prcs_role.php

极限网络智能办公系统 Office Automation V3.0官方100％源代码.

<?
include_once("inc/auth.php");

function prcs_role($FLOW_ID,$PRCS_ID)
{
  global $connection,$LOGIN_USER_ID,$LOGIN_DEPT_ID,$LOGIN_USER_PRIV;
  $PRCS_ROLE=0;

  $query_str="";
  if($FLOW_ID!=0)
     $query_str.=" and FLOW_ID=$FLOW_ID";
  if($PRCS_ID!=0)
     $query_str.=" and PRCS_ID=$PRCS_ID";

   $query = "SELECT FLOW_TYPE from FLOW_TYPE where FLOW_TYPE=2";
   if($FLOW_ID!=0)
      $query.=" and FLOW_ID=$FLOW_ID";
   $cursor= exequery($connection,$query);
   if($ROW=mysql_fetch_array($cursor)) //自由流程
      return 1;

  $query = "SELECT * from FLOW_PROCESS where (PRCS_USER like '%,$LOGIN_USER_ID,%' or PRCS_USER like '$LOGIN_USER_ID,%')".$query_str;
  $cursor = exequery($connection,$query);
  if($ROW=mysql_fetch_array($cursor))
     return 1;

  $query = "SELECT * from FLOW_PROCESS where (InStr(PRCS_DEPT,',$LOGIN_DEPT_ID,')>0 or InStr(PRCS_DEPT,'$LOGIN_DEPT_ID,')=1)".$query_str;;
  $cursor= exequery($connection,$query);
  if($ROW=mysql_fetch_array($cursor))
     return 1;

  $query = "SELECT * from FLOW_PROCESS where (InStr(PRCS_PRIV,',$LOGIN_USER_PRIV,')>0 or InStr(PRCS_PRIV,'$LOGIN_USER_PRIV,')=1)".$query_str;;
  $cursor= exequery($connection,$query);
  if($ROW=mysql_fetch_array($cursor))
        return 1;

  if($PRCS_ID==0)
  {
     $query = "SELECT * from FLOW_TYPE where (MANAGE_USER like '%,$LOGIN_USER_ID,%' or MANAGE_USER like '$LOGIN_USER_ID,%' or QUERY_USER like '%,$LOGIN_USER_ID,%' or QUERY_USER like '$LOGIN_USER_ID,%') and FLOW_ID=$FLOW_ID";
     $cursor = exequery($connection,$query);
     if($ROW=mysql_fetch_array($cursor))
        return 1;
  }

  return 0;
}

function run_role($RUN_ID,$PRCS_ID) //指定步骤或所有步骤实际经办人,管理员,监控人有权
{
  global $connection,$LOGIN_USER_ID,$LOGIN_USER_PRIV;

  if($LOGIN_USER_PRIV=="1")
     return 1;

  $query_str=" and RUN_ID=$RUN_ID";
  if($PRCS_ID!="0")
     $query_str.=" and PRCS_ID=$PRCS_ID";

  $query = "SELECT * from FLOW_RUN_PRCS where USER_ID='$LOGIN_USER_ID'".$query_str;
  $cursor = exequery($connection,$query);
  if($ROW=mysql_fetch_array($cursor))
     return 1;

  $query = "SELECT * from FLOW_RUN where RUN_ID=$RUN_ID";
  $cursor = exequery($connection,$query);
  if($ROW=mysql_fetch_array($cursor))
     $FLOW_ID=$ROW["FLOW_ID"];
  else
     return 0;

  $query = "SELECT * from FLOW_TYPE where (MANAGE_USER like '%,$LOGIN_USER_ID,%' or MANAGE_USER like '$LOGIN_USER_ID,%' or QUERY_USER like '%,$LOGIN_USER_ID,%' or QUERY_USER like '$LOGIN_USER_ID,%') and FLOW_ID=$FLOW_ID";
  $cursor = exequery($connection,$query);
  if($ROW=mysql_fetch_array($cursor))
     return 2;

  return 0;
}
?>