/**
* Used when checking if there is a client or user logged in via cookie.
*
* @see check_for_session
*/
function check_valid_cookie()
{
if (isset($_COOKIE['password']) && isset($_COOKIE['loggedin']) && isset($_COOKIE['userlevel'])) {
$cookie_pass = mysql_real_escape_string($_COOKIE['password']);
$cookie_user = mysql_real_escape_string($_COOKIE['loggedin']);
$cookie_level = mysql_real_escape_string($_COOKIE['userlevel']);
/**
* Compare the cookies to the database information. Level
* and active are compared in case the cookie exists but
* the client has been deactivated, or the user level has
* changed.
*/
$sql_cookie = mysql_query("SELECT * FROM tbl_users WHERE user='******' AND password='******' AND level='{$cookie_level}' AND active = '1'");
$count = mysql_num_rows($sql_cookie);
if ($count > 0) {
if (!isset($_SESSION['loggedin'])) {
/** Set SESSION values */
$_SESSION['loggedin'] = $_COOKIE['loggedin'];
$_SESSION['userlevel'] = $_COOKIE['userlevel'];
$_SESSION['access'] = $_COOKIE['access'];
while ($row = mysql_fetch_array($sql_cookie)) {
$log_id = $row['id'];
$log_name = $row['name'];
}
/** Record the action log */
$new_log_action = new LogActions();
$log_action_args = array('action' => 24, 'owner_id' => $log_id, 'owner_user' => $log_name);
$new_record_action = $new_log_action->log_action_save($log_action_args);
}
return true;
}
}
}
/**
* Used when checking if there is a client or user logged in via cookie.
*
* @see check_for_session
*/
function check_valid_cookie()
{
global $dbh;
if (isset($_COOKIE['password']) && isset($_COOKIE['loggedin']) && isset($_COOKIE['userlevel'])) {
$statement = $dbh->prepare("SELECT * FROM " . TABLE_USERS . " WHERE user= :cookie_user AND password= :cookie_pass AND level= :cookie_level AND active = '1'");
$statement->execute(array(':cookie_user' => $_COOKIE['loggedin'], ':cookie_pass' => $_COOKIE['password'], ':cookie_level' => $_COOKIE['userlevel']));
$count = $statement->rowCount();
/**
* Compare the cookies to the database information. Level
* and active are compared in case the cookie exists but
* the client has been deactivated, or the user level has
* changed.
*/
if ($count > 0) {
if (!isset($_SESSION['loggedin'])) {
/** Set SESSION values */
$_SESSION['loggedin'] = $_COOKIE['loggedin'];
$_SESSION['userlevel'] = $_COOKIE['userlevel'];
$_SESSION['access'] = $_COOKIE['access'];
$statement->setFetchMode(PDO::FETCH_ASSOC);
while ($row = $statement->fetch()) {
$log_id = $row['id'];
$log_name = $row['name'];
}
/** Record the action log */
$new_log_action = new LogActions();
$log_action_args = array('action' => 24, 'owner_id' => $log_id, 'owner_user' => $log_name);
$new_record_action = $new_log_action->log_action_save($log_action_args);
}
return true;
}
}
}
/**
* Receives the data from any of the 2 clear assignments functions
*/
private function delete_assignments($arguments)
{
global $database;
$this->clients = $arguments['clients'];
$this->groups = $arguments['groups'];
$this->owner_id = $arguments['owner_id'];
/**
* Get a list of clients names for the log
*/
if (!empty($this->clients)) {
$this->delete_clients = implode(',', array_unique($this->clients));
$this->clients_names_query = "SELECT id, name FROM tbl_users WHERE id IN ({$this->delete_clients})";
$this->clients_names_sql = $database->query($this->clients_names_query);
while ($this->crow = mysql_fetch_array($this->clients_names_sql)) {
$this->clients_names[$this->crow['id']] = $this->crow['name'];
}
$this->clean_query = "DELETE FROM tbl_files_relations WHERE file_id = '{$this->file_id}' AND client_id IN ({$this->delete_clients})";
$this->clean_sql = $database->query($this->clean_query);
/** Record the action log */
foreach ($this->clients as $this->deleted_client) {
$new_log_action = new LogActions();
$log_action_args = array('action' => 10, 'owner_id' => $this->owner_id, 'affected_file' => $this->file_id, 'affected_file_name' => $this->file_name, 'affected_account' => $this->deleted_client, 'affected_account_name' => $this->clients_names[$this->deleted_client]);
$new_record_action = $new_log_action->log_action_save($log_action_args);
}
}
/**
* Get a list of groups names for the log
*/
if (!empty($this->groups)) {
$this->delete_groups = implode(',', array_unique($this->groups));
$this->groups_names_query = "SELECT id, name FROM tbl_groups WHERE id IN ({$this->delete_groups})";
$this->groups_names_sql = $database->query($this->groups_names_query);
while ($this->grow = mysql_fetch_array($this->groups_names_sql)) {
$this->groups_names[$this->grow['id']] = $this->grow['name'];
}
$this->clean_query = "DELETE FROM tbl_files_relations WHERE file_id = '{$this->file_id}' AND group_id IN ({$this->delete_groups})";
$this->clean_sql = $database->query($this->clean_query);
/** Record the action log */
foreach ($this->groups as $this->deleted_group) {
$new_log_action = new LogActions();
$log_action_args = array('action' => 11, 'owner_id' => $this->owner_id, 'affected_file' => $this->file_id, 'affected_file_name' => $this->file_name, 'affected_account' => $this->deleted_group, 'affected_account_name' => $this->groups_names[$this->deleted_group]);
$new_record_action = $new_log_action->log_action_save($log_action_args);
}
}
}
* 3- Hide for everyone if checked
*/
if (!empty($file['hideall'])) {
$this_file = new FilesActions();
$hide_file = $this_file->hide_for_everyone($this_file_id);
}
/**
* 4- Add the notifications to the database
*/
if ($send_notifications == true) {
$process_notifications = $this_upload->upload_add_notifications($add_arguments);
}
}
$new_log_action = new LogActions();
$log_action_args = array('action' => $action_log_number, 'owner_id' => $global_id, 'owner_user' => $global_user, 'affected_file' => $process_file['new_file_id'], 'affected_file_name' => $file['name']);
$new_record_action = $new_log_action->log_action_save($log_action_args);
$msg = __('The file has been edited succesfuly.', 'cftp_admin');
echo system_message('ok', $msg);
include ROOT_DIR . '/upload-send-notifications.php';
}
}
}
}
/** Validations OK, show the editor */
?>
<form action="edit-file.php?file_id=<?php
echo $this_file_id;
?>
" method="post" name="edit_file" id="edit_file">
<?php
/** Reconstruct the current assignments arrays */
function logout()
{
header("Cache-control: private");
unset($_SESSION['loggedin']);
unset($_SESSION['access']);
unset($_SESSION['userlevel']);
session_destroy();
/** If there is a cookie, unset it */
setcookie("loggedin", "", time() - COOKIE_EXP_TIME);
setcookie("password", "", time() - COOKIE_EXP_TIME);
setcookie("access", "", time() - COOKIE_EXP_TIME);
setcookie("userlevel", "", time() - COOKIE_EXP_TIME);
/** Record the action log */
$new_log_action = new LogActions();
$log_action_args = array('action' => 31, 'owner_id' => $logged_id, 'affected_account_name' => $global_name);
$new_record_action = $new_log_action->log_action_save($log_action_args);
header("location:index.php");
}
/**
* Receives the data from any of the 2 clear assignments functions
*/
private function delete_assignments($arguments)
{
$this->clients = $arguments['clients'];
$this->groups = $arguments['groups'];
$this->owner_id = $arguments['owner_id'];
/**
* Get a list of clients names for the log
*/
if (!empty($this->clients)) {
$this->delete_clients = implode(',', array_unique($this->clients));
$this->statement = $this->dbh->prepare("SELECT id, name FROM " . TABLE_USERS . " WHERE FIND_IN_SET(id, :clients)");
$this->statement->bindParam(':clients', $this->delete_clients);
$this->statement->execute();
$this->statement->setFetchMode(PDO::FETCH_ASSOC);
while ($this->row = $this->statement->fetch()) {
$this->clients_names[$this->row['id']] = $this->row['name'];
}
/** Remove existing assignments of this file/clients */
$this->statement = $this->dbh->prepare("DELETE FROM " . TABLE_FILES_RELATIONS . " WHERE file_id = :file_id AND FIND_IN_SET(client_id, :clients)");
$this->statement->bindParam(':file_id', $this->file_id, PDO::PARAM_INT);
$this->statement->bindParam(':clients', $this->delete_clients);
$this->statement->execute();
/** Record the action log */
foreach ($this->clients as $this->deleted_client) {
$new_log_action = new LogActions();
$log_action_args = array('action' => 10, 'owner_id' => $this->owner_id, 'affected_file' => $this->file_id, 'affected_file_name' => $this->file_name, 'affected_account' => $this->deleted_client, 'affected_account_name' => $this->clients_names[$this->deleted_client]);
$new_record_action = $new_log_action->log_action_save($log_action_args);
}
}
/**
* Get a list of groups names for the log
*/
if (!empty($this->groups)) {
$this->delete_groups = implode(',', array_unique($this->groups));
$this->statement = $this->dbh->prepare("SELECT id, name FROM " . TABLE_GROUPS . " WHERE FIND_IN_SET(id, :groups)");
$this->statement->bindParam(':groups', $this->delete_groups);
$this->statement->execute();
$this->statement->setFetchMode(PDO::FETCH_ASSOC);
while ($this->row = $this->statement->fetch()) {
$this->groups_names[$this->row['id']] = $this->row['name'];
}
/** Remove existing assignments of this file/groups */
$this->statement = $this->dbh->prepare("DELETE FROM " . TABLE_FILES_RELATIONS . " WHERE file_id = :file_id AND FIND_IN_SET(group_id, :groups)");
$this->statement->bindParam(':file_id', $this->file_id, PDO::PARAM_INT);
$this->statement->bindParam(':groups', $this->delete_groups);
$this->statement->execute();
/** Record the action log */
foreach ($this->groups as $this->deleted_group) {
$new_log_action = new LogActions();
$log_action_args = array('action' => 11, 'owner_id' => $this->owner_id, 'affected_file' => $this->file_id, 'affected_file_name' => $this->file_name, 'affected_account' => $this->deleted_group, 'affected_account_name' => $this->groups_names[$this->deleted_group]);
$new_record_action = $new_log_action->log_action_save($log_action_args);
}
}
}