function Download() { global $dcl_info, $g_oSec; if (($id = DCL_Sanitize::ToInt($_REQUEST['ticketid'])) === null || !DCL_Sanitize::IsValidFileName($_REQUEST['filename'])) { trigger_error('Data sanitize failed.'); return; } if (!$g_oSec->HasPerm(DCL_ENTITY_TICKET, DCL_PERM_VIEW, $id)) { return PrintPermissionDenied(); } $o = CreateObject('dcl.boFile'); $o->iType = DCL_ENTITY_TICKET; $o->iKey1 = $id; $o->sFileName = $_REQUEST['filename']; $o->sRoot = $dcl_info['DCL_FILE_PATH'] . '/attachments'; $o->Download(); }
function ShowVersionCommits() { global $g_oSec; commonHeader(); if (!$g_oSec->HasPerm(DCL_ENTITY_CHANGELOG, DCL_PERM_VIEW)) { return PrintPermissionDenied(); } if (($id = DCL_Sanitize::ToInt($_REQUEST['personnel_id'])) === null || ($sccs_id = DCL_Sanitize::ToInt($_REQUEST['dcl_sccs_id'])) === null || !DCL_Sanitize::IsValidFileName($_REQUEST['sccs_file_name'])) { trigger_error('Data sanitize failed.'); return; } $sccs_project_path = $_REQUEST['sccs_project_path']; $sccs_file_name = $_REQUEST['sccs_file_name']; $oPersonnel = CreateObject('dcl.dbPersonnel'); if ($oPersonnel->Load($id) == -1) { return; } $this->oDB->query(sprintf("select sccs_version, sccs_checkin_on, sccs_comments, dcl_entity_type_id, dcl_entity_id, dcl_entity_id2 from dcl_sccs_xref where personnel_id = %d and dcl_sccs_id = %d and sccs_project_path = %s and sccs_file_name = %s order by sccs_version", $id, $sccs_id, $this->oDB->Quote($sccs_project_path), $this->oDB->Quote($sccs_file_name))); $aRecords = $this->oDB->FetchAllRows(); $aDisplayRecords = array(); for ($i = 0; $i < count($aRecords); $i++) { $aDisplayRecords[$i][0] = $aRecords[$i][0]; $aDisplayRecords[$i][1] = $this->oDB->FormatTimestampForDisplay($aRecords[$i][1]); $aDisplayRecords[$i][2] = $aRecords[$i][2]; $oMeta = CreateObject('dcl.DCL_MetadataDisplay'); if ($aRecords[$i][3] == DCL_ENTITY_WORKORDER) { $aDisplayRecords[$i][3] = $this->GetLink('menuAction=boWorkorders.viewjcn&jcn=' . $aRecords[$i][4] . '&seq=' . $aRecords[$i][5], '[' . $aRecords[$i][4] . '-' . $aRecords[$i][5] . ']' . $oMeta->GetWorkOrder($aRecords[$i][4], $aRecords[$i][5])); } else { if ($aRecords[$i][3] == DCL_ENTITY_PROJECT) { $aDisplayRecords[$i][3] = $this->GetLink('menuAction=boProjects.viewproject&project=' . $aRecords[$i][4], '[' . $aRecords[$i][4] . ']' . $oMeta->GetProject($aRecords[$i][4])); } } } $oTable = CreateObject('dcl.htmlTable'); $oTable->addColumn('Version', 'string'); $oTable->addColumn('Commit On', 'string'); $oTable->addColumn('Comment', 'string'); $oTable->addColumn('Commit For', 'html'); $oTable->setData($aDisplayRecords); $oTable->setShowRownum(true); $oTable->setCaption('Version Commits'); $aToolbarItems = $this->GetNavLinks(); foreach ($aToolbarItems as $aToolbarItem) { $oTable->addToolbar($aToolbarItem['link'], $aToolbarItem['title']); } $oTable->render(); $this->oDB->FreeResult(); }
function dodeleteattachment() { global $dcl_info, $g_oSec; commonHeader(); if (($iID = @DCL_Sanitize::ToInt($_REQUEST['jcn'])) === null || ($iSeq = @DCL_Sanitize::ToInt($_REQUEST['seq'])) === null || !@DCL_Sanitize::IsValidFileName($_REQUEST['filename'])) { trigger_error('Data sanitize failed.'); return; } if (!$g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_REMOVEFILE, $iID, $iSeq)) { return PrintPermissionDenied(); } $attachPath = $dcl_info['DCL_FILE_PATH'] . '/attachments/wo/' . substr($iID, -1) . '/' . $iID . '/' . $iSeq . '/'; if (is_file($attachPath . $_REQUEST['filename']) && is_readable($attachPath . $_REQUEST['filename'])) { unlink($attachPath . $_REQUEST['filename']); } $obj =& CreateObject('dcl.htmlWorkOrderDetail'); $obj->Show($iID, $iSeq); }
function GetFilePath() { // don't even bother if (!DCL_Sanitize::IsValidFileName($this->sFileName)) { return trigger_error('Invalid characters detected in filename.'); } return $this->GetFileDir() . '/' . $this->sFileName; }
function dodeleteattachment() { global $dcl_info, $g_oSec; commonHeader(); if (($projectid = @DCL_Sanitize::ToInt($_REQUEST['projectid'])) === null) { trigger_error('Data sanitize failed.'); return; } if (!$g_oSec->HasPerm(DCL_ENTITY_PROJECT, DCL_PERM_REMOVEFILE, $projectid)) { return PrintPermissionDenied(); } if (!@DCL_Sanitize::IsValidFileName($_REQUEST['filename'])) { trigger_error('Invalid file name.'); return; } $attachPath = $dcl_info['DCL_FILE_PATH'] . '/attachments/prj/' . substr($projectid, -1) . '/' . $projectid . '/'; if (is_file($attachPath . $_REQUEST['filename']) && is_readable($attachPath . $_REQUEST['filename'])) { unlink($attachPath . $_REQUEST['filename']); } $objHTML =& CreateObject('dcl.htmlProjectsdetail'); $objHTML->Show($projectid, 0, 0); }
function Download() { global $dcl_info, $g_oSec; if (($jcn = DCL_Sanitize::ToInt($_REQUEST['jcn'])) === null || ($seq = DCL_Sanitize::ToInt($_REQUEST['seq'])) === null || !DCL_Sanitize::IsValidFileName($_REQUEST['filename'])) { trigger_error('Data sanitize failed.'); return; } if (!$g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_VIEW, $jcn, $seq)) { return PrintPermissionDenied(); } $o = CreateObject('dcl.boFile'); $o->iType = DCL_ENTITY_WORKORDER; $o->iKey1 = $jcn; $o->iKey2 = $seq; $o->sFileName = $_REQUEST['filename']; $o->sRoot = $dcl_info['DCL_FILE_PATH'] . '/attachments'; $o->Download(); }
function dodeleteattachment() { global $dcl_info, $g_oSec; commonHeader(); if (!$g_oSec->HasPerm(DCL_ENTITY_TICKET, DCL_PERM_REMOVEFILE)) { return PrintPermissionDenied(); } if (($iID = @DCL_Sanitize::ToInt($_REQUEST['ticketid'])) === null) { trigger_error('Data sanitize failed.'); return; } if (!@DCL_Sanitize::IsValidFileName($_REQUEST['filename'])) { trigger_error('Data sanitize failed.'); return; } $objTicket =& CreateObject('dcl.dbTickets'); if ($objTicket->Load($iID) == -1) { return; } $attachPath = $dcl_info['DCL_FILE_PATH'] . '/attachments/tck/' . substr($iID, -1) . '/' . $iID . '/'; if (is_file($attachPath . $_REQUEST['filename']) && is_readable($attachPath . $_REQUEST['filename'])) { unlink($attachPath . $_REQUEST['filename']); } $obj =& CreateObject('dcl.htmlTicketDetail'); $obj->Show($objTicket); }