From 2d2fd172e1548dd24e1719accd0b856cff6a31a0 Mon Sep 17 00:00:00 2001
From: Falko Timme <ft@falkotimme.com>
Date: Fri, 18 Oct 2013 12:20:13 -0400
Subject: [PATCH] - Added funtion to convert currency formatted numbers back to floating numbers. - Improved getSearchSQL() function so that users can use their native date format so search for dates in lists.

---
 interface/web/sites/ajax_get_json.php |  105 +++++++++++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 98 insertions(+), 7 deletions(-)

diff --git a/interface/web/sites/ajax_get_json.php b/interface/web/sites/ajax_get_json.php
index 887f5da..9da4513 100644
--- a/interface/web/sites/ajax_get_json.php
+++ b/interface/web/sites/ajax_get_json.php
@@ -34,11 +34,12 @@
 //* Check permissions for module
 $app->auth->check_module_permissions('sites');
 
-$app->uses('getconf');
+$app->uses('getconf,tform');
 
-$server_id = intval($_GET["server_id"]);
-$web_id = intval($_GET["web_id"]);
+$server_id = $app->functions->intval($_GET["server_id"]);
+$web_id = $app->functions->intval($_GET["web_id"]);
 $php_type = $_GET["php_type"];
+$client_group_id = $app->functions->intval($_GET['client_group_id']);
 $type = $_GET["type"];
 
 //if($_SESSION["s"]["user"]["typ"] == 'admin') {
@@ -55,7 +56,7 @@
 	
 	if($type == 'getserverid'){
 		$json = '{"serverid":"';
-		$sql = "SELECT server_id FROM web_domain WHERE domain_id = $web_id";
+		$sql = "SELECT server_id FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
 		$server = $app->db->queryOneRecord($sql);
 		$json .= $server['server_id'];
 		unset($server);
@@ -69,11 +70,33 @@
 		$web_config = $app->getconf->get_server_config($server_id, 'web');
 		if(!empty($web_config['server_type'])) $server_type = $web_config['server_type'];
 		if($server_type == 'nginx' && $php_type == 'fast-cgi') $php_type = 'php-fpm';
+		$sql_where = '';
+		
+		//* Client: If the logged in user is not admin and has no sub clients (no reseller)
+		if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+			$sql_where = " AND (client_id = 0 OR client_id = ".$_SESSION["s"]["user"]["client_id"] . ")";
+		//* Reseller: If the logged in user is not admin and has sub clients (is a reseller)
+		} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+			$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = $client_group_id");
+			//$sql_where = " AND (client_id = 0 OR client_id = ".$_SESSION["s"]["user"]["client_id"];
+			$sql_where = " AND (client_id = 0";
+			if($app->functions->intval($client['client_id']) > 0) $sql_where .= " OR client_id = ".$app->functions->intval($client['client_id']);
+			$sql_where .= ")";
+		//* Admin: If the logged in user is admin
+		} else {
+			//$sql_where = '';
+			$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = $client_group_id");
+			//$sql_where = " AND (client_id = 0 OR client_id = ".$_SESSION["s"]["user"]["client_id"];
+			$sql_where = " AND (client_id = 0";
+			if($app->functions->intval($client['client_id']) > 0) $sql_where .= " OR client_id = ".$app->functions->intval($client['client_id']);
+			$sql_where .= ")";
+		}
+		
 		if($php_type == 'php-fpm'){
-			$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = $server_id");
+			$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = $server_id".$sql_where);
 		}
 		if($php_type == 'fast-cgi'){
-			$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = $server_id");
+			$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = $server_id".$sql_where);
 		}
 		$php_select = "";
 		if(is_array($php_records) && !empty($php_records)) {
@@ -93,14 +116,82 @@
 	
 	if($type == 'getphptype'){
 		$json = '{"phptype":"';
-		$sql = "SELECT php FROM web_domain WHERE domain_id = $web_id";
+		$sql = "SELECT php FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
 		$php = $app->db->queryOneRecord($sql);
 		$json .= $php['php'];
 		unset($php);
 		$json .= '"}';
 	}
+	
+	if($type == 'getredirecttype'){
+		$json = '{"redirecttype":"';
+		$sql = "SELECT redirect_type FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
+		$redirect = $app->db->queryOneRecord($sql);
+		$json .= $redirect['redirect_type'];
+		unset($redirect);
+		$json .= '"}';
+	}
+	
+	if($type == 'get_ipv4'){		
+		$result = array();
+		
+		// ipv4
+		//$result[] = _search('admin', 'server_ip', "AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")");
+		$result[] = $app->functions->suggest_ips('IPv4');
+
+		$json = $app->functions->json_encode($result);
+	}
+	
+	if($type == 'get_ipv6'){		
+		$result = array();
+		
+		// ipv6
+		//$result[] = _search('admin', 'server_ip', "AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")");
+		$result[] = $app->functions->suggest_ips('IPv6');
+		
+		$json = $app->functions->json_encode($result);
+	}
+    
+    if($type == 'getdatabaseusers') {
+        $json = '{}';
+		
+		$sql = "SELECT sys_groupid FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
+        $group = $app->db->queryOneRecord($sql);
+        if($group) {
+            $sql = "SELECT database_user_id, database_user FROM web_database_user WHERE sys_groupid = '" . $group['sys_groupid'] . "'";
+            $records = $app->db->queryAllRecords($sql);
+            
+			$tmp_array = array();
+            foreach($records as $record) {
+				$tmp_array[$record['database_user_id']] = $record['database_user'];
+            }
+			$json = $app->functions->json_encode($tmp_array);
+            unset($records, $group, $tmp_array);
+        }
+    }
+	
+	if($type == 'get_use_combobox'){
+		$json = '{"usecombobox":"';
+		$use_combobox = 'y';
+		$server_config_array = $app->getconf->get_global_config();
+		if($server_config_array['misc']['use_combobox'] != 'y') $use_combobox = 'n';
+		$json .= $use_combobox;
+		unset($server_config_array);
+		$json .= '"}';
+	}
+	
+	if($type == 'get_use_loadindicator'){
+		$json = '{"useloadindicator":"';
+		$use_loadindicator = 'y';
+		$server_config_array = $app->getconf->get_global_config();
+		if($server_config_array['misc']['use_loadindicator'] != 'y') $use_loadindicator = 'n';
+		$json .= $use_loadindicator;
+		unset($server_config_array);
+		$json .= '"}';
+	}
 
 //}
+
 header('Content-type: application/json');
 echo $json;
 ?>
\ No newline at end of file

--
Gitblit v1.9.1