}
if (!$ERROR || !$NOTICE) {
$ERROR++;
$ERRORSTR[] = "<strong>Unable to download the selected file.</strong><br /><br />The file you have selected cannot be downloaded at this time, " . ($LOGGED_IN ? "please try again later." : "Please log in to continue.");
}
if ($NOTICE) {
echo display_notice();
}
if ($ERROR) {
echo display_error();
}
} else {
if (shares_file_module_access($RECORD_ID, "view-file")) {
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=view-folder&id=" . $file_record["cshare_id"], "title" => limit_chars($file_record["folder_title"], 32));
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=view-file&id=" . $RECORD_ID, "title" => limit_chars($file_record["file_title"], 32));
$ADD_COMMENT = shares_module_access($file_record["cshare_id"], "add-comment");
$ADD_REVISION = shares_file_module_access($file_record["csfile_id"], "add-revision");
$MOVE_FILE = shares_file_module_access($file_record["csfile_id"], "move-file");
$NAVIGATION = shares_file_navigation($file_record["cshare_id"], $RECORD_ID);
$community_shares_select = community_shares_in_select($file_record["cshare_id"]);
?>
<script type="text/javascript">
function commentDelete(id) {
Dialog.confirm('Do you really wish to deactivate this comment on the '+ $('file-<?php
echo $RECORD_ID;
?>
-title').innerHTML +' file?<br /><br />If you confirm this action, you will be deactivating this comment.',
{
id: 'requestDialog',
width: 350,
height: 165,
jQuery(function($) {
var file_views_table = $("#file-views-table").DataTable({
"bPaginate": false,
"bInfo": false,
"bFilter": false
});
});
</script>
<?php
}
?>
</div>
<?php
} else {
$NOTICE++;
$NOTICESTR[] = "<strong>No files in this shared folder.</strong><br /><br />" . (shares_module_access($RECORD_ID, "add-file") ? "If you would like to upload a new file, <a href=\"" . COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=add-file&id=" . $RECORD_ID . "\">click here</a>." : "Please check back later.");
echo display_notice();
}
?>
</div>
<?php
if ($LOGGED_IN) {
add_statistic("community:" . $COMMUNITY_ID . ":shares", "folder_view", "cshare_id", $RECORD_ID);
}
} else {
if ($ERROR) {
echo display_error();
}
if ($NOTICE) {
echo display_notice();
}
function community_module_permissions_check($proxy_id, $module, $module_section, $record_id)
{
global $db, $COMMUNITY_ID, $LOGGED_IN, $COMMUNITY_MEMBER, $COMMUNITY_ADMIN, $NOTICE, $NOTICESTR, $ERROR, $ERRORSTR, $PAGE_ID;
switch ($module) {
case "discussions":
require_once COMMUNITY_ABSOLUTE . "/modules/discussions.inc.php";
return discussion_module_access($record_id, "view-post");
break;
case "galleries":
require_once COMMUNITY_ABSOLUTE . "/modules/galleries.inc.php";
return galleries_module_access($record_id, "view-photo");
break;
case "shares":
require_once COMMUNITY_ABSOLUTE . "/modules/shares.inc.php";
return shares_module_access($record_id, "view-file");
break;
case "polls":
require_once COMMUNITY_ABSOLUTE . "/modules/polls.inc.php";
return polls_module_access($record_id, "view-poll");
break;
default:
return true;
break;
}
}
/**
* This function handles granular permissions levels (where as communities_module_access handles higer level permissions)
* for the actual file version.
*
* @param int $csfversion_id
* @param string $section
* @return bool
*/
function shares_file_version_module_access($csfversion_id = 0, $section = "")
{
global $db, $COMMUNITY_ID, $LOGGED_IN, $COMMUNITY_MEMBER, $COMMUNITY_ADMIN, $NOTICE, $NOTICESTR, $ERROR, $ERRORSTR, $ENTRADA_USER;
$allow_to_load = false;
if ((bool) $LOGGED_IN && (bool) $COMMUNITY_MEMBER && (bool) $COMMUNITY_ADMIN) {
$allow_to_load = true;
} else {
if ($csfversion_id = (int) $csfversion_id) {
$query = "SELECT * FROM `community_share_file_versions` WHERE `csfversion_id` = " . $db->qstr($csfversion_id) . " AND `community_id` = " . $db->qstr($COMMUNITY_ID);
$result = $db->CacheGetRow(CACHE_TIMEOUT, $query);
if ($result) {
if ($allow_to_load = shares_module_access($result["cshare_id"], $section)) {
switch ($section) {
case "delete-revision":
if ($ENTRADA_USER->getActiveId() != (int) $result["proxy_id"]) {
$allow_to_load = false;
}
break;
default:
continue;
break;
}
}
}
}
if ($allow_to_load) {
if ((int) $result["file_active"]) {
/**
* You're good to go, no further checks at this time.
* If you need to add more checks, this is there they would go.
*/
} else {
$NOTICE++;
$NOTICESTR[] = "This file revision was deactivated <strong>" . date(DEFAULT_DATE_FORMAT, $result["updated_date"]) . "</strong> by <strong>" . html_encode(get_account_data("firstlast", $result["updated_by"])) . "</strong>.<br /><br />If there has been a mistake or you have questions relating to this issue please contact the MEdTech Unit directly.";
$allow_to_load = false;
}
} else {
if (!$ERROR) {
$ERROR++;
$ERRORSTR[] = "You do not have access to this file revision.<br /><br />If you believe there has been a mistake, please contact a community administrator for assistance.";
}
}
}
return $allow_to_load;
}
exit;
} elseif (!$COMMUNITY_LOAD) {
exit;
}
$HEAD[] = "<link href=\"" . ENTRADA_URL . "/javascript/calendar/css/xc2_default.css?release=" . html_encode(APPLICATION_VERSION) . "\" rel=\"stylesheet\" type=\"text/css\" media=\"all\" />";
$HEAD[] = "<script type=\"text/javascript\" src=\"" . ENTRADA_URL . "/javascript/calendar/config/xc2_default.js?release=" . html_encode(APPLICATION_VERSION) . "\"></script>";
$HEAD[] = "<script type=\"text/javascript\" src=\"" . ENTRADA_URL . "/javascript/calendar/script/xc2_inpage.js?release=" . html_encode(APPLICATION_VERSION) . "\"></script>";
$HEAD[] = "<script type=\"text/javascript\" src=\"" . COMMUNITY_URL . "/javascript/shares.js?release=" . html_encode(APPLICATION_VERSION) . "\"></script>";
echo "<h1>Upload File</h1>\n";
if ($RECORD_ID) {
$query = "SELECT * FROM `community_shares` WHERE `cshare_id` = " . $db->qstr($RECORD_ID) . " AND `cpage_id` = " . $db->qstr($PAGE_ID) . " AND `community_id` = " . $db->qstr($COMMUNITY_ID);
$folder_record = $db->GetRow($query);
if ($folder_record) {
$query = "SELECT COUNT(*) FROM `community_share_files` WHERE `cshare_id` = " . $db->qstr($RECORD_ID) . " AND `community_id` = " . $db->qstr($COMMUNITY_ID) . " AND `proxy_id` = " . $db->qstr($ENTRADA_USER->getActiveId()) . " AND `file_active` = 1";
if (!$db->GetOne($query) || $COMMUNITY_MEMBER && $folder_record["allow_member_read"] || !$COMMUNITY_MEMBER && $folder_record["allow_troll_read"] || $COMMUNITY_ADMIN) {
if (shares_module_access($RECORD_ID, "add-file")) {
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=view-folder&id=" . $folder_record["cshare_id"], "title" => limit_chars($folder_record["folder_title"], 32));
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=add-file&id=" . $RECORD_ID, "title" => "Upload File");
$file_uploads = array();
if (array_count_values($copyright_settings = (array) $translate->_("copyright")) > 1 && isset($copyright_settings["copyright-uploads"]) && strlen($copyright_settings["copyright-uploads"])) {
$COPYRIGHT = true;
} else {
$COPYRIGHT = false;
}
// Error Checking
switch ($STEP) {
case 2:
//var_dump($_FILES["uploaded_file"]);
if (isset($_FILES["uploaded_file"]) && is_array($_FILES["uploaded_file"])) {
foreach ($_FILES["uploaded_file"]["name"] as $tmp_file_id => $file_name) {
switch ($_FILES["uploaded_file"]["error"][$tmp_file_id]) {
* @copyright Copyright 2010 Queen's University. All Rights Reserved.
*
*/
if (!defined("COMMUNITY_INCLUDED") || !defined("IN_SHARES")) {
exit;
} elseif (!$COMMUNITY_LOAD) {
exit;
}
$HEAD[] = "<script type=\"text/javascript\" src=\"" . COMMUNITY_URL . "/javascript/shares.js?release=" . html_encode(APPLICATION_VERSION) . "\"></script>";
echo "<h1>Add File Comment</h1>\n";
if ($RECORD_ID) {
$query = "\n\t\t\t\t\tSELECT a.*, b.`folder_title`, b.`admin_notifications`\n\t\t\t\t\tFROM `community_share_files` AS a\n\t\t\t\t\tLEFT JOIN `community_shares` AS b\n\t\t\t\t\tON a.`cshare_id` = b.`cshare_id`\n\t\t\t\t\tWHERE a.`community_id` = " . $db->qstr($COMMUNITY_ID) . "\n\t\t\t\t\tAND a.`csfile_id` = " . $db->qstr($RECORD_ID) . "\n\t\t\t\t\tAND b.`cpage_id` = " . $db->qstr($PAGE_ID) . "\n\t\t\t\t\tAND a.`file_active` = '1'\n\t\t\t\t\tAND b.`folder_active` = '1'";
$file_record = $db->GetRow($query);
if ($file_record) {
if ((int) $file_record["file_active"]) {
if (shares_module_access($file_record["cshare_id"], "add-comment")) {
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=view-folder&id=" . $file_record["cshare_id"], "title" => limit_chars($file_record["folder_title"], 32));
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=view-file&id=" . $RECORD_ID, "title" => limit_chars($file_record["file_title"], 32));
$BREADCRUMB[] = array("url" => COMMUNITY_URL . $COMMUNITY_URL . ":" . $PAGE_URL . "?section=add-comment&id=" . $RECORD_ID, "title" => "Add File Comment");
communities_load_rte();
// Error Checking
switch ($STEP) {
case 2:
/**
* Required field "title" / Comment Title.
*/
if (isset($_POST["comment_title"]) && ($title = clean_input($_POST["comment_title"], array("notags", "trim")))) {
$PROCESSED["comment_title"] = $title;
} else {
$PROCESSED["comment_title"] = "";
}
