function main_page($group_id)
{
docman_header('Document Admin Page', 'Document Manager Admin', 'admin');
echo '<p><b>Pending Submissions:</b> <p>';
display_docs('3', $group_id);
// doc_group 3 == pending
echo '<p>';
echo '<b>Active Submissions:</b> <p>';
display_docs('1', $group_id);
//doc_group 1 == active
docman_footer($params);
}
*
*/
require_once '../env.inc.php';
require_once $gfwww . 'include/pre.php';
require_once $gfwww . 'docman/include/doc_utils.php';
require_once $gfcommon . 'docman/Document.class.php';
$docid = getIntFromRequest('docid');
if ($docid) {
$group_id = getIntFromRequest('group_id');
$g =& group_get_object($group_id);
if (!$g || !is_object($g)) {
exit_no_group();
} elseif ($g->isError()) {
exit_error('Error', $g->getErrorMessage());
}
$d = new Document($g, $docid);
if (!$d || !is_object($d)) {
exit_error('Document unavailable', 'Document is not available.');
} elseif ($d->isError()) {
exit_error('Error', $d->getErrorMessage());
}
docman_header($d->getName(), $d->getName());
printf(_('This document was moved to <a href="%1$s">this new location</a>'), util_make_url("/docman/view.php/{$group_id}/{$docid}"));
docman_footer(array());
} else {
exit_error(_('No document data'), _('No document to display - invalid or inactive document number.'));
}
// Local Variables:
// mode: php
// c-file-style: "bsd"
// End:
if (permission_exist('DOCUMENT_READ', $docid)) {
if (!permission_is_authorized('DOCUMENT_READ', $docid, user_getid(), $object_group_id)) {
exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied'));
}
} else {
if (!permission_is_authorized('DOCGROUP_READ', $row['doc_group'], user_getid(), $object_group_id)) {
exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied'));
}
}
if (user_isloggedin()) {
//Insert a new entry in the doc_log table only for restricted documents
$sql = "INSERT INTO doc_log(user_id,docid,time) " . "VALUES ('" . user_getid() . "','" . $docid . "','" . time() . "')";
$res_insert = db_query($sql);
}
// HTML or text files that were copy/pasted are displayed in a Codendi-formatted page.
// Uploaded files are always displayed as-is.
if (($row['filetype'] == 'text/html' || $row['filetype'] == 'text/plain') && $row['filesize'] == 0) {
docman_header(array('title' => $row['title'], 'help' => 'DocumentManager.html'));
if ($object_group_id != $from_group_id) {
$group_name = util_get_group_name_from_id($object_group_id);
print '<H3><span class="feedback">' . $Language->getText('docman_display_doc', 'warning_different_group', array($group_name)) . '</span></H3>';
}
// Document data can now contain HTML tags but not php code
print util_unconvert_htmlspecialchars($row['data']);
docman_footer($params);
} else {
session_redirect("/docman/download.php?docid=" . $docid);
}
} else {
exit_error($Language->getText('global', 'error'), $Language->getText('docman_display_doc', 'error_wrongid'));
}
<?php
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
//
/*
Docmentation Manager
by Quentin Cregan, SourceForge 06/2000
*/
require_once 'pre.php';
require './doc_utils.php';
if (!$group_id) {
exit_no_group();
}
$pm = ProjectManager::instance();
$params = array('title' => $Language->getText('docman_index', 'title', array($pm->getProject($group_id)->getPublicName())), 'pv' => isset($pv) ? $pv : false);
docman_header($params);
if (isset($pv) && $pv) {
echo "<h2>" . $Language->getText('docman_index', 'header') . "</h2>";
} else {
echo "<TABLE width='100%'><TR><TD>";
echo '<H2>' . $Language->getText('docman_index', 'header') . '</H2>';
echo "</TD>";
echo "<TD align='left'> ( <A HREF='?group_id={$group_id}&pv=1'><img src='" . util_get_image_theme("msg.png") . "' border='0'> " . $Language->getText('global', 'printer_version') . "</A> ) </TD>";
echo "</TR></TABLE>";
}
display_doc_list($group_id);
docman_footer($params);
// Display the main admin page
//
//
} else {
$df = new DocumentFactory($g);
if ($df->isError()) {
exit_error(_('Error'), $df->getErrorMessage());
}
$dgf = new DocumentGroupFactory($g);
if ($dgf->isError()) {
exit_error(_('Error'), $dgf->getErrorMessage());
}
$df->setStateID('ALL');
// $df->setSort('stateid');
$d_arr =& $df->getDocuments();
docman_header(sprintf(_('Project %s'), $g->getPublicName()), _('Document Manager: Administration'), 'admin');
?>
<h3><?php
echo _('Document Manager: Administration');
?>
</h3>
<p>
<a href="index.php?group_id=<?php
echo $group_id;
?>
&addgroup=1"><?php
echo _('Add/Edit Document Groups');
?>
</a>
</p>
//
/*
Docmentation Manager
by Quentin Cregan, SourceForge 06/2000
*/
require 'doc_utils.php';
require 'pre.php';
if ($group_id) {
if (!$language_id) {
if (!($language_id = user_get_language())) {
// default to English
$language_id = 1;
}
}
$usermem = user_ismember($group_id);
docman_header('Project Documentation', 'Project Documentation');
//get a list of group numbers that this project owns
$query = "select * " . "from doc_groups " . "where group_id = {$group_id} " . "order by groupname";
$result = db_query($query);
//otherwise, throw up an error
if (db_numrows($result) < 1) {
print "This project has no categorized data.<p>";
} else {
doc_droplist_count($group_id, $language_id);
print "<hr>";
// get the groupings and display them with their members.
while ($row = db_fetch_array($result)) {
$query = "select description, docid, title, doc_group, type, filename " . "from doc_data " . "where doc_group = '" . $row['doc_group'] . "' " . "and stateid ='1' " . "and language_id = " . $language_id . "";
//state 1 == 'active'
if ($usermem == true) {
$query .= " or stateid = '5' " . " and doc_group = '" . $row['doc_group'] . "' ";
}
if (!$d->create($uploaded_data_name, $uploaded_data_type, $data, $doc_group, $title, $language_id, $description)) {
exit_error(_('Error'), $d->getErrorMessage());
} else {
if ($type == 'editor') {
//release the cookie for the document contents (should expire at the end of the session anyway)
setcookie("gforgecurrentdocdata", "", time() - 3600);
}
Header('Location: ' . util_make_url('/docman/?group_id=' . $group_id . '&feedback=' . _('Document submitted sucessfully')));
exit;
}
} else {
//if (getStringFromRequest('Option')) {
//option was selected, proceed to show each one
$option_selected = getStringFromRequest('option_selected');
docman_header(_('Document Manager: Submit New Documentation'), _('Project: %1$s'));
echo '<p>' . _('<strong>Document Title</strong>: Refers to the relatively brief title of the document (e.g. How to use the download server)<br /><strong>Description:</strong> A brief description to be placed just under the title.') . '</p>
<form name="adddata" action="' . getStringFromServer('PHP_SELF') . '?group_id=' . $group_id . '" method="post" enctype="multipart/form-data">
<table border="0" width="75%">
<tr>
<td>
<strong>' . _('Document Title') . ' :</strong>' . utils_requiredField() . sprintf(_('(at least %1$s characters)'), 5) . '<br />
<input type="text" name="title" size="40" maxlength="255" />
</td>
</tr>
<tr>
<td>
<strong>' . _('Description') . ' :</strong>' . utils_requiredField() . sprintf(_('(at least %1$s characters)'), 10) . '<br />
<input type="text" name="description" size="50" maxlength="255" />
</td>
$data = "";
$feedback .= ' Document Uploaded ';
} else {
$data = htmlspecialchars($data);
$datab = "";
$type = "text/html";
}
docman_header('Documentation - Add Information - Processing', 'Documentation - New submission');
$query = "insert into doc_data(stateid,title,data,datab,createdate,updatedate,created_by,doc_group,description,language_id,type,filename) " . "values('3'," . "'" . htmlspecialchars($title) . "'," . "'" . $data . "'," . "'" . $datab . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user_id . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'" . $language_id . "'," . "'" . $type . "'," . "'" . $filename . "')";
db_query($query);
// print "<p>$query\n";
//PROBLEM check the query
print "<p><b>Thank You! Your submission has been placed in the database for review before posting.</b> \n\n<p>\n <a href=\"/docman/index.php?group_id=" . $group_id . "\">Back</a>";
docman_footer($params);
} else {
docman_header('Add documentation', 'Add documentation');
if ($user == 100) {
print "<p>You are not logged in, and will not be given credit for this.<p>";
}
echo '
<p>
<b> Document Title: </b> Refers to the relatively brief title of the document (e.g. How to use the download server)
<br>
<b> Description: </b> A brief description to be placed just under the title.<br>
<form name="adddata" action="new.php?mode=add&group_id=' . $group_id . '" method="POST" enctype="multipart/form-data">
<table border="0" width="75%">
<tr>
if (permission_exist('DOCUMENT_READ', $docid)) {
if (!permission_is_authorized('DOCUMENT_READ', $docid, user_getid(), $object_group_id)) {
exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied'));
}
} else {
if (!permission_is_authorized('DOCGROUP_READ', $row['doc_group'], user_getid(), $object_group_id)) {
exit_error($Language->getText('global', 'perm_denied'), $Language->getText('global', 'error_perm_denied'));
}
}
if (user_isloggedin()) {
//Insert a new entry in the doc_log table only for restricted documents
$sql = "INSERT INTO doc_log(user_id,docid,time) " . "VALUES ('" . user_getid() . "','" . $docid . "','" . time() . "')";
$res_insert = db_query($sql);
}
// HTML or text files that were copy/pasted are displayed in a Codendi-formatted page.
// Uploaded files are always displayed as-is.
if (($row['filetype'] == 'text/html' || $row['filetype'] == 'text/plain') && $row['filesize'] == 0) {
docman_header(array('title' => $row['title']));
if ($object_group_id != $from_group_id) {
$group_name = util_get_group_name_from_id($object_group_id);
print '<H3><span class="feedback">' . $Language->getText('docman_display_doc', 'warning_different_group', array($group_name)) . '</span></H3>';
}
// Document data can now contain HTML tags but not php code
print util_unconvert_htmlspecialchars($row['data']);
docman_footer($params);
} else {
session_redirect("/docman/download.php?docid=" . $docid);
}
} else {
exit_error($Language->getText('global', 'error'), $Language->getText('docman_display_doc', 'error_wrongid'));
}
if ($language_id == "*") {
$language_id = 0;
$selected_language = "*";
} else {
$selected_language = $language_id;
}
}
$df->setLanguageID($language_id);
// check if the user is docman's admin
$perm =& $g->getPermission(session_get_user());
if (!$perm || $perm->isError() || !$perm->isDocEditor()) {
$is_editor = false;
} else {
$is_editor = true;
}
docman_header(_('Document Manager: Display Document'), _('Project: %1$s'), 'docman', '', $g->getPublicName());
$vtp = new VTemplate();
$handle = $vtp->Open("search.tpl.html");
$vtp->NewSession($handle, "MAIN");
$allchecked = "";
$onechecked = "";
if (getStringFromPost('search_type') == "one") {
$onechecked = "checked";
} else {
$allchecked = "checked";
}
$vtp->AddSession($handle, "FORMSEARCH");
$vtp->SetVar($handle, "FORMSEARCH.TITLE", _('Search in documents'));
$vtp->SetVar($handle, "FORMSEARCH.GROUP_ID", $_GET["group_id"]);
$vtp->SetVar($handle, "FORMSEARCH.TEXTSEARCH", getStringFromPost("textsearch"));
$vtp->SetVar($handle, "FORMSEARCH.ALLCHECKED", $allchecked);
if ($language_id == "*") {
$language_id = 0;
$selected_language = "*";
} else {
$selected_language = $language_id;
}
}
// check if the user is docman's admin
$perm =& $g->getPermission(session_get_user());
if (!$perm || $perm->isError() || !$perm->isDocEditor()) {
$is_editor = false;
} else {
$is_editor = true;
}
$df->setLanguageID($language_id);
docman_header(_('Document Manager: Display Document'), _('Project: %1$s'));
$d_arr =& $df->getDocuments();
if (!$d_arr || count($d_arr) < 1) {
$df->setLanguageId(0);
$d_arr =& $df->getDocuments();
}
if (!$d_arr || count($d_arr) < 1) {
print "<strong>" . _('This project has no visible documents') . "</strong>";
} else {
doc_droplist_count($group_id, $language_id, $g);
// Get the document groups info
$nested_groups =& $dgf->getNested();
$nested_docs = array();
//put the doc objects into an array keyed off the docgroup
foreach ($d_arr as $doc) {
$nested_docs[$doc->getDocGroupID()][] = $doc;
$query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . $data . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'" . $fileName . "'," . "'" . $fileSize . "'," . "'" . $fileType . "')";
} else {
// Copy/paste data
$query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . htmlspecialchars($data) . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'',0,'text/html')";
}
$res_insert = db_query($query);
if (db_affected_rows($res_insert) < 1) {
docman_header(array('title' => $Language->getText('docman_new', 'title_new')));
echo '<p>' . $Language->getText('docman_new', 'error_dbinsert') . ':</p><h3><span class="feedback">' . db_error() . '</span></h3>';
docman_footer(array());
} else {
$feedback .= $Language->getText('docman_new', 'insert_ok');
session_redirect("/docman/?group_id={$group_id}&feedback={$feedback}");
}
} else {
docman_header(array('title' => $Language->getText('docman_new', 'title_add')));
echo '<h2>' . $Language->getText('docman_new', 'header_add') . '</h2>';
if ($user == 100) {
print "<p>" . $Language->getText('docman_new', 'not_logged') . "<p>";
}
if (!groups_defined($group_id)) {
echo "<p>" . $Language->getText('docman_new', 'no_docgroup', array("/docman/admin/index.php?group_id=" . $group_id)) . "<p>";
}
$star = ' <span class="highlight"><big>*</big></span>';
echo '
<form name="adddata" action="new.php?mode=add&group_id=' . $group_id . '" method="POST" enctype="multipart/form-data">
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="' . $sys_max_size_upload . '">
<table border="0" width="75%">
<tr>
$query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . $data . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'" . $fileName . "'," . "'" . $fileSize . "'," . "'" . $fileType . "')";
} else {
// Copy/paste data
$query = "insert into doc_data(title,data,createdate,updatedate,created_by,doc_group,description,filename,filesize,filetype) " . "values(" . "'" . htmlspecialchars($title) . "'," . "'" . htmlspecialchars($data) . "'," . "'" . time() . "'," . "'" . time() . "'," . "'" . $user . "'," . "'" . $doc_group . "'," . "'" . htmlspecialchars($description) . "'," . "'',0,'text/html')";
}
$res_insert = db_query($query);
if (db_affected_rows($res_insert) < 1) {
docman_header(array('title' => $Language->getText('docman_new', 'title_new'), 'help' => 'DocumentSubmission.html'));
echo '<p>' . $Language->getText('docman_new', 'error_dbinsert') . ':</p><h3><span class="feedback">' . db_error() . '</span></h3>';
docman_footer(array());
} else {
$feedback .= $Language->getText('docman_new', 'insert_ok');
session_redirect("/docman/?group_id={$group_id}&feedback={$feedback}");
}
} else {
docman_header(array('title' => $Language->getText('docman_new', 'title_add'), 'help' => 'DocumentSubmission.html'));
echo '<h2>' . $Language->getText('docman_new', 'header_add') . '</h2>';
if ($user == 100) {
print "<p>" . $Language->getText('docman_new', 'not_logged') . "<p>";
}
if (!groups_defined($group_id)) {
echo "<p>" . $Language->getText('docman_new', 'no_docgroup', array("/docman/admin/index.php?group_id=" . $group_id)) . "<p>";
}
$star = ' <span class="highlight"><big>*</big></span>';
echo '
<form name="adddata" action="new.php?mode=add&group_id=' . $group_id . '" method="POST" enctype="multipart/form-data">
<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="' . $sys_max_size_upload . '">
<table border="0" width="75%">
<tr>
*/
require 'doc_utils.php';
require 'pre.php';
if ($docid) {
$usermem = user_ismember($group_id);
$query = "select * " . "from doc_data " . "where docid = {$docid} " . "and (stateid = '1'";
// stateid = 1 == active
if ($usermem == true) {
$query .= " or stateid = '5'";
}
//state 5 == 'private'
$query .= ")";
// print "<p>$query";
$result = db_query($query);
if (db_numrows($result) < 1) {
exit_error('Document unavailable', 'Document is not available.');
} else {
$row = db_fetch_array($result);
}
if ($row['type'] == "text/html") {
docman_header($row['title'], $row['title']);
print util_unconvert_htmlspecialchars($row['data']);
docman_footer($params);
} else {
header('Content-type: ' . $row['type']);
header('Content-Disposition: attachment; filename="' . $row['filename'] . '"');
print pg_unescape_bytea($row['datab']);
}
} else {
exit_error("No document data.", "No document to display - invalid or inactive document number.");
}
