lib/plugins/acl/ajax.php

   1 <?php
   2 /**
   3  * AJAX call handler for ACL plugin
   4  *
   5  * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
   6  * @author     Andreas Gohr <andi@splitbrain.org>
   7  */
   8
   9 //fix for Opera XMLHttpRequests
  10 if(!count($_POST) && $HTTP_RAW_POST_DATA){
  11   parse_str($HTTP_RAW_POST_DATA, $_POST);
  12 }
  13
  14 if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../../');
  15 require_once(DOKU_INC.'inc/init.php');
  16 require_once(DOKU_INC.'inc/common.php');
  17 require_once(DOKU_INC.'inc/pageutils.php');
  18 require_once(DOKU_INC.'inc/auth.php');
  19 //close session
  20 session_write_close();
  21
  22 if(!auth_isadmin()) die('for admins only');
  23 if(!checkSecurityToken()) die('CRSF Attack');
  24
  25 $ID    = getID();
  26
  27 require_once(DOKU_INC.'inc/pluginutils.php');
  28 require_once(DOKU_INC.'inc/html.php');
  29 $acl = plugin_load('admin','acl');
  30 $acl->handle();
  31
  32 $ajax = $_REQUEST['ajax'];
  33 header('Content-Type: text/html; charset=utf-8');
  34
  35 if($ajax == 'info'){
  36     $acl->_html_info();
  37 }elseif($ajax == 'tree'){
  38     require_once(DOKU_INC.'inc/search.php');
  39     global $conf;
  40     global $ID;
  41
  42     $dir = $conf['datadir'];
  43     $ns  = $_REQUEST['ns'];
  44     if($ns == '*'){
  45         $ns ='';
  46     }
  47     $ns  = cleanID($ns);
  48     $lvl = count(explode(':',$ns));
  49     $ns  = utf8_encodeFN(str_replace(':','/',$ns));
  50
  51     $data = $acl->_get_tree($ns,$ns);
  52
  53     foreach($data as $item){
  54         $item['level'] = $lvl+1;
  55         echo $acl->_html_li_acl($item);
  56         echo '<div class="li">';
  57         echo $acl->_html_list_acl($item);
  58         echo '</div>';
  59         echo '</li>';
  60     }
  61 }
  62