public function show() { $url = $_GET['gurl']; $id = addslashes($_GET['id']); if ($id < 0) { die("no ID"); } //Log BLogger::addLog("file_id = {$id}", "open_file"); //echo $url;echo "<br>"; //echo $id; $auth = 1; $if = new InputFileModel(); if ($url == "dm") { $if = new DocumentsPortal(); //cek parent id ada 2 "company policy" /* $d = new DMWeb(); $arrCHild2 = $d->findChildren(2); $arrCHild = explode(",", $arrCHild2); * */ //pr($arrCHild); //Perbaikan 27 Feb 2015 // Cek parents terluarnya apakah dia saveable $if->getByID($id); //grand grand parents- init folder - folder awal $InitparentsFolder = $if->findInitParent(); //folder simpannya $terletakDiFolder = new DocumentsPortalFolder(); $terletakDiFolder->getByID($if->file_folder_id); //pr($InitparentsFolder); //cek KMType nya //untuk cek channel /* * LOAD page con, cek apakah bisa ini sub atau main con */ $a = NewsChannel::myChannels(); //pr($a); /*foreach($a as $chn){ $str = " page_channel_id = '$chn' "; $imp[] = $str; } $wherechannel = implode("OR", $imp); $wherechannel = "(".$wherechannel.")"; */ $kmtype = new KMType(); $arrKMTYPE = $kmtype->getWhere("km_folder_id = '{$InitparentsFolder->folder_id}'"); //kalau punya channel id nya if (in_array($arrKMTYPE[0]->webapps_channel_id, $a)) { //boleh masuk } else { if ($_SESSION['DocumentPortal_view_only'] < 1) { } else { //nggak boleh lihat $auth = 0; } //die('Not Authorized To View this Documents'); } } if ($auth) { $if->getByID($id); /* * cek folder if apakah ada di child */ //if ($if->file_folder_id == 2 || in_array($if->file_folder_id, $arrCHild)) { if (!$InitparentsFolder->folder_saveable) { $if->bolehsave = "reg"; //nosave } else { $if->bolehsave = "als"; //save } //pr($if); $path = _SPPATH . $if->upload_url; $fil = $if->file_filename; $inp = new \Leap\View\InputFile(); if (in_array($if->file_ext, $inp->arrImgExt)) { $this->showImage($if); } elseif (in_array($if->file_ext, $inp->arrVideoExt)) { $this->showVideo($if); } elseif ($if->file_ext == "pdf") { $this->showPDF($if); } else { $this->showDefault($if); } } else { ?> <h2><?php echo Lang::t('Not Authorized to view this documents'); ?> </h2> <?php } //else auth }