Skip to content

Commit

Permalink
Fix Ticket Export problem
Browse files Browse the repository at this point in the history 
Fix forbidden error after re submit form
  • Loading branch information
Philippe GODOT committed Jun 20, 2024
1 parent 1c415c0 commit 23db972
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 54 deletions.
15 changes: 8 additions & 7 deletions front/rgpdtools.form.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,20 +27,23 @@
* ---------------------------------------------------------------------
*/


define('GLPI_USE_CSRF_CHECK', false);
include('../../../inc/includes.php');

if (!Session::haveRight('user', PURGE)) {
Html::header(__('RgpdTools', 'rgpdtools'), $_SERVER['PHP_SELF'], 'tools', 'rgpdtools');
echo '<h4 class="alert-title">'. __('Access denied', 'glpi') .'</h4>';
Html::footer();
} else {
$_POST['_glpi_csrf_token'] = Session::getNewCSRFToken();
$PluginRgpdtoolsRgpdtools = new PluginRgpdtoolsRgpdtools();

if (isset($_REQUEST['generate'])) {
if ($PluginRgpdtoolsRgpdtools::generateExport($_POST)) {
Session::addMessageAfterRedirect(__('Export successfully generated.', 'rgpdtools'), true);
}
//Html::back();
Html::back();
}

if (isset($_REQUEST['deleteItems'])) {
Expand Down Expand Up @@ -70,10 +73,8 @@
}

// standard form
if (!isset($_REQUEST['generate'])) {
Html::header(__('RgpdTools', 'rgpdtools'), $_SERVER['PHP_SELF'], 'tools', 'rgpdtools');
$PluginRgpdtoolsRgpdtools = new PluginRgpdtoolsRgpdtools();
$PluginRgpdtoolsRgpdtools->getFormsForCompleteForm();
Html::footer();
}
Html::header(__('RgpdTools', 'rgpdtools'), $_SERVER['PHP_SELF'], 'tools', 'rgpdtools');
$PluginRgpdtoolsRgpdtools = new PluginRgpdtoolsRgpdtools();
$PluginRgpdtoolsRgpdtools->getFormsForCompleteForm();
Html::footer();
}
93 changes: 46 additions & 47 deletions inc/rgpdtools.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -517,26 +517,54 @@ private static function getAllUsedItemsForUser($ID, $itemTypes) {
if (!($item = getItemForItemtype($itemtype))) {
continue;
}
if ($item->canView() && !in_array($itemtype, ['Ticket'])) {
if ($item->canView()) {
$itemtable = getTableForItemType($itemtype);

$query = "SELECT *
FROM `$itemtable`
WHERE `users_id` = '$ID'";
if (in_array($itemtype, ['Ticket'])) {
$tickets = $DB->request(
[
'SELECT' => ['t.*'],
'DISTINCT' => true,
'FROM' => Ticket::getTable() . ' AS t',
'INNER JOIN' => [
Ticket_User::getTable() => [
'FKEY' => [
't' => 'id',
Ticket_User::getTable() => 'tickets_id'
]
]
],
'WHERE' => [
'OR' => [
'users_id_recipient' => $ID,
'users_id' => $ID
],
],
'ORDER' => 'date'
]
);
foreach ($tickets as $data) {
$items['Ticket'][] = $data;
}
} else {
$query = "SELECT *
FROM `$itemtable`
WHERE `users_id` = '$ID'";

if ($item->maybeTemplate()) {
$query .= " AND `is_template` = '0' ";
}
if ($item->maybeDeleted()) {
$query .= " AND `is_deleted` = '0' ";
}
$result = $DB->query($query);
if ($item->maybeTemplate()) {
$query .= " AND `is_template` = '0' ";
}
if ($item->maybeDeleted()) {
$query .= " AND `is_deleted` = '0' ";
}
$result = $DB->query($query);

$type_name = $item->getTypeName();
$type_name = $item->getTypeName();

if ($DB->numrows($result) > 0) {
while ($data = $DB->fetchAssoc($result)) {
$items[$itemtype][] = $data;
if ($DB->numrows($result) > 0) {
while ($data = $DB->fetchAssoc($result)) {
$items[$itemtype][] = $data;
}
}
}
}
Expand Down Expand Up @@ -565,35 +593,6 @@ private static function getAllUsedItemsForUser($ID, $itemTypes) {
$items['ConsumableItem'][] = $data;
}

// Tickets
if ($itemtype == 'Ticket') {
$tickets = $DB->request(
[
'SELECT' => ['t.*'],
'DISTINCT' => true,
'FROM' => Ticket::getTable() . ' AS t',
'INNER JOIN' => [
Ticket_User::getTable() => [
'FKEY' => [
't' => 'id',
Ticket_User::getTable() => 'tickets_id'
]
]
],
'WHERE' => [
'OR' => [
'users_id_recipient' => $ID,
'users_id' => $ID
],
],
'ORDER' => 'date'
]
);
foreach ($tickets as $data) {
$items['Ticket'][] = $data;
}
}

// getComputersIDs
$computersIds = [];
if (array_key_exists('Computer', $items) && count($items['Computer'])) {
Expand Down Expand Up @@ -703,8 +702,7 @@ private static function unlinkUserAssociateElementsToDate($userID, $className, $

global $DB;
$className = str_replace(['ItilFollowup'], ['ITILFollowup'], $className);



if (!class_exists($className)) {
$errorMessage = sprintf(
__('The class %1$s can\'t be instanciate because not finded on GLPI.', 'rgpdtools'),
Expand Down Expand Up @@ -751,7 +749,7 @@ private static function unlinkUserAssociateElementsToDate($userID, $className, $
}
foreach ($queriesUpdate as $queryDelete) {
$resultDelete = $DB->query($queryDelete);
if($resultDelete){
if ($resultDelete) {
$rowcountResult = $DB->query("SELECT ROW_COUNT() as DelRowCount");
$row = $DB->fetchAssoc($rowcountResult);
$nbUnlinkedElmts += $row['DelRowCount'];
Expand All @@ -763,6 +761,7 @@ private static function unlinkUserAssociateElementsToDate($userID, $className, $

private static function deleteDocumentsToDate($userID, $className, $retentionPeriod, $allUser = false) {
global $DB;
$className = str_replace(['ItilFollowup'], ['ITILFollowup'], $className);
if (!class_exists($className)) {
$errorMessage = sprintf(
__('The class %1$s can\'t be instanciate because not finded on GLPI.', 'rgpdtools'),
Expand Down

0 comments on commit 23db972

Please sign in to comment.