require_once 'i18n/i18n.inc.php'; if (Tools::isConnectedUser() && (isset($_POST['action']) || isset($_POST['action']))) { if (isset($_POST['action'])) { if ($_POST['action'] == 'saveProvisionChanges') { if (isset($_SESSION['cmdid'])) { $cmdid = $_SESSION['cmdid']; if (0 != $cmdid) { // <provid>:<isInCheckBudget>, $imploded = Tools::getSecurePOSTStringValue("isInCheckBudgetImploded"); $provisions = Tools::doubleExplode(':', ',', $imploded); try { // save Provision changes foreach ($provisions as $provid => $isInCheckBudget) { $prov = new CommandProvision($provid); // securityCheck: does provid belong to this command ? if ($cmdid == $prov->getCommandId()) { $prov->setIsInCheckBudget($isInCheckBudget); } else { // LOG SECURITY ERROR !! Tools::sendBadRequest("Provision {$provid} does not belong to Command {$cmdid} !"); } } } catch (Exception $e) { Tools::sendBadRequest(T_("Provisions updated FAILED !")); } // write in 'data' echo 'SUCCESS'; } else { Tools::sendBadRequest("Invalid CommandId: 0"); } } else {