* eLabFTW is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied * * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR * * PURPOSE. See the GNU Affero General Public License for more details. * * * * You should have received a copy of the GNU Affero General Public * * License along with eLabFTW. If not, see <http://www.gnu.org/licenses/>. * * * ********************************************************************************/ /* sysconfig-exec.php - for the sysadmin */ require_once '../inc/common.php'; // only sysadmin can use this if ($_SESSION['is_sysadmin'] != 1 || $_SERVER['REQUEST_METHOD'] != 'POST') { die(_('This section is out of your reach.')); } $sysconfig = new \Elabftw\Elabftw\SysConfig(); $crypto = new \Elabftw\Elabftw\CryptoWrapper(); $msg_arr = array(); $errflag = false; $tab = '1'; // TAB 1 : ADD A NEW TEAM if (isset($_POST['new_team']) && $_POST['new_team'] != '' && $_POST['new_team'] != ' ') { $tab = '1'; $new_team_name = filter_var($_POST['new_team'], FILTER_SANITIZE_STRING); if (!$sysconfig->addTeam($new_team_name)) { $errflag = true; $errnum = '5'; } } // END TAB 1 // TAB 2 : SERVER
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with eLabFTW. If not, see <http://www.gnu.org/licenses/>. * ********************************************************************************/ require_once '../inc/common.php'; // check id if (is_pos_int($_POST['id'])) { $id = $_POST['id']; } else { die(_("The id parameter is not valid!")); } // we update the name of a team via sysconfig.php if (isset($_POST['team_name'])) { $sysconfig = new \Elabftw\Elabftw\SysConfig(); if (!$sysconfig->editTeam($id, $_POST['team_name'])) { echo 'Error updating team name'; } exit; } // we only update status if (isset($_POST['status'])) { if (is_pos_int($_POST['status'])) { $status = $_POST['status']; } else { exit; } $sql = "UPDATE experiments \n SET status = :status \n WHERE userid = :userid \n AND id = :id"; $req = $pdo->prepare($sql); $result = $req->execute(array('status' => $status, 'userid' => $_SESSION['userid'], 'id' => $id));