/var/www/hkosl.com/e-ims/file_manager/modify_folder.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

<?php
include 'config.php';

// Check if the user is logged in

if ((!isSet($_SESSION['loginname'])) || ($loggin <> '1'))
{
header("Location: login.php");
exit;
}

$index            $_POST["index"];
$companyid        $_POST["companyid"];
$parentid        $_POST["parentid"];
$levelnum        $_POST["levelnum"];
$folderid        $_POST["folderid"];
$title             htmlspecialchars($_POST["title"],ENT_QUOTES);
$nowdate         date("Y-m-d H:i:s");
//print_r($_POST); 

//ADD Permission
$roleid            $_POST["roleid"];
$read            $_POST["read"];
$write            $_POST["write"];
$sql "delete from file_folder_permission where folderid=:folderid";
$sql_param = array();
$sql_param[':folderid'] = $folderid;
$sth Db::getDbh()->prepare($sql);
$sth->execute($sql_param);
if( $error $sth->getError($sql_param) ){
    var_dump($error);
}
foreach ($roleid as $x => $v)    {
    $troleid $roleid[$x];
    $tread $read[$x];
    $twrite $write[$x];
    if($tread || $twrite){
        $sql "insert into file_folder_permission (folderid, companyid, roleid, p_read, p_write, createby, createdate) VALUES(:folderid, :companyid, :roleid, :p_read, :p_write, :createby, :createdate)";
        $sth Db::getDbh()->prepare($sql);
        $sql_param = array();
        $sql_param[':folderid'] = $folderid;
        $sql_param[':companyid'] = $companyid;
        $sql_param[':roleid'] = $troleid;
        $sql_param[':p_read'] = $tread;
        $sql_param[':p_write'] = $twrite;
        $sql_param[':createby'] = $_SESSION['loginid'];
        $sql_param[':createdate'] = $nowdate;
        $sth->execute($sql_param);
        if( $error $sth->getError($sql_param) ){
            var_dump($error);
        }
    }
}

$sql "update file_folder set companyid=:companyid, title=:title, lastupdate=:lastupdate, lastupby=:lastupby where folderid=:folderid";
$sth Db::getDbh()->prepare($sql);
$sql_param = array();
$sql_param[':companyid'] = $companyid;
$sql_param[':title'] = $title;
$sql_param[':lastupby'] = $_SESSION['loginid'];
$sql_param[':lastupdate'] = $nowdate;
$sql_param[':folderid'] = $folderid;
$sth->execute($sql_param);
if( $error $sth->getError($sql_param) ){
    var_dump($error);
}

$dbh null;

header("Location: index.php?index=$index&companyid=$companyid&pid=$parentid");

?>