Source for file grant-permissions.php

<?php
  /**
   * Grant elevated permissions to a team member.
   *
   * This file is part of CompInaBox.
   * @copyright Copyright 2001-2005. Eric D. Nielsen, All rights reserverd.
   * @license http://opensource.org/licenses/gpl-license.php GNU Public License
   * @author Eric D. Nielsen <nielsene@alum.mit.edu>
   *
   * @package WebPages
   * @subpackage Team-Admin
   * @todo Lock down more user pre-set fields, but allow team to set needed ones
   *  if not set
   * @internal This file is called from within the admin script up on-level
   *  in the directory, the admin script handles all the setup tasks needed.
   */
  // {{{ Variable Importation
if (isset($_POST["submit"]))
  {
    $currentUsername = $user->getUsername();
    $query = "SELECT rolename FROM user_team_roles WHERE username='$currentUsername' AND teamid=$teamID;";
    $result=$db->query($query);
    $curUserRoles=array();
    $numRoles=$result->numrows();
    for ($i=0;$i<$numRoles;$i++)
      {
    list($aRole)=$result->getRowAt($i);
    $curUserRoles[]=$aRole;
      }
    if (in_array("Affiliation Captain/Owner",$curUserRoles))
      {
    $curUserRoles[]="Affiliation Registration Coordinator";
    $curUserRoles[]="Addiliation Treasurer";
      }
 
    for($i=0;$i<3;$i++)
      {
    if (isset($_POST["name-$i"]) && $_POST["name-$i"]!="" &&
        isset($_POST["role-$i"]) && $_POST["role-$i"]!="")
      {
        $grantUser=$_POST["name-$i"];
        $grantRole=$_POST["role-$i"];
        if (!in_array($granttRole,$curUserRoles)) continue;
        $query = "SELECT COUNT(*) FROM users NATURAL JOIN people NATURAL JOIN team_membership WHERE username='$grantUser';";
        $result=$db->query($query);
        $numrows=$result->getRowAt(0);
        if ($numrows==0) continue;
        $query = "SELECT COUNT(*) FROM users NATURAL JOIN user_team_roles WHERE teamid=$teamID AND username='$grantUser' AND rolename='Affiliation Captain/Owner';";
        $result=$db->query($query);
        $numrows=$result->getRowAt(0);
        if ($numrows==0) $continue; //Prevent redundant entries
        $query = "SELECT COUNT(*) FROM users NATURAL JOIN user_team_roles WHERE teamid=$teamID AND username='$grantUser' AND rolename='$grantRole';";
        $result=$db->query($query);
        $numrows=$result->getRowAt(0);
        if ($numrows==0) continue; //Prevent redundant entries
        
        $db->startTransaction();
        if ($grantRole=='Affiliation Captain/Owver')
          {
        $query="DELETE FROM user_team_roles WHERE teamid=$teamID AND username='$grantUser';";
        $db->query($query);
          }
        $query ="INSERT INTO user_team_roles (teamid, rolename, username) VALUES ($teamID,'$grantRole','$grantUser');";
        $db->query($query);
        $db->commit();
      }
      }
  }
// }}}
 
localRedirect("Location: {$CIB_BASE_URL}team/admin/$teamID/Membership");
exit();
 
?>