AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feature: Added Folder support for files

Browse Source
This commit is contained in:
johnnyq
2023-08-23 18:02:51 -04:00
parent d200575aec
commit f88f04edd8
18 changed files with 426 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
post/document.php
View File

@@ -1,7 +1,7 @@
<?php
/*
* ITFlow - GET/POST request handler for client documents (and document folders)
* ITFlow - GET/POST request handler for client documents
*/
if (isset($_POST['add_document'])) {
@@ -171,68 +171,3 @@ if (isset($_GET['delete_document'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['add_folder'])) {
validateTechRole();
$client_id = intval($_POST['client_id']);
$folder_name = sanitizeInput($_POST['folder_name']);
// Document folder add query
$add_folder = mysqli_query($mysqli,"INSERT INTO folders SET folder_name = '$folder_name', folder_client_id = $client_id");
$folder_id = mysqli_insert_id($mysqli);
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Create', log_description = '$session_name created folder $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $folder_id");
$_SESSION['alert_message'] = "Folder <strong>$folder_name</strong> created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['rename_folder'])) {
validateTechRole();
$folder_id = intval($_POST['folder_id']);
$client_id = intval($_POST['client_id']);
$folder_name = sanitizeInput($_POST['folder_name']);
// Folder edit query
mysqli_query($mysqli,"UPDATE folders SET folder_name = '$folder_name' WHERE folder_id = $folder_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Modify', log_description = '$session_name renamed folder to $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $folder_id");
$_SESSION['alert_message'] = "Folder <strong>$folder_name</strong> renamed";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_folder'])) {
validateAdminRole();
$folder_id = intval($_GET['delete_folder']);
mysqli_query($mysqli,"DELETE FROM folders WHERE folder_id = $folder_id");
// Move files in deleted folder back to the root folder /
$sql_documents = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_folder_id = $folder_id");
while($row = mysqli_fetch_array($sql_documents)) {
$document_id = intval($row['document_id']);
mysqli_query($mysqli,"UPDATE documents SET document_folder_id = 0 WHERE document_id = $document_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Delete', log_description = '$folder_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Folder deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}

26
post/file.php
View File

@@ -4,8 +4,9 @@
* ITFlow - GET/POST request handler for client files/uploads
*/
if (isset($_POST['add_files'])) {
if (isset($_POST['upload_files'])) {
$client_id = intval($_POST['client_id']);
$folder_id = intval($_POST['folder_id']);
if (!file_exists("uploads/clients/$client_id")) {
mkdir("uploads/clients/$client_id");
@@ -38,7 +39,7 @@ if (isset($_POST['add_files'])) {
// Extract .ext from reference file name to be used to store SHA256 hash
$file_hash = strstr($file_reference_name, '.', true) ?: $file_reference_name;
mysqli_query($mysqli,"INSERT INTO files SET file_reference_name = '$file_reference_name', file_name = '$file_name', file_ext = '$file_extension', file_hash = '$file_hash', file_client_id = $client_id");
mysqli_query($mysqli,"INSERT INTO files SET file_reference_name = '$file_reference_name', file_name = '$file_name', file_ext = '$file_extension', file_hash = '$file_hash', file_folder_id = $folder_id, file_client_id = $client_id");
//Logging
$file_id = intval(mysqli_insert_id($mysqli));
@@ -71,6 +72,27 @@ if (isset($_POST['rename_file'])) {
}
if (isset($_POST['move_file'])) {
validateTechRole();
$file_id = intval($_POST['file_id']);
$client_id = intval($_POST['client_id']);
$folder_id = intval($_POST['folder_id']);
// Document edit query
mysqli_query($mysqli,"UPDATE files SET file_folder_id = $folder_id WHERE file_id = $file_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'File', log_action = 'Move', log_description = '$session_name moved file', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $file_id");
$_SESSION['alert_message'] = "File moved";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['delete_file'])) {
validateAdminRole();

71
post/folder.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
/*
* ITFlow - GET/POST request handler for folders
*/
if (isset($_POST['create_folder'])) {
validateTechRole();
$client_id = intval($_POST['client_id']);
$folder_location = intval($_POST['folder_location']);
$folder_name = sanitizeInput($_POST['folder_name']);
// Document folder add query
$add_folder = mysqli_query($mysqli,"INSERT INTO folders SET folder_name = '$folder_name', folder_location = $folder_location, folder_client_id = $client_id");
$folder_id = mysqli_insert_id($mysqli);
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Create', log_description = '$session_name created folder $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $folder_id");
$_SESSION['alert_message'] = "Folder <strong>$folder_name</strong> created";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_POST['rename_folder'])) {
validateTechRole();
$folder_id = intval($_POST['folder_id']);
$client_id = intval($_POST['client_id']);
$folder_name = sanitizeInput($_POST['folder_name']);
// Folder edit query
mysqli_query($mysqli,"UPDATE folders SET folder_name = '$folder_name' WHERE folder_id = $folder_id");
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Modify', log_description = '$session_name renamed folder to $folder_name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $folder_id");
$_SESSION['alert_message'] = "Folder <strong>$folder_name</strong> renamed";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['delete_folder'])) {
validateAdminRole();
$folder_id = intval($_GET['delete_folder']);
mysqli_query($mysqli,"DELETE FROM folders WHERE folder_id = $folder_id");
// Move files in deleted folder back to the root folder /
$sql_documents = mysqli_query($mysqli,"SELECT * FROM documents WHERE document_folder_id = $folder_id");
while($row = mysqli_fetch_array($sql_documents)) {
$document_id = intval($row['document_id']);
mysqli_query($mysqli,"UPDATE documents SET document_folder_id = 0 WHERE document_id = $document_id");
}
//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Folder', log_action = 'Delete', log_description = '$folder_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
$_SESSION['alert_message'] = "Folder deleted";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}