//hide loading div
break;
#-------------------------------------------
#CASE change right for a role on a folder via the TM
#-------------------------------------------
#CASE change right for a role on a folder via the TM
case "change_role_via_tm":
//get full tree dependencies
require_once "NestedTree.class.php";
$tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
$tree = $tree->getDescendants($_POST['folder'], true);
if (isset($_POST['allowed']) and $_POST['allowed'] == 1) {
//case where folder was allowed but not any more
foreach ($tree as $node) {
//Store in DB
$db->query_delete('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role']));
}
} else {
if ($_POST['allowed'] == 0) {
//case where folder was not allowed but allowed now
foreach ($tree as $node) {
//Store in DB
$db->query_insert('roles_values', array('folder_id' => $node->id, 'role_id' => $_POST['role']));
}
}
}
echo 'httpRequest("sources/roles.queries.php","type=rafraichir_matrice");';
echo '$("#div_loading").hide();';
break;
}
} else {
if ($_POST['key'] == $data[0]) {
//Generate and change pw
$new_pw = "";
include '../includes/libraries/pwgen/pwgen.class.php';
$pwgen = new PWGen();
$pwgen->setLength(10);
$pwgen->setSecure(true);
$pwgen->setSymbols(false);
$pwgen->setCapitalize(true);
$pwgen->setNumerals(true);
$new_pw_not_crypted = $pwgen->generate();
$new_pw = encrypt(string_utf8_decode($new_pw_not_crypted));
//update DB
$db->query_update("users", array('pw' => $new_pw), "login = '******'login'] . "'");
//Delete recovery in DB
$db->query_delete("misc", array('type' => 'password_recovery', 'intitule' => $_POST['login'], 'valeur' => $key));
//Get email
$data_user = $db->query_first("SELECT email FROM " . $pre . "users WHERE login = '******'login'] . "'");
$_SESSION['validite_pw'] = false;
//load library
require_once "../includes/libraries/phpmailer/class.phpmailer.php";
//send to user
$mail = new PHPMailer();
$mail->SetLanguage("en", "../includes/libraries/phpmailer/language/");
$mail->IsSMTP();
// send via SMTP
$mail->Host = $smtp_server;
// SMTP servers
$mail->SMTPAuth = $smtp_auth;
// turn on SMTP authentication
$mail->Username = $smtp_auth_username;
}
echo '[ { "error" : "no" } ]';
} else {
echo '[ { "error" : "user_exists" } ]';
}
break;
## DELETE USER ##
## DELETE USER ##
case "delete_user":
//Check KEY
if ($_POST['key'] != $_SESSION['key']) {
exit;
}
if ($_POST['action'] == "delete") {
//delete user in database
$db->query_delete('users', array('id' => $_POST['id']));
//delete personal folder and subfolders
require_once "NestedTree.class.php";
$tree = new NestedTree($pre . 'nested_tree', 'id', 'parent_id', 'title');
//Get personal folder ID
$data = $db->fetch_row("SELECT id FROM " . $pre . "nested_tree WHERE title = '" . $_POST['id'] . "' AND personal_folder = 1");
// Get through each subfolder
if (!empty($data[0])) {
$folders = $tree->getDescendants($data[0], true);
foreach ($folders as $folder) {
//delete folder
$db->query("DELETE FROM " . $pre . "nested_tree WHERE id = '" . $folder->id . "' AND personal_folder = 1");
//delete items & logs
$items = $db->fetch_all_array("SELECT id FROM " . $pre . "items WHERE id_tree='" . $folder->id . "' AND perso = 1");
foreach ($items as $item) {
//Delete item
//---Manage tags
//deleting existing tags for this item
$db->query("DELETE FROM " . $pre . "tags WHERE item_id = '" . $data_received['id'] . "'");
//Add new tags
$tags = explode(' ', $tags);
foreach ($tags as $tag) {
if (!empty($tag)) {
$db->query_insert('tags', array('item_id' => $data_received['id'], 'tag' => strtolower($tag)));
}
}
//update item
$db->query_update('items', array('label' => $label, 'description' => $data_received['description'], 'pw' => $pw, 'login' => $login, 'url' => $url, 'id_tree' => $data_received['categorie'], 'restricted_to' => $data_received['restricted_to'], 'anyone_can_modify' => isset($data_received['anyone_can_modify']) && $data_received['anyone_can_modify'] == "on" ? '1' : '0'), "id='" . $data_received['id'] . "'");
//Manage retriction_to_roles
if (isset($data_received['restricted_to_roles'])) {
//delete previous values
$db->query_delete('restriction_to_roles', array('item_id' => $data_received['id']));
//add roles for item
foreach (array_filter(explode(';', $data_received['restricted_to_roles'])) as $role) {
$db->query_insert('restriction_to_roles', array('role_id' => $role, 'item_id' => $data_received['id']));
}
}
//Update CACHE table
UpdateCacheTable("update_value", $data_received['id']);
//Log all modifications done
/*LABEL */
if ($data['label'] != $label) {
$db->query_insert('log_items', array('id_item' => $data_received['id'], 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_modification', 'raison' => 'at_label : ' . $data['label'] . ' => ' . $label));
}
/*LOGIN */
if ($data['login'] != $login) {
$db->query_insert('log_items', array('id_item' => $data_received['id'], 'date' => mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y')), 'id_user' => $_SESSION['user_id'], 'action' => 'at_modification', 'raison' => 'at_login : '******'login'] . ' => ' . $login));
if ($data[0] == 0) {
$cat_id = $db->query_insert("kb_categories", array('category' => mysql_real_escape_string($category)));
} else {
//get the ID of this existing category
$cat_id = $db->fetch_row("SELECT id FROM " . $pre . "kb_categories WHERE category = '" . mysql_real_escape_string($category) . "'");
$cat_id = $cat_id[0];
}
if (isset($id) && !empty($id)) {
//update KB
$new_id = $db->query_update("kb", array('label' => $label, 'description' => $description, 'author_id' => $_SESSION['user_id'], 'category_id' => $cat_id, 'anyone_can_modify' => $anyone_can_modify), "id='" . $id . "'");
} else {
//add new KB
$new_id = $db->query_insert("kb", array('label' => $label, 'description' => $description, 'author_id' => $_SESSION['user_id'], 'category_id' => $cat_id, 'anyone_can_modify' => $anyone_can_modify));
}
//delete all associated items to this KB
$db->query_delete("kb_items", array('kb_id' => $new_id));
//add all items associated to this KB
foreach (explode(',', $kb_associated_to) as $item_id) {
$db->query_insert("kb_items", array('kb_id' => $new_id, 'item_id' => $item_id));
}
echo '[ { "status" : "done" } ]';
} else {
echo '[ { "status" : "none" } ]';
}
break;
case "open_kb":
$row = $db->query("SELECT k.id AS id, k.label AS label, k.description AS description, k.category_id AS category_id, k.author_id AS author_id, k.anyone_can_modify AS anyone_can_modify,\r\n\t\t\t\t\t\t\tu.login AS login, c.category AS category\r\n\t\t\t\t\t\t\tFROM " . $pre . "kb AS k\r\n\t\t\t\t\t\t\tINNER JOIN " . $pre . "kb_categories AS c ON (c.id = k.category_id)\r\n\t\t\t\t\t\t\tINNER JOIN " . $pre . "users AS u ON (u.id = k.author_id)\r\n\t\t\t\t\t\t\tWHERE k.id = '" . $_POST['id'] . "'\r\n\t\t\t");
$ret = $db->fetch_array($row);
//select associated items
$rows = $db->fetch_all_array("SELECT item_id\r\n FROM " . $pre . "kb_items\r\n WHERE kb_id = '" . $_POST['id'] . "'\r\n ");
$arrOptions = array();
$request_body = file_get_contents('php://input');
$_DELETE = json_decode($request_body, true);
if (!isset($_DELETE["appid"])) {
$error = array("senchafiddle" => array("error" => "App id is required."));
echo json_encode($error);
exit(0);
}
if (!isset($_DELETE["name"])) {
$error = array("senchafiddle" => array("error" => "File name is required."));
echo json_encode($error);
exit(0);
}
$appid = $_DELETE["appid"];
$filename = $_DELETE["name"];
$db->connect();
$deleted = $db->query_delete("files", "name = '" . $db->escape($filename) . "' AND appid = " . $db->escape($appid));
$db->close();
$response = array("success" => $deleted);
echo json_encode($response);
} elseif ($_SERVER["REQUEST_METHOD"] == "GET") {
header('Cache-Control: no-cache, must-revalidate');
header('Content-type: application/json');
$user_token = null;
if (isset($_GET['user_token'])) {
$user_token = $_GET['user_token'];
}
if (!isset($_GET['app_token'])) {
$response = array("success" => "false", "message" => "App token is required.");
echo json_encode($response);
exit(0);
}
