Exemplo n.º 1
0
}
$datafile = new FileData($_REQUEST['id'], $pdo);
// verify
if ($datafile->getError() != null) {
    header('Location:error.php?ec=2');
    exit;
} else {
    // obtain data from resultset
    $owner_full_name = $datafile->getOwnerFullName();
    $owner = $owner_full_name[1] . ', ' . $owner_full_name[0];
    $real_name = $datafile->getRealName();
    $category = $datafile->getCategoryName();
    $created = $datafile->getCreatedDate();
    $description = $datafile->getDescription();
    $comments = $datafile->getComment();
    $status = $datafile->getStatus();
    $id = $_REQUEST['id'];
    // corrections
    if ($description == '') {
        $description = msg('message_no_description_available');
    }
    if ($comments == '') {
        $comments = msg('message_no_author_comments_available');
    }
    if ($datafile->isArchived()) {
        $filename = $GLOBALS['CONFIG']['archiveDir'] . e::h($id) . '.dat';
    } else {
        $filename = $GLOBALS['CONFIG']['dataDir'] . e::h($id) . '.dat';
    }
    ?>
<table border="0" width=80% cellspacing="4" cellpadding="1">
Exemplo n.º 2
0
     if ($file_mime == $thistype) {
         $allowedFile = 1;
         break;
     } else {
         $allowedFile = 0;
     }
 }
 // illegal file type!
 if ($allowedFile != 1) {
     $last_message = 'MIMETYPE: ' . $file_mime . ' Failed';
     header('Location:error.php?ec=13&last_message=' . urlencode($last_message));
     exit;
 }
 // query to ensure that user has modify rights
 $fileobj = new FileData($id, $GLOBALS['connection'], DB_NAME);
 if ($fileobj->getError() == '' && $fileobj->getStatus() == $_SESSION['uid']) {
     //look to see how many revision are there
     $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = '{$id}'";
     $result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
     $lrevision_num = mysql_num_rows($result);
     // if dir not available, create it
     if (!is_dir($GLOBALS['CONFIG']['revisionDir'])) {
         if (!mkdir($GLOBALS['CONFIG']['revisionDir'], 0775)) {
             $last_message = msg('message_directory_creation_failed') . ': ' . $GLOBALS['CONFIG']['revisionDir'];
             header('Location:error.php?ec=23&last_message=' . urlencode($last_message));
             exit;
         }
     }
     if (!is_dir($GLOBALS['CONFIG']['revisionDir'] . $id)) {
         if (!mkdir($GLOBALS['CONFIG']['revisionDir'] . $id, 0775)) {
             $last_message = msg('message_directory_creation_failed') . ': ' . $GLOBALS['CONFIG']['revisionDir'] . $id;
Exemplo n.º 3
0
 callPluginMethod('onBeforeEditFileSaved');
 $filedata->setId($fileId);
 $perms_error = false;
 // check submitted data
 // at least one user must have "view" and "modify" rights
 foreach ($_REQUEST['user_permission'] as $permission) {
     if ($permission > 2) {
         $perms_error = true;
     }
 }
 if (!$perms_error) {
     header("Location:error.php?ec=12");
     exit;
 }
 // Check to make sure the file is available
 $status = $filedata->getStatus($fileId);
 if ($status != 0) {
     header('Location:error.php?ec=2');
     exit;
 }
 // update category
 $filedata->setCategory($_REQUEST['category']);
 $filedata->setDescription($_REQUEST['description']);
 $filedata->setComment($_REQUEST['comment']);
 if (isset($_REQUEST['file_owner'])) {
     $filedata->setOwner($_REQUEST['file_owner']);
 }
 if (isset($_REQUEST['file_department'])) {
     $filedata->setDepartment($_REQUEST['file_department']);
 }
 // Update the file with the new values
Exemplo n.º 4
0
require_once "AccessLog_class.php";
$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
if (strchr($_REQUEST['id'], '_')) {
    header('Location:error.php?ec=20');
}
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
    header('Location:error.php?ec=2');
    exit;
}
/* if the user has read-only authority on the file, his check out 
will be the same as the person with admin or modify right except that the DB will not have any recored of him checking out this file.  Therefore, he will not be able to check-in the file on
the server
*/
$fileobj = new FileData($_GET['id'], $GLOBALS['connection'], DB_NAME);
$fileobj->setId($_GET['id']);
if ($fileobj->getError() != NULL || $fileobj->getStatus() > 0 || $fileobj->isArchived()) {
    header('Location:error.php?ec=2');
    exit;
}
if (!isset($_GET['submit'])) {
    draw_header(msg('area_check_out_file'), $last_message);
    // form not yet submitted
    // display information on how to initiate download
    checkUserPermission($_REQUEST['id'], $fileobj->WRITE_RIGHT, $fileobj);
    ?>


<p>

<form action="<?php 
    echo $_SERVER['PHP_SELF'];
Exemplo n.º 5
0
require_once "AccessLog_class.php";
$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
if (strchr($_REQUEST['id'], '_')) {
    header('Location:error.php?ec=20');
}
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
    header('Location:error.php?ec=2');
    exit;
}
/* if the user has read-only authority on the file, his check out 
will be the same as the person with admin or modify right except that the DB will not have any recored of him checking out this file.  Therefore, he will not be able to check-in the file on
the server
*/
$file_data_obj = new FileData($_GET['id'], $pdo);
$file_data_obj->setId($_GET['id']);
if ($file_data_obj->getError() != null || $file_data_obj->getStatus() > 0 || $file_data_obj->isArchived()) {
    header('Location:error.php?ec=2');
    exit;
}
if (!isset($_GET['submit'])) {
    draw_header(msg('area_check_out_file'), $last_message);
    // form not yet submitted
    // display information on how to initiate download
    checkUserPermission($_REQUEST['id'], $file_data_obj->WRITE_RIGHT, $file_data_obj);
    ?>


<p>

<form action="<?php 
    echo $_SERVER['PHP_SELF'];