header('Location: out.php?last_message=' . urlencode($last_message));
} elseif (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive') {
//publishable=2 for archive deletion
$query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE publishable=2";
$stmt = $pdo->prepare($query);
$stmt->execute();
$result = $stmt->fetchAll();
$array_id = array();
$i = 0;
foreach ($result as $row) {
$array_id[$i] = $row['id'];
$i++;
}
$luserperm_obj = new UserPermission($_SESSION['uid'], $pdo);
draw_header(msg('area_deleted_files'), $last_message);
$page_url = e::h($_SERVER['PHP_SELF']) . '?mode=' . $_REQUEST['mode'];
$user_obj = new User($_SESSION['uid'], $pdo);
$userperms = new UserPermission($_SESSION['uid'], $pdo);
$list_status = list_files($array_id, $userperms, $GLOBALS['CONFIG']['archiveDir'], true);
if ($list_status != -1) {
$GLOBALS['smarty']->assign('lmode', '');
display_smarty_template('deleteview.tpl');
}
} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Delete file(s)') {
isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : '';
foreach ($_REQUEST['checkbox'] as $value) {
if (!pmt_delete($value)) {
header('Location: error.php?ec=21');
exit;
}
}
<table>
<tr>
<th bgcolor ="#83a9f7"><font color="#FFFFFF"><?php
echo msg('adminpage_about_section_title');
?>
</font></th>
</tr>
<tr>
<td><b><?php
echo msg('adminpage_about_section_app_version') . ": " . e::h($GLOBALS['CONFIG']['current_version']);
?>
</b></td>
</tr>
<tr>
<td><b><?php
echo msg('adminpage_about_section_db_version') . ": " . e::h(Settings::get_db_version());
?>
</b></td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</td>
</tr>
<?php
}
?>
</table>
function udf_functions_search_options()
{
global $pdo;
$query = "SELECT table_name,field_type,display_name FROM {$GLOBALS['CONFIG']['db_prefix']}udf ORDER BY id";
$stmt = $pdo->prepare($query);
$stmt->execute();
$result = $stmt->fetchAll();
foreach ($result as $row) {
echo '<option value="' . e::h($row[2]) . '">' . e::h($row[2]) . '</option>';
}
}
/**
* Custom redirection handler
* @param string $url the internal page to redirect them to
*/
function redirect_visitor($url = '')
{
if ($url == '') {
header('Location:index.php?redirection=' . urlencode(e::h($_SERVER['PHP_SELF']) . '?' . e::h($_SERVER['QUERY_STRING'])));
exit;
} else {
// Lets make sure its not an outside URL
if (!preg_match('#^(http|https|ftp)://#', $url)) {
header('Location:' . htmlentities($url, ENT_QUOTES));
exit;
} else {
header('Location:index.php');
exit;
}
}
}
$salt = "abcdefghjkmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
$i = 0;
$randstring = '';
while ($i <= 7) {
$num = rand() % 63;
$tmp = substr($salt, $num, 1);
$randstring .= $tmp;
$i++;
}
$reset_code = md5($randstring);
// add the reset code to the database for this user
$query = "\n UPDATE\n {$GLOBALS['CONFIG']['db_prefix']}user\n SET\n pw_reset_code = :reset_code\n WHERE\n id = :user_id\n ";
$stmt = $pdo->prepare($query);
$stmt->execute(array(':reset_code' => $reset_code, ':user_id' => $user_id));
// generate the link
$resetLink = $GLOBALS['CONFIG']['base_url'] . '/forgot_password.php?username='******'&code=' . e::h($reset_code);
$mail_headers = "From: " . $GLOBALS['CONFIG']['site_mail'] . PHP_EOL;
$mail_headers .= "Content-Type: text/plain; charset=UTF-8" . PHP_EOL;
$mail_body = msg('email_someone_has_requested_password') . PHP_EOL . PHP_EOL;
$mail_body .= $resetLink . PHP_EOL . PHP_EOL;
$mail_body .= msg('email_thank_you') . PHP_EOL . PHP_EOL;
$mail_body .= msg('area_admin') . PHP_EOL . PHP_EOL;
// send the email
if ($GLOBALS['CONFIG']['demo'] == 'False') {
mail($email, msg('area_reset_password'), $mail_body, $mail_headers);
}
$redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_an_email_has_been_sent'));
header("Location: {$redirect}");
exit;
}
} else {
/**
* @return bool
*/
public function isArchived()
{
$query = "\n SELECT\n publishable\n FROM\n {$GLOBALS['CONFIG']['db_prefix']}{$this->TABLE_DATA}\n WHERE\n id = :id\n ";
$stmt = $this->connection->prepare($query);
$stmt->execute(array(':id' => $this->id));
$result = $stmt->fetchColumn();
if ($stmt->rowCount() != 1) {
echo 'DB error. Unable to locate file id ' . e::h($this->id) . ' in table ' . $GLOBALS['CONFIG']['db_prefix'] . 'data. Please contact ' . $GLOBALS['CONFIG']['site_mail'] . ' for help';
exit;
}
return $result == 2;
}
<?php
use Aura\Html\Escaper as e;
?>
<p>
Successfully deleted blog post
titled "<?php
echo e::h($this->blog->title);
?>
"
by <?php
echo e::h($this->blog->author);
?>
.
</p>
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
// includes
include 'odm-load.php';
$last_message = isset($_REQUEST['last_message']) ? e::h($_REQUEST['last_message']) : '';
draw_header(msg('error'), $last_message);
if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) {
switch ($_REQUEST['ec']) {
// login failure
case 0:
$message = msg('message_there_was_an_error_loggin_you_in');
break;
// session problem
// session problem
case 1:
$message = msg('message_session_error');
break;
// malformed variable/failed query
// malformed variable/failed query
case 2:
public function modify(Container $di)
{
Escaper::setStatic($di->get('aura/html:escaper'));
}
$i++;
}
$department_select_options = array();
for ($d = 0; $d < sizeof($all_departments); $d++) {
$found = false;
if (isset($department_reviewer)) {
for ($r = 0; $r < sizeof($department_reviewer); $r++) {
if ($all_departments[$d][0] == $department_reviewer[$r][0]) {
$department_select_options[] = '<option value="' . e::h($all_departments[$d][0]) . '" selected>' . e::h($all_departments[$d][1]) . '</option>';
$found = true;
$r = sizeof($department_reviewer);
}
}
}
if (!$found) {
$department_select_options[] = '<option value="' . e::h($all_departments[$d][0]) . '">' . e::h($all_departments[$d][1]) . '</option>';
}
}
$can_add = '';
$can_checkin = '';
if ($user_obj->can_add == 1) {
$can_add = "checked";
}
if ($user_obj->can_checkin == 1) {
$can_checkin = "checked";
}
$GLOBALS['smarty']->assign('user', $user_obj);
$GLOBALS['smarty']->assign('mysql_auth', $GLOBALS["CONFIG"]["authen"] == 'mysql');
$GLOBALS['smarty']->assign('mode', $mode);
$GLOBALS['smarty']->assign('user_department', $user_obj->getDeptID());
$GLOBALS['smarty']->assign('display_reviewer_row', $display_reviewer_row);
/**
*
* Constructor.
*
* @param string $encoding The encoding for the escapers.
*
* @param int $flags The `htmlspecialchars()` flags for the escapers.
*
*/
public function __construct($encoding = null, $flags = null)
{
$escaper_factory = new EscaperFactory($encoding, $flags);
$this->escaper = $escaper_factory->newInstance();
Escaper::setStatic($this->escaper);
}
/**
*
* Returns a "void" tag (i.e., one with no body and no closing tag).
*
* @param string $tag The tag name.
*
* @param array $attr The attributes for the tag.
*
* @return string
*
*/
protected function void($tag, array $attr = array())
{
$attr = $this->escaper->attr($attr);
$html = "<{$tag} {$attr} />";
return $html;
}
/**
* getTitleString
*
* @return string
*
* @access public
*/
public function getTitleString()
{
$sep = $this->titleSeparator;
$raw = trim(implode($sep, [implode($sep, $this->titles), $this->siteTitle]), $sep);
return $this->escaper->html($raw);
}
/**
*
* Static escaping for JavaScript context.
*
* @param string $raw The raw string.
*
* @return string The escaped string.
*
*/
public static function j($raw)
{
return static::$escaper->js($raw);
}
$result = $stmt->fetchAll();
echo '<select id="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary" name="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary">';
foreach ($result as $subrow) {
echo '<option value="' . e::h($subrow[0]) . '">' . e::h($subrow[1]) . '</option>';
}
echo '</select>';
}
}
if ($add_value == "edit") {
$edit_tablename = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary';
$white_listed = false;
foreach ($udf_tables_names_result as $white_list) {
if ($edit_tablename == $white_list['table_name']) {
$white_listed = true;
}
}
if ($white_list) {
$stmt = $pdo->prepare("Select * FROM {$edit_tablename} WHERE pr_id = :q");
$stmt->execute(array(':q' => $q));
$result = $stmt->fetchAll();
echo '<select id="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary" name="' . e::h($GLOBALS['CONFIG']['db_prefix']) . 'udftbl_' . e::h($table_name) . '_secondary">';
foreach ($result as $subrow) {
echo '<option value="' . e::h($subrow[0]) . '">' . e::h($subrow[1]) . '</option>';
}
echo '</select>';
}
}
?>
</tr>
</table>
echo e::h(msg('label_file_name'));
?>
</th>
<th><?php
echo e::h(msg('label_fileid'));
?>
</th>
<th><?php
echo e::h(msg('label_username'));
?>
</th>
<th class="sorting"><?php
echo e::h(msg('label_action'));
?>
</th>
<th class="sorting"><?php
echo e::h(msg('label_date'));
?>
</th>
</tr>
</tfoot>
<?php
if ($this->form != '1') {
?>
</form>
<?php
}
?>
</table>
</div>
<br />
<td><b><?php
echo msg('choose');
?>
<?php
echo msg('category');
?>
:</b></td>
<td colspan="3"><select name="item">
<?php
// query to get a list of users
$query = "SELECT id, name FROM {$GLOBALS['CONFIG']['db_prefix']}category ORDER BY name";
$stmt = $pdo->prepare($query);
$stmt->execute();
$result = $stmt->fetchAll();
foreach ($result as $row) {
echo '<option value="' . e::h($row['id']) . '">' . e::h($row['name']) . '</option>';
}
?>
</td>
<td align="center">
<div class="buttons">
<button class="positive" type="submit" name="submit" value="Update"><?php
echo msg('choose');
?>
</button>
</div>
</td>
<td align="center">
<div class="buttons">
<button class="negative cancel" type="submit" name="cancel" value="Cancel"><?php
/**
* @param array $data
* @param string $strategy
* @param \Aura\Html\Escaper $escaper
* @param string $encoding
* @return array|string
*/
private function escapeArray(array $data, $strategy, AuraHtmlEscaper $escaper, $encoding)
{
if ($strategy === 'attr') {
return $escaper->attr($data);
}
array_walk($data, function (&$item) use($strategy, $encoding) {
$item = $this->escape($item, $strategy, $encoding);
});
return $data;
}
function print_intro()
{
include_once '../version.php';
include_once '../Settings_class.php';
$prefix = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix'];
$db_version = Settings::get_db_version($prefix);
$is_upgrade = $db_version != REQUIRED_VERSION;
?>
<h3>Welcome to the OpenDocMan Database Installer/Updater Tool</h3>
</div>
<hr>
<table>
<tr>
<td><a href="../docs/opendocman.txt" target="#main">Installation Instructions (text)</a><br><br></td>
</tr>
</table>
<table align="center">
<tr>
<td><strong>Please BACKUP all data and files before proceeding!</strong><br><br></td>
</tr>
<tr>
<td>
Please choose one from the following based on your current version.<br><br>
Note: If you are updating and your current version # is lower than the newest upgrade listed below then you
have database updates to perform. <br/><br/>
</td>
</tr>
<?php
if ($db_version == 'Unknown') {
?>
<tr>
<td>New Installation (Will wipe any current data!)<br/><br/></td>
</tr>
<tr>
<td>
<a href="index.php?op=install" class="button" onclick="return confirm('Are you sure? This will modify the database you have configured in config.php. Only use this option for a FRESH INSTALL.')">
Click HERE To set up database for v<?php
echo $GLOBALS['CONFIG']['current_version'];
?>
release of OpenDocMan </a><br /><br />
</td>
<?php
} elseif ($is_upgrade) {
?>
<tr>
<td>Your current Database schema version: <strong><?php
echo e::h($db_version);
?>
</strong><br/><br/>
Required Database schema version: <?php
echo REQUIRED_VERSION;
?>
<br/><br />
</td>
</tr>
<tr>
<td>Upgrade your current database from a previous version<br/><br/></td>
</tr>
<tr>
<td><a href="index.php?op=update_129">Upgrade from DB schema version 1.2.9</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_128">Upgrade from DB schema version 1.2.8</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_1263">Upgrade from DB schema version 1.2.6.3</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_1262">Upgrade from DB schema version 1.2.6.2</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_1261">Upgrade from DB schema version 1.2.6.1</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_1257">Upgrade from DB schema version 1.2.5.7</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_1256">Upgrade from DB schema version 1.2.5.6</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_1252">Upgrade from DB schema version 1.2.5.2</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_124">Upgrade from DB schema version 1.2.4</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_12p3">Upgrade from DB schema version 1.2p3</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_12p1">Upgrade from DB schema version 1.2p1</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_12rc1">Upgrade from DB schema version 1.2rc(x)</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_11">Upgrade from DB schema version 1.1</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_11rc2">Upgrade from DB schema version 1.1rc2</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_11rc1">Upgrade from DB schema version 1.1rc1</a><br><br></td>
</tr>
<tr>
<td><a href="index.php?op=update_10">Upgrade from DB schema version 1.0</a><br><br></td>
</tr>
<?php
} else {
?>
<tr>
<td>
Nothing to update<br><br>
Click <a href="../index.php">HERE</a> to login<br>
</td>
</tr>
<?php
}
?>
</table>
<?php
}
if ($user_obj->isAdmin()) {
$reviewIdCount = sizeof($user_obj->getAllRevieweeIds());
} elseif ($user_obj->isReviewer()) {
$reviewIdCount = sizeof($user_obj->getRevieweeIds());
} else {
$reviewIdCount = 0;
}
if ($reviewIdCount > 0) {
echo '<img src="images/exclamation.gif" /> <a href="toBePublished.php?state=1">' . msg('message_documents_waiting') . '</a>: ' . e::h($reviewIdCount) . '</a><br />';
}
$rejected_files_obj = $user_obj->getRejectedFileIds();
if (isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) {
echo '<img src="images/exclamation_red.gif" /> <a href="rejects.php?state=1">' . msg('message_documents_rejected') . '</a>: ' . sizeof($rejected_files_obj) . '<br />';
}
$llen = $user_obj->getNumExpiredFiles();
if ($llen > 0) {
echo '<img src="images/exclamation_red.gif"><a href="javascript:window.location=\'search.php?submit=submit&sort_by=id&where=author_locked_files&sort_order=asc&keyword=-1&exact_phrase=on\'">' . msg('message_documents_expired') . ': ' . e::h($llen) . '</a><br />';
}
// get a list of documents the user has "view" permission for
// get current user's information-->department
//set values
$user_perms = new UserPermission($_SESSION['uid'], $pdo);
//$start_P = getmicrotime();
$file_id_array = $user_perms->getViewableFileIds(true);
//$end_P = getmicrotime();
list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'], false);
draw_footer();
//Fb::log('<br> <b> Load Page Time: ' . (getmicrotime() - $start_time) . ' </b>');
//echo '<br> <b> Load Permission Time: ' . ($end_P - $start_P) . ' </b>';
//echo '<br> <b> Load Sort Time: ' . ($lsort_e - $lsort_b) . ' </b>';
//echo '<br> <b> Load Table Time: ' . ($llist_e - $llist_b) . ' </b>';
<?php
use Aura\Html\Escaper as e;
?>
<div class="blog-intro">
<h2><?php
echo e::h($blog->title);
?>
</h2>
<p class="byline"><?php
echo e::h($blog->author);
?>
</p>
<?php
echo e::h($blog->intro);
?>
<p><?php
echo $this->a("/blog/read/{$blog->id}", 'Read More ...');
?>
</p>
</div>
* Send out email notifications to reviewers
*/
$file_obj = new FileData($id, $pdo);
$get_full_name = $user_obj->getFullName();
$full_name = $get_full_name[0] . ' ' . $get_full_name[1];
$department = $file_obj->getDepartment();
$reviewer_obj = new Reviewer($id, $pdo);
$reviewer_list = $reviewer_obj->getReviewersForDepartment($department);
$date = date('Y-m-d H:i:s T');
// Build email for general notices
$mail_subject = msg('checkinpage_file_was_checked_in');
$mail_body2 = msg('checkinpage_file_was_checked_in') . PHP_EOL;
$mail_body2 .= msg('label_filename') . ': ' . $file_obj->getName() . PHP_EOL;
$mail_body2 .= msg('label_status') . ': ' . msg('addpage_new') . PHP_EOL;
$mail_body2 .= msg('date') . ': ' . $date . PHP_EOL . PHP_EOL;
$mail_body2 .= msg('addpage_uploader') . ': ' . e::h($full_name) . PHP_EOL . PHP_EOL;
$mail_body2 .= msg('email_thank_you') . ',' . PHP_EOL . PHP_EOL;
$mail_body2 .= msg('email_automated_document_messenger') . PHP_EOL . PHP_EOL;
$mail_body2 .= $GLOBALS['CONFIG']['base_url'] . PHP_EOL . PHP_EOL;
$email_obj = new Email();
$email_obj->setFullName($full_name);
$email_obj->setSubject($mail_subject);
$email_obj->setFrom($full_name . ' <' . $user_obj->getEmailAddress() . '>');
$email_obj->setRecipients($reviewer_list);
$email_obj->setBody($mail_body2);
$email_obj->sendEmail();
// clean up and back to main page
$last_message = msg('message_document_checked_in');
header('Location: out.php?last_message=' . urlencode($last_message));
}
}
$file_under_review = $file_data_obj->isPublishable() == -1 ? true : false;
$to_value = isset($reviewer_comments_fields[0]) ? substr($reviewer_comments_fields[0], 3) : '';
$subject_value = isset($reviewer_comments_fields[1]) ? substr($reviewer_comments_fields[1], 8) : '';
$comments_value = isset($reviewer_comments_fields[2]) ? substr($reviewer_comments_fields[2], 9) : '';
$file_detail_array = array('file_unlocked' => $file_unlocked, 'to_value' => $to_value, 'subject_value' => $subject_value, 'comments_value' => $comments_value, 'realname' => $real_name, 'category' => $category, 'filesize' => $file_size, 'created' => fix_date($created), 'owner_email' => $user_obj->getEmailAddress(), 'owner' => $owner_last_first, 'owner_fullname' => $owner_first_last, 'description' => wordwrap($description, 50, '<br />'), 'comment' => wordwrap($comment, 50, '<br />'), 'udf_details_display' => udf_details_display($request_id), 'revision' => $revision, 'file_under_review' => $file_under_review, 'reviewer' => $reviewer, 'status' => $status);
if ($status > 0) {
// status != 0 -> file checked out to another user. status = uid of the check-out person
// query to find out who...
$checkout_person_obj = $file_data_obj->getCheckerOBJ();
$full_name = $checkout_person_obj->getFullName();
$GLOBALS['smarty']->assign('checkout_person_full_name', $full_name);
$GLOBALS['smarty']->assign('checkout_person_email', $checkout_person_obj->getEmailAddress());
}
// Can they Read?
if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->READ_RIGHT) {
$view_link = 'view_file.php?id=' . e::h($full_requestId) . '&state=' . ($state + 1);
$GLOBALS['smarty']->assign('view_link', $view_link);
}
// Lets figure out which buttons to show
if ($status == 0 || $status == -1 && $file_data_obj->isOwner($_SESSION['uid'])) {
// check if user has modify rights
$user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']);
if ($user_perms->getAuthority($request_id, $file_data_obj) >= $user_perms->WRITE_RIGHT && !isset($revision_id) && !$file_data_obj->isArchived()) {
// if so, display link for checkout
$check_out_link = "check-out.php?id={$request_id}" . '&state=' . ($state + 1) . '&access_right=modify';
$GLOBALS['smarty']->assign('check_out_link', $check_out_link);
}
if ($user_permission_obj->getAuthority($request_id, $file_data_obj) >= $user_permission_obj->ADMIN_RIGHT && !@isset($revision_id) && !$file_data_obj->isArchived()) {
// if user is also the owner of the file AND file is not checked out
// additional actions are available
$edit_link = "edit.php?id={$request_id}&state=" . ($state + 1);
$first_name = $row['first_name'];
$realname = $row['realname'];
$created = $row['created'];
$description = $row['description'];
$status = $row['status'];
// correction
if ($description == '') {
$description = msg('message_no_information_available');
}
$filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat';
// display list
$highlighted_color = '#bdf9b6';
echo '<tr valign="middle" bgcolor="' . $row_color . '" onmouseover="this.style.backgroundColor=\'' . $highlighted_color . '\';" onmouseout="this.style.backgroundColor=\'' . $row_color . '\';">';
echo '<td class="listtable"><div class="buttons"><a href="check-in.php?id=' . e::h($id) . '&state=' . e::h($_REQUEST['state'] + 1) . '" class="regular"><img src="images/import-2.png" alt="checkin"/>' . msg('button_check_in') . '</a></div>';
echo '</td>';
echo '<td class="listtable">' . e::h($realname) . '</td>';
echo '<td class="listtable">' . e::h($description) . '</td>';
echo '<td class="listtable">' . fix_date(e::h($created)) . '</td> ';
echo '<td class="listtable">' . e::h($last_name) . ', ' . e::h($first_name) . '</td> ';
echo '<td class="listtable">' . display_filesize(e::h($filename)) . '</td> ';
echo '</tr>';
if ($row_color == "#FCFCFC") {
$row_color = "#E3E7F9";
} else {
$row_color = "#FCFCFC";
}
}
// clean up
echo '</table>';
}
draw_footer();
echo '<td align=center><font size="-1"> <a href="details.php?id=' . e::h($id) . '_' . e::h($revision) . '&state=' . e::h($_REQUEST['state']) . '"><div class="revision">' . e::h($revision + 1) . '</div></a>' . e::h($extra_message);
} else {
echo '<td><font size="-1">' . e::h($revision) . e::h($extra_message);
}
?>
</font></td>
<td><font size="-1"><?php
echo fix_date($modified_on);
?>
</font></td>
<td><font size="-1"><?php
echo e::h($last_name) . ', ' . e::h($first_name);
?>
</font></td>
<td><font size="-1"><?php
echo e::h($note);
?>
</font></td>
</tr>
<?php
}
// clean up
?>
</table>
</td>
</tr>
</table>
<?php
// Call the plugin API
callPluginMethod('onAfterHistory', $datafile->getId());
$count++;
}
// Notify owner
if ($GLOBALS['CONFIG']['file_expired_action'] != 4) {
$reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days') . ';';
$user_obj = new user($root_id, $pdo);
$date = date("D F d Y");
$time = date("h:i A");
$get_full_name = $user_obj->getFullName();
$full_name = $get_full_name[0] . ' ' . $get_full_name[1];
$mail_from = $full_name . ' <' . $user_obj->getEmailAddress() . '>';
$mail_headers = "From: {$mail_from}";
$mail_subject = msg('email_subject_review_status');
$mail_greeting = msg('email_greeting') . ":" . PHP_EOL . "\t" . msg('email_i_would_like_to_inform');
$mail_body = msg('email_was_declined_for_publishing_at') . ' ' . $time . ' on ' . $date . ' ' . msg('email_because_you_did_not_revise') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days');
$mail_salute = PHP_EOL . PHP_EOL . msg('email_salute') . "," . PHP_EOL . e::h($full_name);
foreach ($data_result as $row) {
$file_obj = new FileData($row['id'], $pdo);
$user_obj = new User($file_obj->getOwner(), $pdo);
$mail_to = $user_obj->getEmailAddress();
if ($GLOBALS['CONFIG']['demo'] == 'False') {
mail($mail_to, $mail_subject . $file_obj->getName(), $mail_greeting . $file_obj->getName() . ' ' . $mail_body . $mail_salute, $mail_headers);
}
}
}
//do not show file
if ($GLOBALS['CONFIG']['file_expired_action'] == 1) {
$reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days');
foreach ($data_result as $row) {
$file_obj = new FileData($row['id'], $pdo);
$file_obj->Publishable(-1);
