Loading ...
Sorry, an error occurred while loading the content.

Inline Edit with privilege consideration

Expand Messages
  • He Colin
    Hello, I am trying to use Inline Edit feature in Data Table component. but I don t want any one can edit the table content, only some one with privileges can
    Message 1 of 3 , Jul 3, 2007
    • 0 Attachment
      Hello,

      I am trying to use Inline Edit feature in Data Table
      component. but I don't want any one can edit the table
      content, only some one with privileges can edit the
      table content. How could I achieve that? Is there any
      sample codes?

      Thanks,



      ____________________________________________________________________________________
      No need to miss a message. Get email on-the-go
      with Yahoo! Mail for Mobile. Get started.
      http://mobile.yahoo.com/mail
    • alexshusta
      Ah, an excellent idea. You ll want to perform a server side check of the users credentials and offer two versions of the DataTable... don t worry it s not
      Message 2 of 3 , Jul 3, 2007
      • 0 Attachment

        Ah, an excellent idea.

        You'll want to perform a server side check of the users credentials and offer two versions of the DataTable... don't worry it's not difficult. The difference between an editable and non-editable cell is that an editable cell has an "editor" ("textbox" or "textarea") assigned to it and that there's a function set up to handle edit events (got to get the data back to the server somehow).

        Extending the example from http://developer.yahoo.com/yui/examples/datatable/inlineediting.html... If we're using a PHP back end to prepare the page we could check if the user has a cookie indicating that they are allowed to edit the DataTable. If they do, we insert "editor" values for those fields that are editable. If they don't, we just display the same thing, without the "editor" values.

        Here's a link to a functioning example: http://www.shusta.org/articles/YUI/cookiePrivs.php

        The code from that example follows.

        ~Alexander

        <?php
         /**
         * @author: Alexander Shusta
         * Uses extensive code from the YUI example
        at: http://developer.yahoo.com/yui/examples/datatable/inlineediting.html
         */
         
         /**
         * Example that checks the user's cookies to see if they've been
         * authorized to edit the DataTable and gives appropriate output
         * based on that.
         * NOTE: This is not secure as cookies can be forged if they don't
         * include the proper countermeasures. See:
        http://us2.php.net/setcookie for cookies
         * in PHP, for security with cookies in PHP see:
        http://safari.awprofessional.com/059600656X/phpsec-CHP-4
         */
        ?>
        <?php
        if(!empty($_GET['aCookie'])){
        // if the user clicked the 'get a cookie' button, set a cookie
         setcookie("authoringCookie", "true");
         header('Location: cookiePrivs.php'); //force a reload so the user can immediately user their editing privs
        }
        ?>
        <html>
         <head>
          <title>Cookies and PHP and Editing DataTables</title>
          <!-- Required CSS -->
          <link type="text/css" rel="stylesheet" href="
        http://yui.yahooapis.com/2.2.2/build/datatable/assets/datatable.css">
          <!-- Dependencies -->
          <script type="text/javascript" src="
        http://yui.yahooapis.com/2.2.2/build/yahoo-dom-event/yahoo-dom-event.js"></script>
          <!-- Source files -->
          <script type="text/javascript" src="
        http://yui.yahooapis.com/2.2.2/build/datasource/datasource-beta-min.js"></script>
          <script type="text/javascript" src="
        http://yui.yahooapis.com/2.2.2/build/datatable/datatable-beta-min.js"></script>
          
          <style type="text/css">
          /* custom css*/
          #editing {margin:1em;}
          #editing table {border-collapse:collapse;}
          #editing th, #editing td {border:1px solid #000;padding:.25em;}
          #editing th {background-color:#696969;color:#fff;}/*dark gray*/
          #editing .yui-dt-odd {background-color:#eee;} /*light gray*/
          #editing .yui-dt-editable.yui-dt-highlight {background-color:#BEDAFF;} /*light blue*/
                </style>
         </head>
         <body>
          <h1>Cookies and PHP and Editing DataTables</h1>
          <p>On initial load the datatable cannot be edited, but if you click the 'Get an editing privs cookie' button the page will give your browser a cookie that is checked on reload (which conveniently happens immediately). If you've got the cookie you can edit the datatable.</p>
          <p>A less degenerate example would have the cookie setting and page display on separate pages (like a login page and an editing page), but this was a nice way to get everything into one short file.</p>
          <form action="cookiePrivs.php" method="GET">
           <input type="submit" value="Get an editing privs cookie" name="aCookie">
          </form>
          <div id="editing"></div>
         </body>
        <script type="text/javascript" src="data.js"></script>
        <script type="text/javascript">
        <?php
         /**
         * This is where you'll differentiate between common visitors
         * and mighty editors. There are a couple equally valid approaches
         * at this juncture. I'm going to perform a single cookie check
         * and emit an entire block of js. Another way to do this is to
         * escape into PHP from the js and perform an cookie check for each
         * column (like if there were different cookies that determine edit
         * access on each column). The single check will result in a lower server
         * load, though not by much, and a shorter authoring time for the demo.
         */
        ?>
        var myColumnHeaders = [
        <?php
         // For info on the weird <<< syntax see:
        http://us2.php.net/manual/en/language.types.string.php#language.types.string.syntax.heredoc
         // if the user is an editor
         if($_COOKIE['authoringCookie'] != null){
          echo <<<EndAuthorBlock
            {key:"SKU"},
            {key:"Quantity",editor:"textbox"},
            {key:"Item",editor:"textbox"},
            {key:"Description",editor:"textarea"}
        ];
        EndAuthorBlock;
         }else{
         // else they can't edit
          echo <<<EndGuestBlock
            {key:"SKU"},
            {key:"Quantity"},
            {key:"Item"},
            {key:"Description"}
        ];
        EndGuestBlock;
         }
        ?>

        var myColumnSet = new YAHOO.widget.ColumnSet(myColumnHeaders);

        var myDataSource = new YAHOO.util.DataSource(YAHOO.example.Data.inventory);
        myDataSource.responseType = YAHOO.util.DataSource.TYPE_JSARRAY;
        myDataSource.responseSchema = {
            fields: ["SKU","Quantity","Item","Description"]
        };

        var myDataTable = new YAHOO.widget.DataTable("editing", myColumnSet, myDataSource,{caption:"Example: Inline Editing"});
        myDataTable.subscribe("cellClickEvent",myDataTable.onEventEditCell);
        myDataTable.subscribe("cellMouseoverEvent",myDataTable.onEventHighlightCell);
        myDataTable.subscribe("cellMouseoutEvent",myDataTable.onEventUnhighlightCell);

        var onCellEdit = function(oArgs) {
        /*   

        YAHOO.log("Cell \"" + oArgs.target.id +
                    "\" was updated from \"" + oArgs.oldData + "\" to \"" +
                    oArgs.newData + "\"", "info", this.toString());

        */
        }
        myDataTable.subscribe("cellEditEvent",onCellEdit);

         </script>
        </html>

         


        --- In ydn-javascript@yahoogroups.com, He Colin <colinhe@...> wrote:
        >
        > Hello,
        >
        > I am trying to use Inline Edit feature in Data Table
        > component. but I don't want any one can edit the table
        > content, only some one with privileges can edit the
        > table content. How could I achieve that? Is there any
        > sample codes?
        >
        > Thanks,
        >
        >
        >
        > ____________________________________________________________________________________
        > No need to miss a message. Get email on-the-go
        > with Yahoo! Mail for Mobile. Get started.
        > http://mobile.yahoo.com/mail
        >

      • He Colin
        Hello, Alxeshusta, Very good answers. Thanks, ... http://developer.yahoo.com/yui/examples/datatable/inlineediting.html ...
        Message 3 of 3 , Jul 3, 2007
        • 0 Attachment
          Hello, Alxeshusta,

          Very good answers. Thanks,

          --- alexshusta <alexshusta@...> wrote:

          >
          > Ah, an excellent idea.
          >
          > You'll want to perform a server side check of the
          > users credentials and
          > offer two versions of the DataTable... don't worry
          > it's not difficult.
          > The difference between an editable and non-editable
          > cell is that an
          > editable cell has an "editor" ("textbox" or
          > "textarea") assigned to it
          > and that there's a function set up to handle edit
          > events (got to get the
          > data back to the server somehow).
          >
          > Extending the example from
          >
          http://developer.yahoo.com/yui/examples/datatable/inlineediting.html
          >
          <http://developer.yahoo.com/yui/examples/datatable/inlineediting.html>
          > ... If we're using a PHP back end to prepare the
          > page we could check if
          > the user has a cookie indicating that they are
          > allowed to edit the
          > DataTable. If they do, we insert "editor" values for
          > those fields that
          > are editable. If they don't, we just display the
          > same thing, without the
          > "editor" values.
          >
          > Here's a link to a functioning example:
          > http://www.shusta.org/articles/YUI/cookiePrivs.php
          > <http://www.shusta.org/articles/YUI/cookiePrivs.php>
          >
          > The code from that example follows.
          >
          > ~Alexander
          >
          > <?php
          > /**
          > * @author: Alexander Shusta
          > * Uses extensive code from the YUI example at:
          >
          http://developer.yahoo.com/yui/examples/datatable/inlineediting.html
          >
          <http://developer.yahoo.com/yui/examples/datatable/inlineediting.html>
          > */
          >
          > /**
          > * Example that checks the user's cookies to see if
          > they've been
          > * authorized to edit the DataTable and gives
          > appropriate output
          > * based on that.
          > * NOTE: This is not secure as cookies can be
          > forged if they don't
          > * include the proper countermeasures. See:
          > http://us2.php.net/setcookie
          > <http://us2.php.net/setcookie> for cookies
          > * in PHP, for security with cookies in PHP see:
          >
          http://safari.awprofessional.com/059600656X/phpsec-CHP-4
          >
          <http://safari.awprofessional.com/059600656X/phpsec-CHP-4>
          > */
          > ?>
          > <?php
          > if(!empty($_GET['aCookie'])){
          > // if the user clicked the 'get a cookie' button,
          > set a cookie
          > setcookie("authoringCookie", "true");
          > header('Location: cookiePrivs.php'); //force a
          > reload so the user can
          > immediately user their editing privs
          > }
          > ?>
          > <html>
          > <head>
          > <title>Cookies and PHP and Editing
          > DataTables</title>
          > <!-- Required CSS -->
          > <link type="text/css" rel="stylesheet"
          >
          href="http://yui.yahooapis.com/2.2.2/build/datatable/assets/datatable.cs\
          > s
          >
          <http://yui.yahooapis.com/2.2.2/build/datatable/assets/datatable.css>
          > ">
          > <!-- Dependencies -->
          > <script type="text/javascript"
          >
          src="http://yui.yahooapis.com/2.2.2/build/yahoo-dom-event/yahoo-dom-even\
          > t.js"></script
          >
          <http://yui.yahooapis.com/2.2.2/build/yahoo-dom-event/yahoo-dom-event.js\
          > ">> >
          > <!-- Source files -->
          > <script type="text/javascript"
          >
          src="http://yui.yahooapis.com/2.2.2/build/datasource/datasource-beta-min\
          > .js"></script
          >
          <http://yui.yahooapis.com/2.2.2/build/datasource/datasource-beta-min.js"\
          > >> >
          > <script type="text/javascript"
          >
          src="http://yui.yahooapis.com/2.2.2/build/datatable/datatable-beta-min.j\
          > s"></script
          >
          <http://yui.yahooapis.com/2.2.2/build/datatable/datatable-beta-min.js">>
          > >
          >
          > <style type="text/css">
          > /* custom css*/
          > #editing {margin:1em;}
          > #editing table {border-collapse:collapse;}
          > #editing th, #editing td {border:1px solid
          > #000;padding:.25em;}
          > #editing th
          > {background-color:#696969;color:#fff;}/*dark gray*/
          > #editing .yui-dt-odd {background-color:#eee;}
          > /*light gray*/
          > #editing .yui-dt-editable.yui-dt-highlight
          > {background-color:#BEDAFF;}
          > /*light blue*/
          > </style>
          > </head>
          > <body>
          > <h1>Cookies and PHP and Editing DataTables</h1>
          > <p>On initial load the datatable cannot be
          > edited, but if you click
          > the 'Get an editing privs cookie' button the page
          > will give your browser
          > a cookie that is checked on reload (which
          > conveniently happens
          > immediately). If you've got the cookie you can edit
          > the datatable.</p>
          > <p>A less degenerate example would have the
          > cookie setting and page
          > display on separate pages (like a login page and an
          > editing page), but
          > this was a nice way to get everything into one short
          > file.</p>
          > <form action="cookiePrivs.php" method="GET">
          > <input type="submit" value="Get an editing privs
          > cookie"
          > name="aCookie">
          > </form>
          > <div id="editing"></div>
          > </body>
          > <script type="text/javascript"
          > src="data.js"></script>
          > <script type="text/javascript">
          > <?php
          > /**
          > * This is where you'll differentiate between
          > common visitors
          > * and mighty editors. There are a couple equally
          > valid approaches
          > * at this juncture. I'm going to perform a single
          > cookie check
          > * and emit an entire block of js. Another way to
          > do this is to
          > * escape into PHP from the js and perform an
          > cookie check for each
          > * column (like if there were different cookies
          > that determine edit
          > * access on each column). The single check will
          > result in a lower
          > server
          > * load, though not by much, and a shorter
          > authoring time for the demo.
          > */
          > ?>
          > var myColumnHeaders = [
          > <?php
          > // For info on the weird <<< syntax see:
          >
          http://us2.php.net/manual/en/language.types.string.php#language.types.st\
          > ring.syntax.heredoc
          >
          <http://us2.php.net/manual/en/language.types.string.php#language.types.s\
          > tring.syntax.heredoc>
          > // if the user is an editor
          > if($_COOKIE['authoringCookie'] != null){
          > echo <<<EndAuthorBlock
          > {key:"SKU"},
          > {key:"Quantity",editor:"textbox"},
          > {key:"Item",editor:"textbox"},
          > {key:"Description",editor:"textarea"}
          > ];
          > EndAuthorBlock;
          > }else{
          > // else they can't edit
          > echo <<<EndGuestBlock
          > {key:"SKU"},
          > {key:"Quantity"},
          > {key:"Item"},
          > {key:"Description"}
          > ];
          > EndGuestBlock;
          > }
          > ?>
          >
          > var myColumnSet = new
          > YAHOO.widget.ColumnSet(myColumnHeaders);
          >
          > var myDataSource = new
          > YAHOO.util.DataSource(YAHOO.example.Data.inventory);
          > myDataSource.responseType =
          > YAHOO.util.DataSource.TYPE_JSARRAY;
          > myDataSource.responseSchema = {
          > fields: ["SKU","Quantity","Item","Description"]
          > };
          >
          > var myDataTable = new
          > YAHOO.widget.DataTable("editing", myColumnSet,
          >
          === message truncated ===




          ____________________________________________________________________________________
          Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out.
          http://answers.yahoo.com/dir/?link=list&sid=396545469
        Your message has been successfully submitted and would be delivered to recipients shortly.