1<?php 2 3/** 4 * AJAX: handling of Ajax section calls. 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public License, 7 * v. 2.0. If a copy of the MPL was not distributed with this file, You can 8 * obtain one at http://mozilla.org/MPL/2.0/. 9 * 10 * @package phpMyFAQ 11 * @author Timo Wolf <amna.wolf@gmail.com> 12 * @copyright 2009-2020 phpMyFAQ Team 13 * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 14 * @link https://www.phpmyfaq.de 15 * @since 2018-09-21 16 */ 17 18use phpMyFAQ\Filter; 19use phpMyFAQ\Helper\HttpHelper; 20use phpMyFAQ\Permission\LargePermission; 21 22if (!defined('IS_VALID_PHPMYFAQ')) { 23 http_response_code(400); 24 exit(); 25} 26 27$ajaxAction = Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); 28$sectionId = Filter::filterInput(INPUT_GET, 'section_id', FILTER_VALIDATE_INT); 29 30$http = new HttpHelper(); 31$http->setContentType('application/json'); 32$http->addHeader(); 33 34if ($user->perm->checkRight($user->getUserId(), 'add_section') || 35 $user->perm->checkRight($user->getUserId(), 'edit_section') || 36 $user->perm->checkRight($user->getUserId(), 'del_section')) { 37 38 $sectionList = ($user->perm instanceof LargePermission) ? $user->perm->getAllSections() : []; 39 40 // Returns all sections 41 if ('get_all_sections' == $ajaxAction) { 42 $sections = []; 43 foreach ($sectionList as $sectionId) { 44 $data = $user->perm->getSectionData($sectionId); 45 $sections[] = [ 46 'section_id' => $data['id'], 47 'name' => $data['name'], 48 ]; 49 } 50 $http->sendJsonWithHeaders($sections); 51 } 52 53 // Return the section data 54 if ('get_section_data' == $ajaxAction) { 55 $http->sendJsonWithHeaders($user->perm->getSectionData($sectionId)); 56 } 57 58 // Returns all section members 59 if ('get_all_members' == $ajaxAction) { 60 $memberList = $user->perm->getSectionGroups($sectionId); 61 $members = []; 62 foreach ($memberList as $single_member) { 63 $group = $user->perm->getGroupData($single_member); 64 $members[] = array('group_id' => $group['group_id'], 65 'name' => $group['name'] ); 66 } 67 $http->sendJsonWithHeaders($members); 68 } 69} 70