accred/ajax/data/arrays.php

<?php
// Load the auth module, this will redirect us to login if we aren't already logged in.
   include '../../../inc/auth.php';
   $Auth = new modAuth();
   // Load the graph class so we can get user info
   include '../../../inc/graph.php';
   $Graph = new modGraph();
   $uInfo = $Graph->getProfile();

  session_start();
        ini_set('display_errors', 0);
        ini_set('display_startup_errors', 0);
        error_reporting(E_ALL & ~E_NOTICE );
  // Returns data to display list of entries to authenticated user

  $uid = $_SESSION['uid'];
  $uid = $uInfo->id;
//  if(!$uid) {
 //   die("User not authenticated!");
 // }
  try {
   $cfg = include($_SERVER['DOCUMENT_ROOT'].'/accred_config.php');
  }
  catch(Exception $e) {
     die("Unable to load configuration file!");
  }
  $aid = $_GET['aid'];
  $isAdmin = $uInfo->userPrincipalName==$cfg['admin']; 


  $mysqli = new mysqli($cfg['host'], $cfg['user'],$cfg['pass'], $cfg['name']);
  if ($mysqli->connect_errno) {
    echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
  }
  // Retrieve list of entries

  $query = "SELECT * from submissions";
  if($aid) {
	$sel[] = "ID=$aid";
  }
  if (!$isAdmin ) {
	$sel[] = "UID='$uid'";
  }
  if(count($sel)>0) {
    $query .= ' WHERE ';
    foreach($sel as $one) {
	$query .= $one .' AND ';
    }
    $query = substr($query, 0, -5);
  } 
  $query .= ' ORDER BY ID';
  // file_put_contents('/tmp/zut',$query);
  if ($result = $mysqli->query($query)) {

    /* fetch associative array */
    while ($row = $result->fetch_assoc()) {
        // printf ("%s (%s)\n", $row["Name"], $row["formdata"]);
        $ser = $row['formdata'];
        $seru = unserialize($ser);
	$one = array('mid' => $row["ID"],
          'stat' => $row['status'],
          'maj' => $row['modified'],
	  'crea' => $row['created']
        );
        foreach($seru as $key=>$val) {
         $one[$key] = $val;
        }
	$one['name'] = $row["name"];
	if($one['name'] != $row["reqname"]) {
		$one['name'] .= ' / ' . $row['reqname'];
	}
         $obj['data'][] = $one;
    }

    /* free result set */
    $result->free();
  } 

  /* close connection */
  $mysqli->close();
  if(!$obj)  {
echo '{
    "sEcho": 1,
    "iTotalRecords": "0",
    "iTotalDisplayRecords": "0",
    "aaData": []
}';
die();
}
  echo json_encode($obj);
?>