//hide loading div break; #------------------------------------------- #CASE change right for a role on a folder via the TM #------------------------------------------- #CASE change right for a role on a folder via the TM case "change_role_via_tm": //get full tree dependencies require_once "NestedTree.class.php"; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); $tree = $tree->getDescendants($_POST['folder'], true); if (isset($_POST['allowed']) and $_POST['allowed'] == 1) { //case where folder was allowed but not any more foreach ($tree as $node) { //Store in DB $db->query_delete('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role'])); } } else { if ($_POST['allowed'] == 0) { //case where folder was not allowed but allowed now foreach ($tree as $node) { //Store in DB $db->query_insert('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role'])); } } } echo 'httpRequest("sources/roles.queries.php","type=rafraichir_matrice");'; echo '$("#div_loading").hide();'; break; } } else {
if ($_POST['key'] == $data[0]) { //Generate and change pw $new_pw = ""; include '../includes/libraries/pwgen/pwgen.class.php'; $pwgen = new PWGen(); $pwgen->setLength(10); $pwgen->setSecure(true); $pwgen->setSymbols(false); $pwgen->setCapitalize(true); $pwgen->setNumerals(true); $new_pw_not_crypted = $pwgen->generate(); $new_pw = encrypt(string_utf8_decode($new_pw_not_crypted)); //update DB $db->query_update("users", array('pw' => $new_pw), "login = '******'login'] . "'"); //Delete recovery in DB $db->query_delete("misc", array('type' => 'password_recovery', 'intitule' => $_POST['login'], 'valeur' => $key)); //Get email $data_user = $db->query_first("SELECT email FROM " . $pre . "users WHERE login = '******'login'] . "'"); $_SESSION['validite_pw'] = false; //load library require_once "../includes/libraries/phpmailer/class.phpmailer.php"; //send to user $mail = new PHPMailer(); $mail->SetLanguage("en", "../includes/libraries/phpmailer/language/"); $mail->IsSMTP(); // send via SMTP $mail->Host = $smtp_server; // SMTP servers $mail->SMTPAuth = $smtp_auth; // turn on SMTP authentication $mail->Username = $smtp_auth_username;
} echo '[ { "error" : "no" } ]'; } else { echo '[ { "error" : "user_exists" } ]'; } break; ## DELETE USER ## ## DELETE USER ## case "delete_user": //Check KEY if ($_POST['key'] != $_SESSION['key']) { exit; } if ($_POST['action'] == "delete") { //delete user in database $db->query_delete('users', array('id' => $_POST['id'])); //delete personal folder and subfolders require_once "NestedTree.class.php"; $tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title'); //Get personal folder ID $data = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_POST['id'] . "' AND personal_folder = 1"); // Get through each subfolder if (!empty($data[0])) { $folders = $tree->getDescendants($data[0], true); foreach ($folders as $folder) { //delete folder $db->query("DELETE FROM " . $pre . "nested_tree WHERE id = '" . $folder->id . "' AND personal_folder = 1"); //delete items & logs $items = $db->fetch_all_array("SELECT id FROM " . $pre . "items WHERE id_tree='" . $folder->id . "' AND perso = 1"); foreach ($items as $item) { //Delete item
//---Manage tags //deleting existing tags for this item $db->query("DELETE FROM " . $pre . "tags WHERE item_id = '" . $data_received['id'] . "'"); //Add new tags $tags = explode(' ', $tags); foreach ($tags as $tag) { if (!empty($tag)) { $db->query_insert('tags', array('item_id' => $data_received['id'], 'tag' => strtolower($tag))); } } //update item $db->query_update('items', array('label' => $label, 'description' => $data_received['description'], 'pw' => $pw, 'login' => $login, 'url' => $url, 'id_tree' => $data_received['categorie'], 'restricted_to' => $data_received['restricted_to'], 'anyone_can_modify' => isset($data_received['anyone_can_modify']) && $data_received['anyone_can_modify'] == "on" ? '1' : '0'), "id='" . $data_received['id'] . "'"); //Manage retriction_to_roles if (isset($data_received['restricted_to_roles'])) { //delete previous values $db->query_delete('restriction_to_roles', array('item_id' => $data_received['id'])); //add roles for item foreach (array_filter(explode(';', $data_received['restricted_to_roles'])) as $role) { $db->query_insert('restriction_to_roles', array('role_id' => $role, 'item_id' => $data_received['id'])); } } //Update CACHE table UpdateCacheTable("update_value", $data_received['id']); //Log all modifications done /*LABEL */ if ($data['label'] != $label) { $db->query_insert('log_items', array('id_item' => $data_received['id'], 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_modification', 'raison' => 'at_label : ' . $data['label'] . ' => ' . $label)); } /*LOGIN */ if ($data['login'] != $login) { $db->query_insert('log_items', array('id_item' => $data_received['id'], 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_modification', 'raison' => 'at_login : '******'login'] . ' => ' . $login));
if ($data[0] == 0) { $cat_id = $db->query_insert("kb_categories", array('category' => mysql_real_escape_string($category))); } else { //get the ID of this existing category $cat_id = $db->fetch_row("SELECT id FROM " . $pre . "kb_categories WHERE category = '" . mysql_real_escape_string($category) . "'"); $cat_id = $cat_id[0]; } if (isset($id) && !empty($id)) { //update KB $new_id = $db->query_update("kb", array('label' => $label, 'description' => $description, 'author_id' => $_SESSION['user_id'], 'category_id' => $cat_id, 'anyone_can_modify' => $anyone_can_modify), "id='" . $id . "'"); } else { //add new KB $new_id = $db->query_insert("kb", array('label' => $label, 'description' => $description, 'author_id' => $_SESSION['user_id'], 'category_id' => $cat_id, 'anyone_can_modify' => $anyone_can_modify)); } //delete all associated items to this KB $db->query_delete("kb_items", array('kb_id' => $new_id)); //add all items associated to this KB foreach (explode(',', $kb_associated_to) as $item_id) { $db->query_insert("kb_items", array('kb_id' => $new_id, 'item_id' => $item_id)); } echo '[ { "status" : "done" } ]'; } else { echo '[ { "status" : "none" } ]'; } break; case "open_kb": $row = $db->query("SELECT k.id AS id, k.label AS label, k.description AS description, k.category_id AS category_id, k.author_id AS author_id, k.anyone_can_modify AS anyone_can_modify,\r\n\t\t\t\t\t\t\tu.login AS login, c.category AS category\r\n\t\t\t\t\t\t\tFROM " . $pre . "kb AS k\r\n\t\t\t\t\t\t\tINNER JOIN " . $pre . "kb_categories AS c ON (c.id = k.category_id)\r\n\t\t\t\t\t\t\tINNER JOIN " . $pre . "users AS u ON (u.id = k.author_id)\r\n\t\t\t\t\t\t\tWHERE k.id = '" . $_POST['id'] . "'\r\n\t\t\t"); $ret = $db->fetch_array($row); //select associated items $rows = $db->fetch_all_array("SELECT item_id\r\n FROM " . $pre . "kb_items\r\n WHERE kb_id = '" . $_POST['id'] . "'\r\n "); $arrOptions = array();
$request_body = file_get_contents('php://input'); $_DELETE = json_decode($request_body, true); if (!isset($_DELETE["appid"])) { $error = array("senchafiddle" => array("error" => "App id is required.")); echo json_encode($error); exit(0); } if (!isset($_DELETE["name"])) { $error = array("senchafiddle" => array("error" => "File name is required.")); echo json_encode($error); exit(0); } $appid = $_DELETE["appid"]; $filename = $_DELETE["name"]; $db->connect(); $deleted = $db->query_delete("files", "name = '" . $db->escape($filename) . "' AND appid = " . $db->escape($appid)); $db->close(); $response = array("success" => $deleted); echo json_encode($response); } elseif ($_SERVER["REQUEST_METHOD"] == "GET") { header('Cache-Control: no-cache, must-revalidate'); header('Content-type: application/json'); $user_token = null; if (isset($_GET['user_token'])) { $user_token = $_GET['user_token']; } if (!isset($_GET['app_token'])) { $response = array("success" => "false", "message" => "App token is required."); echo json_encode($response); exit(0); }