Пример #1
0
function check_write_access($listId = null)
{
    if (have_write_access($listId)) {
        return;
    }
    jsonExit(array('total' => 0, 'list' => array(), 'denied' => 1));
}
Пример #2
0
<?php

/*
	This file is part of myTinyTodo.
	(C) Copyright 2010-2011 Max Pozdeev <*****@*****.**>
	Licensed under the GNU GPL v2 license. See file COPYRIGHT for details.
*/
//$dontStartSession = 1;
require_once './init.php';
$onlyPublishedList = false;
if (!have_write_access()) {
    $onlyPublishedList = true;
}
$listId = (int) _get('list');
$listData = $db->sqa("SELECT * FROM {$db->prefix}lists WHERE id={$listId} " . ($onlyPublishedList ? "AND published=1" : ""));
if (!$listData) {
    die("No such list or access denied");
}
$sqlSort = "ORDER BY compl ASC, ";
if ($listData['sorting'] == 1) {
    $sqlSort .= "prio DESC, ddn ASC, duedate ASC, ow ASC";
} elseif ($listData['sorting'] == 2) {
    $sqlSort .= "ddn ASC, duedate ASC, prio DESC, ow ASC";
} else {
    $sqlSort .= "ow ASC";
}
$data = array();
$q = $db->dq("SELECT *, duedate IS NULL AS ddn FROM {$db->prefix}todolist WHERE list_id={$listId} {$sqlSort}");
while ($r = $q->fetch_assoc($q)) {
    $data[] = $r;
}
Пример #3
0
        $sqlSort .= "d_edited ASC, prio DESC, ow ASC";
    } elseif ($sort == 104) {
        $sqlSort .= "d_edited DESC, prio ASC, ow DESC";
    } else {
        $sqlSort .= "ow ASC";
    }
    $lists = loadLists($db, '');
    $t = array();
    $t['total'] = 0;
    $t['list'] = array();
    $q = $db->dq("SELECT *, duedate IS NULL AS ddn FROM {$db->prefix}todolist {$inner} WHERE 1=1 {$sqlWhere} {$sqlSort}");
    while ($r = $q->fetch_assoc($q)) {
        $t['total']++;
        $t['list'][] = prepareTaskRow($r, $lists);
    }
    if (_get('setCompl') && have_write_access($listId)) {
        $bitwise = _get('compl') == 0 ? 'taskview & ~1' : 'taskview | 1';
        $db->dq("UPDATE {$db->prefix}lists SET taskview={$bitwise} WHERE id={$listId}");
    }
    jsonExit($t);
} elseif (isset($_GET['newTask'])) {
    stop_gpc($_POST);
    $listId = (int) _post('list');
    check_write_access($listId);
    $t = addTask($db, $listId, _post('title'), _post('tag'));
    jsonExit($t);
} elseif (isset($_GET['fullNewTask'])) {
    stop_gpc($_POST);
    $listId = (int) _post('list');
    check_write_access($listId);
    $t = addTask($db, $listId, _post('title'), _post('tag'), _post('note'), _post('prio'), _post('duedate'), _post('tags'));