} elseif ($cid == 0) { $data['retcode'] = 200; $data['cid'] = $cid; $data['displayhtml'] = nexdocsrv_generateFileListing($cid, $reportmode); $data['activefolder'] = nexdoc_displayActiveFolder($cid, $reportmode); $data['moreactions'] = nexdocsrv_getMoreActions($reportmode); $data['header'] = nexdoc_formatHeader($cid, $reportmode); } else { $data['retcode'] = 401; $data['error'] = 'Error: No Access to Folder'; } $retval = json_encode($data); firelogmsg("Completed generating AJAX return data"); break; case 'getmorefiledata': $filter->cleanData('int', array('cid' => $_POST['cid'], 'level' => $_POST['level'])); $filter->cleanData('char', array('foldernumber' => $_POST['foldernumber'])); $_CLEAN = $filter->normalize($filter->getDbData()); $lastRenderedFolder = $_CLEAN['cid']; if ($_CLEAN['foldernumber'] == 'null') { $_CLEAN['foldernumber'] = ''; } $retval = '<result>'; $retval .= '<retcode>200</retcode>'; $tpl = new Template($_CONF['path_layout'] . 'nexfile'); $tpl->set_file(array('filelisting_rec' => 'filelisting_record.thtml', 'loadfolder_msg' => 'load_folder_message.thtml', 'tag_link' => 'taglink_record.thtml', 'tag_rec' => 'tagdesc_record.thtml', 'upload_action' => 'upload_link.thtml', 'download_action' => 'download_link.thtml', 'download_disabled' => 'download_disabled_link.thtml', 'editfile_action' => 'editfile_link.thtml')); $tpl->set_var('site_url', $_CONF['site_url']); $tpl->set_var('layout_url', $_CONF['layout_url']); $tpl->set_var('imgset', "{$_CONF['layout_url']}/nexfile/images"); $retval .= '<displayhtml>' . htmlspecialchars(nexdoc_displayFileListing($tpl, $_CLEAN['cid'], 'getmoredata', $_CLEAN['level'], "{$_CLEAN['foldernumber']}"), ENT_QUOTES, $charset) . '</displayhtml>'; $retval .= '</result>';
// | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ // include '../lib-common.php'; include 'library.php'; if (!SEC_inGroup($_FMCONF['access_mode'])) { echo COM_refresh($_CONF['site_url']); exit; } $filter = new sanitizer(); $filter->cleanData('int', array('cid' => $_REQUEST['cid'], 'fid' => $_GET['fid'])); $filter->cleanData('char', array('op' => $_REQUEST['op'])); $_CLEAN = $filter->getCleanData(); $cid = $_CLEAN['int']['cid']; $fid = $_CLEAN['int']['fid']; if ($fid > 0 and empty($cid)) { $cid = DB_getItem($_TABLES['nxfile_files'], 'cid', "fid={$fid} AND status=1"); $pid = DB_getItem($_TABLES['nxfile_categories'], 'pid', "cid={$cid}"); if (empty($cid) or !fm_getPermission($cid, 'view') or $pid > 0 and !fm_getPermission($pid, 'view')) { $fid = 0; $cid = 0; } } elseif ($cid > 0) { if (!fm_getPermission($cid, 'view')) { $cid = 0; }