,'conditionalEdit'));
$this->Editor->setConfig('userActions',$userActions);
}
function conditionalEdit($id)
{
$sql = "SELECT department FROM employees WHERE id='".$id."'";
$res = mysql_query($sql) or die(mysql_error());
$info = mysql_fetch_assoc($res);
if(! strcmp($info['department'],'Sales'))
{
$this->Editor->retArr[] = array('where' => 'javascript', 'value' =>'toAjaxTableEditor(\'edit_row\',\''.$id.'\');');
} else {
$this->Editor->retArr[] = array('where' => 'javascript', 'value' => 'alert("Only employees from the Sales department can be edited")');
}
}
function getEditIcon($info)
{
$iconHtml = '';
$numIcons = 0;
if(! strcmp($info['department'],'Sales'))
{
// Return edit icon with normal edit function
$iconHtml .= '<li class="edit"><a href="javascript: toAjaxTableEditor(\'edit_row\',\''.$info['id'].'\');" title="Edit"></a></li>';
} else {
// Return edit icon with with an alert message and do nothing.
$iconHtml .= '<li class="edit"><a href="#" onclick=\'alert("Only employees from the Sales department can be edited");\' title="Edit"></a></li>';
}
$numIcons++;
return array('icon_html' => $iconHtml, 'num_icons' => $numIcons);
}
function SpecialEdit2()
{
if(isset($_POST['json']))
{
session_start();
// Initiating lang vars here is only necessary for the logError, and mysqlConnect functions in Common.php.
// If you are not using Common.php or you are using your own functions you can remove the following line of code.
$this->langVars = new LangVars();
$this->mysqlConnect();
if(ini_get('magic_quotes_gpc'))
{
$_POST['json'] = stripslashes($_POST['json']);
}
if(function_exists('json_decode'))
{
$data = json_decode($_POST['json']);
}
else
{
require_once('php/JSON.php');
$js = new Services_JSON();
$data = $js->decode($_POST['json']);
}
if(empty($data->info) && strlen(trim($data->info)) == 0)
{
$data->info = '';
}
$this->initiateEditor();
$this->Editor->main($data->action,$data->info);
if($data->action == 'view_row')
{
$this->Editor->retArr[] = array('where' => 'javascript', 'value' => 'redefineEditButton(\''.$data->info.'\');');
}
if(function_exists('json_encode'))
{
echo json_encode($this->Editor->retArr);
}
else
{
echo $js->encode($this->Editor->retArr);
}
}
else if(isset($_GET['export']))
{
session_start();
ob_start();
$this->mysqlConnect();
$this->initiateEditor();
echo $this->Editor->exportInfo();
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-type: application/x-msexcel");
header('Content-Type: text/csv');
header('Content-Disposition: attachment; filename="'.$this->Editor->tableName.'.csv"');
exit();
}
else
{
$this->displayHeaderHtml();
$this->displayHtml();
$this->displayFooterHtml();
}
}
}
$lte = new SpecialEdit2();
?>
Have fun!
Karel