1<?php
2
3/**
4 * AJAX: handling of Ajax section calls.
5 *
6 * This Source Code Form is subject to the terms of the Mozilla Public License,
7 * v. 2.0. If a copy of the MPL was not distributed with this file, You can
8 * obtain one at http://mozilla.org/MPL/2.0/.
9 *
10 * @package phpMyFAQ
11 * @author Timo Wolf <amna.wolf@gmail.com>
12 * @copyright 2009-2020 phpMyFAQ Team
13 * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
14 * @link https://www.phpmyfaq.de
15 * @since 2018-09-21
16 */
17
18use phpMyFAQ\Filter;
19use phpMyFAQ\Helper\HttpHelper;
20use phpMyFAQ\Permission\LargePermission;
21
22if (!defined('IS_VALID_PHPMYFAQ')) {
23    http_response_code(400);
24    exit();
25}
26
27$ajaxAction = Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
28$sectionId = Filter::filterInput(INPUT_GET, 'section_id', FILTER_VALIDATE_INT);
29
30$http = new HttpHelper();
31$http->setContentType('application/json');
32$http->addHeader();
33
34if ($user->perm->checkRight($user->getUserId(), 'add_section') ||
35    $user->perm->checkRight($user->getUserId(), 'edit_section') ||
36    $user->perm->checkRight($user->getUserId(), 'del_section')) {
37
38    $sectionList = ($user->perm instanceof LargePermission) ? $user->perm->getAllSections() : [];
39
40    // Returns all sections
41    if ('get_all_sections' == $ajaxAction) {
42        $sections = [];
43        foreach ($sectionList as $sectionId) {
44            $data = $user->perm->getSectionData($sectionId);
45            $sections[] = [
46                'section_id' => $data['id'],
47                'name' => $data['name'],
48            ];
49        }
50        $http->sendJsonWithHeaders($sections);
51    }
52
53    // Return the section data
54    if ('get_section_data' == $ajaxAction) {
55        $http->sendJsonWithHeaders($user->perm->getSectionData($sectionId));
56    }
57
58    // Returns all section members
59    if ('get_all_members' == $ajaxAction) {
60        $memberList = $user->perm->getSectionGroups($sectionId);
61        $members = [];
62        foreach ($memberList as $single_member) {
63            $group = $user->perm->getGroupData($single_member);
64            $members[] = array('group_id' => $group['group_id'],
65                                'name' => $group['name'] );
66        }
67        $http->sendJsonWithHeaders($members);
68    }
69}
70