function exponent_workflow_processApproval($id, $datatype, $response, $comment = "") { global $db; $info = $db->selectObject($datatype . "_wf_info", "real_id=" . $id); $latest = $db->selectObject($datatype . "_wf_revision", "wf_original=" . $id . " AND wf_major=" . $info->current_major . " AND wf_minor=" . $info->current_minor); $policy = $db->selectObject("approvalpolicy", "id=" . $info->policy_id); $state = unserialize($latest->wf_state_data); $latest->wf_minor++; $latest->wf_comment = $comment; $dataobj = new $datatype(); // usually a static class, but we cant do that with var class name global $user; $revoketype = SYS_WORKFLOW_REVOKE_NONE; $latest->wf_type = -1; $latest->wf_user_id = $user->id; // FIXME - need to check for repeat approvers / poster if (!in_array($user->id + 0, $state[0])) { $state[0][] = $user->id + 0; $info->open_slots = $policy->max_approvers + 1 - count($state[0]); } switch ($response) { case SYS_WORKFLOW_APPROVE_EDIT: $revoketype = $policy->on_edit; $latest->wf_type = SYS_WORKFLOW_ACTION_APPROVED_EDITED; $latest = call_user_func(array($datatype, "update"), $_POST, $latest); // Update the comment, also entered on the form. #$latest->wf_comment = $_POST['wf_comment']; $state[1][$user->id] = 1; break; case SYS_WORKFLOW_APPROVE_APPROVE: $revoketype = $policy->on_approve; $latest->wf_type = SYS_WORKFLOW_ACTION_APPROVED_APPROVED; $state[1][$user->id] = 1; break; case SYS_WORKFLOW_APPROVE_DENY: $revoketype = $policy->on_deny; $state[1][$user->id] = 0; if ($policy->delete_on_deny == 1) { $latest->wf_type = SYS_WORKFLOW_ACTION_DELETED; exponent_workflow_deleteRevisionPath($datatype, $latest->wf_original); } else { if ($user->is_acting_admin == 1) { // Admin denials always end up in deletion. It saves them the extra step. $latest->wf_type = SYS_WORKFLOW_ACTION_DELETED; exponent_workflow_deleteRevisionPath($datatype, $latest->wf_original); } else { $latest->wf_type = SYS_WORKFLOW_ACTION_APPROVED_DENIED; #$latest->wf_comment = $comment; } } break; } $state = exponent_workflow_revoke($state, $revoketype); $latest->wf_state_data = serialize($state); $info = exponent_workflow_updateInfoFromRevision($latest, $info); global $user; if (exponent_workflow_checkApprovalState($state, $policy) || $user->is_acting_admin == 1) { // Final approval given. exponent_workflow_handleApprovedRevision($latest, $datatype, $info); } else { if ($latest->wf_type != SYS_WORKFLOW_ACTION_DELETED) { // only handle revisions if we have not deleted the revision Path exponent_workflow_handleRevision($latest, $datatype, $info); } // run actions for $latest->wf_type exponent_workflow_runActions($policy, $latest->wf_type, $latest); } }
# Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } // Sanitize required _GET parameters $_GET['id'] = intval($_GET['id']); $_GET['datatype'] = preg_replace('/[^A-Za-z0-9_]/', '', $_GET['datatype']); $info = $db->selectObject($_GET['datatype'] . "_wf_info", "real_id=" . $_GET['id']); $object = $db->selectObject($_GET['datatype'] . "_wf_revision", "wf_original=" . $_GET['id'] . " AND wf_major=" . $info->current_major . " AND wf_minor=" . $info->current_minor); $state = unserialize($object->wf_state_data); $rloc = unserialize($object->location_data); if (exponent_permissions_check("manage_approval", $rloc)) { if (!defined('SYS_WORKFLOW')) { include_once BASE . 'subsystems/workflow.php'; } exponent_workflow_deleteRevisionPath($_GET['datatype'], $_GET['id']); } else { echo SITE_403_HTML; }