}
$full_requestId = $_GET['id'];
if (strchr($_GET['id'], '_')) {
list($_GET['id'], $revision_id) = explode('_', $_GET['id']);
$pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $revision_id;
$file_size = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_GET['id'] . '/' . $_GET['id'] . '_' . $revision_id . '.dat');
} else {
$pageTitle = msg('area_file_details');
}
draw_header(msg('area_file_details'), $last_message);
$request_id = (int) $_GET['id'];
//save an original copy of id
$state = (int) $_GET['state'];
$file_data_obj = new FileData($request_id, $pdo);
checkUserPermission($request_id, $file_data_obj->VIEW_RIGHT, $file_data_obj);
$user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
$user_permission_obj = new UserPermission($_SESSION['uid'], $pdo);
$user_obj = new User($file_data_obj->getOwner(), $pdo);
$owner_full_name = $file_data_obj->getOwnerFullName();
// display details
$owner_id = $file_data_obj->getOwner();
$category = $file_data_obj->getCategoryName();
$owner_last_first = $owner_full_name[1] . ', ' . $owner_full_name[0];
$owner_first_last = $owner_full_name[0] . ' ' . $owner_full_name[1];
$real_name = $file_data_obj->getName();
$created = $file_data_obj->getCreatedDate();
$description = $file_data_obj->getDescription();
$comment = $file_data_obj->getComment();
$status = $file_data_obj->getStatus();
$reviewer = $file_data_obj->getReviewerName();
// corrections
function pmt_delete($id)
{
global $pdo;
$userperm_obj = new User_Perms($_SESSION['uid'], $pdo);
if (!$userperm_obj->user_obj->isRoot()) {
header('Location: error.php?ec=4');
exit;
}
// all ok, proceed!
if (isset($id)) {
if (strchr($id, '_')) {
header('Location:error.php?ec=20');
}
if ($userperm_obj->canAdmin($id)) {
// delete from db
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE id = :id";
$stmt = $pdo->prepare($query);
$stmt->execute(array(':id' => $id));
// delete from db
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}dept_perms WHERE fid = :id";
$stmt = $pdo->prepare($query);
$stmt->execute(array(':id' => $id));
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}user_perms WHERE fid = :id";
$stmt = $pdo->prepare($query);
$stmt->execute(array(':id' => $id));
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = :id";
$stmt = $pdo->prepare($query);
$stmt->execute(array(':id' => $id));
$filename = $id . ".dat";
unlink($GLOBALS['CONFIG']['archiveDir'] . $filename);
if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
$dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
$dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
while ($lreadfile = readdir($dir)) {
if (is_file($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}")) {
unlink($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}");
}
}
rmdir($GLOBALS['CONFIG']['revisionDir'] . $id);
}
}
return true;
}
}
return false;
}
header('Location:error.php?ec=2');
exit;
}
if (strchr($_REQUEST['id'], '_')) {
list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']);
$pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $revision_id;
$file_size = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . '_' . $revision_id . '.dat');
} else {
$pageTitle = msg('area_file_details');
}
draw_header(msg('area_file_details'), $last_message);
$request_id = $_REQUEST['id'];
//save an original copy of id
$file_data_obj = new FileData($_REQUEST['id'], $pdo);
checkUserPermission($_REQUEST['id'], $file_data_obj->VIEW_RIGHT, $file_data_obj);
$user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
$user_permission_obj = new UserPermission($_SESSION['uid'], $pdo);
$user_obj = new User($file_data_obj->getOwner(), $pdo);
// display details
$owner_id = $file_data_obj->getOwner();
$category = $file_data_obj->getCategoryName();
$owner_full_name = $file_data_obj->getOwnerFullName();
$owner = $owner_full_name[1] . ', ' . $owner_full_name[0];
$real_name = $file_data_obj->getName();
$created = $file_data_obj->getCreatedDate();
$description = $file_data_obj->getDescription();
$comment = $file_data_obj->getComment();
$status = $file_data_obj->getStatus();
$reviewer = $file_data_obj->getReviewerName();
// corrections
if ($description == '') {
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
session_start();
include 'odm-load.php';
if (!isset($_SESSION['uid'])) {
redirect_visitor();
}
include 'udf_functions.php';
require_once "AccessLog_class.php";
require_once "User_Perms_class.php";
$user_perms_obj = new User_Perms($_SESSION['uid'], $pdo);
$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') {
header('Location:error.php?ec=2');
exit;
}
if (strchr($_REQUEST['id'], '_')) {
header('Location:error.php?ec=20');
}
$filedata = new FileData($_REQUEST['id'], $pdo);
if ($filedata->isArchived()) {
header('Location:error.php?ec=21');
}
// form not yet submitted, display initial form
if (!isset($_REQUEST['submit'])) {
draw_header(msg('area_update_file'), $last_message);
function pmt_delete($id)
{
$userperm_obj = new User_Perms($_SESSION['uid'], $GLOBALS['connection'], DB_NAME);
if (!$userperm_obj->user_obj->isRoot()) {
header('Location: error.php?ec=4');
exit;
}
// all ok, proceed!
//mysql_free_result($result);
if (isset($id)) {
if (strchr($id, '_')) {
header('Location:error.php?ec=20');
}
if ($userperm_obj->canAdmin($id)) {
// delete from db
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE id = '{$id}'";
$result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
// delete from db
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}dept_perms WHERE fid = '{$id}'";
$result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}user_perms WHERE fid = '{$id}'";
$result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
$query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = '{$id}'";
$result = mysql_query($query, $GLOBALS['connection']) or die("Error in query: {$query}. " . mysql_error());
$filename = $id . ".dat";
unlink($GLOBALS['CONFIG']['archiveDir'] . $filename);
if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
$dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) {
$dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/');
while ($lreadfile = readdir($dir)) {
if (is_file($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}")) {
unlink($GLOBALS['CONFIG']['revisionDir'] . "{$id}/{$lreadfile}");
}
}
rmdir($GLOBALS['CONFIG']['revisionDir'] . $id);
}
}
return true;
}
}
return false;
}
header('Location:error.php?ec=2');
exit;
}
if (strchr($_REQUEST['id'], '_')) {
list($_REQUEST['id'], $lrevision_id) = explode('_', $_REQUEST['id']);
$pageTitle = msg('area_file_details') . ' ' . msg('revision') . ' #' . $lrevision_id;
$filesize = display_filesize($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . '_' . $lrevision_id . '.dat');
} else {
$pageTitle = msg('area_file_details');
}
draw_header(msg('area_file_details'), $last_message);
$lrequest_id = $_REQUEST['id'];
//save an original copy of id
$filedata = new FileData($_REQUEST['id'], $GLOBALS['connection'], DB_NAME);
checkUserPermission($_REQUEST['id'], $filedata->VIEW_RIGHT, $filedata);
$user = new User_Perms($_SESSION['uid'], $GLOBALS['connection'], DB_NAME);
$userPermObj = new UserPermission($_SESSION['uid'], $GLOBALS['connection'], DB_NAME);
$user_obj = new user($filedata->getOwner(), $GLOBALS['connection'], DB_NAME);
$secureurl = new phpsecureurl();
// display details
$owner_id = $filedata->getOwner();
$category = $filedata->getCategoryName();
$owner_fullname = $filedata->getOwnerFullName();
$owner = $owner_fullname[1] . ', ' . $owner_fullname[0];
$realname = $filedata->getName();
$created = $filedata->getCreatedDate();
$description = $filedata->getDescription();
$comment = $filedata->getComment();
$status = $filedata->getStatus();
$reviewer = $filedata->getReviewerName();
// corrections