function unassign_file($file_id, $modify_type, $modify_id)
{
$this->check_level = array(9, 8, 7);
if (isset($file_id)) {
/** Do a permissions check */
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$this->sql = $this->dbh->prepare("DELETE FROM " . TABLE_FILES_RELATIONS . " WHERE file_id = :file_id AND {$modify_type} = :modify_id");
$this->sql->bindParam(':file_id', $file_id, PDO::PARAM_INT);
$this->sql->bindParam(':modify_id', $modify_id, PDO::PARAM_INT);
$this->sql->execute();
}
}
}
* Count the files assigned to this client. If there is none, show
* an error message.
*/
$sql = $database->query($files_query);
$count = mysql_num_rows($sql);
if (!$count) {
$no_results_error = 'id_not_exists';
}
/**
* Continue if client exists and has files under his account.
*/
while ($row = mysql_fetch_array($sql)) {
$edit_file_info['url'] = $row['url'];
$edit_file_info['id'] = $row['id'];
$edit_file_allowed = array(7, 0);
if (in_session_or_cookies($edit_file_allowed)) {
if ($row['uploader'] != $global_user) {
$no_results_error = 'not_uploader';
}
}
}
}
/** Show the error if it is defined */
if (isset($no_results_error)) {
switch ($no_results_error) {
case 'no_id_passed':
$no_results_message = __('Please go to the clients or groups administration page, select "Manage files" from any client and then click on "Edit" on any file to return here.', 'cftp_admin');
break;
case 'id_not_exists':
$no_results_message = __('There is not file with that ID number.', 'cftp_admin');
break;
/**
* Check if the ProjectSend is installed. Done only on the log in form
* page since all other are inaccessible if no valid session or cookie
* is set.
*/
if (!is_projectsend_installed()) {
header("Location:install/index.php");
exit;
}
/**
* This is defined on the public download page.
* So even logged in users can access it.
*/
if (!isset($dont_redirect_if_logged)) {
/** If logged as a system user, go directly to the back-end homepage */
if (in_session_or_cookies($allowed_levels)) {
header("Location:" . BASE_URI . "home.php");
}
/** If client is logged in, redirect to the files list. */
check_for_client();
}
/**
* Silent updates that are needed even if no user is logged in.
*/
require_once ROOT_DIR . '/includes/core.update.silent.php';
?>
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]-->
<?php
/**
* This file is called on header.php and checks the database to see
* if it up to date with the current software version.
*
* In case you are updating from an old one, the new values, columns
* and rows will be created, and a message will appear under the menu
* one time only.
*
* @package ProjectSend
* @subpackage Updates
*/
$allowed_update = array(9, 8, 7);
if (in_session_or_cookies($allowed_update)) {
/** Remove "r" from version */
$current_version = substr(CURRENT_VERSION, 1);
$updates_made = 0;
$updates_errors = 0;
$updates_error_messages = array();
/**
* Check for updates only if the option exists.
*/
if (defined('VERSION_LAST_CHECK')) {
/**
* Compare the date for the last checked with
* today's. Checks are done only once per day.
*/
$today = date('d-m-Y');
$today_timestamp = strtotime($today);
if (VERSION_LAST_CHECK != $today) {
/**
* Delete an existing group.
*/
function delete_group($group)
{
global $database;
$this->check_level = array(9, 8);
if (isset($group)) {
/** Do a permissions check */
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$this->sql = $database->query('DELETE FROM tbl_groups WHERE id="' . $group . '"');
}
}
}
/**
* Mark the client as active or inactive.
*/
function change_client_active_status($client_id, $change_to)
{
global $database;
$this->check_level = array(9, 8);
if (isset($client_id)) {
/** Do a permissions check */
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$this->sql = $database->query('UPDATE tbl_users SET active=' . $change_to . ' WHERE id="' . $client_id . '"');
}
}
}
</a></li>
</ul>
</li>
<?php
}
?>
<li class="divider-vertical">
<?php
/**
* Show the OPTIONS menu only to
* System administrators
*/
$options_allowed = array(9);
if (in_session_or_cookies($options_allowed)) {
?>
<li class="dropdown <?php
if (!empty($active_nav) && $active_nav == 'options') {
?>
active<?php
}
?>
">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><?php
_e('Options', 'cftp_admin');
?>
<b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="<?php
echo BASE_URI;
/**
* Mark the user as active or inactive.
*/
function change_user_active_status($user_id, $change_to)
{
$this->check_level = array(9);
if (isset($user_id)) {
/** Do a permissions check */
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$this->sql = $this->dbh->prepare('UPDATE ' . TABLE_USERS . ' SET active=:active_state WHERE id=:id');
$this->sql->bindParam(':active_state', $change_to, PDO::PARAM_INT);
$this->sql->bindParam(':id', $user_id, PDO::PARAM_INT);
$this->sql->execute();
}
}
}
/**
* Delete an existing group.
*/
function delete_group($group)
{
$this->check_level = array(9, 8);
if (isset($group)) {
/** Do a permissions check */
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$this->sql = $this->dbh->prepare('DELETE FROM ' . TABLE_GROUPS . ' WHERE id=:id');
$this->sql->bindParam(':id', $group, PDO::PARAM_INT);
$this->sql->execute();
}
}
}
function get_downloaders()
{
$this->check_level = array(9, 8, 7);
if (isset($_GET['sys_user']) && isset($_GET['file_id'])) {
// do a permissions check for logged in user
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$file_id = (int) $_GET['file_id'];
$current_level = get_current_user_level();
$this->sql = $this->database->query('SELECT id, uploader, filename FROM tbl_files WHERE id="' . $file_id . '"');
$this->row = mysql_fetch_array($this->sql);
$this->uploader = $this->row['uploader'];
/** Uploaders can only generate this for their own files */
if ($current_level == '7') {
if ($this->uploader != $_GET['sys_user']) {
ob_clean();
flush();
_e("You don't have the required permissions to view the requested information about this file.", 'cftp_admin');
exit;
}
}
$this->filename = $this->row['filename'];
$this->sql_who = $this->database->query('SELECT user_id, COUNT(*) AS downloads FROM tbl_downloads WHERE file_id="' . $file_id . '" GROUP BY user_id');
while ($this->wrow = mysql_fetch_array($this->sql_who)) {
$this->downloaders_ids[] = $this->wrow['user_id'];
$this->downloaders_count[$this->wrow['user_id']] = $this->wrow['downloads'];
}
$this->users_ids = implode(',', array_unique(array_filter($this->downloaders_ids)));
$this->downloaders_list = array();
$this->sql_who = $this->database->query("SELECT id, name, email, level FROM tbl_users WHERE id IN ({$this->users_ids})");
$i = 0;
while ($this->urow = mysql_fetch_array($this->sql_who)) {
$this->downloaders_list[$i] = array('name' => $this->urow['name'], 'email' => $this->urow['email']);
$this->downloaders_list[$i]['type'] = $this->urow['name'] == 0 ? 'client' : 'user';
$this->downloaders_list[$i]['count'] = isset($this->downloaders_count[$this->urow['id']]) ? $this->downloaders_count[$this->urow['id']] : null;
$i++;
}
ob_clean();
flush();
echo json_encode($this->downloaders_list);
}
}
}
data: [
[1, <?php
echo $total_files;
?>
],
[2, <?php
echo $total_clients;
?>
],
[3, <?php
echo $total_groups;
?>
]
<?php
$log_allowed = array(9);
if (in_session_or_cookies($log_allowed)) {
?>
,[4, <?php
echo $total_users;
?>
]
<?php
$show_log = true;
}
?>
]
}
], {
series:{
bars:{show: true}
},
function get_downloaders()
{
$this->check_level = array(9, 8, 7);
if (isset($_GET['sys_user']) && isset($_GET['file_id'])) {
// do a permissions check for logged in user
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$file_id = (int) $_GET['file_id'];
$current_level = get_current_user_level();
$this->statement = $this->dbh->prepare("SELECT id, uploader, filename FROM " . TABLE_FILES . " WHERE id=:file_id");
$this->statement->bindParam(':file_id', $file_id, PDO::PARAM_INT);
$this->statement->execute();
$this->statement->setFetchMode(PDO::FETCH_ASSOC);
$this->row = $this->statement->fetch();
$this->uploader = $this->row['uploader'];
/** Uploaders can only generate this for their own files */
if ($current_level == '7') {
if ($this->uploader != $_GET['sys_user']) {
ob_clean();
flush();
_e("You don't have the required permissions to view the requested information about this file.", 'cftp_admin');
exit;
}
}
$this->filename = $this->row['filename'];
$this->sql_who = $this->dbh->prepare("SELECT user_id, COUNT(*) AS downloads FROM " . TABLE_DOWNLOADS . " WHERE file_id=:file_id GROUP BY user_id");
$this->sql_who->bindParam(':file_id', $file_id, PDO::PARAM_INT);
$this->sql_who->execute();
$this->sql_who->setFetchMode(PDO::FETCH_ASSOC);
while ($this->wrow = $this->sql_who->fetch()) {
$this->downloaders_ids[] = $this->wrow['user_id'];
$this->downloaders_count[$this->wrow['user_id']] = $this->wrow['downloads'];
}
$this->users_ids = implode(',', array_unique(array_filter($this->downloaders_ids)));
$this->downloaders_list = array();
$this->sql_who = $this->dbh->prepare("SELECT id, name, email, level FROM " . TABLE_USERS . " WHERE FIND_IN_SET(id,:users)");
$this->sql_who->bindParam(':users', $this->users_ids);
$this->sql_who->execute();
$this->sql_who->setFetchMode(PDO::FETCH_ASSOC);
$i = 0;
while ($this->urow = $this->sql_who->fetch()) {
$this->downloaders_list[$i] = array('name' => $this->urow['name'], 'email' => $this->urow['email']);
$this->downloaders_list[$i]['type'] = $this->urow['name'] == 0 ? 'client' : 'user';
$this->downloaders_list[$i]['count'] = isset($this->downloaders_count[$this->urow['id']]) ? $this->downloaders_count[$this->urow['id']] : null;
$i++;
}
ob_clean();
flush();
echo json_encode($this->downloaders_list);
}
}
}
function unassign_file($file_id)
{
global $database;
$this->check_level = array(9, 8, 7);
if (isset($file_id)) {
/** Do a permissions check */
if (isset($this->check_level) && in_session_or_cookies($this->check_level)) {
$this->sql = $database->query('DELETE FROM tbl_files_relations WHERE id="' . $file_id . '"');
}
}
}
