require_once 'permissions.config.php'; $smarty = new Smarty(); $smarty->setTemplateDir('smarty/templates'); $smarty->setCompileDir('smarty/templates_c'); $smarty->setCacheDir('smarty/cache'); $smarty->setConfigDir('smarty/configs'); $smarty->assign('organs', $organs); $smarty->assign('this', 'invite.php'); if (isset($_SESSION['user'])) { $user = $_SESSION['user']; } $smarty->assign("user", $user); if (isset($_GET['organ'])) { if (checkOrgan($_GET['organ'])) { //input validation $smarty->assign("read", checkReadPerms($_GET['organ'])); $smarty->assign("write", checkWritePerms($_GET['organ'])); $smarty->assign("admin", checkAdminPerms($_GET['organ'])); $smarty->assign("organ", $_GET['organ']); $file = REPORTDIR . "/" . $_GET['organ'] . ".invitations.txt"; //only admin is allowed to invite if (checkAdminPerms($_GET['organ']) && isset($_POST['mailtext'])) { // append to report dir / $organ.invitation $add = $_POST['mailtext'] . "\n====End of Invitation====\n"; $add .= file_get_contents($file); file_put_contents($file, $add); rlyWriteEMail($emailFrom[$_GET['organ']], "APVEL Protokollsystem", $emailUN[$_GET['organ']], "Einladung zur nächsten Sitzung " . $organs[$_GET['organ']], $_POST['mailtext'], array()); } // get text $lastInvite = ""; $handle = fopen($file, "r");
$text = readFromFile($_GET['organ'], $_GET['file']); $smarty->assign('text', $text); $smarty->assign('organ', $_GET['organ']); $smarty->assign('file', $_GET['file']); } else { if ($_GET['file'] == 'template' && checkReadPerms($_GET['organ'])) { $smarty->assign('text', readTemplate($_GET['organ'])); $smarty->assign('organ', $_GET['organ']); $smarty->assign('file', $_GET['file']); } else { if ($_GET['file'] == 'email' && checkReadPerms($_GET['organ'])) { $smarty->assign('text', readEmailTemplate($_GET['organ'])); $smarty->assign('organ', $_GET['organ']); $smarty->assign('file', $_GET['file']); } else { if ($_GET['file'] == 'resolutions.txt' && checkReadPerms($_GET['organ'])) { $smarty->assign('text', readResolutions($_GET['organ'])); $smarty->assign('organ', $_GET['organ']); $smarty->assign('file', $_GET['file']); } } } } } } if (isset($_POST['text']) and isset($_GET['organ']) and isset($_GET['file'])) { //save changes if (checkOrgan($_GET['organ']) and checkWritePerms($_GET['organ'])) { if (checkFilename($_GET['file']) and checkLock($_SESSION['user'], $_GET['organ'], $_GET['file'])) { writeIntoFile($_POST['text'], $_GET['organ'], $_GET['file']); $smarty->assign('text', $_POST['text']);
<?php session_start(); require_once 'lib.php'; require_once 'defines.php'; if (isset($_GET['organ']) && isset($_GET['file'])) { if (checkOrgan($_GET['organ']) && checkReadPerms($_GET['organ']) && checkFilename($_GET['file'])) { $file = REPORTDIR . SUBUNPUBLISHED . $_GET['organ'] . "/" . $_GET['file']; pandocToPDF($file, $file . ".pdf"); $text = file_get_contents(REPORTDIR . $_GET['organ'] . ".email"); $text .= "\n Edit-Link: https://protokolle.asta.kit.edu/edit/" . $_GET['organ'] . "/" . $_GET['file'] . " \n"; $text .= file_get_contents($file); echo rlyWriteEmail("*****@*****.**", "APVEL", $emailUN[$_GET['organ']], "Unveröffentlichtes Protokoll" . $_GET['file'] . " " . $_GET['organ'], $text, array($file . ".pdf", $file)); } }