1<?php
2/**
3 * AJAX call handler for ACL plugin
4 *
5 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
6 * @author     Andreas Gohr <andi@splitbrain.org>
7 */
8
9//fix for Opera XMLHttpRequests
10if(!count($_POST) && $HTTP_RAW_POST_DATA){
11  parse_str($HTTP_RAW_POST_DATA, $_POST);
12}
13
14if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../../');
15require_once(DOKU_INC.'inc/init.php');
16//close session
17session_write_close();
18
19//if(!auth_isadmin()) die('for admins only');
20if(!checkSecurityToken()) die('CRSF Attack');
21
22$ID    = getID();
23
24$acl = plugin_load('admin','autlogin');
25$acl->handle();
26$ajax = $_REQUEST['ajax'];
27header('Content-Type: text/html; charset=utf-8');
28
29if($ajax == 'tree'){
30    global $conf;
31    global $ID;
32
33    $dir = $conf['datadir'];
34    $ns  = $_REQUEST['ns'];
35    if($ns == '*'){
36        $ns ='';
37    }
38    $ns  = cleanID($ns);
39    $lvl = count(explode(':',$ns));
40    $ns  = utf8_encodeFN(str_replace(':','/',$ns));
41
42    $data = $acl->_get_tree($ns,$ns);
43
44    foreach($data as $item){
45        $item['level'] = $lvl+1;
46        echo $acl->_html_li_acl($item);
47        echo '<div class="li">';
48        echo $acl->_html_list_acl($item);
49        echo '</div>';
50        echo '</li>';
51    }
52}
53
54