function main_page($group_id) { docman_header('Document Admin Page', 'Document Manager Admin', 'admin'); echo '<p><b>Pending Submissions:</b> <p>'; display_docs('3', $group_id); // doc_group 3 == pending echo '<p>'; echo '<b>Active Submissions:</b> <p>'; display_docs('1', $group_id); //doc_group 1 == active docman_footer($params); }
* */ require_once '../env.inc.php'; require_once $gfwww . 'include/pre.php'; require_once $gfwww . 'docman/include/doc_utils.php'; require_once $gfcommon . 'docman/Document.class.php'; $docid = getIntFromRequest('docid'); if ($docid) { $group_id = getIntFromRequest('group_id'); $g =& group_get_object($group_id); if (!$g || !is_object($g)) { exit_no_group(); } elseif ($g->isError()) { exit_error('Error', $g->getErrorMessage()); } $d = new Document($g, $docid); if (!$d || !is_object($d)) { exit_error('Document unavailable', 'Document is not available.'); } elseif ($d->isError()) { exit_error('Error', $d->getErrorMessage()); } docman_header($d->getName(), $d->getName()); printf(_('This document was moved to <a href="%1$s">this new location</a>'), util_make_url("/docman/view.php/{$group_id}/{$docid}")); docman_footer(array()); } else { exit_error(_('No document data'), _('No document to display - invalid or inactive document number.')); } // Local Variables: // mode: php // c-file-style: "bsd" // End:
if (permission_exist('DOCUMENT_READ', $docid)) { if (!permission_is_authorized('DOCUMENT_READ', $docid, user_getid(), $object_group_id)) { exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied')); } } else { if (!permission_is_authorized('DOCGROUP_READ', $row['doc_group'], user_getid(), $object_group_id)) { exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied')); } } if (user_isloggedin()) { //Insert a new entry in the doc_log table only for restricted documents $sql = "INSERT INTO doc_log(user_id,docid,time) " . "VALUES ('" . user_getid() . "','" . $docid . "','" . time() . "')"; $res_insert = db_query($sql); } // HTML or text files that were copy/pasted are displayed in a Codendi-formatted page. // Uploaded files are always displayed as-is. if (($row['filetype'] == 'text/html' || $row['filetype'] == 'text/plain') && $row['filesize'] == 0) { docman_header(array('title' => $row['title'], 'help' => 'DocumentManager.html')); if ($object_group_id != $from_group_id) { $group_name = util_get_group_name_from_id($object_group_id); print '<H3><span class="feedback">' . $Language->getText('docman_display_doc', 'warning_different_group', array($group_name)) . '</span></H3>'; } // Document data can now contain HTML tags but not php code print util_unconvert_htmlspecialchars($row['data']); docman_footer($params); } else { session_redirect("/docman/download.php?docid=" . $docid); } } else { exit_error($Language->getText('global', 'error'), $Language->getText('docman_display_doc', 'error_wrongid')); }
<?php // // SourceForge: Breaking Down the Barriers to Open Source Development // Copyright 1999-2000 (c) The SourceForge Crew // http://sourceforge.net // // /* Docmentation Manager by Quentin Cregan, SourceForge 06/2000 */ require_once 'pre.php'; require './doc_utils.php'; if (!$group_id) { exit_no_group(); } $pm = ProjectManager::instance(); $params = array('title' => $Language->getText('docman_index', 'title', array($pm->getProject($group_id)->getPublicName())), 'pv' => isset($pv) ? $pv : false); docman_header($params); if (isset($pv) && $pv) { echo "<h2>" . $Language->getText('docman_index', 'header') . "</h2>"; } else { echo "<TABLE width='100%'><TR><TD>"; echo '<H2>' . $Language->getText('docman_index', 'header') . '</H2>'; echo "</TD>"; echo "<TD align='left'> ( <A HREF='?group_id={$group_id}&pv=1'><img src='" . util_get_image_theme("msg.png") . "' border='0'> " . $Language->getText('global', 'printer_version') . "</A> ) </TD>"; echo "</TR></TABLE>"; } display_doc_list($group_id); docman_footer($params);
// Display the main admin page // // } else { $df = new DocumentFactory($g); if ($df->isError()) { exit_error(_('Error'), $df->getErrorMessage()); } $dgf = new DocumentGroupFactory($g); if ($dgf->isError()) { exit_error(_('Error'), $dgf->getErrorMessage()); } $df->setStateID('ALL'); // $df->setSort('stateid'); $d_arr =& $df->getDocuments(); docman_header(sprintf(_('Project %s'), $g->getPublicName()), _('Document Manager: Administration'), 'admin'); ?> <h3><?php echo _('Document Manager: Administration'); ?> </h3> <p> <a href="index.php?group_id=<?php echo $group_id; ?> &addgroup=1"><?php echo _('Add/Edit Document Groups'); ?> </a> </p>
// /* Docmentation Manager by Quentin Cregan, SourceForge 06/2000 */ require 'doc_utils.php'; require 'pre.php'; if ($group_id) { if (!$language_id) { if (!($language_id = user_get_language())) { // default to English $language_id = 1; } } $usermem = user_ismember($group_id); docman_header('Project Documentation', 'Project Documentation'); //get a list of group numbers that this project owns $query = "select * " . "from doc_groups " . "where group_id = {$group_id} " . "order by groupname"; $result = db_query($query); //otherwise, throw up an error if (db_numrows($result) < 1) { print "This project has no categorized data.<p>"; } else { doc_droplist_count($group_id, $language_id); print "<hr>"; // get the groupings and display them with their members. while ($row = db_fetch_array($result)) { $query = "select description, docid, title, doc_group, type, filename " . "from doc_data " . "where doc_group = '" . $row['doc_group'] . "' " . "and stateid ='1' " . "and language_id = " . $language_id . ""; //state 1 == 'active' if ($usermem == true) { $query .= " or stateid = '5' " . " and doc_group = '" . $row['doc_group'] . "' ";
} if (!$d->create($uploaded_data_name, $uploaded_data_type, $data, $doc_group, $title, $language_id, $description)) { exit_error(_('Error'), $d->getErrorMessage()); } else { if ($type == 'editor') { //release the cookie for the document contents (should expire at the end of the session anyway) setcookie("gforgecurrentdocdata", "", time() - 3600); } Header('Location: ' . util_make_url('/docman/?group_id=' . $group_id . '&feedback=' . _('Document submitted sucessfully'))); exit; } } else { //if (getStringFromRequest('Option')) { //option was selected, proceed to show each one $option_selected = getStringFromRequest('option_selected'); docman_header(_('Document Manager: Submit New Documentation'), _('Project: %1$s')); echo '<p>' . _('<strong>Document Title</strong>: Refers to the relatively brief title of the document (e.g. How to use the download server)<br /><strong>Description:</strong> A brief description to be placed just under the title.') . '</p> <form name="adddata" action="' . getStringFromServer('PHP_SELF') . '?group_id=' . $group_id . '" method="post" enctype="multipart/form-data"> <table border="0" width="75%"> <tr> <td> <strong>' . _('Document Title') . ' :</strong>' . utils_requiredField() . sprintf(_('(at least %1$s characters)'), 5) . '<br /> <input type="text" name="title" size="40" maxlength="255" /> </td> </tr> <tr> <td> <strong>' . _('Description') . ' :</strong>' . utils_requiredField() . sprintf(_('(at least %1$s characters)'), 10) . '<br /> <input type="text" name="description" size="50" maxlength="255" /> </td>
$data = ""; $feedback .= ' Document Uploaded '; } else { $data = htmlspecialchars($data); $datab = ""; $type = "text/html"; } docman_header('Documentation - Add Information - Processing', 'Documentation - New submission'); $query = "insert into doc_data(stateid,title,data,datab,createdate,updatedate,created_by,doc_group,description,language_id,type,filename) " . "values('3'," . "'" . htmlspecialchars($title) . "'," . "'" . $data . "'," . "'" . $datab . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user_id . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'" . $language_id . "'," . "'" . $type . "'," . "'" . $filename . "')"; db_query($query); // print "<p>$query\n"; //PROBLEM check the query print "<p><b>Thank You! Your submission has been placed in the database for review before posting.</b> \n\n<p>\n <a href=\"/docman/index.php?group_id=" . $group_id . "\">Back</a>"; docman_footer($params); } else { docman_header('Add documentation', 'Add documentation'); if ($user == 100) { print "<p>You are not logged in, and will not be given credit for this.<p>"; } echo ' <p> <b> Document Title: </b> Refers to the relatively brief title of the document (e.g. How to use the download server) <br> <b> Description: </b> A brief description to be placed just under the title.<br> <form name="adddata" action="new.php?mode=add&group_id=' . $group_id . '" method="POST" enctype="multipart/form-data"> <table border="0" width="75%"> <tr>
if (permission_exist('DOCUMENT_READ', $docid)) { if (!permission_is_authorized('DOCUMENT_READ', $docid, user_getid(), $object_group_id)) { exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied')); } } else { if (!permission_is_authorized('DOCGROUP_READ', $row['doc_group'], user_getid(), $object_group_id)) { exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied')); } } if (user_isloggedin()) { //Insert a new entry in the doc_log table only for restricted documents $sql = "INSERT INTO doc_log(user_id,docid,time) " . "VALUES ('" . user_getid() . "','" . $docid . "','" . time() . "')"; $res_insert = db_query($sql); } // HTML or text files that were copy/pasted are displayed in a Codendi-formatted page. // Uploaded files are always displayed as-is. if (($row['filetype'] == 'text/html' || $row['filetype'] == 'text/plain') && $row['filesize'] == 0) { docman_header(array('title' => $row['title'])); if ($object_group_id != $from_group_id) { $group_name = util_get_group_name_from_id($object_group_id); print '<H3><span class="feedback">' . $Language->getText('docman_display_doc', 'warning_different_group', array($group_name)) . '</span></H3>'; } // Document data can now contain HTML tags but not php code print util_unconvert_htmlspecialchars($row['data']); docman_footer($params); } else { session_redirect("/docman/download.php?docid=" . $docid); } } else { exit_error($Language->getText('global', 'error'), $Language->getText('docman_display_doc', 'error_wrongid')); }
if ($language_id == "*") { $language_id = 0; $selected_language = "*"; } else { $selected_language = $language_id; } } $df->setLanguageID($language_id); // check if the user is docman's admin $perm =& $g->getPermission(session_get_user()); if (!$perm || $perm->isError() || !$perm->isDocEditor()) { $is_editor = false; } else { $is_editor = true; } docman_header(_('Document Manager: Display Document'), _('Project: %1$s'), 'docman', '', $g->getPublicName()); $vtp = new VTemplate(); $handle = $vtp->Open("search.tpl.html"); $vtp->NewSession($handle, "MAIN"); $allchecked = ""; $onechecked = ""; if (getStringFromPost('search_type') == "one") { $onechecked = "checked"; } else { $allchecked = "checked"; } $vtp->AddSession($handle, "FORMSEARCH"); $vtp->SetVar($handle, "FORMSEARCH.TITLE", _('Search in documents')); $vtp->SetVar($handle, "FORMSEARCH.GROUP_ID", $_GET["group_id"]); $vtp->SetVar($handle, "FORMSEARCH.TEXTSEARCH", getStringFromPost("textsearch")); $vtp->SetVar($handle, "FORMSEARCH.ALLCHECKED", $allchecked);
if ($language_id == "*") { $language_id = 0; $selected_language = "*"; } else { $selected_language = $language_id; } } // check if the user is docman's admin $perm =& $g->getPermission(session_get_user()); if (!$perm || $perm->isError() || !$perm->isDocEditor()) { $is_editor = false; } else { $is_editor = true; } $df->setLanguageID($language_id); docman_header(_('Document Manager: Display Document'), _('Project: %1$s')); $d_arr =& $df->getDocuments(); if (!$d_arr || count($d_arr) < 1) { $df->setLanguageId(0); $d_arr =& $df->getDocuments(); } if (!$d_arr || count($d_arr) < 1) { print "<strong>" . _('This project has no visible documents') . "</strong>"; } else { doc_droplist_count($group_id, $language_id, $g); // Get the document groups info $nested_groups =& $dgf->getNested(); $nested_docs = array(); //put the doc objects into an array keyed off the docgroup foreach ($d_arr as $doc) { $nested_docs[$doc->getDocGroupID()][] = $doc;
$query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . $data . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'" . $fileName . "'," . "'" . $fileSize . "'," . "'" . $fileType . "')"; } else { // Copy/paste data $query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . htmlspecialchars($data) . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'',0,'text/html')"; } $res_insert = db_query($query); if (db_affected_rows($res_insert) < 1) { docman_header(array('title' => $Language->getText('docman_new', 'title_new'))); echo '<p>' . $Language->getText('docman_new', 'error_dbinsert') . ':</p><h3><span class="feedback">' . db_error() . '</span></h3>'; docman_footer(array()); } else { $feedback .= $Language->getText('docman_new', 'insert_ok'); session_redirect("/docman/?group_id={$group_id}&feedback={$feedback}"); } } else { docman_header(array('title' => $Language->getText('docman_new', 'title_add'))); echo '<h2>' . $Language->getText('docman_new', 'header_add') . '</h2>'; if ($user == 100) { print "<p>" . $Language->getText('docman_new', 'not_logged') . "<p>"; } if (!groups_defined($group_id)) { echo "<p>" . $Language->getText('docman_new', 'no_docgroup', array("/docman/admin/index.php?group_id=" . $group_id)) . "<p>"; } $star = ' <span class="highlight"><big>*</big></span>'; echo ' <form name="adddata" action="new.php?mode=add&group_id=' . $group_id . '" method="POST" enctype="multipart/form-data"> <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="' . $sys_max_size_upload . '"> <table border="0" width="75%"> <tr>
$query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . $data . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'" . $fileName . "'," . "'" . $fileSize . "'," . "'" . $fileType . "')"; } else { // Copy/paste data $query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . htmlspecialchars($data) . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'',0,'text/html')"; } $res_insert = db_query($query); if (db_affected_rows($res_insert) < 1) { docman_header(array('title' => $Language->getText('docman_new', 'title_new'), 'help' => 'DocumentSubmission.html')); echo '<p>' . $Language->getText('docman_new', 'error_dbinsert') . ':</p><h3><span class="feedback">' . db_error() . '</span></h3>'; docman_footer(array()); } else { $feedback .= $Language->getText('docman_new', 'insert_ok'); session_redirect("/docman/?group_id={$group_id}&feedback={$feedback}"); } } else { docman_header(array('title' => $Language->getText('docman_new', 'title_add'), 'help' => 'DocumentSubmission.html')); echo '<h2>' . $Language->getText('docman_new', 'header_add') . '</h2>'; if ($user == 100) { print "<p>" . $Language->getText('docman_new', 'not_logged') . "<p>"; } if (!groups_defined($group_id)) { echo "<p>" . $Language->getText('docman_new', 'no_docgroup', array("/docman/admin/index.php?group_id=" . $group_id)) . "<p>"; } $star = ' <span class="highlight"><big>*</big></span>'; echo ' <form name="adddata" action="new.php?mode=add&group_id=' . $group_id . '" method="POST" enctype="multipart/form-data"> <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="' . $sys_max_size_upload . '"> <table border="0" width="75%"> <tr>
*/ require 'doc_utils.php'; require 'pre.php'; if ($docid) { $usermem = user_ismember($group_id); $query = "select * " . "from doc_data " . "where docid = {$docid} " . "and (stateid = '1'"; // stateid = 1 == active if ($usermem == true) { $query .= " or stateid = '5'"; } //state 5 == 'private' $query .= ")"; // print "<p>$query"; $result = db_query($query); if (db_numrows($result) < 1) { exit_error('Document unavailable', 'Document is not available.'); } else { $row = db_fetch_array($result); } if ($row['type'] == "text/html") { docman_header($row['title'], $row['title']); print util_unconvert_htmlspecialchars($row['data']); docman_footer($params); } else { header('Content-type: ' . $row['type']); header('Content-Disposition: attachment; filename="' . $row['filename'] . '"'); print pg_unescape_bytea($row['datab']); } } else { exit_error("No document data.", "No document to display - invalid or inactive document number."); }