noalyss  Version-6.7.2
 All Data Structures Namespaces Files Functions Variables Enumerations
ajax.php
Go to the documentation of this file.
00001 <?php
00002 /**
00003  *  This file is part of NOALYSS under GPL
00004  * 
00005  */
00006 /**
00007  * @brief this file is used for the ajax from the extension, it will the ajax.php file from the plugin directory
00008  * all the variable are in $_REQUEST
00009  * The code (of the plugin) is required
00010  * Required variable in $_REQUEST
00011  *  - gDossier
00012  *  - plugin_code
00013  */
00014 if ( ! defined ('ALLOWED') ) define ('ALLOWED',1);
00015 require_once '../include/constant.php';
00016 require_once('class_database.php');
00017 require_once('class_user.php');
00018 require_once('class_extension.php');
00019 if ( !isset ($_REQUEST['gDossier'])) exit();
00020 
00021 require_once 'class_own.php';
00022 mb_internal_encoding("UTF-8");
00023 
00024 global $g_user,$cn,$g_parameter;
00025 $cn=new Database(dossier::id());
00026 $g_parameter=new Own($cn);
00027 $g_user=new User($cn);
00028 $g_user->check(true);
00029 
00030 /* if a code has been asked */
00031 if (isset($_REQUEST['plugin_code']) )
00032 {
00033     if ( LOGINPUT)
00034     {
00035         $file_loginput=fopen($_ENV['TMP'].'/scenario-'.$_SERVER['REQUEST_TIME'].'.php','a+');
00036         fwrite ($file_loginput,"<?php \n");
00037         fwrite ($file_loginput,'//@description:'.$_REQUEST['plugin_code']."\n");
00038         fwrite($file_loginput, '$_GET='.var_export($_GET,true));
00039         fwrite($file_loginput,";\n");
00040         fwrite($file_loginput, '$_POST='.var_export($_POST,true));
00041         fwrite($file_loginput,";\n");
00042         fwrite($file_loginput, '$_POST[\'gDossier\']=$gDossierLogInput;');
00043         fwrite($file_loginput,"\n");
00044         fwrite($file_loginput, '$_GET[\'gDossier\']=$gDossierLogInput;');
00045         fwrite($file_loginput,"\n");
00046         fwrite($file_loginput,' $_REQUEST=array_merge($_GET,$_POST);');
00047         fwrite($file_loginput,"\n");
00048         fwrite($file_loginput,"include '".basename(__FILE__)."';\n");
00049         fclose($file_loginput);
00050     }
00051 
00052     $ext=new Extension($cn);
00053 
00054     if ( $ext->search($_REQUEST['plugin_code']) != -1)
00055     {
00056         /* security */
00057         if ( !isset ($_SESSION['g_user']) || $ext->can_request($_SESSION['g_user']) == 0 )
00058         {
00059             exit();
00060         }
00061         /* call the ajax script */
00062         require_once('ext'.DIRECTORY_SEPARATOR.dirname(trim($ext->getp('me_file'))).DIRECTORY_SEPARATOR.'ajax.php');
00063     }
00064     else
00065     {
00066         alert(j(_("Cette extension n'existe pas ")));
00067         exit();
00068     }
00069 
00070 }
00071 ?>
 All Data Structures Namespaces Files Functions Variables Enumerations