Exemplo n.º 1
0
// fetch the current search 
$search=getvalescaped("search","");
$order_by=getvalescaped("order_by","relevance");
$offset=getvalescaped("offset",0,true);
$restypes=getvalescaped("restypes","");
if (strpos($search,"!")!==false) {$restypes="";}
$archive=getvalescaped("archive",0,true);

$default_sort="DESC";
if (substr($order_by,0,5)=="field"){$default_sort="ASC";}
$sort=getvalescaped("sort",$default_sort);

$useraccess=get_resource_access($ref);

// Check if sharing permitted
if (!can_share_resource($ref,$useraccess)) {exit($lang["error-permissiondenied"]);}

$errors="";
if (getval("save","")!="")
	{
	// Build a new list and insert
	$users=getvalescaped("users","");
	$message=getvalescaped("message","");
	$access=getvalescaped("access","");
	$add_internal_access=(getvalescaped("grant_internal_access","")!="");
	if (hook("modifyresourceaccess")){$access=hook("modifyresourceaccess");}
	$expires=getvalescaped("expires","");
	$group=getvalescaped("usergroup","");
	$list_recipients=getvalescaped("list_recipients",""); if ($list_recipients=="") {$list_recipients=false;} else {$list_recipients=true;}
	
	$use_user_email=getvalescaped("use_user_email",false);
function generate_collection_access_key($collection, $feedback = 0, $email = "", $access = -1, $expires = "", $group = "")
{
    # For each resource in the collection, create an access key so an external user can access each resource.
    global $userref, $usergroup;
    if ($group == "" || !checkperm("x")) {
        $group = $usergroup;
    }
    # Default to sharing with the permission of the current usergroup if not specified OR no access to alternative group selection.
    $k = substr(md5($collection . "," . time()), 0, 10);
    $r = get_collection_resources($collection);
    for ($m = 0; $m < count($r); $m++) {
        # Add the key to each resource in the collection
        if (can_share_resource($r[$m])) {
            sql_query("insert into external_access_keys(resource,access_key,collection,user,usergroup,request_feedback,email,date,access,expires) values ('" . $r[$m] . "','{$k}','{$collection}','{$userref}','{$group}','{$feedback}','" . escape_check($email) . "',now(),{$access}," . ($expires == "" ? "null" : "'" . $expires . "'") . ");");
        }
    }
    hook("generate_collection_access_key", "", array($collection, $k, $userref, $feedback, $email, $access, $expires, $group));
    return $k;
}
Exemplo n.º 3
0
			</a>
		</li>
		<?php 
		if ($search=="!collection" . $usercollection) 
			{ 
			?>
			<li>
			<?php 
			echo remove_from_collection_link($ref,$search);
			echo ($resourcetoolsGT?"&gt; ":"").$lang["action-removefromcollection"]?>
			</a>
			</li>
			<?php 
			}
		} 
	if (can_share_resource($ref,$access) && !$hide_resource_share_link) 
		{ 
		?>
		<li><a href="<?php echo $baseurl_short?>pages/resource_share.php?ref=<?php echo urlencode($ref) ?>&amp;search=<?php echo urlencode($search)?>&amp;offset=<?php echo urlencode($offset)?>&amp;order_by=<?php echo urlencode($order_by)?>&amp;sort=<?php echo urlencode($sort)?>&amp;archive=<?php echo urlencode($archive)?>" onClick="return CentralSpaceLoad(this,true);" >
		<?php echo ($resourcetoolsGT?"&gt; ":"").$lang["share"];?>
		</a></li>
		<?php 
		hook('aftersharelink', '', array($ref, $search, $offset, $order_by, $sort, $archive));
		}
	if ($edit_access) 
		{ ?>
		<li><a href="<?php echo $baseurl_short?>pages/edit.php?ref=<?php echo urlencode($ref)?>&amp;search=<?php echo urlencode($search)?>&amp;offset=<?php echo urlencode($offset)?>&amp;order_by=<?php echo urlencode($order_by)?>&amp;sort=<?php echo urlencode($sort)?>&amp;archive=<?php echo urlencode($archive)?>"    onClick="return CentralSpaceLoad(this,true);">
			<?php echo ($resourcetoolsGT?"&gt; ":"").$lang["action-edit"]?>
		</a></li>
		<?php 
		if ((!checkperm("D") || hook('check_single_delete')) && !(isset($allow_resource_deletion) && !$allow_resource_deletion))
if (strpos($search, "!") !== false) {
    $restypes = "";
}
$archive = getvalescaped("archive", 0, true);
$starsearch = getvalescaped("starsearch", "");
$default_sort = substr($order_by, 0, 5) == "field" ? "ASC" : "DESC";
$sort = getval("sort", $default_sort);
# Check if editing existing external share
$editaccess = getvalescaped("editaccess", "");
$editing = $editaccess == "" ? false : true;
$editexternalurl = getval("editexternalurl", "") != "";
$access = getvalescaped("access", "");
$expires = getvalescaped("expires", "");
$minaccess = get_resource_access($ref);
# Check if sharing permitted
if (!can_share_resource($ref, $minaccess)) {
    $show_error = true;
    $error = $lang["error-permissiondenied"];
}
$internal_share_only = checkperm("noex");
# Process deletion of access keys
if (getval("deleteaccess", "") != "") {
    delete_resource_access_key($ref, getvalescaped("deleteaccess", ""));
}
include "../include/header.php";
hook("resource_share_afterheader");
if (isset($show_error)) {
    ?>
    <script type="text/javascript">
        alert('<?php 
    echo $error;
$search = getvalescaped("search", "");
$order_by = getvalescaped("order_by", "relevance");
$offset = getvalescaped("offset", 0, true);
$restypes = getvalescaped("restypes", "");
if (strpos($search, "!") !== false) {
    $restypes = "";
}
$archive = getvalescaped("archive", 0, true);
$default_sort = "DESC";
if (substr($order_by, 0, 5) == "field") {
    $default_sort = "ASC";
}
$sort = getvalescaped("sort", $default_sort);
$useraccess = get_resource_access($ref);
// Check if sharing permitted
if (!can_share_resource($ref, $useraccess)) {
    exit($lang["error-permissiondenied"]);
}
$user_select_internal = checkperm("noex");
$errors = "";
if (getval("save", "") != "") {
    // Build a new list and insert
    $users = getvalescaped("users", "");
    $message = getvalescaped("message", "");
    $access = getvalescaped("access", "");
    $add_internal_access = getvalescaped("grant_internal_access", "") != "";
    if (hook("modifyresourceaccess")) {
        $access = hook("modifyresourceaccess");
    }
    $expires = getvalescaped("expires", "");
    $group = getvalescaped("usergroup", "");