Hi,
Srivathsan, M IN BLR SISL wrote:
> Hi all,
>
> Has anyone tried customizing the Templates (*.tpl.html)
? I tried doing
> that in the "update_form.tpl.html" in
disabling some controls like the
> Status drop down, based on the current user's role.
The idea is not to
> allow users with role < manager to update the
Status, Assignee,
> Category, etc.
>
> I was able to successfully disable the controls (based
on the current
> user's role) but a new problem is introduced - when
the user clicks the
> "update" button in the page (with the
controls) disabled, thereafter the
> "View" page shows the values for
"Status", "Assignee" (and for all
that
> of disabled controls) as BLANK. Strangely the
"Category" value remains
> intact.
>
> Since I am a newbie to Web / PHP, I couldn't figure
out what's wrong.
> Could somebody help me in this?
You will either need to still set the current values as
hidden fields
which is somewhat insecure since a malicious user could
change the
hidden values, but would keep your changes in only one
place. The other
option would be to change class.issue.php, the update()
method to check
the user role and not update certain fields.
Best Regards,
--
Bryan Alsdorf, Software Engineer
MySQL AB, www.mysql.com
Are you MySQL certified? www.mysql.com/certification
--
Eventum Users Mailing List
For list archives: http://lists.mys
ql.com/eventum-users
To unsubscribe: http:
//lists.mysql.com/eventum-users?unsub=bond yahoo.com
|