} $datafile = new FileData($_REQUEST['id'], $pdo); // verify if ($datafile->getError() != null) { header('Location:error.php?ec=2'); exit; } else { // obtain data from resultset $owner_full_name = $datafile->getOwnerFullName(); $owner = $owner_full_name[1] . ', ' . $owner_full_name[0]; $real_name = $datafile->getRealName(); $category = $datafile->getCategoryName(); $created = $datafile->getCreatedDate(); $description = $datafile->getDescription(); $comments = $datafile->getComment(); $status = $datafile->getStatus(); $id = $_REQUEST['id']; // corrections if ($description == '') { $description = msg('message_no_description_available'); } if ($comments == '') { $comments = msg('message_no_author_comments_available'); } if ($datafile->isArchived()) { $filename = $GLOBALS['CONFIG']['archiveDir'] . e::h($id) . '.dat'; } else { $filename = $GLOBALS['CONFIG']['dataDir'] . e::h($id) . '.dat'; } ?> <table border="0" width=80% cellspacing="4" cellpadding="1">
if ($file_mime == $thistype) { $allowedFile = 1; break; } else { $allowedFile = 0; } } // illegal file type! if ($allowedFile != 1) { $last_message = 'MIMETYPE: ' . $file_mime . ' Failed'; header('Location:error.php?ec=13&last_message=' . urlencode($last_message)); exit; } // query to ensure that user has modify rights $fileobj = new FileData($id, $GLOBALS['connection'], DB_NAME); if ($fileobj->getError() == '' && $fileobj->getStatus() == $_SESSION['uid']) { //look to see how many revision are there $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = '{$id}'"; $result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error()); $lrevision_num = mysql_num_rows($result); // if dir not available, create it if (!is_dir($GLOBALS['CONFIG']['revisionDir'])) { if (!mkdir($GLOBALS['CONFIG']['revisionDir'], 0775)) { $last_message = msg('message_directory_creation_failed') . ': ' . $GLOBALS['CONFIG']['revisionDir']; header('Location:error.php?ec=23&last_message=' . urlencode($last_message)); exit; } } if (!is_dir($GLOBALS['CONFIG']['revisionDir'] . $id)) { if (!mkdir($GLOBALS['CONFIG']['revisionDir'] . $id, 0775)) { $last_message = msg('message_directory_creation_failed') . ': ' . $GLOBALS['CONFIG']['revisionDir'] . $id;
callPluginMethod('onBeforeEditFileSaved'); $filedata->setId($fileId); $perms_error = false; // check submitted data // at least one user must have "view" and "modify" rights foreach ($_REQUEST['user_permission'] as $permission) { if ($permission > 2) { $perms_error = true; } } if (!$perms_error) { header("Location:error.php?ec=12"); exit; } // Check to make sure the file is available $status = $filedata->getStatus($fileId); if ($status != 0) { header('Location:error.php?ec=2'); exit; } // update category $filedata->setCategory($_REQUEST['category']); $filedata->setDescription($_REQUEST['description']); $filedata->setComment($_REQUEST['comment']); if (isset($_REQUEST['file_owner'])) { $filedata->setOwner($_REQUEST['file_owner']); } if (isset($_REQUEST['file_department'])) { $filedata->setDepartment($_REQUEST['file_department']); } // Update the file with the new values
require_once "AccessLog_class.php"; $last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''; if (strchr($_REQUEST['id'], '_')) { header('Location:error.php?ec=20'); } if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { header('Location:error.php?ec=2'); exit; } /* if the user has read-only authority on the file, his check out will be the same as the person with admin or modify right except that the DB will not have any recored of him checking out this file. Therefore, he will not be able to check-in the file on the server */ $fileobj = new FileData($_GET['id'], $GLOBALS['connection'], DB_NAME); $fileobj->setId($_GET['id']); if ($fileobj->getError() != NULL || $fileobj->getStatus() > 0 || $fileobj->isArchived()) { header('Location:error.php?ec=2'); exit; } if (!isset($_GET['submit'])) { draw_header(msg('area_check_out_file'), $last_message); // form not yet submitted // display information on how to initiate download checkUserPermission($_REQUEST['id'], $fileobj->WRITE_RIGHT, $fileobj); ?> <p> <form action="<?php echo $_SERVER['PHP_SELF'];
require_once "AccessLog_class.php"; $last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''; if (strchr($_REQUEST['id'], '_')) { header('Location:error.php?ec=20'); } if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { header('Location:error.php?ec=2'); exit; } /* if the user has read-only authority on the file, his check out will be the same as the person with admin or modify right except that the DB will not have any recored of him checking out this file. Therefore, he will not be able to check-in the file on the server */ $file_data_obj = new FileData($_GET['id'], $pdo); $file_data_obj->setId($_GET['id']); if ($file_data_obj->getError() != null || $file_data_obj->getStatus() > 0 || $file_data_obj->isArchived()) { header('Location:error.php?ec=2'); exit; } if (!isset($_GET['submit'])) { draw_header(msg('area_check_out_file'), $last_message); // form not yet submitted // display information on how to initiate download checkUserPermission($_REQUEST['id'], $file_data_obj->WRITE_RIGHT, $file_data_obj); ?> <p> <form action="<?php echo $_SERVER['PHP_SELF'];