Example #1
0
    header('Location: out.php?last_message=' . urlencode($last_message));
} elseif (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive') {
    //publishable=2 for archive deletion
    $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE publishable=2";
    $stmt = $pdo->prepare($query);
    $stmt->execute();
    $result = $stmt->fetchAll();
    $array_id = array();
    $i = 0;
    foreach ($result as $row) {
        $array_id[$i] = $row['id'];
        $i++;
    }
    $luserperm_obj = new UserPermission($_SESSION['uid'], $pdo);
    draw_header(msg('area_deleted_files'), $last_message);
    $page_url = e::h($_SERVER['PHP_SELF']) . '?mode=' . $_REQUEST['mode'];
    $user_obj = new User($_SESSION['uid'], $pdo);
    $userperms = new UserPermission($_SESSION['uid'], $pdo);
    $list_status = list_files($array_id, $userperms, $GLOBALS['CONFIG']['archiveDir'], true);
    if ($list_status != -1) {
        $GLOBALS['smarty']->assign('lmode', '');
        display_smarty_template('deleteview.tpl');
    }
} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Delete file(s)') {
    isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : '';
    foreach ($_REQUEST['checkbox'] as $value) {
        if (!pmt_delete($value)) {
            header('Location: error.php?ec=21');
            exit;
        }
    }
Example #2
0
         <table>
             <tr>
                 <th bgcolor ="#83a9f7"><font color="#FFFFFF"><?php 
    echo msg('adminpage_about_section_title');
    ?>
</font></th>
             </tr>
             <tr>
                 <td><b><?php 
    echo msg('adminpage_about_section_app_version') . ": " . e::h($GLOBALS['CONFIG']['current_version']);
    ?>
</b></td>
             </tr>
             <tr>
                 <td><b><?php 
    echo msg('adminpage_about_section_db_version') . ": " . e::h(Settings::get_db_version());
    ?>
</b></td>
             </tr>
             <tr>
                 <td>&nbsp;</td>
             </tr>
         </table>
     </td>
</tr>

    <?php 
}
?>

</table>
Example #3
0
 function udf_functions_search_options()
 {
     global $pdo;
     $query = "SELECT table_name,field_type,display_name FROM {$GLOBALS['CONFIG']['db_prefix']}udf ORDER BY id";
     $stmt = $pdo->prepare($query);
     $stmt->execute();
     $result = $stmt->fetchAll();
     foreach ($result as $row) {
         echo '<option value="' . e::h($row[2]) . '">' . e::h($row[2]) . '</option>';
     }
 }
Example #4
0
/**
 * Custom redirection handler
 * @param string $url the internal page to redirect them to
 */
function redirect_visitor($url = '')
{
    if ($url == '') {
        header('Location:index.php?redirection=' . urlencode(e::h($_SERVER['PHP_SELF']) . '?' . e::h($_SERVER['QUERY_STRING'])));
        exit;
    } else {
        // Lets make sure its not an outside URL
        if (!preg_match('#^(http|https|ftp)://#', $url)) {
            header('Location:' . htmlentities($url, ENT_QUOTES));
            exit;
        } else {
            header('Location:index.php');
            exit;
        }
    }
}
Example #5
0
        $salt = "abcdefghjkmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
        $i = 0;
        $randstring = '';
        while ($i <= 7) {
            $num = rand() % 63;
            $tmp = substr($salt, $num, 1);
            $randstring .= $tmp;
            $i++;
        }
        $reset_code = md5($randstring);
        // add the reset code to the database for this user
        $query = "\n          UPDATE\n            {$GLOBALS['CONFIG']['db_prefix']}user\n          SET\n            pw_reset_code = :reset_code\n          WHERE\n            id = :user_id\n        ";
        $stmt = $pdo->prepare($query);
        $stmt->execute(array(':reset_code' => $reset_code, ':user_id' => $user_id));
        // generate the link
        $resetLink = $GLOBALS['CONFIG']['base_url'] . '/forgot_password.php?username='******'&code=' . e::h($reset_code);
        $mail_headers = "From: " . $GLOBALS['CONFIG']['site_mail'] . PHP_EOL;
        $mail_headers .= "Content-Type: text/plain; charset=UTF-8" . PHP_EOL;
        $mail_body = msg('email_someone_has_requested_password') . PHP_EOL . PHP_EOL;
        $mail_body .= $resetLink . PHP_EOL . PHP_EOL;
        $mail_body .= msg('email_thank_you') . PHP_EOL . PHP_EOL;
        $mail_body .= msg('area_admin') . PHP_EOL . PHP_EOL;
        // send the email
        if ($GLOBALS['CONFIG']['demo'] == 'False') {
            mail($email, msg('area_reset_password'), $mail_body, $mail_headers);
        }
        $redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_an_email_has_been_sent'));
        header("Location: {$redirect}");
        exit;
    }
} else {
Example #6
0
 /**
  * @return bool
  */
 public function isArchived()
 {
     $query = "\n              SELECT\n                publishable\n              FROM\n                {$GLOBALS['CONFIG']['db_prefix']}{$this->TABLE_DATA}\n              WHERE\n                id = :id\n            ";
     $stmt = $this->connection->prepare($query);
     $stmt->execute(array(':id' => $this->id));
     $result = $stmt->fetchColumn();
     if ($stmt->rowCount() != 1) {
         echo 'DB error.  Unable to locate file id ' . e::h($this->id) . ' in table ' . $GLOBALS['CONFIG']['db_prefix'] . 'data.  Please contact ' . $GLOBALS['CONFIG']['site_mail'] . ' for help';
         exit;
     }
     return $result == 2;
 }
Example #7
0
<?php

use Aura\Html\Escaper as e;
?>

<p>
    Successfully deleted blog post
    titled "<?php 
echo e::h($this->blog->title);
?>
"
    by <?php 
echo e::h($this->blog->author);
?>
.
</p>
Example #8
0
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*/
// includes
include 'odm-load.php';
$last_message = isset($_REQUEST['last_message']) ? e::h($_REQUEST['last_message']) : '';
draw_header(msg('error'), $last_message);
if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) {
    switch ($_REQUEST['ec']) {
        // login failure
        case 0:
            $message = msg('message_there_was_an_error_loggin_you_in');
            break;
            // session problem
        // session problem
        case 1:
            $message = msg('message_session_error');
            break;
            // malformed variable/failed query
        // malformed variable/failed query
        case 2:
Example #9
0
 public function modify(Container $di)
 {
     Escaper::setStatic($di->get('aura/html:escaper'));
 }
Example #10
0
     $i++;
 }
 $department_select_options = array();
 for ($d = 0; $d < sizeof($all_departments); $d++) {
     $found = false;
     if (isset($department_reviewer)) {
         for ($r = 0; $r < sizeof($department_reviewer); $r++) {
             if ($all_departments[$d][0] == $department_reviewer[$r][0]) {
                 $department_select_options[] = '<option value="' . e::h($all_departments[$d][0]) . '" selected>' . e::h($all_departments[$d][1]) . '</option>';
                 $found = true;
                 $r = sizeof($department_reviewer);
             }
         }
     }
     if (!$found) {
         $department_select_options[] = '<option value="' . e::h($all_departments[$d][0]) . '">' . e::h($all_departments[$d][1]) . '</option>';
     }
 }
 $can_add = '';
 $can_checkin = '';
 if ($user_obj->can_add == 1) {
     $can_add = "checked";
 }
 if ($user_obj->can_checkin == 1) {
     $can_checkin = "checked";
 }
 $GLOBALS['smarty']->assign('user', $user_obj);
 $GLOBALS['smarty']->assign('mysql_auth', $GLOBALS["CONFIG"]["authen"] == 'mysql');
 $GLOBALS['smarty']->assign('mode', $mode);
 $GLOBALS['smarty']->assign('user_department', $user_obj->getDeptID());
 $GLOBALS['smarty']->assign('display_reviewer_row', $display_reviewer_row);
 /**
  *
  * Constructor.
  *
  * @param string $encoding The encoding for the escapers.
  *
  * @param int $flags The `htmlspecialchars()` flags for the escapers.
  *
  */
 public function __construct($encoding = null, $flags = null)
 {
     $escaper_factory = new EscaperFactory($encoding, $flags);
     $this->escaper = $escaper_factory->newInstance();
     Escaper::setStatic($this->escaper);
 }
 /**
  *
  * Returns a "void" tag (i.e., one with no body and no closing tag).
  *
  * @param string $tag The tag name.
  *
  * @param array $attr The attributes for the tag.
  *
  * @return string
  *
  */
 protected function void($tag, array $attr = array())
 {
     $attr = $this->escaper->attr($attr);
     $html = "<{$tag} {$attr} />";
     return $html;
 }
Example #13
0
File: Title.php Project: jnjxp/meta
 /**
  * getTitleString
  *
  * @return string
  *
  * @access public
  */
 public function getTitleString()
 {
     $sep = $this->titleSeparator;
     $raw = trim(implode($sep, [implode($sep, $this->titles), $this->siteTitle]), $sep);
     return $this->escaper->html($raw);
 }
Example #14
0
 /**
  *
  * Static escaping for JavaScript context.
  *
  * @param string $raw The raw string.
  *
  * @return string The escaped string.
  *
  */
 public static function j($raw)
 {
     return static::$escaper->js($raw);
 }
Example #15
0
        $result = $stmt->fetchAll();
        echo '<select id="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary" name="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary">';
        foreach ($result as $subrow) {
            echo '<option value="' . e::h($subrow[0]) . '">' . e::h($subrow[1]) . '</option>';
        }
        echo '</select>';
    }
}
if ($add_value == "edit") {
    $edit_tablename = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary';
    $white_listed = false;
    foreach ($udf_tables_names_result as $white_list) {
        if ($edit_tablename == $white_list['table_name']) {
            $white_listed = true;
        }
    }
    if ($white_list) {
        $stmt = $pdo->prepare("Select * FROM {$edit_tablename} WHERE pr_id = :q");
        $stmt->execute(array(':q' => $q));
        $result = $stmt->fetchAll();
        echo '<select id="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary" name="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary">';
        foreach ($result as $subrow) {
            echo '<option value="' . e::h($subrow[0]) . '">' . e::h($subrow[1]) . '</option>';
        }
        echo '</select>';
    }
}
?>
                    
    </tr>
</table>
Example #16
0
echo e::h(msg('label_file_name'));
?>
</th>
            <th><?php 
echo e::h(msg('label_fileid'));
?>
</th>
            <th><?php 
echo e::h(msg('label_username'));
?>
</th>
            <th class="sorting"><?php 
echo e::h(msg('label_action'));
?>
</th>
            <th class="sorting"><?php 
echo e::h(msg('label_date'));
?>
</th>
        </tr>
    </tfoot>
    <?php 
if ($this->form != '1') {
    ?>
</form>
    <?php 
}
?>
</table>
</div>
<br />
Example #17
0
                <td><b><?php 
    echo msg('choose');
    ?>
 <?php 
    echo msg('category');
    ?>
:</b></td>
                <td colspan="3"><select name="item">
                            <?php 
    // query to get a list of users
    $query = "SELECT id, name FROM {$GLOBALS['CONFIG']['db_prefix']}category ORDER BY name";
    $stmt = $pdo->prepare($query);
    $stmt->execute();
    $result = $stmt->fetchAll();
    foreach ($result as $row) {
        echo '<option value="' . e::h($row['id']) . '">' . e::h($row['name']) . '</option>';
    }
    ?>
                </td>

                <td align="center">
                    <div class="buttons">
                        <button class="positive" type="submit" name="submit" value="Update"><?php 
    echo msg('choose');
    ?>
</button>
                    </div>
                </td>
                <td align="center">
                    <div class="buttons">
                        <button class="negative cancel" type="submit" name="cancel" value="Cancel"><?php 
Example #18
0
 /**
  * @param  array              $data
  * @param  string             $strategy
  * @param  \Aura\Html\Escaper $escaper
  * @param  string             $encoding
  * @return array|string
  */
 private function escapeArray(array $data, $strategy, AuraHtmlEscaper $escaper, $encoding)
 {
     if ($strategy === 'attr') {
         return $escaper->attr($data);
     }
     array_walk($data, function (&$item) use($strategy, $encoding) {
         $item = $this->escape($item, $strategy, $encoding);
     });
     return $data;
 }
Example #19
0
function print_intro()
{
    include_once '../version.php';
    include_once '../Settings_class.php';
    $prefix = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix'];
    $db_version = Settings::get_db_version($prefix);
    $is_upgrade = $db_version != REQUIRED_VERSION;
    ?>
    <h3>Welcome to the OpenDocMan Database Installer/Updater Tool</h3>
</div>
<hr>
<table>
    <tr>
        <td><a href="../docs/opendocman.txt" target="#main">Installation Instructions (text)</a><br><br></td>
    </tr>
</table>

<table align="center">
    <tr>
        <td><strong>Please BACKUP all data and files before proceeding!</strong><br><br></td>
    </tr>
    <tr>
        <td>
            Please choose one from the following based on your current version.<br><br>
            Note: If you are updating and your current version # is lower than the newest upgrade listed below then you
            have database updates to perform. <br/><br/>
        </td>
    </tr>
    <?php 
    if ($db_version == 'Unknown') {
        ?>
        <tr>
            <td>New Installation (Will wipe any current data!)<br/><br/></td>
        </tr>
        <tr>
        <td>
            <a href="index.php?op=install" class="button" onclick="return confirm('Are you sure? This will modify the database you have configured in config.php. Only use this option for a FRESH INSTALL.')">
                Click HERE To set up database for v<?php 
        echo $GLOBALS['CONFIG']['current_version'];
        ?>
 release of OpenDocMan </a><br /><br />
        </td>
        <?php 
    } elseif ($is_upgrade) {
        ?>
        <tr>
            <td>Your current Database schema version: <strong><?php 
        echo e::h($db_version);
        ?>
</strong><br/><br/>
                Required Database schema version: <?php 
        echo REQUIRED_VERSION;
        ?>
<br/><br />
            </td>
        </tr>
        <tr>
            <td>Upgrade your current database from a previous version<br/><br/></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_129">Upgrade from DB schema version 1.2.9</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_128">Upgrade from DB schema version 1.2.8</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_1263">Upgrade from DB schema version 1.2.6.3</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_1262">Upgrade from DB schema version 1.2.6.2</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_1261">Upgrade from DB schema version 1.2.6.1</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_1257">Upgrade from DB schema version 1.2.5.7</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_1256">Upgrade from DB schema version 1.2.5.6</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_1252">Upgrade from DB schema version 1.2.5.2</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_124">Upgrade from DB schema version 1.2.4</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_12p3">Upgrade from DB schema version 1.2p3</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_12p1">Upgrade from DB schema version 1.2p1</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_12rc1">Upgrade from DB schema version 1.2rc(x)</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_11">Upgrade from DB schema version 1.1</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_11rc2">Upgrade from DB schema version 1.1rc2</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_11rc1">Upgrade from DB schema version 1.1rc1</a><br><br></td>
        </tr>
        <tr>
            <td><a href="index.php?op=update_10">Upgrade from DB schema version 1.0</a><br><br></td>
        </tr>
        <?php 
    } else {
        ?>
        <tr>
            <td>
                Nothing to update<br><br>
                Click <a href="../index.php">HERE</a> to login<br>
            </td>
        </tr>
        <?php 
    }
    ?>
</table>
<?php 
}
Example #20
0
if ($user_obj->isAdmin()) {
    $reviewIdCount = sizeof($user_obj->getAllRevieweeIds());
} elseif ($user_obj->isReviewer()) {
    $reviewIdCount = sizeof($user_obj->getRevieweeIds());
} else {
    $reviewIdCount = 0;
}
if ($reviewIdCount > 0) {
    echo '<img src="images/exclamation.gif" /> <a href="toBePublished.php?state=1">' . msg('message_documents_waiting') . '</a>: ' . e::h($reviewIdCount) . '</a><br />';
}
$rejected_files_obj = $user_obj->getRejectedFileIds();
if (isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) {
    echo '<img src="images/exclamation_red.gif" /> <a href="rejects.php?state=1">' . msg('message_documents_rejected') . '</a>: ' . sizeof($rejected_files_obj) . '<br />';
}
$llen = $user_obj->getNumExpiredFiles();
if ($llen > 0) {
    echo '<img src="images/exclamation_red.gif"><a href="javascript:window.location=\'search.php?submit=submit&sort_by=id&where=author_locked_files&sort_order=asc&keyword=-1&exact_phrase=on\'">' . msg('message_documents_expired') . ': ' . e::h($llen) . '</a><br />';
}
// get a list of documents the user has "view" permission for
// get current user's information-->department
//set values
$user_perms = new UserPermission($_SESSION['uid'], $pdo);
//$start_P = getmicrotime();
$file_id_array = $user_perms->getViewableFileIds(true);
//$end_P = getmicrotime();
list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'], false);
draw_footer();
//Fb::log('<br> <b> Load Page Time: ' . (getmicrotime() - $start_time) . ' </b>');
//echo '<br> <b> Load Permission Time: ' . ($end_P - $start_P) . ' </b>';
//echo '<br> <b> Load Sort Time: ' . ($lsort_e - $lsort_b) . ' </b>';
//echo '<br> <b> Load Table Time: ' . ($llist_e - $llist_b) . ' </b>';
Example #21
0
<?php

use Aura\Html\Escaper as e;
?>

<div class="blog-intro">
    <h2><?php 
echo e::h($blog->title);
?>
</h2>
    <p class="byline"><?php 
echo e::h($blog->author);
?>
</p>
    <?php 
echo e::h($blog->intro);
?>
    <p><?php 
echo $this->a("/blog/read/{$blog->id}", 'Read More ...');
?>
</p>
</div>
Example #22
0
         * Send out email notifications to reviewers
         */
        $file_obj = new FileData($id, $pdo);
        $get_full_name = $user_obj->getFullName();
        $full_name = $get_full_name[0] . ' ' . $get_full_name[1];
        $department = $file_obj->getDepartment();
        $reviewer_obj = new Reviewer($id, $pdo);
        $reviewer_list = $reviewer_obj->getReviewersForDepartment($department);
        $date = date('Y-m-d H:i:s T');
        // Build email for general notices
        $mail_subject = msg('checkinpage_file_was_checked_in');
        $mail_body2 = msg('checkinpage_file_was_checked_in') . PHP_EOL;
        $mail_body2 .= msg('label_filename') . ':  ' . $file_obj->getName() . PHP_EOL;
        $mail_body2 .= msg('label_status') . ': ' . msg('addpage_new') . PHP_EOL;
        $mail_body2 .= msg('date') . ': ' . $date . PHP_EOL . PHP_EOL;
        $mail_body2 .= msg('addpage_uploader') . ': ' . e::h($full_name) . PHP_EOL . PHP_EOL;
        $mail_body2 .= msg('email_thank_you') . ',' . PHP_EOL . PHP_EOL;
        $mail_body2 .= msg('email_automated_document_messenger') . PHP_EOL . PHP_EOL;
        $mail_body2 .= $GLOBALS['CONFIG']['base_url'] . PHP_EOL . PHP_EOL;
        $email_obj = new Email();
        $email_obj->setFullName($full_name);
        $email_obj->setSubject($mail_subject);
        $email_obj->setFrom($full_name . ' <' . $user_obj->getEmailAddress() . '>');
        $email_obj->setRecipients($reviewer_list);
        $email_obj->setBody($mail_body2);
        $email_obj->sendEmail();
        // clean up and back to main page
        $last_message = msg('message_document_checked_in');
        header('Location: out.php?last_message=' . urlencode($last_message));
    }
}
Example #23
0
$file_under_review = $file_data_obj->isPublishable() == -1 ? true : false;
$to_value = isset($reviewer_comments_fields[0]) ? substr($reviewer_comments_fields[0], 3) : '';
$subject_value = isset($reviewer_comments_fields[1]) ? substr($reviewer_comments_fields[1], 8) : '';
$comments_value = isset($reviewer_comments_fields[2]) ? substr($reviewer_comments_fields[2], 9) : '';
$file_detail_array = array('file_unlocked' => $file_unlocked, 'to_value' => $to_value, 'subject_value' => $subject_value, 'comments_value' => $comments_value, 'realname' => $real_name, 'category' => $category, 'filesize' => $file_size, 'created' => fix_date($created), 'owner_email' => $user_obj->getEmailAddress(), 'owner' => $owner_last_first, 'owner_fullname' => $owner_first_last, 'description' => wordwrap($description, 50, '<br />'), 'comment' => wordwrap($comment, 50, '<br />'), 'udf_details_display' => udf_details_display($request_id), 'revision' => $revision, 'file_under_review' => $file_under_review, 'reviewer' => $reviewer, 'status' => $status);
if ($status > 0) {
    // status != 0 -> file checked out to another user. status = uid of the check-out person
    // query to find out who...
    $checkout_person_obj = $file_data_obj->getCheckerOBJ();
    $full_name = $checkout_person_obj->getFullName();
    $GLOBALS['smarty']->assign('checkout_person_full_name', $full_name);
    $GLOBALS['smarty']->assign('checkout_person_email', $checkout_person_obj->getEmailAddress());
}
// Can they Read?
if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->READ_RIGHT) {
    $view_link = 'view_file.php?id=' . e::h($full_requestId) . '&state=' . ($state + 1);
    $GLOBALS['smarty']->assign('view_link', $view_link);
}
// Lets figure out which buttons to show
if ($status == 0 || $status == -1 && $file_data_obj->isOwner($_SESSION['uid'])) {
    // check if user has modify rights
    $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']);
    if ($user_perms->getAuthority($request_id, $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
        // if so, display link for checkout
        $check_out_link = "check-out.php?id={$request_id}" . '&state=' . ($state + 1) . '&access_right=modify';
        $GLOBALS['smarty']->assign('check_out_link', $check_out_link);
    }
    if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
        // if user is also the owner of the file AND file is not checked out
        // additional actions are available
        $edit_link = "edit.php?id={$request_id}&state=" . ($state + 1);
Example #24
0
        $first_name = $row['first_name'];
        $realname = $row['realname'];
        $created = $row['created'];
        $description = $row['description'];
        $status = $row['status'];
        // correction
        if ($description == '') {
            $description = msg('message_no_information_available');
        }
        $filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat';
        // display list
        $highlighted_color = '#bdf9b6';
        echo '<tr valign="middle" bgcolor="' . $row_color . '" onmouseover="this.style.backgroundColor=\'' . $highlighted_color . '\';" onmouseout="this.style.backgroundColor=\'' . $row_color . '\';">';
        echo '<td class="listtable"><div class="buttons"><a href="check-in.php?id=' . e::h($id) . '&amp;state=' . e::h($_REQUEST['state'] + 1) . '" class="regular"><img src="images/import-2.png" alt="checkin"/>' . msg('button_check_in') . '</a></div>';
        echo '</td>';
        echo '<td class="listtable">' . e::h($realname) . '</td>';
        echo '<td class="listtable">' . e::h($description) . '</td>';
        echo '<td class="listtable">' . fix_date(e::h($created)) . '</td> ';
        echo '<td class="listtable">' . e::h($last_name) . ', ' . e::h($first_name) . '</td> ';
        echo '<td class="listtable">' . display_filesize(e::h($filename)) . '</td> ';
        echo '</tr>';
        if ($row_color == "#FCFCFC") {
            $row_color = "#E3E7F9";
        } else {
            $row_color = "#FCFCFC";
        }
    }
    // clean up
    echo '</table>';
}
draw_footer();
Example #25
0
            echo '<td align=center><font size="-1"> <a href="details.php?id=' . e::h($id) . '_' . e::h($revision) . '&state=' . e::h($_REQUEST['state']) . '"><div class="revision">' . e::h($revision + 1) . '</div></a>' . e::h($extra_message);
        } else {
            echo '<td><font size="-1">' . e::h($revision) . e::h($extra_message);
        }
        ?>
                    </font></td>
                    <td><font size="-1"><?php 
        echo fix_date($modified_on);
        ?>
</font></td>
                    <td><font size="-1"><?php 
        echo e::h($last_name) . ', ' . e::h($first_name);
        ?>
</font></td>
                    <td><font size="-1"><?php 
        echo e::h($note);
        ?>
</font></td>
            </tr>
<?php 
    }
    // clean up
    ?>
	</table>
</td>
</tr>

</table>
<?php 
    // Call the plugin API
    callPluginMethod('onAfterHistory', $datafile->getId());
Example #26
0
    $count++;
}
// Notify owner
if ($GLOBALS['CONFIG']['file_expired_action'] != 4) {
    $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days') . ';';
    $user_obj = new user($root_id, $pdo);
    $date = date("D F d Y");
    $time = date("h:i A");
    $get_full_name = $user_obj->getFullName();
    $full_name = $get_full_name[0] . ' ' . $get_full_name[1];
    $mail_from = $full_name . ' <' . $user_obj->getEmailAddress() . '>';
    $mail_headers = "From: {$mail_from}";
    $mail_subject = msg('email_subject_review_status');
    $mail_greeting = msg('email_greeting') . ":" . PHP_EOL . "\t" . msg('email_i_would_like_to_inform');
    $mail_body = msg('email_was_declined_for_publishing_at') . ' ' . $time . ' on ' . $date . ' ' . msg('email_because_you_did_not_revise') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days');
    $mail_salute = PHP_EOL . PHP_EOL . msg('email_salute') . "," . PHP_EOL . e::h($full_name);
    foreach ($data_result as $row) {
        $file_obj = new FileData($row['id'], $pdo);
        $user_obj = new User($file_obj->getOwner(), $pdo);
        $mail_to = $user_obj->getEmailAddress();
        if ($GLOBALS['CONFIG']['demo'] == 'False') {
            mail($mail_to, $mail_subject . $file_obj->getName(), $mail_greeting . $file_obj->getName() . ' ' . $mail_body . $mail_salute, $mail_headers);
        }
    }
}
//do not show file
if ($GLOBALS['CONFIG']['file_expired_action'] == 1) {
    $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days');
    foreach ($data_result as $row) {
        $file_obj = new FileData($row['id'], $pdo);
        $file_obj->Publishable(-1);