Joywork/ajax/folders.php
2026-05-22 21:21:54 +03:00

240 lines
9.3 KiB
PHP

<?php
require_once($_SERVER['DOCUMENT_ROOT']."/config.php");
function get_agency($user_id){
//Поиск агенства
/* $result = array();
$sql = "SELECT `manager`, `agency`, `id_manager` FROM users WHERE id = ".$user_id;
$q = mysql_query($sql);
$r = mysql_fetch_assoc($q);
if($r['agency'] > 0){
$result['agency'] = $user_id;
} else if ($r['manager'] > 0){
$result['agency'] = $r['id_manager'];
$manager = $user_id;
} else {
$result['manager'] = $r['id_manager'];
$sql_2 = "SELECT `manager`, `agency`, `id_manager` FROM users WHERE id = ".$result['manager'];
$q_2 = mysql_query($sql_2);
$r_2 = mysql_fetch_assoc($q_2);
if($r_2['agency'] > 0){
$result['agency'] = $r['id_manager'];
} else {
$result['agency'] = $r_2['id_manager'];
}
}*/
$user = new User();
$user->get($user_id);
$result['agency'] = $user->agencyId;
return $result;
}
if(isset($_POST['add_new_folder'])){
$user_id = $_POST['user_id'];
$name = $_POST['add_new_folder'];
$agency = 0;
$manager = 0;
$man = get_agency($user_id);
$agency = $man['agency'];
$manager = $man['manager'];
$permissions = '';
if ($_POST['permissions']) {
$permissions = implode(",", $_POST['permissions']);
}
$sql_in = "INSERT INTO `agency_folders` (`name`, `agency_id`, `manager_id`, `user_id`, `permissions`) VALUES ('".$name."', '".$agency."', '".$manager."', '".$user_id."', '".$permissions."')";
mysql_query($sql_in);
}
if(isset($_POST['get_folders_all'])){
$user_id = $_SESSION['id'];
$man = get_agency($user_id);
$agency = $man['agency'];
$manager = $man['manager'];
$sql = "SELECT * FROM `agency_folders` WHERE `agency_id` = ".$agency." or `id` = 11 order by id desc";
$q = mysql_query($sql);
if(mysql_num_rows($q) > 0){
?>
<ul class="docs docsdirs">
<?php
while($r = mysql_fetch_assoc($q)){
/*if ($r['id'] == 11 && $agency == 13154) {
continue;
}*/
$array_permissions = explode(",", $r['permissions']);
if ((in_array($user_id, $array_permissions)) || ($r['permissions'] === '') || ($user_id === $r['user_id'])) {
?>
<li class="dir opened" id="folder_id_<?=$r['id']?>">
<span class="dir-link">
<span class="dir-span ti-folder"></span>
<span class="dir-name"><?=$r['name']?></span>
</span>
<?php
if($r['id'] == 11){
if($_SESSION['id'] == 4){
?>
<a href="javascript:{};" data-id="<?=$r['id']?>" class="delFolder no-border" title="Удалить папку">
<span class="simple-button delete"><i class="jw-action-icon-delete"></i></span>
</a>
<?php }
} else { ?>
<a href="javascript:{};" data-id="<?=$r['id']?>" class="delFolder no-border" title="Удалить папку">
<span class="simple-button delete"><i class="jw-action-icon-delete"></i></span>
</a>
<?php }
if($r['id'] != 11) {
?>
<a href="javascript:{};" class="no-border" onclick="changeDocPermissons('<?=$r['id'] ?>');" title="Предоставить права">
<span class="simple-button delete"><i class="jw-action-icon-settings"></i></span>
</a>
<?php
}
if($r['id'] == 11){
if($_SESSION['id'] == 4){
?>
<a href="javascript:{}" class="tab tab__new-object add_doc" data-id="<?=$r['id']?>">
<i class="ti-plus"></i><span>Новый документ</span>
</a>
<?php }
} else {
?>
<a href="javascript:{}" class="tab tab__new-object add_doc" data-id="<?=$r['id']?>">
<i class="ti-plus"></i><span>Новый документ</span>
</a>
<?php
}
$sql_d = "SELECT * FROM `agency_folders_docs` WHERE `folder_id` = ".$r['id']." order by id desc";
$q_d = mysql_query($sql_d);
if(mysql_num_rows($q_d) > 0){
?>
<ul class="docs docsfiles hidden">
<?php
while($r_d = mysql_fetch_assoc($q_d)){
?>
<li class="file" id="agencyDocument_<?=$r_d['id']?>">
<a title="Скачать файл" target="_blank" href="/download_file.php?afd_id=<?=$r_d['id']?>&preview=1">
<span class="file-span ti-file"></span>
<span class="file-name"><?=$r_d['name']?></span>
<?php
if($r['id'] == 11){
if($_SESSION['id'] == 4){
?>
<a href="javascript:{};" data-id="<?=$r_d['id']?>" class="delDocument no-border" title="Удалить документ">
<span class="simple-button delete"><i class="jw-action-icon-delete"></i></span>
</a>
<?php
}
} else { ?>
<a href="javascript:{};" data-id="<?=$r_d['id']?>" class="delDocument no-border" title="Удалить документ">
<span class="simple-button delete"><i class="jw-action-icon-delete"></i></span>
</a>
<?php } ?>
</a>
</li>
<?php }
?>
</ul>
<?php
}
?>
</li>
<?php
}
}
?>
</ul>
<?php
}
}
if(isset($_POST['delete_folder'])){
$id = (int)$_POST['delete_folder'];
$sql = "DELETE FROM `agency_folders` WHERE id=".$id;
mysql_query($sql);
}
if(isset($_POST['save_files'])){
$folder_id = (int)$_POST['save_files'];
$files = json_decode(html_entity_decode($_POST['files']), ENT_QUOTES);
foreach($files as $file){
if (!$file['error']) {
$sql = "INSERT INTO `agency_folders_docs` (`name`, `folder_id`, `url`, `type`) VALUES ('" . $file['name'] . "', " . $folder_id . ", '" . $file['url'] . "', '" . $file['type'] . "')";
mysql_query($sql);
}
}
}
if(isset($_POST['delete_document'])){
$id = (int)$_POST['delete_document'];
$sql = "SELECT * FROM `agency_folders_docs` WHERE `id` = ".$id;
$r = mysql_fetch_assoc(mysql_query($sql));
$name = $r['folder_id'].'/'.$r['name'];
$path = $_SERVER['DOCUMENT_ROOT'].'/server/php/files/docs/'.$name;
echo $path;
if(file_exists($path)){
unlink($path);
}
mysql_query("DELETE FROM `agency_folders_docs` WHERE id=".$id);
}
if(isset($_POST['get_users_perm_folder'])){
$folder_id = (int)$_POST['get_users_perm_folder'];
$agency_id = $_SESSION["agency_id"];
$sql_agency_folder = "SELECT `permissions` FROM `agency_folders` WHERE id = {$folder_id}";
$r_agency_folder = mysql_fetch_assoc(mysql_query($sql_agency_folder));
$agency_folder_permissions = explode(",", $r_agency_folder['permissions']);
$userIds = User::getAllAgencyUsers($agency_id);
if (empty($userIds)) {
echo json_encode([], JSON_UNESCAPED_UNICODE);
exit;
}
$userIdsStr = implode(',', array_map('intval', $userIds));
$sql = "SELECT * FROM `users` WHERE `id` IN ({$userIdsStr})";
$result = mysql_query($sql);
$output_array = [];
while ($row = mysql_fetch_assoc($result)) {
$hasPermission = in_array($row["id"], $agency_folder_permissions);
$output_array[] = [
'user_name' => $row["last_name"] . ' ' . $row["first_name"] . ' ' . $row["middle_name"],
'user_id' => $row["id"],
'user_select' => $hasPermission ? 1 : 0
];
}
echo json_encode($output_array, JSON_UNESCAPED_UNICODE);
}
if(isset($_POST['change_perm_folder'])){
$id = (int)$_POST['folder_id'];
$users_perm_array = $_POST['users_perm'];
$users_perm = '';
if ($users_perm_array != null) {
$users_perm = implode(",", $users_perm_array);
}
$sql = "UPDATE `agency_folders` SET `permissions` = '$users_perm' WHERE `id` = '$id'";
mysql_query($sql);
echo $users_perm;
}