// fetch the current search $search=getvalescaped("search",""); $order_by=getvalescaped("order_by","relevance"); $offset=getvalescaped("offset",0,true); $restypes=getvalescaped("restypes",""); if (strpos($search,"!")!==false) {$restypes="";} $archive=getvalescaped("archive",0,true); $default_sort="DESC"; if (substr($order_by,0,5)=="field"){$default_sort="ASC";} $sort=getvalescaped("sort",$default_sort); $useraccess=get_resource_access($ref); // Check if sharing permitted if (!can_share_resource($ref,$useraccess)) {exit($lang["error-permissiondenied"]);} $errors=""; if (getval("save","")!="") { // Build a new list and insert $users=getvalescaped("users",""); $message=getvalescaped("message",""); $access=getvalescaped("access",""); $add_internal_access=(getvalescaped("grant_internal_access","")!=""); if (hook("modifyresourceaccess")){$access=hook("modifyresourceaccess");} $expires=getvalescaped("expires",""); $group=getvalescaped("usergroup",""); $list_recipients=getvalescaped("list_recipients",""); if ($list_recipients=="") {$list_recipients=false;} else {$list_recipients=true;} $use_user_email=getvalescaped("use_user_email",false);
function generate_collection_access_key($collection, $feedback = 0, $email = "", $access = -1, $expires = "", $group = "") { # For each resource in the collection, create an access key so an external user can access each resource. global $userref, $usergroup; if ($group == "" || !checkperm("x")) { $group = $usergroup; } # Default to sharing with the permission of the current usergroup if not specified OR no access to alternative group selection. $k = substr(md5($collection . "," . time()), 0, 10); $r = get_collection_resources($collection); for ($m = 0; $m < count($r); $m++) { # Add the key to each resource in the collection if (can_share_resource($r[$m])) { sql_query("insert into external_access_keys(resource,access_key,collection,user,usergroup,request_feedback,email,date,access,expires) values ('" . $r[$m] . "','{$k}','{$collection}','{$userref}','{$group}','{$feedback}','" . escape_check($email) . "',now(),{$access}," . ($expires == "" ? "null" : "'" . $expires . "'") . ");"); } } hook("generate_collection_access_key", "", array($collection, $k, $userref, $feedback, $email, $access, $expires, $group)); return $k; }
</a> </li> <?php if ($search=="!collection" . $usercollection) { ?> <li> <?php echo remove_from_collection_link($ref,$search); echo ($resourcetoolsGT?"> ":"").$lang["action-removefromcollection"]?> </a> </li> <?php } } if (can_share_resource($ref,$access) && !$hide_resource_share_link) { ?> <li><a href="<?php echo $baseurl_short?>pages/resource_share.php?ref=<?php echo urlencode($ref) ?>&search=<?php echo urlencode($search)?>&offset=<?php echo urlencode($offset)?>&order_by=<?php echo urlencode($order_by)?>&sort=<?php echo urlencode($sort)?>&archive=<?php echo urlencode($archive)?>" onClick="return CentralSpaceLoad(this,true);" > <?php echo ($resourcetoolsGT?"> ":"").$lang["share"];?> </a></li> <?php hook('aftersharelink', '', array($ref, $search, $offset, $order_by, $sort, $archive)); } if ($edit_access) { ?> <li><a href="<?php echo $baseurl_short?>pages/edit.php?ref=<?php echo urlencode($ref)?>&search=<?php echo urlencode($search)?>&offset=<?php echo urlencode($offset)?>&order_by=<?php echo urlencode($order_by)?>&sort=<?php echo urlencode($sort)?>&archive=<?php echo urlencode($archive)?>" onClick="return CentralSpaceLoad(this,true);"> <?php echo ($resourcetoolsGT?"> ":"").$lang["action-edit"]?> </a></li> <?php if ((!checkperm("D") || hook('check_single_delete')) && !(isset($allow_resource_deletion) && !$allow_resource_deletion))
if (strpos($search, "!") !== false) { $restypes = ""; } $archive = getvalescaped("archive", 0, true); $starsearch = getvalescaped("starsearch", ""); $default_sort = substr($order_by, 0, 5) == "field" ? "ASC" : "DESC"; $sort = getval("sort", $default_sort); # Check if editing existing external share $editaccess = getvalescaped("editaccess", ""); $editing = $editaccess == "" ? false : true; $editexternalurl = getval("editexternalurl", "") != ""; $access = getvalescaped("access", ""); $expires = getvalescaped("expires", ""); $minaccess = get_resource_access($ref); # Check if sharing permitted if (!can_share_resource($ref, $minaccess)) { $show_error = true; $error = $lang["error-permissiondenied"]; } $internal_share_only = checkperm("noex"); # Process deletion of access keys if (getval("deleteaccess", "") != "") { delete_resource_access_key($ref, getvalescaped("deleteaccess", "")); } include "../include/header.php"; hook("resource_share_afterheader"); if (isset($show_error)) { ?> <script type="text/javascript"> alert('<?php echo $error;
$search = getvalescaped("search", ""); $order_by = getvalescaped("order_by", "relevance"); $offset = getvalescaped("offset", 0, true); $restypes = getvalescaped("restypes", ""); if (strpos($search, "!") !== false) { $restypes = ""; } $archive = getvalescaped("archive", 0, true); $default_sort = "DESC"; if (substr($order_by, 0, 5) == "field") { $default_sort = "ASC"; } $sort = getvalescaped("sort", $default_sort); $useraccess = get_resource_access($ref); // Check if sharing permitted if (!can_share_resource($ref, $useraccess)) { exit($lang["error-permissiondenied"]); } $user_select_internal = checkperm("noex"); $errors = ""; if (getval("save", "") != "") { // Build a new list and insert $users = getvalescaped("users", ""); $message = getvalescaped("message", ""); $access = getvalescaped("access", ""); $add_internal_access = getvalescaped("grant_internal_access", "") != ""; if (hook("modifyresourceaccess")) { $access = hook("modifyresourceaccess"); } $expires = getvalescaped("expires", ""); $group = getvalescaped("usergroup", "");