private function load() { global $db; $query = 'id ' . 'from filesystem ' . 'where ' . 'filetype is not null and ' . 'last_change>="' . $_SESSION['last_login'] . '" ' . 'order by last_change'; $db->select($query); $newFilesData = $db->data; $newFiles = array(); foreach ($newFilesData as $index => $fileIdArr) { $newFile = new fs_item($fileIdArr['id']); if ($newFile->right_read()) { $newFiles[] = $newFile; } } $this->files = $newFiles; }
<?php /* * This file is part of Infoschool - a web based school intranet. * Copyright (C) 2006 Maikel Linke */ include 'var.php'; $output->secure(); $rel_to = 0; if (isset($_GET['rel_to'])) { $rel_to = (int) $_GET['rel_to']; } $dir = new fs_item($rel_to); if (!$dir->right_upload()) { redirect('./'); } /* the file variable is named 'file' * 'tmp_name' contains the whole path of the file */ if (isset($_FILES['file']['tmp_name']) && $_FILES['file']['tmp_name'] != '') { $dir->insert_file($_FILES['file']); redirect('./?id=' . $rel_to); } $v['rel_to'] = $rel_to; $v['max_upload_size'] = $max_upload_size; $content = new tmpl('upload.html', $v); $output->out($content);
<?php /* * This file is part of Infoschool - a web based school intranet. * Copyright (C) 2005 Maikel Linke */ include 'var.php'; $output->secure(); $rel_to = 0; if (isset($_GET['rel_to'])) { $rel_to = (int) $_GET['rel_to']; } $parent = new fs_item($rel_to); if (!$parent->right_upload()) { redirect('./'); } if (isset($_POST['dirname'])) { $dirname = $_POST['dirname']; $parent->mkdir($dirname); redirect('./?id=' . $rel_to); } $v['rel_to'] = $rel_to; $content = new tmpl('mkdir.html', $v); $output->out($content);
<?php /* * This file is part of Infoschool - a web based school intranet. * Copyright (C) 2006 Maikel Linke */ include 'var.php'; $output->secure(); $item_id = 0; if (isset($_GET['id'])) { $item_id = (int) $_GET['id']; } $item = new fs_item($item_id); if (!$item->right_read()) { redirect('./'); } if ($item->is_file()) { $item->send(); } else { $item->load_items(); $content = $item->format(); $output->out($content); }
function load_items() { global $db; $rel_to = $this->data['id']; $query = ' fs.id, fs.rel_to, fs.filetype, fs.owner, fs.last_change, fs.name, person.first_name owner_first_name, person.last_name owner_last_name, fs_person.rights person_rights, pg.gid, fs_group.rights group_rights from filesystem as fs left join person on fs.owner=person.id left join filesystem_rights_person as fs_person on fs.rel_to="' . $rel_to . '" and fs.id=fs_person.fs_id and fs_person.person_id="' . $_SESSION['userid'] . '" left join pg on fs_person.id is null and pg.pid="' . $_SESSION['userid'] . '" left join filesystem_rights_group as fs_group on pg.gid is not null and pg.gid=fs_group.group_id and fs.id=fs_group.fs_id where fs.rel_to="' . $rel_to . '"'; $db->select($query); $items_data = $db->data; $item_arrays = array(); foreach ($items_data as $i => $item_data_part) { $item_id = $item_data_part['id']; if (!isset($item_arrays[$item_id])) { $item_arrays[$item_id] = array(); } $item_arrays[$item_id][] = $item_data_part; } $items = array(); foreach ($item_arrays as $i => $item_data) { $item = new fs_item(); $item->upper_dir =& $this; $item->create_data($item_data); $item->merge_upper_rights(); $item->user_rights(); $items[] = $item; } $this->items = $items; }
$r = $right; $r['right_num'] = $i; $r['right_checked'] = array(); if ($right['rights'] & pow(2, $i)) { $r['right_checked'][] = array(); } $right['right'][$i] = $r; } return $right; } $output->secure(); if (!isset($_GET['item'])) { redirect('./'); } $item_id = $_GET['item']; $item = new fs_item($item_id); if (!$item->right_rights()) { redirect('./'); } $changed = false; if (isset($_POST['rights'])) { $item->update_rights($_POST['rights']); $changed = true; } if (isset($_POST['new_rights'])) { $item->create_rights($_POST['new_rights']); $changed = true; } if ($changed) { redirect('rights.php?item=' . $item->data['id']); }
<?php /* * This file is part of Infoschool - a web based school intranet. * Copyright (C) 2005 Maikel Linke */ include 'var.php'; function item_of_right($id, $type) { global $db; $query = 'fs_id from filesystem_rights_' . $type . ' where id="' . $id . '"'; $data = $db->select($query); $entry_id = $db->data[0]['fs_id']; return $entry_id; } $output->secure(); if (!isset($_GET['type'])) { redirect('./'); } $type = $_GET['type']; if ($type != 'group') { $type = 'person'; } $right_id = (int) $_GET['id']; $item_id = item_of_right($right_id, $type); $item = new fs_item($item_id); if (!$item->right_rights()) { redirect('./'); } $item->del_right($right_id, $type); redirect('rights.php?item=' . $item_id);
<?php /* * This file is part of Infoschool - a web based school intranet. * Copyright (C) 2006 Maikel Linke */ include 'var.php'; $output->secure(); if (!isset($_GET['item'])) { redirect('./'); } $item_id = (int) $_GET['item']; $item = new fs_item($item_id); if (!$item->right_delete()) { redirect('./'); } $item->delete(); redirect('./?id=' . $item->data['rel_to']);
function person_rm_files($pid) { include_once '../files/class.php'; global $db; $db->select('id from filesystem where owner="' . $pid . '"'); $items = $db->data; foreach ($items as $i => $item_row) { $fs_item = new fs_item($item_row['id']); if ($fs_item->data['id'] == $item_row['id']) { $fs_item->delete(); } } }