}
} else {
echo '<status>' . $error2 . '</status>';
}
} else {
if ($matchg && $matchg[0] != 'g') {
if ($rows != '') {
$nmStr .= ',' . $matchg;
unset($entry[$matchIndex]);
unset($gis[$matchIndex]);
echo '<delGrp><rORw>' . $rORw . '</rORw><g>' . $matchg . '</g></delGrp>';
}
}
if ($rows != '') {
$op = array('CNG' => $dbTable . ':' . $colName . ':CA,NORMAL,' . $nmStr . ',w' . $liveDBTable['owner']);
$gE = groupExe(NULL, NULL, $op);
$ngid = $gE['ngid'];
$newPerm = '{' . $rORw . 'g' . $ngid . ',{' . $rows . '}}';
$entry[] = $newPerm;
echo '<newGrp><rORw>' . $rORw . '</rORw><g>' . 'g' . $ngid . '</g><mems>' . $nmStr . '</mems></newGrp>';
}
}
for ($i = 0; $i < count($delGrps); $i++) {
for ($j = 0; $j < count($gis); $j++) {
if ($delGrps[$i] == $gis[$j]) {
unset($entry[$j]);
}
}
}
$comment = implode(',', $entry);
$qn = $null == 'YES' ? ' NULL ' : ' NOT NULL';
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
require "{$root}/lib/db_login.php";
if (anyDeptSlave($_SESSION['adminLevel'], 'Zc4')) {
$opType = $_POST['opType'];
if ($opType == 'GENSTRUCT') {
header('Content-Type: text/xml');
header('Cache-Control: no-cache');
header('Cache-Control: no-store', false);
echo '<datagrabber>';
$tableType = $_POST['tableType'];
if ($tableType == 'STUMARKS') {
$srcurl = $_POST['srcurl'];
$grpId = $_POST['grpId'];
$dbTable = $_POST['dbTable'];
if (strpos($srcurl, 'manabadi.co.in')) {
$ge = groupExe('g' . $grpId, NULL, NULL);
$objects = $ge['objects'];
$_SESSION['grbr'][$dbTable]['objs'] = $objects;
$_SESSION['grbr'][$dbTable]['srcurl'] = $srcurl;
$modReg = trim($objects[0], 'o');
$query = "SELECT * FROM `objectTable` WHERE `index`=" . $modReg;
$result = mysql_db_query('collegedb2admin', $query, $dbc);
$id = mysql_result($result, 0, 'id');
if ($id) {
require 'HTTP/Request2.php';
$url = str_replace(".htm", '', $srcurl) . '.aspx?htno=' . $id;
$_SESSION['grbr'][$dbTable]['url'] = $url;
$r = new Http_Request2($url);
$r->setMethod(HTTP_Request2::METHOD_GET);
$r->setHeader(array("Referer" => $srcurl, "User-Agent" => "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.4 (KHTML, like Gecko) Chrome/19.0.1077.3 Safari/536.4"));
$r->addCookie('__utma', '264667532.627952658.1331704468.1331704468.1331704468.1');
/* Author: Gowtham */
require 'authorize.php';
require '../inc.php';
header('Content-Type: text/xml');
header('Cache-Control: no-cache');
header('Cache-Control: no-store', false);
echo '<?xml version="1.0" encoding="UTF-8"?><grpManager>';
$gids = explode(',', $_POST['gids']);
$ops = explode(':', $_POST['ops']);
for ($i = 0; $i < count($ops); $i++) {
$j = 0;
while ($ops[$i][$j] != '-' and $ops[$i][$j] != null) {
$op[$i]['op'] .= $ops[$i][$j];
$j++;
}
if ($ops[$i][$j] == '-') {
$j++;
$op[$i]['params'] = substr($ops[$i], $j);
}
$gop[$op[$i]['op']] = $op[$i]['params'];
}
for ($j = 0; $j < count($gids); $j++) {
$gE = groupExe($gids[$j], NULL, $gop);
echo '<grp><g>' . $gids[$j] . '</g><mems>' . implode(',', $gE['members']) . '</mems></grp>';
}
if ($gE['ngid']) {
echo "<ngid>" . $gE['ngid'] . "</ngid>";
}
echo '<status>success</status>';
echo '</grpManager>';
function groupExe($group, $groups, $op)
{
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
require "{$root}/lib/adminScripts/db_login.php";
if ($op['CNG']) {
$op['CNG'] = explode(',', $op['CNG']);
$query = "INSERT INTO groups(`label`,`type`,`members`,`authUnits`)values('" . $op['CNG'][0] . "','" . $op['CNG'][1] . "','" . $op['CNG'][2] . "','" . $op['CNG'][3] . "')";
$result = mysql_query($query, $dbc);
$error .= mysql_error($dbc);
$ngid = mysql_insert_id($dbc);
$grMems['error'] = $error;
$grMems['ngid'] = $ngid;
}
if ($group[0] == 'g') {
$gid = substr($group, 1);
$query = "SELECT * FROM groups WHERE `index`='" . $gid . "'";
$result = mysql_query($query, $dbc);
$error .= mysql_error($dbc);
if (!$error and mysql_result($result, 0, 'index')) {
$authUnits = explode(':', mysql_result($result, 0, 'authUnits'));
for ($i = 0; $i < count($authUnits); $i++) {
if ($authUnits[$i][0] == 'r') {
$rAUs = substr($authUnits[$i], 1);
} elseif ($authUnits[$i][0] == 'w') {
$wAUs = substr($authUnits[$i], 1);
}
}
$rA = authorityResolver($rAUs);
$wA = authorityResolver($wAUs);
$rA = ($rA or $wA);
if ($rA) {
$members = explode(',', mysql_result($result, 0, 'members'));
$initMems = $members;
} else {
$members = array();
}
$memberCount = count($members);
$users = array();
$objects = array();
if ($groups == null) {
$groups = array();
}
$groups[] = $group;
$tasks = array();
$aObjs = array();
$inGpMems = array();
$delGrps = array();
$delMems = array();
$powLessObj = array();
if ($memberCount == 1 and $members[0] == '') {
$members = array();
$memberCount = 0;
}
$users = array();
$objects = array();
$reconGrp = FALSE;
if ($wA) {
foreach ($op as $opType => $entities) {
$entities = explode(',', $entities);
if ($opType == 'udel' or $opType == 'del') {
$entCount = count($entities);
for ($i = 0; $i < $entCount; $i++) {
for ($j = 0; $j < $memberCount; $j++) {
if ($members[$j] == $entities[$i]) {
unset($members[$j]);
$delMems[] = $entities[$i];
$reconGrp = TRUE;
break;
}
}
}
} elseif ($opType == 'add') {
$entCount = count($entities);
for ($i = 0; $i < $entCount; $i++) {
for ($j = 0; $j < $memberCount; $j++) {
if ($members[$j] == $entities[$i]) {
$ae = TRUE;
break;
}
}
if (!$ae) {
$members[] = $entities[$i];
if ($entities[$i][0] == 'u') {
$users[] = substr($entities[$i], 1);
} elseif ($entities[$i][0] == 'o') {
$objects[] = substr($entities[$i], 1);
} elseif ($entities[$i][0] == 'g') {
$groups[] = substr($entities[$i], 1);
} elseif ($entities[$i][0] == 't') {
$tasks[] = substr($entities[$i], 1);
} elseif ($entities[$i][0] == 's') {
$aObjs[] = substr($entities[$i], 1);
}
$memberCount++;
$reconGrp = TRUE;
}
}
} elseif ($opType == 'del') {
}
}
}
if ($rA) {
for ($k = 0; $k < $memberCount; $k++) {
if (!preg_match('/\\./', $members[$k])) {
if ($members[$k][0] == 'u') {
$users[] = $members[$k];
} elseif ($members[$k][0] == 'o') {
$ob = explode('-', substr($members[$k], 1));
$oj = $ob[0];
$i = 0;
do {
$objects[] = 'o' . $oj;
$query = "SELECT `uid` FROM `objectTable` WHERE `index`='" . $oj . "'";
$result = mysql_query($query, $dbc);
$error = mysql_error($dbc);
if (!$error) {
$row = mysql_fetch_row($result);
if ($row[0] != NULL) {
$users[] = 'u' . $row[0];
}
}
$oj++;
} while ($oj <= $ob[1]);
} elseif ($members[$k][0] == 'g') {
$g = substr($members[$k], 1);
for ($i = 0; $i < count($groups); $i++) {
if ($groups[$i] == $g) {
$gEx = true;
}
}
if (!$gEx) {
if ($op['delEmGrp']) {
$cop['delEmGrp'] = TRUE;
}
if ($op['udel']) {
$cop['udel'] = $op['udel'];
$f = groupExe($g, $groups, $cop);
} else {
$f = groupExe($g, $groups, $cop);
}
$users = array_merge($users, $f['users']);
$objects = array_merge($objects, $f['objects']);
$groups = array_merge($groups, $f['groups']);
$tasks = array_merge($tasks, $f['tasks']);
$aObjs = array_merge($aObjs, $f['aObjs']);
$delMems = array_merge($delMems, $f['delMems']);
$powLessObj = array_merge($powLessObj, $f['powLessObj']);
$inGpMems[$members[$k]] = $f['members'];
if ($f['members'] == NULL) {
$emGrps[] = $members[$k];
}
$delGrps = array_merge($delGrps, $f['delGrps']);
$inGpMems['inGpMems'] = $f['inGpMems'];
$error .= $f['error'];
}
} elseif ($members[$k][0] == 't') {
$t = substr($members[$k], 1);
$tasks[] = $members[$k];
$query = "SELECT `worker` FROM tasks WHERE `index`='" . $t . "'";
$result = mysql_query($query, $dbc);
$error .= mysql_error($dbc);
if (!$error and mysql_result($result, 0, 'worker')) {
$oid = mysql_result($result, 0, 'worker');
$query = "SELECT `uid` FROM `objectTable` WHERE `index`='" . $oid . "'";
$result = mysql_query($query, $dbc);
$error .= mysql_error($dbc);
$uid = mysql_result($result, 0, 'uid');
if ($uid) {
$users[] = 'u' . mysql_result($result, 0, 'uid');
}
}
} elseif ($members[$k][0] == 'U') {
$xUsers[] = $members[$k];
} elseif ($members[$k][0] == 'O') {
$xObjects[] = $members[$k];
} elseif ($members[$k][0] == 'G') {
$xGroups[] = $members[$k];
}
} else {
$aMems = explode('.', $members[$k]);
if ($aMems[0][0] == 'o') {
$i++;
$object = substr($aMems[0], 1);
if ($aMems[1][0] == 't') {
$task = substr($aMems[1], 1);
$query = "SELECT worker FROM tasks WHERE `index`='" . $task . "'";
$result = mysql_query($query, $dbc);
$error1 = mysql_error($dbc);
if (!$error1) {
if ($object == mysql_result($result, 0, 'worker')) {
$query = "SELECT `uid`,`adminLevel` FROM `objectTable` WHERE `index`='" . $object . "'";
$result = mysql_query($query, $dbc);
$error1 = mysql_error($dbc);
if (!$error1) {
$user = mysql_result($result, 0, 'uid');
$al = mysql_result($result, 0, 'adminLevel');
$query = "SELECT `adminLevel` FROM `users` WHERE `index`='" . $user . "'";
$result = mysql_query($query, $dbc);
if (authorizeTransit(mysql_result($result, 0, 'adminLevel'), $al)) {
$users[] = 'u' . $row[0];
}
}
if (!$user) {
$powLessObj[] = $members[$k];
} else {
$aObjs[] = $members[$k];
}
}
}
} elseif (TRUE) {
}
}
}
}
}
if ($wA) {
if ($members == NULL) {
$emGrps[] = $group;
}
if ($op['delEmGrps']) {
for ($i = 0; $i < count($emGrps); $i++) {
for ($j = 0; $j < $memberCount; $j++) {
if ($emGrps[$i] == $members[$j]) {
unset($members[$j]);
$reconGrp = true;
break;
}
}
}
for ($i = 0; $i < count($emGrps); $i++) {
$query = "DELETE FROM `groups` WHERE `index`='" . substr($emGrps[$i], 1) . "'";
$result = mysql_query($query, $dbc);
$error2 = mysql_error($dbc);
$delGrps[] = $emGrps[$i];
}
}
}
$users = sortNormArray($users, $xUsers);
$objects = sortNormArray($objects, $xObjects);
$groups = sortNormArray($groups, $xGroups);
$tasks = sortNormArray($tasks, $xTasks);
if ($reconGrp) {
sort($members);
$grpStr = implode(',', $members);
$query = "UPDATE `groups` SET `members`='" . $grpStr . "' WHERE `index`='" . $gid . "'";
$result = mysql_query($query, $dbc);
$error1 = mysql_error($dbc);
if ($error1) {
$error .= $error1;
}
}
if ($initMems != $members) {
$grMems['grMod'] = TRUE;
}
$grMems['users'] = $users;
$grMems['objects'] = $objects;
$grMems['groups'] = $groups;
$grMems['tasks'] = $tasks;
$grMems['aObjs'] = $aObjs;
$grMems['error'] = $error;
$grMems['members'] = $members;
$grMems['inGpMems'] = $inGpMems;
$grMems['delGrps'] = $delGrps;
$grMems['delMems'] = $delMems;
$grMems['powLessObj'] = $powLessObj;
if ($reconGrp) {
if (!$error1) {
$queryts = "UPDATE `groups` SET `members`=now() WHERE `index`='" . $group . "'";
$resultts = mysql_query($queryts, $GLOBALS['timestampLink']);
$errorts = mysql_error($GLOBALS['timestampLink']);
$queryu = "UPDATE `groups` SET `members`='" . $_SESSION['uid'] . "' WHERE `index`='" . $group . "'";
$resultu = mysql_query($queryu, $GLOBALS['uidLink']);
$erroru = mysql_error($GLOBALS['uidLink']);
}
}
} else {
$grMems['delGrps'] = array($group);
}
} else {
$grMems['members'] = array($group);
}
include '../adminScripts/db_logout.php';
return $grMems;
}