/**
  * Show the settings edit form
  */
 public function edit()
 {
     $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}settings";
     $stmt = $this->connection->prepare($query);
     $stmt->execute();
     $result = $stmt->fetchAll();
     $GLOBALS['smarty']->assign('themes', $this->getThemes());
     $GLOBALS['smarty']->assign('languages', $this->getLanguages());
     $GLOBALS['smarty']->assign('useridnums', $this->getUserIdNums());
     $GLOBALS['smarty']->assign('settings_array', $result);
     display_smarty_template('settings.tpl');
 }
 function edit()
 {
     $settings_arr = array();
     $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}settings";
     $result = mysql_query($query) or die('Failed to edit settings: ' . mysql_error());
     while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
         $settings_arr[] = $row;
     }
     $GLOBALS['smarty']->assign('themes', $this->getThemes());
     $GLOBALS['smarty']->assign('languages', $this->getLanguages());
     $GLOBALS['smarty']->assign('useridnums', $this->getUserIdNums());
     $GLOBALS['smarty']->assign('settings_array', $settings_arr);
     display_smarty_template('settings.tpl');
 }
Exemple #3
0
/**
 * list_files - Display a list of files
 * @return NULL
 * @param array $fileid_array
 * @param object $userperms_obj
 * @param string $dataDir
 * @param boolean $showCheckBox
 * @param boolean $rejectpage
 */
function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = false, $rejectpage = false)
{
    global $pdo;
    if (sizeof($fileid_array) == 0 || !isset($fileid_array[0])) {
        echo '<img src="images/exclamation.gif">' . msg('message_no_files_found') . PHP_EOL;
        return -1;
    }
    foreach ($fileid_array as $fileid) {
        $file_obj = new FileData($fileid, $pdo);
        $userAccessLevel = $userperms_obj->getAuthority($fileid, $file_obj);
        $description = $file_obj->getDescription();
        if ($file_obj->getStatus() == 0 and $userAccessLevel >= $userperms_obj->VIEW_RIGHT) {
            $lock = false;
        } else {
            $lock = true;
        }
        if ($description == '') {
            $description = msg('message_no_description_available');
        }
        $created_date = fix_date($file_obj->getCreatedDate());
        if ($file_obj->getModifiedDate()) {
            $modified_date = fix_date($file_obj->getModifiedDate());
        } else {
            $modified_date = $created_date;
        }
        $full_name_array = $file_obj->getOwnerFullName();
        $owner_name = $full_name_array[1] . ', ' . $full_name_array[0];
        $dept_name = $file_obj->getDeptName();
        $realname = $file_obj->getRealname();
        //Get the file size in bytes.
        $filesize = display_filesize($dataDir . $fileid . '.dat');
        if ($userAccessLevel >= $userperms_obj->READ_RIGHT) {
            $suffix = strtolower(substr($realname, strrpos($realname, ".") + 1));
            $mimetype = File::mime_by_ext($suffix);
            $view_link = 'view_file.php?submit=view&id=' . urlencode(e::h($fileid)) . '&mimetype=' . urlencode("{$mimetype}");
        } else {
            $view_link = 'none';
        }
        $details_link = 'details.php?id=' . e::h($fileid) . '&state=' . e::h($_REQUEST['state'] + 1);
        $read = array($userperms_obj->READ_RIGHT, 'r');
        $write = array($userperms_obj->WRITE_RIGHT, 'w');
        $admin = array($userperms_obj->ADMIN_RIGHT, 'a');
        $rights = array($read, $write, $admin);
        $index_found = -1;
        //$rights[max][0] = admin, $rights[max-1][0]=write, ..., $right[min][0]=view
        //if $userright matches with $rights[max][0], then this user has all the rights of $rights[max][0]
        //and everything below it.
        for ($i = sizeof($rights) - 1; $i >= 0; $i--) {
            if ($userAccessLevel == $rights[$i][0]) {
                $index_found = $i;
                $i = 0;
            }
        }
        //Found the user right, now bold every below it.  For those that matches, make them different.
        //For everything above it, blank out
        for ($i = $index_found + 1; $i < sizeof($rights); $i++) {
            $rights[$i][1] = '-';
        }
        $file_list_arr[] = array('id' => $fileid, 'view_link' => $view_link, 'details_link' => $details_link, 'filename' => $realname, 'description' => $description, 'rights' => $rights, 'created_date' => $created_date, 'modified_date' => $modified_date, 'owner_name' => $owner_name, 'dept_name' => $dept_name, 'filesize' => $filesize, 'lock' => $lock, 'showCheckbox' => $showCheckBox, 'rejectpage' => $rejectpage);
        //print_r($file_list_arr);exit;
    }
    $limit_reached = false;
    if (count($file_list_arr) >= $GLOBALS['CONFIG']['max_query']) {
        $limit_reached = true;
    }
    $GLOBALS['smarty']->assign('limit_reached', $limit_reached);
    $GLOBALS['smarty']->assign('showCheckBox', $showCheckBox);
    //print_r($file_list_arr);exit;
    $GLOBALS['smarty']->assign('file_list_arr', $file_list_arr);
    //print_r($GLOBALS['smarty']);
    // Call the plugin API
    callPluginMethod('onBeforeListFiles', $file_list_arr);
    display_smarty_template('out.tpl');
    callPluginMethod('onAfterListFiles');
}
Exemple #4
0
                $stmt->execute(array(':newvalue' => $_REQUEST['newvalue'], ':primary_type' => $_REQUEST['primary_type']));
            }
        }
        // Do Deletes
        $query = "\n          SELECT\n            max(id)\n          FROM\n            {$udf_table_name}\n        ";
        $stmt = $pdo->prepare($query);
        $stmt->execute();
        $result = $stmt->fetchColumn();
        $max = $result;
        while ($max > 0) {
            if (isset($_REQUEST['x' . $max]) && $_REQUEST['x' . $max] == "on") {
                $query = "\n                  DELETE FROM\n                    {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$field_name}{$tablename}\n                  WHERE\n                    id = {$max}\n                ";
                $stmt = $pdo->prepare($query);
                $stmt->execute();
            }
            $max--;
        }
        $query = "\n              SELECT\n                *\n              FROM\n                {$_REQUEST['udf']}\n            ";
        $stmt = $pdo->prepare($query);
        $stmt->execute();
        $rows2 = $stmt->fetchAll();
        $GLOBALS['smarty']->assign('udf', $_REQUEST['udf']);
        $GLOBALS['smarty']->assign('display_name', $display_name);
        $GLOBALS['smarty']->assign('rows', $rows2);
        display_smarty_template('udf/edit_type_4.tpl');
    }
    draw_footer();
} else {
    draw_header(msg('label_user_defined_field'), $last_message);
    draw_footer();
}
Exemple #5
0
    if (count($result) == 1) {
        // register the user's ID
        $id = $result[0]['id'];
        $username = $result['username'];
        $password = $result['password'];
        // initiate a session
        $_SESSION['uid'] = $id;
        // Run the plugin API
        callPluginMethod('onAfterLogin');
        // redirect to main page
        if (isset($_REQUEST['redirection'])) {
            redirect_visitor($_REQUEST['redirection']);
        } else {
            redirect_visitor('out.php');
        }
        // close connection
    } else {
        // Login Failed
        // redirect to error page
        // Call the plugin API
        callPluginMethod('onFailedLogin');
        header('Location: error.php?ec=0');
    }
} elseif (!isset($_POST['login']) && $GLOBALS['CONFIG']['authen'] == 'mysql') {
    $redirection = isset($_REQUEST['redirection']) ? $_REQUEST['redirection'] : '';
    $GLOBALS['smarty']->assign('redirection', $redirection);
    display_smarty_template('login.tpl');
} else {
    echo 'Check your config';
}
draw_footer();
Exemple #6
0
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*/
// check for session and $_REQUEST['id']
session_start();
include 'odm-load.php';
if (!isset($_SESSION['uid'])) {
    redirect_visitor();
}
include 'udf_functions.php';
// open a connection to the database
$user_obj = new User($_SESSION['uid'], $pdo);
// Check to see if user is admin
if (!$user_obj->isAdmin()) {
    header('Location:error.php?ec=4');
    exit;
}
$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
draw_header(msg('accesslogpage_access_log'), $last_message);
$query = "SELECT \n            a.*,\n            d.realname,\n            u.username\n          FROM \n            {$GLOBALS['CONFIG']['db_prefix']}access_log a\n          INNER JOIN \n            {$GLOBALS['CONFIG']['db_prefix']}data AS d ON a.file_id = d.id\n          INNER JOIN \n            {$GLOBALS['CONFIG']['db_prefix']}user AS u ON a.user_id = u.id\n        ";
$stmt = $pdo->prepare($query);
$stmt->execute();
$result = $stmt->fetchAll();
$actions_array = array("A" => msg('accesslogpage_file_added'), "B" => msg('accesslogpage_reserved'), "C" => msg('accesslogpage_reserved'), "V" => msg('accesslogpage_file_viewed'), "D" => msg('accesslogpage_file_downloaded'), "M" => msg('accesslogpage_file_modified'), "I" => msg('accesslogpage_file_checked_in'), "O" => msg('accesslogpage_file_checked_out'), "X" => msg('accesslogpage_file_deleted'), "Y" => msg('accesslogpage_file_authorized'), "R" => msg('accesslogpage_file_rejected'));
$accesslog_array = array();
foreach ($result as $row) {
    $details_link = 'details.php?id=' . $row['file_id'] . '&state=' . ($_REQUEST['state'] + 1);
    $accesslog_array[] = array('user_id' => $row['user_id'], 'file_id' => $row['file_id'], 'user_name' => $row['username'], 'realname' => $row['realname'], 'action' => $actions_array[$row['action']], 'details_link' => $details_link, 'timestamp' => $row['timestamp']);
}
$GLOBALS['smarty']->assign('accesslog_array', $accesslog_array);
display_smarty_template('access_log.tpl');
draw_footer();
Exemple #7
0
    $result = $stmt->fetchAll();
    $array_id = array();
    $i = 0;
    foreach ($result as $row) {
        $array_id[$i] = $row['id'];
        $i++;
    }
    $luserperm_obj = new UserPermission($_SESSION['uid'], $pdo);
    draw_header(msg('area_deleted_files'), $last_message);
    $page_url = e::h($_SERVER['PHP_SELF']) . '?mode=' . $_REQUEST['mode'];
    $user_obj = new User($_SESSION['uid'], $pdo);
    $userperms = new UserPermission($_SESSION['uid'], $pdo);
    $list_status = list_files($array_id, $userperms, $GLOBALS['CONFIG']['archiveDir'], true);
    if ($list_status != -1) {
        $GLOBALS['smarty']->assign('lmode', '');
        display_smarty_template('deleteview.tpl');
    }
} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Delete file(s)') {
    isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : '';
    foreach ($_REQUEST['checkbox'] as $value) {
        if (!pmt_delete($value)) {
            header('Location: error.php?ec=21');
            exit;
        }
    }
    header('Location:' . urlencode($redirect) . '?last_message=' . urlencode(msg('undeletepage_file_permanently_deleted')));
} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Undelete') {
    if (isset($_REQUEST['checkbox'])) {
        foreach ($_REQUEST['checkbox'] as $fileId) {
            $file_obj = new FileData($fileId, $pdo);
            $file_obj->undelete();
Exemple #8
0
    $allDepartments = Department::getAllDepartments($pdo);
    $GLOBALS['smarty']->assign('allDepartments', $allDepartments);
    $GLOBALS['smarty']->assign('current_user_dept', $current_user_dept);
    $GLOBALS['smarty']->assign('t_name', $t_name);
    $GLOBALS['smarty']->assign('is_admin', $user_obj->isAdmin());
    $GLOBALS['smarty']->assign('avail_users', $users_array);
    $GLOBALS['smarty']->assign('avail_depts', $departments_array);
    $GLOBALS['smarty']->assign('cats_array', $cats_array);
    $GLOBALS['smarty']->assign('dept_perms_array', $dept_perms_array);
    $GLOBALS['smarty']->assign('user_id', $_SESSION['uid']);
    $GLOBALS['smarty']->assign('db_prefix', $GLOBALS['CONFIG']['db_prefix']);
    display_smarty_template('add.tpl');
    udf_add_file_form();
    // Call the plugin API
    callPluginMethod('onBeforeAdd');
    display_smarty_template('_add_footer.tpl');
} else {
    //invalid file
    if (empty($_FILES)) {
        header('Location:error.php?ec=11');
        exit;
    }
    $numberOfFiles = count($_FILES['file']['name']);
    $tmp_name = array();
    // First we need to make sure all files are allowed types
    for ($count = 0; $count < $numberOfFiles; $count++) {
        if (empty($_FILES['file']['name'][$count])) {
            $last_message = $GLOBALS['lang']['addpage_file_missing'];
            header('Location: error.php?last_message=' . urlencode($last_message));
            exit;
        }
Exemple #9
0
                $stmt->execute(array(':dept_id' => $_REQUEST['department_review'][$i], ':user_id' => $_POST['id']));
            }
        }
    }
    // back to main page
    $last_message = urlencode(msg('message_user_successfully_updated'));
    header('Location: out.php?last_message=' . $last_message);
} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'updatepick') {
    draw_header(msg('userpage_modify_user'), $last_message);
    // Check to see if user is admin
    $query = "SELECT admin FROM {$GLOBALS['CONFIG']['db_prefix']}admin WHERE id = :uid and admin = '1'";
    $stmt = $pdo->prepare($query);
    $stmt->execute(array(':uid' => $_SESSION['uid']));
    if ($stmt->rowCount() <= 0) {
        header('Location: error.php?ec=4');
        exit;
    }
    $query = "SELECT id, username, first_name, last_name FROM {$GLOBALS['CONFIG']['db_prefix']}user ORDER BY last_name";
    $stmt = $pdo->prepare($query);
    $stmt->execute();
    $users = $stmt->fetchAll();
    $GLOBALS['smarty']->assign('state', (int) $_REQUEST['state'] + 1);
    $GLOBALS['smarty']->assign('users', $users);
    display_smarty_template('user/edit_pick.tpl');
    draw_footer();
} elseif (isset($_REQUEST['cancel']) and $_REQUEST['cancel'] == 'Cancel') {
    $last_message = "Action Cancelled";
    header('Location: admin.php?last_message=' . $last_message);
} else {
    header('Location: admin.php?last_message=' . urlencode('Unrecognizalbe action'));
}
Exemple #10
0
 public function deleteSelect()
 {
     $filetypes_arr = array();
     $query = "\n              SELECT\n                *\n              FROM\n                {$GLOBALS['CONFIG']['db_prefix']}filetypes\n            ";
     $stmt = $this->connection->prepare($query);
     $stmt->execute();
     $result = $stmt->fetchAll();
     foreach ($result as $row) {
         $filetypes_arr[] = $row;
     }
     $GLOBALS['smarty']->assign('filetypes_array', $filetypes_arr);
     display_smarty_template('filetypes_deleteshow.tpl');
 }
Exemple #11
0
        $GLOBALS['smarty']->assign('is_admin', $user_perms_obj->user_obj->isAdmin());
        $GLOBALS['smarty']->assign('avail_users', $user_perms_array);
        $GLOBALS['smarty']->assign('avail_depts', $dept_perms_array);
        $GLOBALS['smarty']->assign('cats_array', $cats_array);
        $GLOBALS['smarty']->assign('user_id', $_SESSION['uid']);
        $GLOBALS['smarty']->assign('pre_selected_owner', $owner_id);
        $GLOBALS['smarty']->assign('pre_selected_category', $category);
        $GLOBALS['smarty']->assign('pre_selected_department', $department);
        $GLOBALS['smarty']->assign('description', $description);
        $GLOBALS['smarty']->assign('comment', $comment);
        $GLOBALS['smarty']->assign('db_prefix', $GLOBALS['CONFIG']['db_prefix']);
        display_smarty_template('edit.tpl');
        udf_edit_file_form();
        // Call Plugin API
        callPluginMethod('onBeforeEditFile', $data_id);
        display_smarty_template('_edit_footer.tpl');
    }
    //end else
} else {
    // form submitted, process data
    $fileId = $_REQUEST['id'];
    $filedata = new FileData($fileId, $pdo);
    // Call the plugin API
    callPluginMethod('onBeforeEditFileSaved');
    $filedata->setId($fileId);
    $perms_error = false;
    // check submitted data
    // at least one user must have "view" and "modify" rights
    foreach ($_REQUEST['user_permission'] as $permission) {
        if ($permission > 2) {
            $perms_error = true;
Exemple #12
0
    */
    if ($_REQUEST['submit'] == 'commentReject') {
        $submit_value = 'Reject';
    } elseif ($_REQUEST['submit'] == 'commentAuthorize') {
        $submit_value = 'Authorize';
    } else {
        $submit_value = 'None';
    }
    $query = "\n      SELECT\n        id,\n        first_name,\n        last_name\n      FROM\n        {$GLOBALS['CONFIG']['db_prefix']}user\n    ";
    $stmt = $pdo->prepare($query);
    $stmt->execute(array());
    $result = $stmt->fetchAll();
    $GLOBALS['smarty']->assign('user_info', $result);
    $GLOBALS['smarty']->assign('submit_value', $submit_value);
    $GLOBALS['smarty']->assign('checkbox', $checkbox);
    display_smarty_template('commentform.tpl');
} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Reject') {
    $to = isset($_POST['to']) ? $_POST['to'] : '';
    $subject = isset($_POST['subject']) ? $_POST['subject'] : '';
    $checkbox = isset($_POST['checkbox']) ? $_POST['checkbox'] : '';
    $mail_break = '--------------------------------------------------' . PHP_EOL;
    $reviewer_comments = "To={$to};Subject={$subject};Comments={$comments};";
    $user_obj = new user($_SESSION['uid'], $pdo);
    $date = date('Y-m-d H:i:s T');
    //locale insensitive
    $get_full_name = $user_obj->getFullName();
    $full_name = $get_full_name[0] . ' ' . $get_full_name[1];
    $mail_from = $full_name . ' <' . $user_obj->getEmailAddress() . '>';
    $mail_headers = "From: {$mail_from}" . PHP_EOL;
    $mail_headers .= "Content-Type: text/plain; charset=UTF-8" . PHP_EOL;
    $mail_subject = !empty($_REQUEST['subject']) ? stripslashes($_REQUEST['subject']) : msg('email_subject_review_status');
Exemple #13
0
    $file_name = $file_obj->getName();
    $file_id = $file_obj->getId();
    $realname = $file_obj->getName();
    // Get the suffix of the file so we can look it up
    // in the $mimetypes array
    $suffix = '';
    if (strchr($realname, '.')) {
        // Fix by blackwes
        $prefix = substr($realname, 0, strrpos($realname, "."));
        $suffix = strtolower(substr($realname, strrpos($realname, ".") + 1));
    }
    $mimetype = File::mime_by_ext($suffix);
    $GLOBALS['smarty']->assign('mimetype', $mimetype);
    $GLOBALS['smarty']->assign('file_id', $file_id);
    // drw form
    display_smarty_template('view_file.tpl');
    draw_footer();
} elseif ($_GET['submit'] == 'view') {
    $file_obj = new FileData($_REQUEST['id'], $pdo);
    // Added this check to keep unauthorized users from downloading - Thanks to Chad Bloomquist
    checkUserPermission($_REQUEST['id'], $file_obj->READ_RIGHT, $file_obj);
    $realname = $file_obj->getName();
    if (isset($revision_id)) {
        $filename = $revision_dir . $request_id . ".dat";
    } elseif ($file_obj->isArchived()) {
        $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat";
    } else {
        $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat";
    }
    if (file_exists($filename)) {
        // send headers to browser to initiate file download
Exemple #14
0
    // Flush buffer onto screens
    ob_end_clean();
    // Clean up buffer
    exit;
} else {
    // all checks completed
    /* to avoid problems with some browsers,
          download script should not include parameters on the URL
          so let's use a form and pass the parameters via POST
       */
    // form not yet submitted
    // display information on how to initiate download
    if (!isset($submit)) {
        draw_header('View File', $last_message);
        $GLOBALS['smarty']->assign('file_id', $filedata->getId());
        display_smarty_template('view.tpl');
        draw_footer();
    } else {
        $id = $filedata->getId();
        $realname = $filedata->getName();
        // get the filename
        $filename = $GLOBALS['CONFIG']['dataDir'] . $_POST['id'] . '.dat';
        if (file_exists($filename)) {
            // send headers to browser to initiate file download
            header('Content-Type: application/octet-stream');
            header('Content-Disposition: attachment; filename=' . rawurlencode($realname));
            readfile($filename);
            // Call the plugin API
            callPluginMethod('onViewFile');
        } else {
            echo 'File not readable...';
 function deleteSelect()
 {
     $filetypes_arr = array();
     $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes";
     $result = mysql_query($query) or die('Failed to select filetypes list: ' . mysql_error());
     while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
         $filetypes_arr[] = $row;
     }
     $GLOBALS['smarty']->assign('filetypes_array', $filetypes_arr);
     display_smarty_template('filetypes_deleteshow.tpl');
 }
Exemple #16
0
if ($status == 0 || $status == -1 && $file_data_obj->isOwner($_SESSION['uid'])) {
    // check if user has modify rights
    $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']);
    if ($user_perms->getAuthority($request_id, $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
        // if so, display link for checkout
        $check_out_link = "check-out.php?id={$request_id}" . '&state=' . ($state + 1) . '&access_right=modify';
        $GLOBALS['smarty']->assign('check_out_link', $check_out_link);
    }
    if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
        // if user is also the owner of the file AND file is not checked out
        // additional actions are available
        $edit_link = "edit.php?id={$request_id}&state=" . ($state + 1);
        $GLOBALS['smarty']->assign('edit_link', $edit_link);
    }
}
////end if ($status == 0)
// ability to view revision history is always available
// put it outside the block
$history_link = "history.php?id={$request_id}&state=" . ($state + 1);
$comments_link = 'toBePublished.php?submit=comments&id=' . $request_id;
$my_delete_link = 'delete.php?mode=tmpdel&id0=' . $request_id;
$GLOBALS['smarty']->assign('history_link', $history_link);
$GLOBALS['smarty']->assign('comments_link', $comments_link);
$GLOBALS['smarty']->assign('my_delete_link', $my_delete_link);
// Call the plugin API
callPluginMethod('onDuringDetails', $file_data_obj->id);
$GLOBALS['smarty']->assign('file_detail', $file_detail_array);
display_smarty_template('details.tpl');
// Call the plugin API
callPluginMethod('onAfterDetails', $file_data_obj->id);
draw_footer();
Exemple #17
0
    draw_footer();
} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') {
    draw_header(msg('label_filetypes'), $last_message);
    if ($filetypes->save($_POST)) {
        $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull'];
    } else {
        $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action'];
    }
    $GLOBALS['smarty']->assign('last_message', $_POST['last_message']);
    $filetypes->edit();
    draw_footer();
} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') {
    header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled')));
} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNew') {
    draw_header(msg('label_filetypes'), $last_message);
    display_smarty_template('filetype_add.tpl');
    draw_footer();
} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNewSave') {
    if ($filetypes->add($_POST)) {
        $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull'];
    } else {
        $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action'];
    }
    $GLOBALS['smarty']->assign('last_message', $_POST['last_message']);
    draw_header(msg('label_filetypes'), $last_message);
    $filetypes->edit();
    draw_footer();
} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'DeleteSelect') {
    draw_header(msg('label_filetypes'), $last_message);
    $filetypes->deleteSelect();
    draw_footer();