Ejemplo n.º 1
0
<?php

include_once "include_db.php";
include_once "include_functions.php";
checkUserSessionandCookie();
$username = $_SESSION["uname"];
$target_path = "./attachments/" . $_SESSION["subdomain"] . "/";
$attachId = $_GET["attachId"];
$query = mysql_query("select workid, uploadname, filesize, filecontent from attachments where Id='{$attachId}'") or die("Invalid query: " . mysql_error());
if (@mysql_num_rows($query) == 0) {
    exit;
}
while ($row = @mysql_fetch_array($query)) {
    extract($row);
}
// $workid, $uploadname, filesize, filecontent
if (checkPermissions_canUserViewTask($username, $workid) == false) {
    exit;
}
$output = hex2bin($filecontent);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $uploadname . '"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header("Content-Length: " . strlen($output));
echo $output;
exit;
Ejemplo n.º 2
0
         $COMMENTLOGMESSAGE .= "\n Included Attachments";
         $attachments = mysql_query("select diskfilename, uploadname from attachments where workid='{$workid}' ");
         while ($row = mysql_fetch_assoc($attachments)) {
             $email->AddAttachment(APP_INSTALLPATH . 'attachments/' . $_SESSION["subdomain"] . '/' . $row['diskfilename'], $row['uploadname']);
         }
     }
     $email->send();
     $manageWorks->addComment($workid, APPNAME, $COMMENTLOGMESSAGE);
     send_Action_Response('Success', "Details emailed !");
     exit;
     break;
 case 'AddComment':
     $comment = htmlentities($_POST['newComment']);
     $workid = get_POST_var('workid');
     $notifyAssigned = get_POST_var('notifyAssigned');
     if (!checkPermissions_canUserViewTask($USERNAME, $workid)) {
         send_Action_Response('Fail', 'insufficient privilege !');
         return;
     }
     $manageWorks = new manageWorks();
     $manageWorks->addComment($workid, $USERNAME, $comment);
     if ($notifyAssigned == 'Y') {
         $ThisWorkDetails = $manageWorks->get_workDetails($workid);
         $userassigned = $ThisWorkDetails['work_userAssigned'];
         $userOwner = $ThisWorkDetails['work_addedBy'];
         $work_briefDesc = $ThisWorkDetails['work_briefDesc'];
         $OtherPerson = $USERNAME == $userassigned ? $userOwner : $userassigned;
         $tmp_notify_subject = "[#DE] new comment by {$USERNAME} on  '{$work_briefDesc}' ";
         $tmp_notify_body = " <BR> New Comment :<BR> <B> {$comment} </B>\n\t\t\t\t\t\t\t\t<BR> -------------------------------------------\n\t\t\t\t\t\t\t\t<BR> Quick link to task : http://{$_SESSION['subdomain']}.discreteevents.com/taskdetails.php?taskid={$workid} ";
         NotifyEventEmail($OtherPerson, $USERNAME, $tmp_notify_subject, $tmp_notify_body);
     }