/var/www/hkosl.com/e-ims/file_manager/add_folder.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100

<?php
include 'config.php';

// Check if the user is logged in

if ((!isSet($_SESSION['loginname'])) || ($loggin <> '1'))
{
header("Location: login.php");
exit;
}
require("configure.php"); 

$index            $_POST["index"];
$companyid        $_POST["companyid"];
$parentid        $_POST["parentid"];
$levelnum        $_POST["levelnum"];
$title             htmlspecialchars($_POST["title"],ENT_QUOTES);
$nowdate         date("Y-m-d H:i:s");
//print_r($_POST); 
//exit;

//New ID
$sql "select max(folderid) as maxid from file_folder";
$sth Db::getDbh()->prepare($sql);
$sth->execute();
if( $error $sth->getError() ){
    var_dump($error);
}
$row $sth->fetch(PDO::FETCH_ASSOC);
$folderid $row{'maxid'}+1;

//Sort
$sql "select max(sort) as maxid from file_folder where parentid=:parentid AND status = '1'";
$sth Db::getDbh()->prepare($sql);
$sth->execute(array(":parentid" => $parentid));
if( $error $sth->getError(array(":parentid" => $parentid)) ){
    var_dump($error);
}
$row $sth->fetch(PDO::FETCH_ASSOC);
$sort $row{'maxid'}+1;

//ADD Permission
$roleid            $_POST["roleid"];
$read            $_POST["read"];
$write            $_POST["write"];
$sql "delete from file_folder_permission where folderid=:folderid";
$sql_param = array();
$sql_param[':folderid'] = $folderid;
$sth Db::getDbh()->prepare($sql);
$sth->execute($sql_param);
if( $error $sth->getError($sql_param) ){
    var_dump($error);
}
foreach ($roleid as $x => $v)    {
    $troleid $roleid[$x];
    $tread $read[$x];
    $twrite $write[$x];
    if($tread || $twrite){
        $sql "insert into file_folder_permission (folderid, companyid, roleid, p_read, p_write, createby, createdate) VALUES(:folderid, :companyid, :roleid, :p_read, :p_write, :createby, :createdate)";
        $sth Db::getDbh()->prepare($sql);
        $sql_param = array();
        $sql_param[':folderid'] = $folderid;
        $sql_param[':companyid'] = $companyid;
        $sql_param[':roleid'] = $troleid;
        $sql_param[':p_read'] = $tread;
        $sql_param[':p_write'] = $twrite;
        $sql_param[':createby'] = $_SESSION['loginid'];
        $sql_param[':createdate'] = $nowdate;
        $sth->execute($sql_param);
        if( $error $sth->getError($sql_param) ){
            var_dump($error);
        }
    }
}

//Add Folder
$sql "insert into file_folder (folderid, parentid, levelnum, companyid, title, locked, sort, status, createby, createdate, lastupby, lastupdate, deleted) VALUES(:folderid, :parentid, :levelnum, :companyid, :title, :locked, :sort, :status, :createby, :createdate, :lastupby, :lastupdate, :deleted)";
$sth Db::getDbh()->prepare($sql);
$sql_param = array();
$sql_param[':folderid'] = $folderid;
$sql_param[':parentid'] = $parentid;
$sql_param[':levelnum'] = $levelnum;
$sql_param[':companyid'] = $companyid;
$sql_param[':title'] = $title;
$sql_param[':locked'] = '0';
$sql_param[':sort'] = $sort;
$sql_param[':status'] = '1';
$sql_param[':createby'] = $_SESSION['loginid'];
$sql_param[':createdate'] = $nowdate;
$sql_param[':lastupby'] = $_SESSION['loginid'];
$sql_param[':lastupdate'] = $nowdate;
$sql_param[':deleted'] = '0';
$sth->execute($sql_param);
if( $error $sth->getError($sql_param) ){
    var_dump($error);
}
$dbh null;

header("Location: index.php?index=$index&companyid=$companyid&pid=$parentid");
?>