}
}
}
/* Send out Notifications to all users on distribution
* Use the Bcc feature of COM_mail (added June/2009)
* To send to complete distribution as one email and not loop thru distribution sending individual emails
*/
$lastuser = 0;
$type = 5;
// Notification message type - Broadcast message
$sql = "SELECT file.title,file.cid,file.submitter,category.name FROM " . "{$_TABLES['nxfile_files']} file, {$_TABLES['nxfile_categories']} category " . "WHERE file.cid=category.cid and file.fid={$fid}";
$query = DB_query($sql);
list($filename, $cid, $submitter, $catname) = DB_fetchARRAY($query);
foreach ($target_users as $target_uid) {
// Check that user has view access to this folder
if ($target_uid != $lastuser and fm_getPermission($cid, 'view')) {
$query = DB_query("SELECT username,email FROM {$_TABLES['users']} WHERE uid={$target_uid}");
list($username, $email) = DB_fetchArray($query);
if (!empty($email)) {
$distribution[] = $email;
$sql = "INSERT INTO {$_TABLES['nxfile_notificationlog']} (target_uid,submitter_uid,notification_type,fid,cid,datetime) " . "VALUES ({$target_uid},{$_USER['uid']},{$type},{$fid},{$cid},UNIX_TIMESTAMP() )";
DB_query($sql);
}
$lastuser = $target_uid;
}
}
$subject = "{$_CONF['site_name']} - {$LANG_FM10[$type]['SUBJECT']}";
$message .= "\n\n";
$message .= sprintf($LANG_FM10[$type]['LINE1'], $filename, $catname, "{$_CONF['site_url']}/nexfile/index.php?cid={$cid}");
$message .= $LANG_FM10[$type]['LINE2'];
if (fm_sendEmail($distribution, $subject, $message)) {
/**
* Returns a formatted listbox of categories user has access
* First checks for View access so that delegated admin can be just for sub-categories
*
* @param string|array $perms Single perm 'admin' or array of permissions as required by fm_getPermission()
* @param int $selected Will make this item the selected item in the listbox
* @param string $cid Parent category to start at and then recursively check
* @param string $level Used by this function as it calls itself to control the ident formatting
* @param string $selectlist Used by this function to be able to append to the formatted select list
* @param string $restricted Used if you do not want to show this categories subfolders
* @return string Return a formatted HTML Select listbox of categories
*/
function nexdoc_recursiveAccessOptions($perms, $selected = '', $cid = '0', $level = '1', $selectlist = '', $restricted = '')
{
global $_TABLES, $LANG_FM02;
if (empty($selectlist) and $level == 1) {
if (SEC_hasRights('nexfile.admin')) {
$selectlist = '<option value="0">' . $LANG_FM02['TOP_CAT'] . '</option>' . LB;
}
}
$query = DB_QUERY("SELECT cid,pid,name FROM {$_TABLES['nxfile_categories']} WHERE PID='{$cid}' ORDER BY CID");
while (list($cid, $pid, $name, $description) = DB_fetchARRAY($query)) {
$indent = ' ';
// Check if user has access to this category
if ($cid != $restricted and fm_getPermission($cid, 'view')) {
// Check and see if this category has any sub categories - where a category record has this cid as it's parent
if (DB_COUNT($_TABLES['nxfile_categories'], 'pid', $cid) > 0) {
if ($level > 1) {
for ($i = 2; $i <= $level; $i++) {
$indent .= "--";
}
$indent .= ' ';
}
if (fm_getPermission($cid, $perms)) {
if ($indent != '') {
$name = " {$name}";
}
$selectlist .= '<option value="' . $cid;
if ($cid == $selected) {
$selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB;
} else {
$selectlist .= '">' . $indent . $name . '</option>' . LB;
}
$selectlist = nexdoc_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $selectlist, $restricted);
} elseif ($perms == 'admin') {
// Need to check for any folders with admin even subfolders of parents that user does not have access
$selectlist = nexdoc_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $selectlist, $restricted);
}
} else {
if ($level > 1) {
for ($i = 2; $i <= $level; $i++) {
$indent .= "--";
}
$indent .= ' ';
}
if (fm_getPermission($cid, $perms)) {
if ($indent != '') {
$name = " {$name}";
}
$selectlist .= '<option value="' . $cid;
if ($cid == $selected) {
$selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB;
} else {
$selectlist .= '">' . $indent . $name . '</option>' . LB;
}
}
}
}
}
return $selectlist;
}
while (!feof($fp)) {
$data = fread($fp, $_FMCONF['download_chunk_rate']);
echo $data;
}
exit;
} else {
COM_errorLog("MIME type for file {$filename} ({$fid}) could not be determined");
}
} elseif ($_GET['op'] == "chksubmission") {
if (!DB_count($_TABLES['nxfile_files'], 'fid', $fid)) {
echo COM_refresh($_CONF['site_url'] . '?msg=1&plugin=nexfile');
exit;
}
$cid = DB_getItem($_TABLES['nxfile_files'], "cid", "fid={$fid}");
// make sure user has access
if (!fm_getPermission($cid, 'admin')) {
echo COM_siteHeader();
echo COM_startBlock('Access Denied');
echo 'You do not have access rights to this file. Your attempt has been logged.';
echo COM_endBlock();
echo COM_siteFooter();
}
if (DB_count($_TABLES['nxfile_filesubmissions'], 'id', $fid) > 0) {
include_once $_CONF['path_system'] . 'classes/downloader.class.php';
$query = DB_query("SELECT cid,ftype,fname,tempname FROM {$_TABLES['nxfile_filesubmissions']} WHERE id={$fid}");
list($cid, $ftype, $fname, $tname) = DB_fetchARRAY($query);
$directory = $_FMCONF['storage_path'] . $cid . '/submissions/';
$logfile = $_CONF['path'] . 'logs/error.log';
if ($ftype == "file") {
$pos = strrpos($tname, '.') + 1;
$ext = strtolower(substr($tname, $pos));
$cid = 0;
}
}
$op = strtolower($_CLEAN['char']['op']);
$alertMsg = '';
if ($_USER['uid'] < 2) {
$uid = 0;
$alertMsg = 'You are not logged in';
} else {
$uid = $_USER['uid'];
}
if (!($file = @fopen($_FMCONF['storage_path'] . 'test.txt', 'w'))) {
$alertMsg = "Unable to write to the file storage area: {$_FMCONF['storage_path']}";
}
if ($op == 'downloadfolder') {
if ($cid > 0 and fm_getPermission($cid, 'view')) {
include 'lib-archive.php';
nexdoc_createArchiveFromFolder($cid);
} else {
COM_errorLog('Archive failed - invalid category or user does not have view access');
}
}
echo COM_siteHeader('none');
$tpl = new Template($_CONF['path_layout'] . 'nexfile');
$tpl->set_file(array('page' => 'page.thtml', 'header' => 'filelisting_header.thtml', 'toolbar' => 'toolbar.thtml', 'newfolderlink' => 'newfolder_link.thtml', 'newfilelink' => 'newfile_link.thtml', 'newfilediv' => 'newfile_div.thtml', 'newfolderdiv' => 'newfolder_div.thtml', 'movefilesdiv' => 'movefiles_div.thtml', 'movequeuefile' => 'movefile_div.thtml', 'broadcast' => 'broadcast_div.thtml', 'filedetails' => 'filedetails.thtml', 'subfolder' => 'filelisting_subfolder_record.thtml', 'emptyfolder' => 'filelisting_emptyfolder.thtml', 'filelisting_rec' => 'filelisting_record.thtml', 'tag_link' => 'taglink_record.thtml', 'tag_rec' => 'tagdesc_record.thtml', 'tagsearch_rec' => 'tagsearchlink.thtml', 'tagcloud_rec' => 'tagcloud_record.thtml', 'folderlisting_rec' => 'leftnav_folder_record.thtml', 'movefolder' => 'folder_onhover_move.thtml'));
$tpl->set_var('site_url', $_CONF['site_url']);
$tpl->set_var('layout_url', $_CONF['layout_url']);
$tpl->set_var('action_url', $actionurl);
$tpl->set_var('ajax_server_url', "{$_CONF['site_url']}/nexfile/ajax/server.php");
$tpl->set_var('actionurl_dir', "{$_CONF['site_url']}/nexfile");
$tpl->set_var('imgset', "{$_CONF['layout_url']}/nexfile/images");
function gf_showattachments($topic, $mode = '')
{
global $_TABLES, $_CONF, $CONF_FORUM, $_FM_TABLES;
$retval = '';
$sql = "SELECT id,repository_id,filename FROM {$_TABLES['gf_attachments']} WHERE topic_id={$topic} ";
if ($mode != 'edit') {
$sql .= "AND show_inline=0 ";
}
$sql .= "ORDER BY id";
$query = DB_query($sql);
$i = 1;
while (list($id, $lid, $field_value) = DB_fetchArray($query)) {
$retval .= '<div class="forum_attachment">';
if ($mode == 'edit') {
$retval .= ' ' . $i . ' ';
}
$filename = explode(':', $field_value);
// Check and see if the file is in the File Mgmt plugin and if user has access
if ($CONF_FORUM['filestorage_plugin'] == 'filemgmt' and $lid > 0) {
$groupsql = filemgmt_buildAccessSql();
$sql = "SELECT COUNT(*) FROM {$_FM_TABLES['filemgmt_filedetail']} a ";
$sql .= "LEFT JOIN {$_FM_TABLES['filemgmt_cat']} b ON a.cid=b.cid ";
$sql .= "WHERE a.lid='{$lid}' {$groupsql}";
list($testaccess_cnt) = DB_fetchArray(DB_query($sql));
} elseif ($CONF_FORUM['filestorage_plugin'] == 'nexfile' and $lid > 0) {
$cid = DB_getItem($_TABLES['nxfile_files'], 'cid', "fid={$lid}");
if (fm_getPermission($cid, 'view')) {
$testaccess_cnt = 1;
} else {
$testaccess_cnt = 0;
}
}
if ($lid > 0 and $testaccess_cnt == 0) {
$retval .= "<img src=\"{$CONF_FORUM['imgset']}/document_sm.gif\" border=\"0\">Insufficent Access";
} elseif (!empty($field_value)) {
$retval .= "<img src=\"{$CONF_FORUM['imgset']}/document_sm.gif\" border=\"0\">";
$retval .= "<a href=\"{$_CONF['site_url']}/forum/getattachment.php?id={$id}\" target=\"_new\">";
$retval .= "{$filename[1]}</a> ";
if ($mode == 'edit') {
$retval .= "<a href=\"#\" onClick='ajaxDeleteFile({$topic},{$id});'>";
$retval .= "<img src=\"{$CONF_FORUM['imgset']}/delete.gif\" border=\"0\"></a>";
}
} else {
$retval .= 'N/A ';
}
$retval .= '</div>';
$i++;
}
return $retval;
}
function nexdoc_archiveAddFolder($zip, $folder, $files = false, $zipfolder = '')
{
global $_CONF, $_TABLES, $_FMCONF, $_USER;
if (!fm_getPermission($folder, 'view')) {
COM_errorLog("User: {$_USER['uid']} does not have view access to the folder: {$folder}");
return '';
}
$filesAdded = array();
if ($files) {
$fileitems = implode(',', $files);
}
$foldername = DB_getItem($_TABLES['nxfile_categories'], 'name', "cid={$folder}");
if ($zipfolder != '') {
$zipfoldername = $zipfolder . $foldername . '/';
} else {
$zipfoldername = $foldername . '/';
}
$sql = "SELECT cid,fid,fname FROM {$_TABLES['nxfile_files']} ";
$sql .= "WHERE cid={$folder} ";
if (!empty($fileitems)) {
$sql .= "AND fid in ({$fileitems})";
}
$query = DB_query($sql);
if (DB_numRows($query) > 0) {
// COM_errorLog("Adding zip folder ($folder): $foldername");
$zip->addEmptyDir($zipfoldername);
while ($A = DB_fetchArray($query)) {
$sourcefile = "{$_FMCONF['storage_path']}{$folder}/{$A['fname']}";
if (file_exists($sourcefile)) {
// COM_errorLog("$i: Adding file $sourcefile > $zipfoldername . $fname");
// COM_errorLog("$i: Adding file ({$A['fid']}): {$zipfoldername}{$A['fname']}");
$zip->addFile($sourcefile, $zipfoldername . $A['fname']);
$filesAdded[] = $A['fid'];
}
}
}
return $filesAdded;
}
