Пример #1
0
}
$full_requestId = $_GET['id'];
if (strchr($_GET['id'], '_')) {
    list($_GET['id'], $revision_id) = explode('_', $_GET['id']);
    $pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $revision_id;
    $file_size = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_GET['id'] . '/' . $_GET['id'] . '_' . $revision_id . '.dat');
} else {
    $pageTitle = msg('area_file_details');
}
draw_header(msg('area_file_details'), $last_message);
$request_id = (int) $_GET['id'];
//save an original copy of id
$state = (int) $_GET['state'];
$file_data_obj = new FileData($request_id, $pdo);
checkUserPermission($request_id, $file_data_obj->VIEW_RIGHT, $file_data_obj);
$user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
$user_permission_obj = new UserPermission($_SESSION['uid'], $pdo);
$user_obj = new User($file_data_obj->getOwner(), $pdo);
$owner_full_name = $file_data_obj->getOwnerFullName();
// display details
$owner_id = $file_data_obj->getOwner();
$category = $file_data_obj->getCategoryName();
$owner_last_first = $owner_full_name[1] . ', ' . $owner_full_name[0];
$owner_first_last = $owner_full_name[0] . ' ' . $owner_full_name[1];
$real_name = $file_data_obj->getName();
$created = $file_data_obj->getCreatedDate();
$description = $file_data_obj->getDescription();
$comment = $file_data_obj->getComment();
$status = $file_data_obj->getStatus();
$reviewer = $file_data_obj->getReviewerName();
// corrections
Пример #2
0
function pmt_delete($id)
{
    global $pdo;
    $userperm_obj = new User_Perms($_SESSION['uid'], $pdo);
    if (!$userperm_obj->user_obj->isRoot()) {
        header('Location: error.php?ec=4');
        exit;
    }
    // all ok, proceed!
    if (isset($id)) {
        if (strchr($id, '_')) {
            header('Location:error.php?ec=20');
        }
        if ($userperm_obj->canAdmin($id)) {
            // delete from db
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE id = :id";
            $stmt = $pdo->prepare($query);
            $stmt->execute(array(':id' => $id));
            // delete from db
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}dept_perms WHERE fid = :id";
            $stmt = $pdo->prepare($query);
            $stmt->execute(array(':id' => $id));
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}user_perms WHERE fid = :id";
            $stmt = $pdo->prepare($query);
            $stmt->execute(array(':id' => $id));
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = :id";
            $stmt = $pdo->prepare($query);
            $stmt->execute(array(':id' => $id));
            $filename = $id . ".dat";
            unlink($GLOBALS['CONFIG']['archiveDir'] . $filename);
            if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
                $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
                if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
                    $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
                    while ($lreadfile = readdir($dir)) {
                        if (is_file($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}")) {
                            unlink($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}");
                        }
                    }
                    rmdir($GLOBALS['CONFIG']['revisionDir'] . $id);
                }
            }
            return true;
        }
    }
    return false;
}
Пример #3
0
    header('Location:error.php?ec=2');
    exit;
}
if (strchr($_REQUEST['id'], '_')) {
    list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']);
    $pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $revision_id;
    $file_size = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . '_' . $revision_id . '.dat');
} else {
    $pageTitle = msg('area_file_details');
}
draw_header(msg('area_file_details'), $last_message);
$request_id = $_REQUEST['id'];
//save an original copy of id
$file_data_obj = new FileData($_REQUEST['id'], $pdo);
checkUserPermission($_REQUEST['id'], $file_data_obj->VIEW_RIGHT, $file_data_obj);
$user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
$user_permission_obj = new UserPermission($_SESSION['uid'], $pdo);
$user_obj = new User($file_data_obj->getOwner(), $pdo);
// display details
$owner_id = $file_data_obj->getOwner();
$category = $file_data_obj->getCategoryName();
$owner_full_name = $file_data_obj->getOwnerFullName();
$owner = $owner_full_name[1] . ', ' . $owner_full_name[0];
$real_name = $file_data_obj->getName();
$created = $file_data_obj->getCreatedDate();
$description = $file_data_obj->getDescription();
$comment = $file_data_obj->getComment();
$status = $file_data_obj->getStatus();
$reviewer = $file_data_obj->getReviewerName();
// corrections
if ($description == '') {
Пример #4
0
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the Free Software
 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*/
session_start();
include 'odm-load.php';
if (!isset($_SESSION['uid'])) {
    redirect_visitor();
}
include 'udf_functions.php';
require_once "AccessLog_class.php";
require_once "User_Perms_class.php";
$user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
    header('Location:error.php?ec=2');
    exit;
}
if (strchr($_REQUEST['id'], '_')) {
    header('Location:error.php?ec=20');
}
$filedata = new FileData($_REQUEST['id'], $pdo);
if ($filedata->isArchived()) {
    header('Location:error.php?ec=21');
}
// form not yet submitted, display initial form
if (!isset($_REQUEST['submit'])) {
    draw_header(msg('area_update_file'), $last_message);
Пример #5
0
function pmt_delete($id)
{
    $userperm_obj = new User_Perms($_SESSION['uid'], $GLOBALS['connection'], DB_NAME);
    if (!$userperm_obj->user_obj->isRoot()) {
        header('Location: error.php?ec=4');
        exit;
    }
    // all ok, proceed!
    //mysql_free_result($result);
    if (isset($id)) {
        if (strchr($id, '_')) {
            header('Location:error.php?ec=20');
        }
        if ($userperm_obj->canAdmin($id)) {
            // delete from db
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE id = '{$id}'";
            $result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
            // delete from db
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}dept_perms WHERE fid = '{$id}'";
            $result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}user_perms WHERE fid = '{$id}'";
            $result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
            $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = '{$id}'";
            $result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
            $filename = $id . ".dat";
            unlink($GLOBALS['CONFIG']['archiveDir'] . $filename);
            if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
                $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
                if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
                    $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
                    while ($lreadfile = readdir($dir)) {
                        if (is_file($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}")) {
                            unlink($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}");
                        }
                    }
                    rmdir($GLOBALS['CONFIG']['revisionDir'] . $id);
                }
            }
            return true;
        }
    }
    return false;
}
Пример #6
0
    header('Location:error.php?ec=2');
    exit;
}
if (strchr($_REQUEST['id'], '_')) {
    list($_REQUEST['id'], $lrevision_id) = explode('_', $_REQUEST['id']);
    $pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $lrevision_id;
    $filesize = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . '_' . $lrevision_id . '.dat');
} else {
    $pageTitle = msg('area_file_details');
}
draw_header(msg('area_file_details'), $last_message);
$lrequest_id = $_REQUEST['id'];
//save an original copy of id
$filedata = new FileData($_REQUEST['id'], $GLOBALS['connection'], DB_NAME);
checkUserPermission($_REQUEST['id'], $filedata->VIEW_RIGHT, $filedata);
$user = new User_Perms($_SESSION['uid'], $GLOBALS['connection'], DB_NAME);
$userPermObj = new UserPermission($_SESSION['uid'], $GLOBALS['connection'], DB_NAME);
$user_obj = new user($filedata->getOwner(), $GLOBALS['connection'], DB_NAME);
$secureurl = new phpsecureurl();
// display details
$owner_id = $filedata->getOwner();
$category = $filedata->getCategoryName();
$owner_fullname = $filedata->getOwnerFullName();
$owner = $owner_fullname[1] . ', ' . $owner_fullname[0];
$realname = $filedata->getName();
$created = $filedata->getCreatedDate();
$description = $filedata->getDescription();
$comment = $filedata->getComment();
$status = $filedata->getStatus();
$reviewer = $filedata->getReviewerName();
// corrections