if ($peer_id == $critiquer) { $editor_inputs = "<input type='hidden' name='critique_id' value='{$critique_id}'/>" . "<input type='hidden' name='doc_id' value='{$doc_id}'/>\n" . "\t<button type='submit' name='delete_critique' value='{$critique_id}' onClick='return delete_crit({$critique_id})'>Delete</button>\n" . "\n\t<button type='submit' onClick='javascript:invoke_editor({$critique_id},{$doc_id},\"edit\")'>Edit</button>\n"; } else { $editor_inputs = ''; } $form_head = "\n<form id='delete_edit_form{$critique_id}' method='get' action='{$PHP_SELF}'>\n"; $legend_head = "<legend>Critique {$critique_id} by {$roepnaam} {$voorvoegsel} {$achternaam} ({$critiquer})</legend>\n" . $editor_inputs . "\n"; $history_link = $history_count > 0 ? "<a href='critique_history.php?critique_id={$critique_id}' target='_blank'>{$edit_time}</a>" : "{$edit_time}"; $critiqueList .= "\n{$div_head}\n" . "{$form_head}\n" . "<fieldset>\n" . "{$legend_head}\n" . " <table class='layout' summary='critiquer data'>\n" . "<!--<tr><td>Critique id</td><th align='left'>{$critique_id}</th></tr>\n" . "<tr><td>Critiquer</td><th align='left'>{$roepnaam} {$voorvoegsel} {$achternaam} ({$critiquer})</th></tr> -->" . " <tr><td>Group</td><th align='left'>{$critiquer_grp}({$afko} {$year} ) </th></tr>" . "<tr><td>Critique time</td><th align='left'>{$critique_time}</th></tr>" . "<tr><td>Last edit</td><th align='left'>{$history_link}</th></tr>" . "</table>\n" . "{$critique_text}" . "</fieldset>\n</form>\n</div>"; $resultSet->moveNext(); } $critiqueList .= "<!-- end critiqueList-->"; } } $pp['critiqueList'] = $critiqueList; if (authorized_document($critiquer, $doc_id)) { $fragment = 'templates/upload_critique.html'; } else { $fragment = 'templates/upload_critique_noaccess.html'; } $page->addHtmlFragment($fragment, $pp); $page->addHeadText(' <script type="text/javascript"> function bye(){ opener.focus(); opener.location.href="$referer?doc_id=$doc_id"; opener.location.reload(); self.close(); } function delete_crit( crit ) { var Check = confirm("Do you want to delete this qritique?");
<?php /* $Id: downloader.php 1723 2014-01-03 08:34:59Z hom $ */ //session_start(); include_once './peerlib/peerutils.inc'; require_once './peerlib/validators.inc'; require_once 'document_access.inc'; require_once 'tutorhelper.inc'; $doc_id = 1; $debug = 0; extract($_SESSION); $fname = ''; if (isset($_REQUEST['doc_id'])) { $doc_id = validate($_REQUEST['doc_id'], 'doc_id', $doc_id); if (authorized_document($snummer, $doc_id)) { $sql = "select rel_file_path,trim( both ' ' from mime_type_long) as mime_type from uploads where upload_id={$doc_id}"; $resultSet = $dbConn->Execute($sql); if ($resultSet === false) { die('cannot get project data:' . $dbConn->ErrorMsg() . ' with ' . $sql); } if (!$resultSet->EOF) { extract($resultSet->fields); $name = $upload_path_prefix . '/' . $rel_file_path; $filename = join('_', explode(' ', basename($name))); if ($debug == 1) { echo "{$name}<br/>{$mimetype} </br>{$filename}<br/>\n"; } // open the file in a binary mode $fp = @fopen($name, 'r'); $fname = $rel_file_path; if ($fp != false) {