<?php include_once "include_db.php"; include_once "include_functions.php"; checkUserSessionandCookie(); $username = $_SESSION["uname"]; $target_path = "./attachments/" . $_SESSION["subdomain"] . "/"; $attachId = $_GET["attachId"]; $query = mysql_query("select workid, uploadname, filesize, filecontent from attachments where Id='{$attachId}'") or die("Invalid query: " . mysql_error()); if (@mysql_num_rows($query) == 0) { exit; } while ($row = @mysql_fetch_array($query)) { extract($row); } // $workid, $uploadname, filesize, filecontent if (checkPermissions_canUserViewTask($username, $workid) == false) { exit; } $output = hex2bin($filecontent); header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $uploadname . '"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header("Content-Length: " . strlen($output)); echo $output; exit;
$COMMENTLOGMESSAGE .= "\n Included Attachments"; $attachments = mysql_query("select diskfilename, uploadname from attachments where workid='{$workid}' "); while ($row = mysql_fetch_assoc($attachments)) { $email->AddAttachment(APP_INSTALLPATH . 'attachments/' . $_SESSION["subdomain"] . '/' . $row['diskfilename'], $row['uploadname']); } } $email->send(); $manageWorks->addComment($workid, APPNAME, $COMMENTLOGMESSAGE); send_Action_Response('Success', "Details emailed !"); exit; break; case 'AddComment': $comment = htmlentities($_POST['newComment']); $workid = get_POST_var('workid'); $notifyAssigned = get_POST_var('notifyAssigned'); if (!checkPermissions_canUserViewTask($USERNAME, $workid)) { send_Action_Response('Fail', 'insufficient privilege !'); return; } $manageWorks = new manageWorks(); $manageWorks->addComment($workid, $USERNAME, $comment); if ($notifyAssigned == 'Y') { $ThisWorkDetails = $manageWorks->get_workDetails($workid); $userassigned = $ThisWorkDetails['work_userAssigned']; $userOwner = $ThisWorkDetails['work_addedBy']; $work_briefDesc = $ThisWorkDetails['work_briefDesc']; $OtherPerson = $USERNAME == $userassigned ? $userOwner : $userassigned; $tmp_notify_subject = "[#DE] new comment by {$USERNAME} on '{$work_briefDesc}' "; $tmp_notify_body = " <BR> New Comment :<BR> <B> {$comment} </B>\n\t\t\t\t\t\t\t\t<BR> -------------------------------------------\n\t\t\t\t\t\t\t\t<BR> Quick link to task : http://{$_SESSION['subdomain']}.discreteevents.com/taskdetails.php?taskid={$workid} "; NotifyEventEmail($OtherPerson, $USERNAME, $tmp_notify_subject, $tmp_notify_body); }