Go to the documentation of this file.00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 require_once '../include/constant.php';
00026 require_once('class_database.php');
00027 require_once("ac_common.php");
00028 require_once( "class_document.php");
00029 require_once('class_dossier.php');
00030 $gDossier = dossier::id();
00031 $cn = new Database($gDossier);
00032 $action = (isset($_REQUEST['a'])) ? $_REQUEST['a'] : 'sh';
00033
00034 require_once ('class_user.php');
00035 global $g_user;
00036 $g_user = new User($cn);
00037 $g_user->Check();
00038 $g_user->check_dossier($gDossier);
00039
00040
00041 if ($action == 'sh')
00042 {
00043 if ($g_user->check_action(VIEWDOC) == 1)
00044 {
00045
00046 $doc = new Document($cn, $_REQUEST['d_id']);
00047 $doc->Send();
00048 }
00049 }
00050
00051 if ($action == 'rm')
00052 {
00053 $json='{"d_id":"-1"}';
00054 if ($g_user->check_action(RMDOC) == 1)
00055 {
00056 $doc = new Document($cn, $_REQUEST['d_id']);
00057 $doc->remove();
00058 $json = sprintf('{"d_id":"%s"}', $_REQUEST['d_id']);
00059 }
00060 header("Content-type: text/html; charset: utf8", true);
00061 print $json;
00062 }
00063
00064 if ( $action == "upd_doc")
00065 {
00066 if ($g_user->check_action(VIEWDOC) == 1)
00067 {
00068 $doc = new Document($cn, $_REQUEST['d_id']);
00069 $doc->get();
00070 if ( $g_user->can_write_action($doc->ag_id))
00071
00072 $doc->update_description(strip_tags ($_REQUEST['value']));
00073 }
00074
00075 }
00076
00077 if ($action == 'rmop')
00078 {
00079 $json = '{"ago_id":"-1"}';
00080 $dt_id = $cn->get_value("select ag_id from action_gestion_operation where ago_id=$1",array( $_REQUEST['id']));
00081 if ($g_user->check_action(RMDOC) == 1 && $g_user->can_write_action($dt_id) == true)
00082 {
00083 $cn->exec_sql("delete from action_gestion_operation where ago_id=$1", array($_REQUEST['id']));
00084 $json = sprintf('{"ago_id":"%s"}', $_REQUEST['id']);
00085 }
00086 header("Content-type: text/html; charset: utf8", true);
00087 print $json;
00088 }
00089
00090 if ($action == 'rmcomment')
00091 {
00092 $json = '{"agc_id":"-1"}';
00093 $dt_id = $cn->get_value("select ag_id from action_gestion_comment where agc_id=$1", array($_REQUEST['id']));
00094 if ($g_user->check_action(RMDOC) == 1 && $g_user->can_write_action($dt_id) == true)
00095 {
00096 $cn->exec_sql("delete from action_gestion_comment where agc_id=$1", array($_REQUEST['id']));
00097 $json = sprintf('{"agc_id":"%s"}', $_REQUEST['id']);
00098 }
00099 header("Content-type: text/html; charset: utf8", true);
00100 print $json;
00101 }
00102
00103 if ($action == 'rmaction')
00104 {
00105 $json = '{"act_id":"-1"}';
00106 if ($g_user->check_action(RMDOC) == 1 && $g_user->can_write_action($_REQUEST['id']) == true && $g_user->can_write_action($_REQUEST['ag_id']) == true)
00107 {
00108 $cn->exec_sql("delete from action_gestion_related where aga_least=$1 and aga_greatest=$2", array($_REQUEST['id'], $_REQUEST['ag_id']));
00109 $cn->exec_sql("delete from action_gestion_related where aga_least=$2 and aga_greatest=$1", array($_REQUEST['id'], $_REQUEST['ag_id']));
00110 $json = sprintf('{"act_id":"%s"}', $_REQUEST['id']);
00111 }
00112 header("Content-type: text/html; charset: utf8", true);
00113 print $json;
00114 }