示例#1
0
function updateListHist($listId)
{
    global $debug, $message, $Dbc;
    $stmt = $Dbc->prepare("UPDATE\n\tlists\nSET\n\tmId = ?,\n\tmodified = ?\nWHERE\n\tlistId = ?");
    $stmt->execute(array($_SESSION['userId'], DATETIME, $listId));
    $stmt = $Dbc->prepare("SELECT\n\tfolderId\nFROM\n\tlists\nWHERE\n\tlistId = ?");
    $stmt->execute(array($listId));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
    if (!empty($row['folderId'])) {
        updateFolderHist($row['folderId']);
    }
}
示例#2
0
function listPropertiesStep2()
{
    //User must be Manager (3) or Owner (4).
    global $debug, $message, $success, $Dbc, $returnThis;
    $output = '';
    try {
        if (empty($_POST['listId'])) {
            throw new Adrlist_CustomException('', '$_POST[\'listId\'] is empty.');
        } elseif (empty($_POST['newListName'])) {
            throw new Adrlist_CustomException('', '$_POST[\'newListName\'] is empty.');
        } elseif (!isset($_POST['newFolderId'])) {
            throw new Adrlist_CustomException('', '$_POST[\'newFolderId\'] is not set.');
        } elseif (empty($_POST['newListFramerate'])) {
            throw new Adrlist_CustomException('', '$_POST[\'newListFramerate\'] is empty.');
        }
        $_POST['listId'] = intThis($_POST['listId']);
        $_POST['newListName'] = trim($_POST['newListName']);
        $_POST['newListFramerate'] = intThis($_POST['newListFramerate']);
        $_POST['newFolderId'] = intThis($_POST['newFolderId']);
        //Check the user's list role.
        $listInfo = getListInfo($_SESSION['userId'], $_POST['listId']);
        if ($listInfo === false || $listInfo['listRoleId'] < 3) {
            throw new Adrlist_CustomException('Your role does not allow you to change the properties of this list.', '');
        }
        $Dbc->beginTransaction();
        //Build the update statement and params.
        $updateFolderPropertiesStmt = "UPDATE\n\tlists\nJOIN\n\tuserListSettings ON lists.listId = userListSettings.listId AND\n\tuserListSettings.userId = ? AND\n\tlists.listId = ?\nSET\n\tlists.listName = ?,\n\tlists.frId = ?";
        $updateFolderPropertiesParams = array($_SESSION['userId'], $_POST['listId'], $_POST['newListName'], $_POST['newListFramerate']);
        if (empty($_POST['newFolderId'])) {
            //Set folderID to NULL.
            $updateFolderPropertiesStmt .= ",\nlists.folderId = ?";
            $updateFolderPropertiesParams[] = NULL;
        } else {
            //A folder was selected. Verify the user's folderRoleId.
            $folderInfo = getFolderInfo($_SESSION['userId'], $_POST['newFolderId']);
            $folderRoleId = $folderInfo['folderRoleId'];
            if (empty($folderRoleId) || $folderRoleId < 4) {
                //We don't care if there is no role or if the role is zero. Either way, deny access.
                throw new Adrlist_CustomException('Your role does not allow you to add lists to that folder.', '');
            }
            //Update the folder properties and set the folderID.
            $updateFolderPropertiesStmt .= ",\nlists.folderId = ?";
            $updateFolderPropertiesParams[] = $_POST['newFolderId'];
            //Make sure all list users have a folderRoleId.
            //Select the list users.
            $listUsersStmt = $Dbc->prepare("SELECT\n\tusers.userId AS 'userId',\n\tuserListSettings.listRoleId AS 'listRoleId'\nFROM\n\tusers\nJOIN\n\tuserListSettings ON userListSettings.userId = users.userId AND\n\tuserListSettings.listId = ?");
            $listUsersStmt->execute(array($_POST['listId']));
            $listUsers = array();
            $insertFolderRoleStmt = $Dbc->prepare("INSERT INTO\n\tuserFolderSettings\nSET\n\tfolderId = ?,\n\tuserId = ?,\n\tfolderRoleId = ?,\n\tdateAdded = ?");
            while ($listUsersRow = $listUsersStmt->fetch(PDO::FETCH_ASSOC)) {
                $listUsers[] = array('userId' => $listUsersRow['userId'], 'listRoleId' => $listUsersRow['listRoleId']);
                //Check if the list users has a folderRoleId.
                $folderInfo = getFolderInfo($listUsersRow['userId'], $_POST['newFolderId']);
                $folderRoleId = $folderInfo['folderRoleId'];
                if ($folderRoleId === false && $listUsersRow['listRoleId'] != 4) {
                    //The user has no current folderRoleId and is not the owner of the folder. The default folderRoleId will be Member (1).
                    $insertFolderRoleParams = array($_POST['newFolderId'], $listUsersRow['userId'], 1, DATETIME);
                    $insertFolderRoleStmt->execute($insertFolderRoleParams);
                }
            }
            $debug->printArray($listUsers, '$listUsers');
            updateFolderHist($_POST['newFolderId']);
        }
        $updateFolderPropertiesStmt = $Dbc->prepare($updateFolderPropertiesStmt);
        $updateFolderPropertiesStmt->execute($updateFolderPropertiesParams);
        $rowCount = $updateFolderPropertiesStmt->rowCount();
        updateListHist($_POST['listId']);
        $Dbc->commit();
        $returnThis['buildLists'] = buildLists();
        if (MODE == 'listPropertiesStep2') {
            $success = true;
            $message .= 'Saved';
        }
    } catch (Adrlist_CustomException $e) {
    } catch (PDOException $e) {
        error(__LINE__, '', '<pre>' . $e . '</pre>');
    }
    if (MODE == 'listPropertiesStep2') {
        returnData();
    }
}