Browse code
Changed majority of files.
DoubleBastionAdmin authored on 30/11/2024 06:56:40
Showing 1 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,84 @@ |
| 1 |
+<?php |
|
| 2 |
+/** |
|
| 3 |
+ * Copyright (C) 2021 Double Bastion LLC |
|
| 4 |
+ * |
|
| 5 |
+ * This file is part of Roundpin, which is licensed under the |
|
| 6 |
+ * GNU Affero General Public License Version 3.0. The license terms |
|
| 7 |
+ * are detailed in the "LICENSE.txt" file located in the root directory. |
|
| 8 |
+ */ |
|
| 9 |
+ |
|
| 10 |
+session_start(); |
|
| 11 |
+ |
|
| 12 |
+ // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');
|
|
| 13 |
+ |
|
| 14 |
+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {
|
|
| 15 |
+ |
|
| 16 |
+ define('ACCESSCONST', TRUE);
|
|
| 17 |
+ |
|
| 18 |
+ require('db-connect.php');
|
|
| 19 |
+ |
|
| 20 |
+ $username = $_POST['username']; |
|
| 21 |
+ $videoConfExtension = $_POST['video_conf_extension']; |
|
| 22 |
+ $videoConfTag = $_POST['video_conf_tag']; |
|
| 23 |
+ $limitToGroups = $_POST['limit_to_groups']; |
|
| 24 |
+ |
|
| 25 |
+ // Get the id and role of the current user from the 'app_users' table |
|
| 26 |
+ $querysel = $mysqli->prepare("SELECT id, userrole, username FROM app_users WHERE BINARY username = ?");
|
|
| 27 |
+ $querysel->bind_param("s", $username);
|
|
| 28 |
+ $querysel->execute(); |
|
| 29 |
+ $confdatafromdb = $querysel->get_result()->fetch_assoc(); |
|
| 30 |
+ $cruserid = $confdatafromdb['id']; |
|
| 31 |
+ $cruserrole = $confdatafromdb['userrole']; |
|
| 32 |
+ |
|
| 33 |
+ // Check if the current video conference extension has been already introduced in the 'conferences_video' table |
|
| 34 |
+ $queryselck = $mysqli->prepare("SELECT id, video_conf_extension FROM conferences_video WHERE BINARY video_conf_extension = ?");
|
|
| 35 |
+ $queryselck->bind_param("s", $videoConfExtension);
|
|
| 36 |
+ $queryselck->execute(); |
|
| 37 |
+ $confdatafromdbck = $queryselck->get_result()->fetch_assoc(); |
|
| 38 |
+ |
|
| 39 |
+ $queryselckad = $mysqli->prepare("SELECT id, userid, video_conf_extension FROM conferences_video WHERE BINARY userid = ? AND video_conf_extension = ?");
|
|
| 40 |
+ $queryselckad->bind_param("is", $cruserid, $videoConfExtension);
|
|
| 41 |
+ $queryselckad->execute(); |
|
| 42 |
+ $confdatafromdbckad = $queryselckad->get_result()->fetch_assoc(); |
|
| 43 |
+ |
|
| 44 |
+ if ($cruserrole == 'superadmin') {
|
|
| 45 |
+ |
|
| 46 |
+ if ($confdatafromdbck) {
|
|
| 47 |
+ |
|
| 48 |
+ $updatequerysp = $mysqli->prepare("UPDATE conferences_video SET video_conf_label = ?, limit_to_groups = ? WHERE video_conf_extension = ?");
|
|
| 49 |
+ $updatequerysp->bind_param("sss", $videoConfTag, $limitToGroups, $videoConfExtension);
|
|
| 50 |
+ if ($updatequerysp->execute()) { $messagetosend = 'The data has been successfully saved to the database !'; } else { $messagetosend = 'Error while updating the data !'; }
|
|
| 51 |
+ |
|
| 52 |
+ } else {
|
|
| 53 |
+ |
|
| 54 |
+ $insertquerysp = $mysqli->prepare("INSERT INTO conferences_video (userid, video_conf_extension, video_conf_label, limit_to_groups) VALUES(?, ?, ?, ?)");
|
|
| 55 |
+ $insertquerysp->bind_param("isss", $cruserid, $videoConfExtension, $videoConfTag, $limitToGroups);
|
|
| 56 |
+ if ($insertquerysp->execute()) { $messagetosend = 'The data has been successfully saved to the database !'; } else { $messagetosend = 'Error while inserting the data !'; }
|
|
| 57 |
+ } |
|
| 58 |
+ |
|
| 59 |
+ } elseif ($cruserrole == 'admin') {
|
|
| 60 |
+ |
|
| 61 |
+ if ($confdatafromdbckad) {
|
|
| 62 |
+ |
|
| 63 |
+ $updatequery = $mysqli->prepare("UPDATE conferences_video SET video_conf_label = ?, limit_to_groups = ? WHERE userid = ? AND video_conf_extension = ?");
|
|
| 64 |
+ $updatequery->bind_param("ssis", $videoConfTag, $limitToGroups, $cruserid, $videoConfExtension);
|
|
| 65 |
+ if ($updatequery->execute()) { $messagetosend = 'The data has been successfully saved to the database !'; } else { $messagetosend = 'Error while updating the data !'; }
|
|
| 66 |
+ |
|
| 67 |
+ } elseif (!$confdatafromdbckad && !$confdatafromdbck) {
|
|
| 68 |
+ |
|
| 69 |
+ $insertquery = $mysqli->prepare("INSERT INTO conferences_video (userid, video_conf_extension, video_conf_label, limit_to_groups) VALUES(?, ?, ?, ?)");
|
|
| 70 |
+ $insertquery->bind_param("isss", $cruserid, $videoConfExtension, $videoConfTag, $limitToGroups);
|
|
| 71 |
+ if ($insertquery->execute()) { $messagetosend = 'The data has been successfully saved to the database !'; } else { $messagetosend = 'Error while inserting the data !'; }
|
|
| 72 |
+ |
|
| 73 |
+ } else { $messagetosend = "You are not allowed to change this conference data!"; }
|
|
| 74 |
+ |
|
| 75 |
+ } elseif ($cruserrole == 'regular_user') { $messagetosend = 'Only Admins and Superadmins can configure conferences.'; }
|
|
| 76 |
+ |
|
| 77 |
+ $response = array('result' => $messagetosend);
|
|
| 78 |
+ echo json_encode($response); |
|
| 79 |
+ |
|
| 80 |
+} else {
|
|
| 81 |
+ header("Location: ../login.php");
|
|
| 82 |
+} |
|
| 83 |
+ |
|
| 84 |
+?> |