checkAdmin();
/* verify post */
CheckReferrer();
/* get permissions */
foreach ($_POST as $key => $val) {
    if (substr($key, 0, 5) == "group") {
        if ($val != "0") {
            $perm[substr($key, 5)] = $val;
        }
    }
}
/* save to json */
$update['permissions'] = json_encode($perm);
/* get variables */
$update['action'] = $_POST['action'];
$update['name'] = htmlentities($_POST['name'], ENT_COMPAT | ENT_HTML401, "UTF-8");
//prevent XSS
$update['description'] = htmlentities($_POST['description'], ENT_COMPAT | ENT_HTML401, "UTF-8");
//prevent XSS
$update['id'] = $_POST['id'];
$update['strictMode'] = $_POST['strictMode'];
$update['subnetOrdering'] = $_POST['subnetOrdering'];
if (isset($_POST['delegate'])) {
    if ($_POST['delegate'] == 1) {
        $update['delegate'] = $_POST['delegate'];
    }
}
/* do action! */
if (UpdateSection($update)) {
    print '<div class="alert alert-success">' . _("Section {$update['action']} successful") . '!</div>';
}
Exemplo n.º 2
0
 /**
  * delete section
  */
 public function deleteSection()
 {
     //verications
     if (!isset($this->id)) {
         throw new Exception('Section ID missing');
     }
     //does it exist?
     if (sizeof(getSectionDetailsById($this->id)) == 0) {
         throw new Exception('Section does not exist');
     }
     //create array to write new section
     $newSection = $this->toArray($this);
     //create new section
     $res = UpdateSection($newSection, true);
     //true means from API
     //return result (true/false)
     if (!$res) {
         throw new Exception('Invalid query');
     } else {
         //format response
         return "Section deleted";
     }
 }