opendocman#324 - Admin users should see all reviewable files

opendocman#329 - Remove treeview mode opendocman#330 - index.php - re-direct authenticated users opendocman#331 - mysql column mis-match error during install opendocman#328 - Add config-sample.php file opendocman#325 - Add current username to status bar opendocman#323 - UDF values are limited to 16 chars opendocman#321 - Reviewers should see all files for department they review for opendocman#322 - Improve the error reporting during file uploads opendocman#257 - Get all the config options into the database opendocman#306 - UI - Add jQuery table to out.php to replace legacy table sorter opendocman#307 - DB - Move allowedFileTypes to database opendocman#259 - Improvements to the installer opendocman#296 - Root User - Should allow the root user to edit all files opendocman#298 - Folder Perms - Check all perms during install opendocman#300 - TYPE= is causing errors in some versions of mysql git-svn-id: http://opendocman.svn.sourceforge.net/svnroot/opendocman/opendocman/trunk@753 769e0422-6c0b-0410-966c-d94082ee0ac6
soewarsono · Jan 15, 2011 · 1087e2d · 1087e2d
1 parent 0dbfd12
commit 1087e2d
Show file tree

Hide file tree

Showing 455 changed files with 78,480 additions and 2,656 deletions.
diff --git a/Dept_Perms_class.php b/Dept_Perms_class.php
@@ -2,7 +2,7 @@
 /*
 Dept_Perms_class.php - Dept_Perms is designed to handle permission settings of each department.
 Copyright (C) 2002-2004  Stephen Lawrence, Khoa Nguyen
-Copyright (C) 2005-2010 Stephen Lawrence Jr.
+Copyright (C) 2005-2011 Stephen Lawrence Jr.
 This program is free software; you can redistribute it and/or
 modify it under the terms of the GNU General Public License
 as published by the Free Software Foundation; either version 2
@@ -79,9 +79,18 @@ function loadData_UserPerm($right)
         {
             //$s1 = getmicrotime();
             $fileid_array = array();
-            $query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA, {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS
-			WHERE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.rights >= $right AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.dept_id=$this->id 
-			AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA.id={$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS.fid AND {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA.publishable=1";
+            $query = "SELECT deptperms.fid
+                    FROM
+                        {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA as data,
+                        {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_PERMS as deptperms
+                    WHERE
+                            deptperms.rights >= $right
+                    AND
+                            deptperms.dept_id=$this->id
+                    AND
+                            data.id=deptperms.fid
+                    AND
+                            data.publishable=1";
             $result = mysql_query($query, $this->connection) or die("Error in querying: $query" .mysql_error());
             //$fileid_array[$index][0] ==> fid
             //$fileid_array[$index][1] ==> owner

diff --git a/FileData_class.php b/FileData_class.php
@@ -55,7 +55,7 @@ class FileData extends databaseData
         var $write_users;
         var $admin_users;
         var $filesize;
-        var	$isLocked;
+        var $isLocked;
 
         function FileData($id, $connection, $database)
         {

diff --git a/FileTypes_class.php b/FileTypes_class.php
@@ -0,0 +1,129 @@
+<?php
+/*
+FileTypes_class.php - Container for allowed file types info
+Copyright (C) 2010-2011 Stephen Lawrence Jr.
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+if( !defined('FileTypes_class') )
+{
+    define('FileTypes_class', 'true', false);
+    class FileTypes_class
+    {
+       /*
+        * Class that handles the opendocman allowedFileTypes values
+        */
+
+       /*
+        * Get value for a specific file type based on the key
+        * @param string $data
+        */
+        function get($data)
+        {
+
+        }
+
+        /*
+         * Add a new file type
+         * @param string $data
+        */
+        function add($data)
+        {
+            $query = "INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}filetypes (type,active) VALUES ('{$data['filetype']}','1')";
+            $result = mysql_query($query) or die ('Failed to save filetypes: ' . mysql_error());
+            return TRUE;
+        }
+
+        /*
+        * Save all the file type info
+        * @param array $data Array of values to be saved ($key,$value)
+        */
+        function save($data)
+        {
+            // First, uncheck all status values
+            $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}filetypes SET active='0'";
+            $result = mysql_query($query) or die ('Failed to un-set filetypes active values: ' . mysql_error());
+            foreach ($data['types'] as $key=>$value)
+            {
+                //print_r($data['types']);exit;
+                $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}filetypes SET active='1' WHERE id='$value'";
+                //echo $query;exit;
+                $result = mysql_query($query) or die ('Failed to save filetypes: ' . mysql_error());
+            }
+            return TRUE;
+        }
+
+        /*
+        * Load active file types to an array
+        * return array
+        */
+        function load()
+        {
+            $GLOBALS['CONFIG']['allowedFileTypes'] = array();
+            $sql = "SELECT type FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes WHERE active='1'";
+            $result = mysql_query($sql) or die ('Getting filetypes failed: ' . mysql_error());
+            while(list($value) = mysql_fetch_row($result))
+            {
+                array_push($GLOBALS['CONFIG']['allowedFileTypes'], $value);
+            }
+
+        }
+
+        /*
+         * Show the file types edit form
+        */
+        function edit()
+        {
+            $filetypes_arr = array();
+            $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes";
+            $result = mysql_query($query) or die('Failed to edit filetypes: ' . mysql_error());
+            while($row = mysql_fetch_array($result, MYSQL_ASSOC))
+            {
+                $filetypes_arr[] = $row;
+            }
+
+            $GLOBALS['smarty']->assign('filetypes_array',$filetypes_arr);
+            display_smarty_template('filetypes.tpl');
+        }
+
+        /*
+         * Show the form in order to Delete a filetype
+        */
+        function deleteSelect()
+        {
+            $filetypes_arr = array();
+            $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes";
+            $result = mysql_query($query) or die('Failed to select filetypes list: ' . mysql_error());
+            while($row = mysql_fetch_array($result, MYSQL_ASSOC))
+            {
+                $filetypes_arr[] = $row;
+            }
+
+            $GLOBALS['smarty']->assign('filetypes_array',$filetypes_arr);
+            display_smarty_template('filetypes_deleteshow.tpl');
+        }
+
+        function delete($data)
+        {
+            foreach($data['types'] as $id)
+            {
+                $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes WHERE id={$id}";
+                $result = mysql_query($query) or die('Failed to delete filetype: ' . mysql_error());
+            }
+            return TRUE;
+        }
+    }
+}
diff --git a/Settings_class.php b/Settings_class.php
@@ -0,0 +1,150 @@
+<?php
+/*
+Settings_class.php - Container for settings related info
+Copyright (C) 2010-2011 Stephen Lawrence Jr.
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+if( !defined('Settings_class') )
+{
+    define('Settings_class', 'true', false);
+
+   /*
+    * Class that handles the opendocman settings values
+    */
+
+    /**
+     * Description of Settings_class
+     *
+     * @author Stephen J. Lawrence Jr.
+     */
+    class Settings
+    {
+       /*
+        * Get value for a specific setting based on the key
+        * @param string $key
+        */
+        function get($key)
+        {
+
+        }
+       /*
+        * Save all the settings
+        * @param array $settings Array of values to be saved ($key,$value)
+        */
+        function save($data)
+        {
+            foreach ($data as $key=>$value)
+            {
+                $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}settings SET value='$value' WHERE name='$key'";
+                //echo $query . "<br />";
+                $result = mysql_query($query) or die ('Failed to save settings: ' . mysql_error());
+            }
+            return TRUE;
+        }
+        /*
+        * Load settings to an array
+        * return array
+        */
+        function load()
+        {
+            $sql = "SELECT name,value FROM {$GLOBALS['CONFIG']['db_prefix']}settings";
+            $result = mysql_query($sql) or die ('Getting settings failed: ' . mysql_error());
+            while(list($key, $value) = mysql_fetch_row($result))
+            {
+                $GLOBALS['CONFIG'][$key] = $value;
+            }
+
+        }
+
+        /*
+         * Show the settings edit form
+        */
+        function edit()
+        {
+            $settings_arr = array();
+            $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}settings";
+            $result = mysql_query($query) or die('Failed to edit settings: ' . mysql_error());
+            while($row = mysql_fetch_array($result, MYSQL_ASSOC))
+            {
+                $settings_arr[] = $row;
+            }
+
+            $GLOBALS['smarty']->assign('themes', $this->getThemes());
+            $GLOBALS['smarty']->assign('languages', $this->getLanguages());
+            $GLOBALS['smarty']->assign('usernames', $this->getUserNames());
+            $GLOBALS['smarty']->assign('settings_array',$settings_arr);
+            display_smarty_template('settings.tpl');
+        }
+        /*
+        * Validate a specific setting based on its validation type
+        * @param string $key The name of the setting to be tested
+        * @param string $value The value of the setting to be tested
+        */
+        function validate($data,$value)
+        {
+            // NOT IMPLEMENTED
+        }
+        /*
+         * This function will return an array of the possible theme names found in the /templates folder
+         * for use in the settings form
+        */
+        function getThemes()
+        {
+            $themes = $this->getFolders( ABSPATH . 'templates');
+            return $themes;
+        }
+
+        function getLanguages()
+        {
+            $languages = $this->getFolders( ABSPATH . 'includes/language');
+            return str_replace('.php','',$languages);
+        }
+
+        function getFolders($path = '.')
+        {
+            $file_list=array();
+            if ($handle = opendir($path))
+            {
+                while (false !== ($file = readdir($handle)))
+                {
+                    if ($file != "." && $file != ".." && $file != ".svn" && $file != 'README' && $file != 'sync.sh')
+                    {
+                        array_push($file_list, $file);
+                    }
+                }
+                closedir($handle);
+            }
+            return $file_list;
+        }
+
+        /*
+         * Return an array of user names
+         */
+        function getUserNames()
+        {
+            $query = "SELECT username from {$GLOBALS['CONFIG']['db_prefix']}user";
+            $result = mysql_query($query) or die('Failed to read user names for settings: ' . mysql_error());
+            $usernames_arr = array();
+            while($row = mysql_fetch_array($result))
+            {
+                array_push($usernames_arr,$row);
+            }
+            return $usernames_arr;
+        }
+
+    }
+}
diff --git a/UserPermission_class.php b/UserPermission_class.php
@@ -2,7 +2,7 @@
 /*
 UserPermission_class.php - relates users to files 
 Copyright (C) 2002-2004 Stephen Lawrence Jr., Khoa Nguyen
-Copyright (C) 2005-2010 Stephen Lawrence Jr.
+Copyright (C) 2005-2011 Stephen Lawrence Jr.
 This program is free software; you can redistribute it and/or
 modify it under the terms of the GNU General Public License
 as published by the Free Software Foundation; either version 2
@@ -55,21 +55,11 @@ function UserPermission($uid, $connection, $database)
         // return an array of all the Allowed files ( right >= view_right) ID
         function getAllowedFileIds()
         {
-            $start_time = time();
             $viewable_array = $this->getViewableFileIds();
-            echo '<br> <b> Load Viewable Time: ' . (time() - $start_time) . ' </b>';
-            $start_time = time();
             $readable_array = $this->getReadableFileIds();
-            echo '<br> <b> Load Readable Time: ' . (time() - $start_time) . ' </b>';
-            $start_time = time();
             $writeable_array = $this->getWriteableFileIds();
-            echo '<br> <b> Load Writable Time: ' . (time() - $start_time) . ' </b>';
-            $start_time = time();
             $adminable_array = $this->getAdminableFileIds();
-            echo '<br> <b> Load Admin Time: ' . (time() - $start_time) . ' </b>';
-            $start_time = time();
             $result_array = array_values( array_unique( array_merge($viewable_array, $readable_array, $writeable_array, $adminable_array) ) );
-            echo '<br> <b> 3 combines Time: ' . (time() - $start_time) . ' </b><br>';
             return $result_array;
         }
         // return an array of all the Allowed files ( right >= view_right) object
@@ -217,7 +207,7 @@ function combineArrays($high_priority_array, $low_priority_array)
         // by combining and prioritizing user and deparment right
         function getAuthority($data_id)
         {
-            $file_obj = new FileData($data_id, $GLOBALS['connection'], $GLOBALS['database']);
+            $file_obj = new FileData($data_id, $GLOBALS['connection'], DB_NAME);
             if($this->user_obj->isAdmin() || $this->user_obj->isReviewerForFile($this->field_id))
             {
                 return $this->ADMIN_RIGHT;