function display() { $do_proj_task_feed = new ProjectTask(); $do_proj_feed = new Project(); $do_user = new User(); if ($do_proj_task_feed->isProjectTaskReletedToUser($this->idproject_task)) { //$idproject = $do_proj_task_feed->getProjectForTask($this->idproject_task); $do_proj_task_feed->getProjectTaskDetails($this->idproject_task); $html .= '<br />'; if ($this->user_picture != '') { $thumb_name = $_SERVER['DOCUMENT_ROOT'] . '/dbimage/thumbnail/' . $this->user_picture; if (file_exists($thumb_name)) { $user_pic = "/dbimage/thumbnail/" . $this->user_picture; } else { $user_pic = "/images/empty_avatar.gif"; } } else { $user_pic = "/images/empty_avatar.gif"; } $user_name = $do_user->getUserNameByIdUser($this->iduser); $html .= '<div style="width:50px;float:left;">'; $html .= '<a href="/profile/' . $user_name . '"> <img width="34" height="34"alt="" src=' . $user_pic . ' > </a>'; $html .= '</div>'; $html .= '<div style="text-align:middle;"> <table width=95% border=0><tr><td>'; $html .= '<b>' . ucfirst($this->user_full_name) . '</b>' . ' ' . _('has added a note on discussion') . ' ' . '<a href ="/Task/' . $this->idproject_task . '">' . $this->task_description . '</a>'; $html .= ' ' . _('in project ') . ' ' . ' <a href="/Project/' . $this->idproject . '"><i>' . $this->project_name . '</i></a>'; $html .= ' <img src="/images/discussion.png" width="16" height="16" alt="" />'; $html .= '<div id="discusspreview' . $this->idproject_discuss . '">'; $html .= stripslashes($this->discuss); //$html .= htmlentities($this->discuss); if ($this->more) { $html .= '<a onclick="showFullProjDiscuss(' . $this->idproject_discuss . '); return false;" href="#">' . _('more...') . '</a>'; } $html .= '</div>'; $html .= '</td></tr></table></div>'; $html .= '<div style = "color: #666666;font-size: 8pt; margin-left:50px;">'; // $html .= date('l, F j, g:i a', $this->date_added); $html .= OfuzUtilsi18n::formatDateLong(date("Y-m-d H:i:s", $this->date_added), true); //$html .= ' '.$this->date_added; $html .= '</div>'; $html .= '<br />'; $html .= '<div class="dottedline"></div>'; $html .= '<div id="' . $this->idworkfeed . '" class="message_box"></div>'; } return $html; }
public function checkFileAccessSecurity($filename) { $return = false; /* Check if the request is from the Contact Portal and then do the operation */ if ($_SESSION['portal_idcontact'] != '') { $do_cnt_note = new ContactNotes(); if ($do_cnt_note->isDocumentForContact($_SESSION['portal_idcontact'], $filename)) { $return = true; } } elseif ($_SESSION['do_User']->iduser != '') { // We have userid set then the request is from a loggedin user $q_project_discuss = new sqlQuery($this->getDbCon()); $q_project_discuss->query("select idproject_task from project_discuss where document = '" . $filename . "'"); // Check if the file is in project_discuss if ($q_project_discuss->getNumRows()) { $q_project_discuss->fetch(); $do_proj_task = new ProjectTask(); if ($do_proj_task->isProjectTaskReletedToUser($q_project_discuss->getData("idproject_task"), $_SESSION['do_User']->iduser)) { $return = true; } } else { // Not in project Discuss then check in contact_note $q_cnt_note = new ContactNotes(); $q_cnt_note->query("select idcontact from contact_note where document = '" . $filename . "'"); if ($q_cnt_note->getNumRows()) { $q_cnt_note->fetch(); $do_cont = new Contact(); if ($do_cont->isContactRelatedToUser($q_cnt_note->getData("idcontact"))) { $return = true; } } } } return $return; }
} } elseif (is_object($_SESSION['do_project_task'])) { $idproject_task = $_SESSION['do_project_task']->idproject_task; $do_project_task = new ProjectTask(); $do_project_task->getProjectTaskDetails($idproject_task); } $Author = 'SQLFusion LLC'; $Keywords = 'Keywords for search engine'; $Description = $do_project_task->task_category . ':' . $do_project_task->task_description; $background_color = 'white'; $_SESSION['do_project']->setBreadcrumb(); //check if the user can access the task or not $task_access = false; $task_operation_access = true; if (!empty($idproject_task)) { if ($do_project_task->isProjectTaskReletedToUser($idproject_task)) { $task_access = true; } } $do_task_name = new ProjectTask(); $task_name = $do_task_name->getTaskName($idproject_task); if ($task_access === true) { $pageTitle = 'Ofuz :: ' . $task_name; } else { $pageTitle = 'Ofuz :: Unauthorized task access'; } include_once 'includes/header.inc.php'; $_SESSION['projectsession_' . $idproject_task] = $_SESSION['do_project']; /*if($task_access === false){ if($do_project_task->isPublicAccess($idproject_task)){ $task_access = true;