Choose your database:
AnySQL
MySQL
MS SQL Server
PostgreSQL
SQLite
Firebird
Oracle
SQL Anywhere
DB2
MaxDB

Subscribe to our news:
Partners
Testimonials
Peter Robinson: "As a tech savvy company director, I wanted an inexpensive web based database application to manage all aspects of my business. As with most humans I find developing purely by CLI very hard and do not have the will or time to invest in improving my skills. I was looking to find a nice human friendly GUI to design and build my application, which is when I came across PHP Generator for MySQL.

Whilst you still need a great understanding of logic and a small amount of programming ability to get the specific results you require, I am very happy with the speed of progress I have been making with this invaluable tool.

With all the standard libraries included, this product makes normal requirements such as JavaScript form validation, lookup selectors, on click events, auto complete, detailed searches, multiformat exports, rss feeds and username security straight forward and quick.

Having any changes made via the GUI written to the web server at the click of a button makes testing out ideas quick and easy without fear of breaking your application.

To conclude, I couldn't find any other product on the market that came close to offering the amount of options this does, and I do hope that more products like this come out in the future, with the hope of eventually eradicating the need to program all together".

Tony Broadbent: "Such a great product! I have been struggling to hand craft pages which, with your PHP Generator, I created beautifully within 5 minutes of downloading it".

More

Add your opinion

PHP Generator for MySQL online Help

Prev Return to chapter overview Next

OnGetCustomRecordPermissions

This event allows you to customize record-level permissions.

 

Signature:

function OnGetCustomRecordPermissions($page, &$usingCondition, $rowData,

       &$allowEdit, &$allowDelete, &$mergeWithDefault, &$handled)

 

Parameters:

$page

An instance of the Page class.

$usingCondition

Any logical SQL expression. Rows for which the expression returns true will be visible

$rowData

The associative array of values that corresponds currently processed row

$allowEdit

If true, the user can edit values of the currently processed row.

$allowDelete

If true, the user can delete the currently processed row.

$mergeWithDefault

Indicates whether custom permissions should be merged with default ones (if any). Default value is true.

$handled

A parameter to indicate whether the new permissions should be applied. Set $handled to true to apply the changes.

 

Example

Assume we have a small company with several sales departments. All users of our application are sales managers, which work in one of these departments. Each such user can work as an ordinary manager or as a head manager of the department. Our challenge is to grant privileges in the following way:

 

- Ordinary managers must have full access to their own sales records except completed ones. They should have no access to the sales made by other managers.

- Head managers must have full access to all sales records of the department. They should have no access to sales of other departments.

 

To implement the scenario above, the following code can be used:

 

// do not apply these rules for site admins

if (GetApplication()->IsLoggedInAsAdmin()) {

    return;

 

// retrieving the ID of the current user

$userId = $page->GetCurrentUserId();

    

// retrieving the ID of sales department and the status of the current user

$sql = "SELECT sales_department_id, is_head_manager " . 

       "FROM phpgen_users WHERE user_id = $userId";

$result = $page->GetConnection()->fetchAll($sql);

 

if (empty($result))

    return;

  

$salesDepartmentId = $result[0]['sales_department_id']; 

$isHeadManager = (boolean) $result[0]['is_head_manager'];

 

// Granting permissions according to the scenario

$allowEdit = $isHeadManager || !$rowData['completed'];

$allowDelete = $isHeadManager || !$rowData['completed'];

 

// Specifying the condition to show only necessary records 

if ($isHeadManager) {

    $sql = 'manager_id IN '.

           '(SELECT user_id FROM phpgen_users WHERE sales_department_id = %d)';

    $usingCondition = sprintf($sql, $salesDepartmentId);

} else {

    $usingCondition = sprintf('manager_id = %d', $userId);

}

 

// apply granted permissions

$handled = true;

  

// Do not merge the new record permissions with default ones (true by default).

// We have to add this line, otherwise head managers will not be able to see

// sales made by other managers of the department. 

$mergeWithDefault = false;

 

See also: OnGetCustomPagePermissions.

 



Prev Return to chapter overview Next