load($dms_session)) { header('Content-Type: application/json'); echo json_encode(array('error'=>1)); exit; } /* Update last access time */ $session->updateAccess($dms_session); /* Load user data */ $user = $dms->getUser($resArr["userID"]); if (!is_object($user)) { header('Content-Type: application/json'); echo json_encode(array('error'=>1)); exit; } if($resArr["su"] && $su = $dms->getUser($resArr["su"])) { if($user->isAdmin() || $user->maySwitchToUser($su)) { $user = $su; } else { $session->resetSu(); } } $dms->setUser($user); if($settings->_useHomeAsRootFolder && !$user->isAdmin() && $user->getHomeFolder()) { $dms->checkWithinRootDir = true; $dms->setRootFolderID($user->getHomeFolder()); } $role = $user->getRole(); $dms->noReadForStatus = $role->getNoAccess(); include $settings->_rootDir . "languages/" . $resArr["language"] . "/lang.inc"; } else { $user = null; } /* make sure the browser doesn't cache the output of this page. * Edge doesn't if not explicitly told to not do it, see bug #280 */ header("Cache-Control: no-cache,no-store"); $command = isset($_REQUEST["command"]) ? $_REQUEST["command"] : ''; switch($command) { case 'checkpwstrength': /* {{{ */ $ps = new Password_Strength(); $ps->set_password($_REQUEST["pwd"]); if($settings->_passwordStrengthAlgorithm == 'simple') $ps->simple_calculate(); else $ps->calculate(); $score = $ps->get_score(); if($settings->_passwordStrength) { if($score >= $settings->_passwordStrength) { header('Content-Type: application/json'); echo json_encode(array('error'=>0, 'strength'=>$score, 'score'=>$score/$settings->_passwordStrength, 'ok'=>1)); } else { header('Content-Type: application/json'); echo json_encode(array('error'=>0, 'strength'=>$score, 'score'=>$score/$settings->_passwordStrength, 'ok'=>0)); } } else { header('Content-Type: application/json'); echo json_encode(array('error'=>0, 'strength'=>$score)); } break; /* }}} */ case 'sessioninfo': /* {{{ */ if($user) { header('Content-Type: application/json'); echo json_encode($resArr); } break; /* }}} */ /* Used for document chooser */ case 'searchdocument': /* {{{ */ if($user) { $query = $_GET['query']; $status = isset($_GET['status']) ? (is_array($_GET['status']) ? $_GET['status'] : array($_GET['status'])) : array(); $hits = $dms->search($query, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$dms->getRootFolder(), $owner=null, $status, $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x1, $expirationstartdate=array(), $expirationenddate=array()); if($hits) { $result = array(); foreach($hits['docs'] as $hit) { if($hit->getAccessMode($user, 'search') >= M_READ) { if($hit->getLatestContent()) { // $result[] = $hit->getID().'#'.$hit->getName(); $result[] = array('type'=>'D', 'id'=>$hit->getId(), 'name'=>htmlspecialchars($hit->getName()), 'path'=>htmlspecialchars($hit->getParent()->getFolderPathPlain(true, '/'))); } } } header('Content-Type: application/json'); echo json_encode($result); } } break; /* }}} */ /* This is used for searching folders in the folder selectors * 1. the selector also having a tree * 2. the selector based on select2 for