- ws users/groups/perms returns int instead of strings for ids

- fix ws permissions getList (sometimes got objects sometimes arrays)
- users_list data table uses POST (avoid extra lengthy urls)

git-svn-id: http://piwigo.org/svn/trunk@25545 68402e56-0260-453c-a942-63ccdbb3a9ee

admin/themes/default/template/user_list.tpl

@@ -205,7 +205,7 @@ jQuery(document).ready(function() {
           userDetails += '<br><select multiple class="chzn-select" style="width:340px;" name="group_id[]">';
           jQuery("#action select[name=associate] option").each(function() {
             var selected = '';
-            if (user.groups.indexOf(jQuery(this).val()) != -1) {
+            if (user.groups.indexOf( parseInt(jQuery(this).val()) ) != -1) {
               selected = ' selected="selected"';
             }
             userDetails += '<option value="'+jQuery(this).val()+'"'+selected+'>'+jQuery(this).html()+'</option>';
@@ -553,6 +553,7 @@ jQuery(document).ready(function() {
     "bDeferRender": true,
     "bProcessing": true,
     "bServerSide": true,
+		"sServerMethod": "POST",
     "sAjaxSource": "admin/user_list_backend.php",
     "oLanguage": {
       "sProcessing": "{/literal}{'Loading...'|translate|escape:'javascript'}{literal}",

admin/user_list_backend.php

@@ -28,25 +28,25 @@ $sTable = USERS_TABLE.' INNER JOIN '.USER_INFOS_TABLE.' AS ui ON id = ui.user_id
  * Paging
  */
 $sLimit = "";
-if ( isset( $_GET['iDisplayStart'] ) && $_GET['iDisplayLength'] != '-1' )
+if ( isset( $_REQUEST['iDisplayStart'] ) && $_REQUEST['iDisplayLength'] != '-1' )
 {
-  $sLimit = "LIMIT ".pwg_db_real_escape_string( $_GET['iDisplayStart'] ).", ".
-    pwg_db_real_escape_string( $_GET['iDisplayLength'] );
+  $sLimit = "LIMIT ".pwg_db_real_escape_string( $_REQUEST['iDisplayStart'] ).", ".
+    pwg_db_real_escape_string( $_REQUEST['iDisplayLength'] );
 }
 	
 	
 /*
  * Ordering
  */
-if ( isset( $_GET['iSortCol_0'] ) )
+if ( isset( $_REQUEST['iSortCol_0'] ) )
 {
   $sOrder = "ORDER BY  ";
-  for ( $i=0 ; $i<intval( $_GET['iSortingCols'] ) ; $i++ )
+  for ( $i=0 ; $i<intval( $_REQUEST['iSortingCols'] ) ; $i++ )
   {
-    if ( $_GET[ 'bSortable_'.intval($_GET['iSortCol_'.$i]) ] == "true" )
+    if ( $_REQUEST[ 'bSortable_'.intval($_REQUEST['iSortCol_'.$i]) ] == "true" )
     {
-      $sOrder .= $aColumns[ intval( $_GET['iSortCol_'.$i] ) ]."
-				 	".pwg_db_real_escape_string( $_GET['sSortDir_'.$i] ) .", ";
+      $sOrder .= $aColumns[ intval( $_REQUEST['iSortCol_'.$i] ) ]."
+				 	".pwg_db_real_escape_string( $_REQUEST['sSortDir_'.$i] ) .", ";
     }
   }
 		
@@ -65,12 +65,12 @@ if ( isset( $_GET['iSortCol_0'] ) )
  * on very large tables, and MySQL's regex functionality is very limited
  */
 $sWhere = "";
-if ( $_GET['sSearch'] != "" )
+if ( $_REQUEST['sSearch'] != "" )
 {
   $sWhere = "WHERE (";
   for ( $i=0 ; $i<count($aColumns) ; $i++ )
   {
-    $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string( $_GET['sSearch'] )."%' OR ";
+    $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string( $_REQUEST['sSearch'] )."%' OR ";
   }
   $sWhere = substr_replace( $sWhere, "", -3 );
   $sWhere .= ')';
@@ -79,7 +79,7 @@ if ( $_GET['sSearch'] != "" )
 /* Individual column filtering */
 for ( $i=0 ; $i<count($aColumns) ; $i++ )
 {
-  if ( $_GET['bSearchable_'.$i] == "true" && $_GET['sSearch_'.$i] != '' )
+  if ( $_REQUEST['bSearchable_'.$i] == "true" && $_REQUEST['sSearch_'.$i] != '' )
   {
     if ( $sWhere == "" )
     {
@@ -89,7 +89,7 @@ for ( $i=0 ; $i<count($aColumns) ; $i++ )
     {
       $sWhere .= " AND ";
     }
-    $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string($_GET['sSearch_'.$i])."%' ";
+    $sWhere .= $aColumns[$i]." LIKE '%".pwg_db_real_escape_string($_REQUEST['sSearch_'.$i])."%' ";
   }
 }
 	
@@ -129,7 +129,7 @@ $iTotal = $aResultTotal[0];
  * Output
  */
 $output = array(
-  "sEcho" => intval($_GET['sEcho']),
+  "sEcho" => intval($_REQUEST['sEcho']),
   "iTotalRecords" => $iTotal,
   "iTotalDisplayRecords" => $iFilteredTotal,
   "aaData" => array()

include/ws_functions/pwg.permissions.php

@@ -57,9 +57,9 @@ SELECT user_id, cat_id
   {
     if (!isset($perms[ $row['cat_id'] ]))
     {
-      $perms[ $row['cat_id'] ]['id'] = $row['cat_id'];
+      $perms[ $row['cat_id'] ]['id'] = intval($row['cat_id']);
     }
-    $perms[ $row['cat_id'] ]['users'][] = $row['user_id'];
+    $perms[ $row['cat_id'] ]['users'][] = intval($row['user_id']);
   }
 
   // indirect users
@@ -76,9 +76,9 @@ SELECT ug.user_id, ga.cat_id
   {
     if (!isset($perms[ $row['cat_id'] ]))
     {
-      $perms[ $row['cat_id'] ]['id'] = $row['cat_id'];
+      $perms[ $row['cat_id'] ]['id'] = intval($row['cat_id']);
     }
-    $perms[ $row['cat_id'] ]['users_indirect'][] = $row['user_id'];
+    $perms[ $row['cat_id'] ]['users_indirect'][] = intval($row['user_id']);
   }
 
   // groups
@@ -93,9 +93,9 @@ SELECT group_id, cat_id
   {
     if (!isset($perms[ $row['cat_id'] ]))
     {
-      $perms[ $row['cat_id'] ]['id'] = $row['cat_id'];
+      $perms[ $row['cat_id'] ]['id'] = intval($row['cat_id']);
     }
-    $perms[ $row['cat_id'] ]['groups'][] = $row['group_id'];
+    $perms[ $row['cat_id'] ]['groups'][] = intval($row['group_id']);
   }
 
   // filter by group and user
@@ -120,9 +120,9 @@ SELECT group_id, cat_id
       }
     }
 
-    $cat['groups'] = !empty($cat['groups']) ? array_unique($cat['groups']) : array();
-    $cat['users'] = !empty($cat['users']) ? array_unique($cat['users']) : array();
-    $cat['users_indirect'] = !empty($cat['users_indirect']) ? array_unique($cat['users_indirect']) : array();
+    $cat['groups'] = !empty($cat['groups']) ? array_values(array_unique($cat['groups'])) : array();
+    $cat['users'] = !empty($cat['users']) ? array_values(array_unique($cat['users'])) : array();
+    $cat['users_indirect'] = !empty($cat['users_indirect']) ? array_values(array_unique($cat['users_indirect'])) : array();
   }
   unset($cat);
 

include/ws_functions/pwg.users.php

@@ -167,7 +167,13 @@ SELECT DISTINCT ';
   OFFSET '. ($params['per_page']*$params['page']) .'
 ;';
 
-  $users = hash_from_query($query, 'id');
+  $users = array();
+  $result = pwg_query($query);
+  while ($row = pwg_db_fetch_assoc($result))
+  {
+    $row['id'] = intval($row['id']);
+    $users[ $row['id'] ] = $row;
+  }
 
   if (count($users) > 0)
   {
@@ -182,7 +188,7 @@ SELECT user_id, group_id
       
       while ($row = pwg_db_fetch_assoc($result))
       {
-        $users[ $row['user_id'] ]['groups'][] = $row['group_id'];
+        $users[ $row['user_id'] ]['groups'][] = intval($row['group_id']);
       }
     }