<?php if (!isset($_REQUEST['cid']) || !isset($_REQUEST['id']) || !isset($_REQUEST['pass'])) { die('Invalid usage'); } $cid = $_REQUEST['cid']; $id = $_REQUEST['id']; $pass = $_REQUEST['pass']; define('CID', $cid); define('READ_ONLY_SESSION', false); require_once '../../../include.php'; ModuleManager::load_modules(); $row = Utils_RecordBrowserCommon::get_record('utils_attachment', $id); if (!Utils_RecordBrowserCommon::get_access('utils_attachment', 'view', $row)) { die(json_encode(array('error' => __('Access denied')))); } $decoded = Utils_AttachmentCommon::decrypt($row['note'], $pass); if ($decoded !== false) { $_SESSION['client']['cp' . $row['id']] = $pass; ob_start(); $note = Utils_AttachmentCommon::display_note($row, false, null, 'utils_attachment', true); $note = ob_get_clean() . $note; die(json_encode(array('note' => $note, 'js' => Epesi::get_output()))); } die(json_encode(array('error' => __('Invalid password'))));