header('Location: out.php?last_message=' . urlencode($last_message)); } elseif (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive') { //publishable=2 for archive deletion $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE publishable=2"; $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); $array_id = array(); $i = 0; foreach ($result as $row) { $array_id[$i] = $row['id']; $i++; } $luserperm_obj = new UserPermission($_SESSION['uid'], $pdo); draw_header(msg('area_deleted_files'), $last_message); $page_url = e::h($_SERVER['PHP_SELF']) . '?mode=' . $_REQUEST['mode']; $user_obj = new User($_SESSION['uid'], $pdo); $userperms = new UserPermission($_SESSION['uid'], $pdo); $list_status = list_files($array_id, $userperms, $GLOBALS['CONFIG']['archiveDir'], true); if ($list_status != -1) { $GLOBALS['smarty']->assign('lmode', ''); display_smarty_template('deleteview.tpl'); } } elseif (isset($_POST['submit']) && $_POST['submit'] == 'Delete file(s)') { isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : ''; foreach ($_REQUEST['checkbox'] as $value) { if (!pmt_delete($value)) { header('Location: error.php?ec=21'); exit; } }
<table> <tr> <th bgcolor ="#83a9f7"><font color="#FFFFFF"><?php echo msg('adminpage_about_section_title'); ?> </font></th> </tr> <tr> <td><b><?php echo msg('adminpage_about_section_app_version') . ": " . e::h($GLOBALS['CONFIG']['current_version']); ?> </b></td> </tr> <tr> <td><b><?php echo msg('adminpage_about_section_db_version') . ": " . e::h(Settings::get_db_version()); ?> </b></td> </tr> <tr> <td> </td> </tr> </table> </td> </tr> <?php } ?> </table>
function udf_functions_search_options() { global $pdo; $query = "SELECT table_name,field_type,display_name FROM {$GLOBALS['CONFIG']['db_prefix']}udf ORDER BY id"; $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); foreach ($result as $row) { echo '<option value="' . e::h($row[2]) . '">' . e::h($row[2]) . '</option>'; } }
/** * Custom redirection handler * @param string $url the internal page to redirect them to */ function redirect_visitor($url = '') { if ($url == '') { header('Location:index.php?redirection=' . urlencode(e::h($_SERVER['PHP_SELF']) . '?' . e::h($_SERVER['QUERY_STRING']))); exit; } else { // Lets make sure its not an outside URL if (!preg_match('#^(http|https|ftp)://#', $url)) { header('Location:' . htmlentities($url, ENT_QUOTES)); exit; } else { header('Location:index.php'); exit; } } }
$salt = "abcdefghjkmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789"; $i = 0; $randstring = ''; while ($i <= 7) { $num = rand() % 63; $tmp = substr($salt, $num, 1); $randstring .= $tmp; $i++; } $reset_code = md5($randstring); // add the reset code to the database for this user $query = "\n UPDATE\n {$GLOBALS['CONFIG']['db_prefix']}user\n SET\n pw_reset_code = :reset_code\n WHERE\n id = :user_id\n "; $stmt = $pdo->prepare($query); $stmt->execute(array(':reset_code' => $reset_code, ':user_id' => $user_id)); // generate the link $resetLink = $GLOBALS['CONFIG']['base_url'] . '/forgot_password.php?username='******'&code=' . e::h($reset_code); $mail_headers = "From: " . $GLOBALS['CONFIG']['site_mail'] . PHP_EOL; $mail_headers .= "Content-Type: text/plain; charset=UTF-8" . PHP_EOL; $mail_body = msg('email_someone_has_requested_password') . PHP_EOL . PHP_EOL; $mail_body .= $resetLink . PHP_EOL . PHP_EOL; $mail_body .= msg('email_thank_you') . PHP_EOL . PHP_EOL; $mail_body .= msg('area_admin') . PHP_EOL . PHP_EOL; // send the email if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($email, msg('area_reset_password'), $mail_body, $mail_headers); } $redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_an_email_has_been_sent')); header("Location: {$redirect}"); exit; } } else {
/** * @return bool */ public function isArchived() { $query = "\n SELECT\n publishable\n FROM\n {$GLOBALS['CONFIG']['db_prefix']}{$this->TABLE_DATA}\n WHERE\n id = :id\n "; $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); if ($stmt->rowCount() != 1) { echo 'DB error. Unable to locate file id ' . e::h($this->id) . ' in table ' . $GLOBALS['CONFIG']['db_prefix'] . 'data. Please contact ' . $GLOBALS['CONFIG']['site_mail'] . ' for help'; exit; } return $result == 2; }
<?php use Aura\Html\Escaper as e; ?> <p> Successfully deleted blog post titled "<?php echo e::h($this->blog->title); ?> " by <?php echo e::h($this->blog->author); ?> . </p>
modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ // includes include 'odm-load.php'; $last_message = isset($_REQUEST['last_message']) ? e::h($_REQUEST['last_message']) : ''; draw_header(msg('error'), $last_message); if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) { switch ($_REQUEST['ec']) { // login failure case 0: $message = msg('message_there_was_an_error_loggin_you_in'); break; // session problem // session problem case 1: $message = msg('message_session_error'); break; // malformed variable/failed query // malformed variable/failed query case 2:
public function modify(Container $di) { Escaper::setStatic($di->get('aura/html:escaper')); }
$i++; } $department_select_options = array(); for ($d = 0; $d < sizeof($all_departments); $d++) { $found = false; if (isset($department_reviewer)) { for ($r = 0; $r < sizeof($department_reviewer); $r++) { if ($all_departments[$d][0] == $department_reviewer[$r][0]) { $department_select_options[] = '<option value="' . e::h($all_departments[$d][0]) . '" selected>' . e::h($all_departments[$d][1]) . '</option>'; $found = true; $r = sizeof($department_reviewer); } } } if (!$found) { $department_select_options[] = '<option value="' . e::h($all_departments[$d][0]) . '">' . e::h($all_departments[$d][1]) . '</option>'; } } $can_add = ''; $can_checkin = ''; if ($user_obj->can_add == 1) { $can_add = "checked"; } if ($user_obj->can_checkin == 1) { $can_checkin = "checked"; } $GLOBALS['smarty']->assign('user', $user_obj); $GLOBALS['smarty']->assign('mysql_auth', $GLOBALS["CONFIG"]["authen"] == 'mysql'); $GLOBALS['smarty']->assign('mode', $mode); $GLOBALS['smarty']->assign('user_department', $user_obj->getDeptID()); $GLOBALS['smarty']->assign('display_reviewer_row', $display_reviewer_row);
/** * * Constructor. * * @param string $encoding The encoding for the escapers. * * @param int $flags The `htmlspecialchars()` flags for the escapers. * */ public function __construct($encoding = null, $flags = null) { $escaper_factory = new EscaperFactory($encoding, $flags); $this->escaper = $escaper_factory->newInstance(); Escaper::setStatic($this->escaper); }
/** * * Returns a "void" tag (i.e., one with no body and no closing tag). * * @param string $tag The tag name. * * @param array $attr The attributes for the tag. * * @return string * */ protected function void($tag, array $attr = array()) { $attr = $this->escaper->attr($attr); $html = "<{$tag} {$attr} />"; return $html; }
/** * getTitleString * * @return string * * @access public */ public function getTitleString() { $sep = $this->titleSeparator; $raw = trim(implode($sep, [implode($sep, $this->titles), $this->siteTitle]), $sep); return $this->escaper->html($raw); }
/** * * Static escaping for JavaScript context. * * @param string $raw The raw string. * * @return string The escaped string. * */ public static function j($raw) { return static::$escaper->js($raw); }
$result = $stmt->fetchAll(); echo '<select id="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary" name="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary">'; foreach ($result as $subrow) { echo '<option value="' . e::h($subrow[0]) . '">' . e::h($subrow[1]) . '</option>'; } echo '</select>'; } } if ($add_value == "edit") { $edit_tablename = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary'; $white_listed = false; foreach ($udf_tables_names_result as $white_list) { if ($edit_tablename == $white_list['table_name']) { $white_listed = true; } } if ($white_list) { $stmt = $pdo->prepare("Select * FROM {$edit_tablename} WHERE pr_id = :q"); $stmt->execute(array(':q' => $q)); $result = $stmt->fetchAll(); echo '<select id="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary" name="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary">'; foreach ($result as $subrow) { echo '<option value="' . e::h($subrow[0]) . '">' . e::h($subrow[1]) . '</option>'; } echo '</select>'; } } ?> </tr> </table>
echo e::h(msg('label_file_name')); ?> </th> <th><?php echo e::h(msg('label_fileid')); ?> </th> <th><?php echo e::h(msg('label_username')); ?> </th> <th class="sorting"><?php echo e::h(msg('label_action')); ?> </th> <th class="sorting"><?php echo e::h(msg('label_date')); ?> </th> </tr> </tfoot> <?php if ($this->form != '1') { ?> </form> <?php } ?> </table> </div> <br />
<td><b><?php echo msg('choose'); ?> <?php echo msg('category'); ?> :</b></td> <td colspan="3"><select name="item"> <?php // query to get a list of users $query = "SELECT id, name FROM {$GLOBALS['CONFIG']['db_prefix']}category ORDER BY name"; $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); foreach ($result as $row) { echo '<option value="' . e::h($row['id']) . '">' . e::h($row['name']) . '</option>'; } ?> </td> <td align="center"> <div class="buttons"> <button class="positive" type="submit" name="submit" value="Update"><?php echo msg('choose'); ?> </button> </div> </td> <td align="center"> <div class="buttons"> <button class="negative cancel" type="submit" name="cancel" value="Cancel"><?php
/** * @param array $data * @param string $strategy * @param \Aura\Html\Escaper $escaper * @param string $encoding * @return array|string */ private function escapeArray(array $data, $strategy, AuraHtmlEscaper $escaper, $encoding) { if ($strategy === 'attr') { return $escaper->attr($data); } array_walk($data, function (&$item) use($strategy, $encoding) { $item = $this->escape($item, $strategy, $encoding); }); return $data; }
function print_intro() { include_once '../version.php'; include_once '../Settings_class.php'; $prefix = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix']; $db_version = Settings::get_db_version($prefix); $is_upgrade = $db_version != REQUIRED_VERSION; ?> <h3>Welcome to the OpenDocMan Database Installer/Updater Tool</h3> </div> <hr> <table> <tr> <td><a href="../docs/opendocman.txt" target="#main">Installation Instructions (text)</a><br><br></td> </tr> </table> <table align="center"> <tr> <td><strong>Please BACKUP all data and files before proceeding!</strong><br><br></td> </tr> <tr> <td> Please choose one from the following based on your current version.<br><br> Note: If you are updating and your current version # is lower than the newest upgrade listed below then you have database updates to perform. <br/><br/> </td> </tr> <?php if ($db_version == 'Unknown') { ?> <tr> <td>New Installation (Will wipe any current data!)<br/><br/></td> </tr> <tr> <td> <a href="index.php?op=install" class="button" onclick="return confirm('Are you sure? This will modify the database you have configured in config.php. Only use this option for a FRESH INSTALL.')"> Click HERE To set up database for v<?php echo $GLOBALS['CONFIG']['current_version']; ?> release of OpenDocMan </a><br /><br /> </td> <?php } elseif ($is_upgrade) { ?> <tr> <td>Your current Database schema version: <strong><?php echo e::h($db_version); ?> </strong><br/><br/> Required Database schema version: <?php echo REQUIRED_VERSION; ?> <br/><br /> </td> </tr> <tr> <td>Upgrade your current database from a previous version<br/><br/></td> </tr> <tr> <td><a href="index.php?op=update_129">Upgrade from DB schema version 1.2.9</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_128">Upgrade from DB schema version 1.2.8</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_1263">Upgrade from DB schema version 1.2.6.3</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_1262">Upgrade from DB schema version 1.2.6.2</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_1261">Upgrade from DB schema version 1.2.6.1</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_1257">Upgrade from DB schema version 1.2.5.7</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_1256">Upgrade from DB schema version 1.2.5.6</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_1252">Upgrade from DB schema version 1.2.5.2</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_124">Upgrade from DB schema version 1.2.4</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_12p3">Upgrade from DB schema version 1.2p3</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_12p1">Upgrade from DB schema version 1.2p1</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_12rc1">Upgrade from DB schema version 1.2rc(x)</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_11">Upgrade from DB schema version 1.1</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_11rc2">Upgrade from DB schema version 1.1rc2</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_11rc1">Upgrade from DB schema version 1.1rc1</a><br><br></td> </tr> <tr> <td><a href="index.php?op=update_10">Upgrade from DB schema version 1.0</a><br><br></td> </tr> <?php } else { ?> <tr> <td> Nothing to update<br><br> Click <a href="../index.php">HERE</a> to login<br> </td> </tr> <?php } ?> </table> <?php }
if ($user_obj->isAdmin()) { $reviewIdCount = sizeof($user_obj->getAllRevieweeIds()); } elseif ($user_obj->isReviewer()) { $reviewIdCount = sizeof($user_obj->getRevieweeIds()); } else { $reviewIdCount = 0; } if ($reviewIdCount > 0) { echo '<img src="images/exclamation.gif" /> <a href="toBePublished.php?state=1">' . msg('message_documents_waiting') . '</a>: ' . e::h($reviewIdCount) . '</a><br />'; } $rejected_files_obj = $user_obj->getRejectedFileIds(); if (isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) { echo '<img src="images/exclamation_red.gif" /> <a href="rejects.php?state=1">' . msg('message_documents_rejected') . '</a>: ' . sizeof($rejected_files_obj) . '<br />'; } $llen = $user_obj->getNumExpiredFiles(); if ($llen > 0) { echo '<img src="images/exclamation_red.gif"><a href="javascript:window.location=\'search.php?submit=submit&sort_by=id&where=author_locked_files&sort_order=asc&keyword=-1&exact_phrase=on\'">' . msg('message_documents_expired') . ': ' . e::h($llen) . '</a><br />'; } // get a list of documents the user has "view" permission for // get current user's information-->department //set values $user_perms = new UserPermission($_SESSION['uid'], $pdo); //$start_P = getmicrotime(); $file_id_array = $user_perms->getViewableFileIds(true); //$end_P = getmicrotime(); list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'], false); draw_footer(); //Fb::log('<br> <b> Load Page Time: ' . (getmicrotime() - $start_time) . ' </b>'); //echo '<br> <b> Load Permission Time: ' . ($end_P - $start_P) . ' </b>'; //echo '<br> <b> Load Sort Time: ' . ($lsort_e - $lsort_b) . ' </b>'; //echo '<br> <b> Load Table Time: ' . ($llist_e - $llist_b) . ' </b>';
<?php use Aura\Html\Escaper as e; ?> <div class="blog-intro"> <h2><?php echo e::h($blog->title); ?> </h2> <p class="byline"><?php echo e::h($blog->author); ?> </p> <?php echo e::h($blog->intro); ?> <p><?php echo $this->a("/blog/read/{$blog->id}", 'Read More ...'); ?> </p> </div>
* Send out email notifications to reviewers */ $file_obj = new FileData($id, $pdo); $get_full_name = $user_obj->getFullName(); $full_name = $get_full_name[0] . ' ' . $get_full_name[1]; $department = $file_obj->getDepartment(); $reviewer_obj = new Reviewer($id, $pdo); $reviewer_list = $reviewer_obj->getReviewersForDepartment($department); $date = date('Y-m-d H:i:s T'); // Build email for general notices $mail_subject = msg('checkinpage_file_was_checked_in'); $mail_body2 = msg('checkinpage_file_was_checked_in') . PHP_EOL; $mail_body2 .= msg('label_filename') . ': ' . $file_obj->getName() . PHP_EOL; $mail_body2 .= msg('label_status') . ': ' . msg('addpage_new') . PHP_EOL; $mail_body2 .= msg('date') . ': ' . $date . PHP_EOL . PHP_EOL; $mail_body2 .= msg('addpage_uploader') . ': ' . e::h($full_name) . PHP_EOL . PHP_EOL; $mail_body2 .= msg('email_thank_you') . ',' . PHP_EOL . PHP_EOL; $mail_body2 .= msg('email_automated_document_messenger') . PHP_EOL . PHP_EOL; $mail_body2 .= $GLOBALS['CONFIG']['base_url'] . PHP_EOL . PHP_EOL; $email_obj = new Email(); $email_obj->setFullName($full_name); $email_obj->setSubject($mail_subject); $email_obj->setFrom($full_name . ' <' . $user_obj->getEmailAddress() . '>'); $email_obj->setRecipients($reviewer_list); $email_obj->setBody($mail_body2); $email_obj->sendEmail(); // clean up and back to main page $last_message = msg('message_document_checked_in'); header('Location: out.php?last_message=' . urlencode($last_message)); } }
$file_under_review = $file_data_obj->isPublishable() == -1 ? true : false; $to_value = isset($reviewer_comments_fields[0]) ? substr($reviewer_comments_fields[0], 3) : ''; $subject_value = isset($reviewer_comments_fields[1]) ? substr($reviewer_comments_fields[1], 8) : ''; $comments_value = isset($reviewer_comments_fields[2]) ? substr($reviewer_comments_fields[2], 9) : ''; $file_detail_array = array('file_unlocked' => $file_unlocked, 'to_value' => $to_value, 'subject_value' => $subject_value, 'comments_value' => $comments_value, 'realname' => $real_name, 'category' => $category, 'filesize' => $file_size, 'created' => fix_date($created), 'owner_email' => $user_obj->getEmailAddress(), 'owner' => $owner_last_first, 'owner_fullname' => $owner_first_last, 'description' => wordwrap($description, 50, '<br />'), 'comment' => wordwrap($comment, 50, '<br />'), 'udf_details_display' => udf_details_display($request_id), 'revision' => $revision, 'file_under_review' => $file_under_review, 'reviewer' => $reviewer, 'status' => $status); if ($status > 0) { // status != 0 -> file checked out to another user. status = uid of the check-out person // query to find out who... $checkout_person_obj = $file_data_obj->getCheckerOBJ(); $full_name = $checkout_person_obj->getFullName(); $GLOBALS['smarty']->assign('checkout_person_full_name', $full_name); $GLOBALS['smarty']->assign('checkout_person_email', $checkout_person_obj->getEmailAddress()); } // Can they Read? if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->READ_RIGHT) { $view_link = 'view_file.php?id=' . e::h($full_requestId) . '&state=' . ($state + 1); $GLOBALS['smarty']->assign('view_link', $view_link); } // Lets figure out which buttons to show if ($status == 0 || $status == -1 && $file_data_obj->isOwner($_SESSION['uid'])) { // check if user has modify rights $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']); if ($user_perms->getAuthority($request_id, $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) { // if so, display link for checkout $check_out_link = "check-out.php?id={$request_id}" . '&state=' . ($state + 1) . '&access_right=modify'; $GLOBALS['smarty']->assign('check_out_link', $check_out_link); } if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) { // if user is also the owner of the file AND file is not checked out // additional actions are available $edit_link = "edit.php?id={$request_id}&state=" . ($state + 1);
$first_name = $row['first_name']; $realname = $row['realname']; $created = $row['created']; $description = $row['description']; $status = $row['status']; // correction if ($description == '') { $description = msg('message_no_information_available'); } $filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat'; // display list $highlighted_color = '#bdf9b6'; echo '<tr valign="middle" bgcolor="' . $row_color . '" onmouseover="this.style.backgroundColor=\'' . $highlighted_color . '\';" onmouseout="this.style.backgroundColor=\'' . $row_color . '\';">'; echo '<td class="listtable"><div class="buttons"><a href="check-in.php?id=' . e::h($id) . '&state=' . e::h($_REQUEST['state'] + 1) . '" class="regular"><img src="images/import-2.png" alt="checkin"/>' . msg('button_check_in') . '</a></div>'; echo '</td>'; echo '<td class="listtable">' . e::h($realname) . '</td>'; echo '<td class="listtable">' . e::h($description) . '</td>'; echo '<td class="listtable">' . fix_date(e::h($created)) . '</td> '; echo '<td class="listtable">' . e::h($last_name) . ', ' . e::h($first_name) . '</td> '; echo '<td class="listtable">' . display_filesize(e::h($filename)) . '</td> '; echo '</tr>'; if ($row_color == "#FCFCFC") { $row_color = "#E3E7F9"; } else { $row_color = "#FCFCFC"; } } // clean up echo '</table>'; } draw_footer();
echo '<td align=center><font size="-1"> <a href="details.php?id=' . e::h($id) . '_' . e::h($revision) . '&state=' . e::h($_REQUEST['state']) . '"><div class="revision">' . e::h($revision + 1) . '</div></a>' . e::h($extra_message); } else { echo '<td><font size="-1">' . e::h($revision) . e::h($extra_message); } ?> </font></td> <td><font size="-1"><?php echo fix_date($modified_on); ?> </font></td> <td><font size="-1"><?php echo e::h($last_name) . ', ' . e::h($first_name); ?> </font></td> <td><font size="-1"><?php echo e::h($note); ?> </font></td> </tr> <?php } // clean up ?> </table> </td> </tr> </table> <?php // Call the plugin API callPluginMethod('onAfterHistory', $datafile->getId());
$count++; } // Notify owner if ($GLOBALS['CONFIG']['file_expired_action'] != 4) { $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days') . ';'; $user_obj = new user($root_id, $pdo); $date = date("D F d Y"); $time = date("h:i A"); $get_full_name = $user_obj->getFullName(); $full_name = $get_full_name[0] . ' ' . $get_full_name[1]; $mail_from = $full_name . ' <' . $user_obj->getEmailAddress() . '>'; $mail_headers = "From: {$mail_from}"; $mail_subject = msg('email_subject_review_status'); $mail_greeting = msg('email_greeting') . ":" . PHP_EOL . "\t" . msg('email_i_would_like_to_inform'); $mail_body = msg('email_was_declined_for_publishing_at') . ' ' . $time . ' on ' . $date . ' ' . msg('email_because_you_did_not_revise') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days'); $mail_salute = PHP_EOL . PHP_EOL . msg('email_salute') . "," . PHP_EOL . e::h($full_name); foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); $mail_to = $user_obj->getEmailAddress(); if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($mail_to, $mail_subject . $file_obj->getName(), $mail_greeting . $file_obj->getName() . ' ' . $mail_body . $mail_salute, $mail_headers); } } } //do not show file if ($GLOBALS['CONFIG']['file_expired_action'] == 1) { $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days'); foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $file_obj->Publishable(-1);