Пример #1
0
        if ($dbSlideshowChk['cnt'] != count($_REQUEST['shows'])) {
            access_deny();
        }
    }
}
$_REQUEST['go'] = get_request('go', 'none');
/*
 * Actions
 */
if (isset($_REQUEST['clone']) && isset($_REQUEST['slideshowid'])) {
    unset($_REQUEST['slideshowid']);
    $_REQUEST['form'] = 'clone';
} elseif (isset($_REQUEST['save'])) {
    if (isset($_REQUEST['slideshowid'])) {
        DBstart();
        $result = update_slideshow($_REQUEST['slideshowid'], $_REQUEST['name'], $_REQUEST['delay'], get_request('slides', array()));
        $result = DBend($result);
        $audit_action = AUDIT_ACTION_UPDATE;
        show_messages($result, _('Slide show updated'), _('Cannot update slide show'));
    } else {
        DBstart();
        $slideshowid = add_slideshow($_REQUEST['name'], $_REQUEST['delay'], get_request('slides', array()));
        $result = DBend($slideshowid);
        $audit_action = AUDIT_ACTION_ADD;
        show_messages($result, _('Slide show added'), _('Cannot add slide show'));
    }
    if ($result) {
        add_audit($audit_action, AUDIT_RESOURCE_SLIDESHOW, ' Name "' . $_REQUEST['name'] . '" ');
        unset($_REQUEST['form'], $_REQUEST['slideshowid']);
        clearCookies($result);
    }
Пример #2
0
    $_REQUEST['private'] = PRIVATE_SHARING;
    $_REQUEST['userid'] = CWebUser::$data['userid'];
} elseif (hasRequest('add') || hasRequest('update')) {
    DBstart();
    if (hasRequest('update')) {
        $data = ['slideshowid' => getRequest('slideshowid'), 'name' => getRequest('name'), 'delay' => getRequest('delay'), 'slides' => getRequest('slides', []), 'userid' => getRequest('userid', ''), 'private' => getRequest('private'), 'users' => getRequest('users', []), 'userGroups' => getRequest('userGroups', [])];
        // Only administrators can set slide show owner.
        if (CWebUser::getType() == USER_TYPE_ZABBIX_USER) {
            unset($data['userid']);
        } elseif (CWebUser::getType() == USER_TYPE_ZABBIX_ADMIN && $data['userid'] === '') {
            $user_exist = API::User()->get(['output' => ['userid'], 'userids' => [$data['userid']]]);
            if (!$user_exist) {
                unset($data['userid']);
            }
        }
        $result = update_slideshow($data);
        $messageSuccess = _('Slide show updated');
        $messageFailed = _('Cannot update slide show');
        $auditAction = AUDIT_ACTION_UPDATE;
    } else {
        $result = add_slideshow(['name' => getRequest('name'), 'delay' => getRequest('delay'), 'slides' => getRequest('slides', []), 'userid' => getRequest('userid'), 'private' => getRequest('private'), 'users' => getRequest('users', []), 'userGroups' => getRequest('userGroups', [])]);
        $messageSuccess = _('Slide show added');
        $messageFailed = _('Cannot add slide show');
        $auditAction = AUDIT_ACTION_ADD;
    }
    if ($result) {
        add_audit($auditAction, AUDIT_RESOURCE_SLIDESHOW, ' Name "' . getRequest('name') . '" ');
        unset($_REQUEST['form'], $_REQUEST['slideshowid']);
    }
    $result = DBend($result);
    if ($result) {
Пример #3
0
} else {
    if (isset($_REQUEST['slideshowid'])) {
        if (!slideshow_accessible($_REQUEST['slideshowid'], PERM_READ_WRITE)) {
            access_deny();
        }
    }
    if (isset($_REQUEST['clone']) && isset($_REQUEST['slideshowid'])) {
        unset($_REQUEST['slideshowid']);
        $_REQUEST['form'] = 'clone';
    } else {
        if (isset($_REQUEST['save'])) {
            $slides = get_request('steps', array());
            if (isset($_REQUEST['slideshowid'])) {
                /* update */
                DBstart();
                update_slideshow($_REQUEST['slideshowid'], $_REQUEST['name'], $_REQUEST['delay'], $slides);
                $result = DBend();
                $audit_action = AUDIT_ACTION_UPDATE;
                show_messages($result, S_SLIDESHOW_UPDATED, S_CANNOT_UPDATE_SLIDESHOW);
            } else {
                /* add */
                DBstart();
                add_slideshow($_REQUEST['name'], $_REQUEST['delay'], $slides);
                $result = DBend();
                $audit_action = AUDIT_ACTION_ADD;
                show_messages($result, S_SLIDESHOW_ADDED, S_CANNOT_ADD_SLIDESHOW);
            }
            if ($result) {
                add_audit($audit_action, AUDIT_RESOURCE_SLIDESHOW, " Name [" . $_REQUEST['name'] . "] ");
                unset($_REQUEST['form'], $_REQUEST['slideshowid']);
            }
Пример #4
0
        $dbSlideshowCount = DBfetch(DBselect('SELECT COUNT(*) AS cnt FROM slideshows s WHERE ' . dbConditionInt('s.slideshowid', getRequest('shows'))));
        if ($dbSlideshowCount['cnt'] != count(getRequest('shows'))) {
            access_deny();
        }
    }
}
/*
 * Actions
 */
if (isset($_REQUEST['clone']) && isset($_REQUEST['slideshowid'])) {
    unset($_REQUEST['slideshowid']);
    $_REQUEST['form'] = 'clone';
} elseif (hasRequest('add') || hasRequest('update')) {
    DBstart();
    if (hasRequest('update')) {
        $result = update_slideshow(getRequest('slideshowid'), getRequest('name'), getRequest('delay'), getRequest('slides', array()));
        $messageSuccess = _('Slide show updated');
        $messageFailed = _('Cannot update slide show');
        $auditAction = AUDIT_ACTION_UPDATE;
    } else {
        $result = add_slideshow(getRequest('name'), getRequest('delay'), getRequest('slides', array()));
        $messageSuccess = _('Slide show added');
        $messageFailed = _('Cannot add slide show');
        $auditAction = AUDIT_ACTION_ADD;
    }
    if ($result) {
        add_audit($auditAction, AUDIT_RESOURCE_SLIDESHOW, ' Name "' . getRequest('name') . '" ');
        unset($_REQUEST['form'], $_REQUEST['slideshowid']);
    }
    $result = DBend($result);
    if ($result) {