aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2013-11-18 05:03:00 +0000
committerrvelices <rv-github@modusoptimus.com>2013-11-18 05:03:00 +0000
commit77261474451422594d42d4327c62fc448776afbf (patch)
tree147722e59b894490f9af3f62df926e7683287a1d /admin
parent6078216e689995c5926a4f2e4b1051b7d06316c7 (diff)
- ws users/groups/perms returns int instead of strings for ids
- fix ws permissions getList (sometimes got objects sometimes arrays) - users_list data table uses POST (avoid extra lengthy urls) git-svn-id: http://piwigo.org/svn/trunk@25545 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin')
-rw-r--r--admin/themes/default/template/user_list.tpl3
-rw-r--r--admin/user_list_backend.php26
2 files changed, 15 insertions, 14 deletions
diff --git a/admin/themes/default/template/user_list.tpl b/admin/themes/default/template/user_list.tpl
index 1f86c2a83..eb6570ef6 100644
--- a/admin/themes/default/template/user_list.tpl
+++ b/admin/themes/default/template/user_list.tpl
@@ -205,7 +205,7 @@ jQuery(document).ready(function() {
userDetails += '<br><select multiple class="chzn-select" style="width:340px;" name="group_id[]">';
jQuery("#action select[name=associate] option").each(function() {
var selected = '';
- if (user.groups.indexOf(jQuery(this).val()) != -1) {
+ if (user.groups.indexOf( parseInt(jQuery(this).val()) ) != -1) {
selected = ' selected="selected"';
}
userDetails += '<option value="'+jQuery(this).val()+'"'+selected+'>'+jQuery(this).html()+'</option>';
@@ -553,6 +553,7 @@ jQuery(document).ready(function() {
"bDeferRender": true,
"bProcessing": true,
"bServerSide": true,
+ "sServerMethod": "POST",
"sAjaxSource": "admin/user_list_backend.php",
"oLanguage": {
"sProcessing": "{/literal}{'Loading...'|translate|escape:'javascript'}{literal}",
diff --git a/admin/user_list_backend.php b/admin/user_list_backend.php
index 1a2509c6a..8bafde6df 100644
--- a/admin/user_list_backend.php
+++ b/admin/user_list_backend.php
@@ -28,25 +28,25 @@ $sTable = USERS_TABLE.' INNER JOIN '.USER_INFOS_TABLE.' AS ui ON id = ui.user_id
* Paging
*/
$sLimit = "";
-if ( isset( $_GET['iDisplayStart'] ) && $_GET['iDisplayLength'] != '-1' )
+if ( isset( $_REQUEST['iDisplayStart'] ) && $_REQUEST['iDisplayLength'] != '-1' )
{
- $sLimit = "LIMIT ".pwg_db_real_escape_string( $_GET['iDisplayStart'] ).", ".
- pwg_db_real_escape_string( $_GET['iDisplayLength'] );
+ $sLimit = "LIMIT ".pwg_db_real_escape_string( $_REQUEST['iDisplayStart'] ).", ".
+ pwg_db_real_escape_string( $_REQUEST['iDisplayLength'] );
}
/*
* Ordering
*/
-if ( isset( $_GET['iSortCol_0'] ) )
+if ( isset( $_REQUEST['iSortCol_0'] ) )
{
$sOrder = "ORDER BY ";
- for ( $i=0 ; $i<intval( $_GET['iSortingCols'] ) ; $i++ )
+ for ( $i=0 ; $i<intval( $_REQUEST['iSortingCols'] ) ; $i++ )
{
- if ( $_GET[ 'bSortable_'.intval($_GET['iSortCol_'.$i]) ] == "true" )
+ if ( $_REQUEST[ 'bSortable_'.intval($_REQUEST['iSortCol_'.$i]) ] == "true" )
{
- $sOrder .= $aColumns[ intval( $_GET['iSortCol_'.$i] ) ]."
- ".pwg_db_real_escape_string( $_GET['sSortDir_'.$i] ) .", ";
+ $sOrder .= $aColumns[ intval( $_REQUEST['iSortCol_'.$i] ) ]."
+ ".pwg_db_real_escape_string( $_REQUEST['sSortDir_'.$i] ) .", ";
}
}
@@ -65,12 +65,12 @@ if ( isset( $_GET['iSortCol_0'] ) )
* on very large tables, and MySQL's regex functionality is very limited
*/
$sWhere = "";
-if ( $_GET['sSearch'] != "" )
+if ( $_REQUEST['sSearch'] != "" )
{
$sWhere = "WHERE (";
for ( $i=0 ; $i<count($aColumns) ; $i++ )
{
- $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string( $_GET['sSearch'] )."%' OR ";
+ $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string( $_REQUEST['sSearch'] )."%' OR ";
}
$sWhere = substr_replace( $sWhere, "", -3 );
$sWhere .= ')';
@@ -79,7 +79,7 @@ if ( $_GET['sSearch'] != "" )
/* Individual column filtering */
for ( $i=0 ; $i<count($aColumns) ; $i++ )
{
- if ( $_GET['bSearchable_'.$i] == "true" && $_GET['sSearch_'.$i] != '' )
+ if ( $_REQUEST['bSearchable_'.$i] == "true" && $_REQUEST['sSearch_'.$i] != '' )
{
if ( $sWhere == "" )
{
@@ -89,7 +89,7 @@ for ( $i=0 ; $i<count($aColumns) ; $i++ )
{
$sWhere .= " AND ";
}
- $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string($_GET['sSearch_'.$i])."%' ";
+ $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string($_REQUEST['sSearch_'.$i])."%' ";
}
}
@@ -129,7 +129,7 @@ $iTotal = $aResultTotal[0];
* Output
*/
$output = array(
- "sEcho" => intval($_GET['sEcho']),
+ "sEcho" => intval($_REQUEST['sEcho']),
"iTotalRecords" => $iTotal,
"iTotalDisplayRecords" => $iFilteredTotal,
"aaData" => array()