From 38566b426f853bef387ba26cd0ee3cd03802a76f Mon Sep 17 00:00:00 2001 From: Logical Arts LLC Date: Sat, 1 Aug 2015 15:39:48 -0700 Subject: [PATCH] PSR2 Updates --- AccessLog_class.php | 26 +-- Category_class.php | 7 +- Department_class.php | 11 +- Dept_Perms_class.php | 142 ++++++-------- Email_class.php | 14 +- FileData_class.php | 177 ++++++++--------- FileTypes_class.php | 42 ++-- Plugin_class.php | 147 +++++++++----- Reviewer_class.php | 7 +- Settings_class.php | 46 ++--- UserPermission_class.php | 67 +++---- User_Perms_class.php | 158 ++++++--------- User_class.php | 153 +++++++-------- access_log.php | 22 +-- add.php | 94 +++------ admin.php | 69 ++++--- ajax_udf.php | 27 ++- category.php | 170 ++++++++-------- check-in.php | 95 ++++----- check-out.php | 43 ++--- check_exp.php | 31 ++- classHeaders.php | 43 ++--- config-sample.php | 8 +- crumb.php | 48 ++--- databaseData_class.php | 103 +++++----- delete.php | 84 +++----- department.php | 195 +++++++++---------- details.php | 6 +- edit.php | 27 ++- error.php | 11 +- file_ops.php | 55 +++--- filetypes.php | 59 ++---- forgot_password.php | 51 +++-- functions.php | 353 ++++++++++++++-------------------- history.php | 196 ++++++++++--------- in.php | 26 +-- includes/language/arabic.php | 3 +- includes/language/bangla.php | 2 +- includes/language/spanish.php | 2 +- index.php | 59 ++---- install/index.php | 88 ++++----- install/odm.php | 9 +- install/setup-config.php | 224 ++++++++++----------- install/upgrade_10.php | 2 +- install/upgrade_11.php | 2 +- install/upgrade_11rc1.php | 2 +- install/upgrade_11rc2.php | 2 +- install/upgrade_124.php | 2 +- install/upgrade_1252.php | 2 +- install/upgrade_1256.php | 6 +- install/upgrade_1257.php | 8 +- install/upgrade_1261.php | 2 +- install/upgrade_12p1.php | 2 +- install/upgrade_12p3.php | 2 +- install/upgrade_12rc1.php | 2 +- logout.php | 16 +- odm-header.php | 10 +- odm-init.php | 6 +- odm-load.php | 23 +-- out.php | 32 ++- profile.php | 5 +- rejects.php | 64 +++--- reports/file_list.php | 15 +- search.php | 94 ++++----- settings.php | 45 ++--- signup.php | 64 +++--- toBePublished.php | 131 +++++-------- udf.php | 272 +++++++++++++------------- udf_functions.php | 263 +++++++++++-------------- user.php | 10 +- view.php | 45 ++--- view_file.php | 79 +++----- 72 files changed, 1908 insertions(+), 2500 deletions(-) diff --git a/AccessLog_class.php b/AccessLog_class.php index cb2944f3..a25621b9 100644 --- a/AccessLog_class.php +++ b/AccessLog_class.php @@ -25,15 +25,16 @@ * @author Stephen Lawrence Jr. * @param string $accesslog */ -class AccessLog extends Plugin { - - var $accesslog=''; +class AccessLog extends Plugin +{ + public $accesslog=''; /** * AccessLog constructor for the AccessLog plugin * @param string $_accesslog Message to display */ - function AccessLog($_accesslog='') { + public function AccessLog($_accesslog='') + { $this->name = 'AccessLog'; $this->author = 'Stephen Lawrence Jr'; $this->version = '1.0'; @@ -46,14 +47,16 @@ function AccessLog($_accesslog='') { /** * @param string $_var The string to display */ - function setAccessLog($_var) { + public function setAccessLog($_var) + { $this->accesslog = $_var; } /** * @returns string $var Get the value of accesslog var */ - function getAccessLog() { + public function getAccessLog() + { $var = $this->accesslog; return $var; } @@ -62,7 +65,7 @@ function getAccessLog() { * Draw the admin menu * Required if you want an admin menu to show for your plugin */ - function onAdminMenu() + public function onAdminMenu() { $curdir = dirname(__FILE__); $GLOBALS['smarty']->display('file:' . $curdir . '/templates/accesslog.tpl'); @@ -74,10 +77,9 @@ function onAdminMenu() * @param string $type The type of entry to describe what happened * @param PDO $pdo */ - static function addLogEntry($fileId, $type, PDO $pdo) + public static function addLogEntry($fileId, $type, PDO $pdo) { - if ($fileId == 0) - { + if ($fileId == 0) { global $id; $fileId = $id; } @@ -91,7 +93,5 @@ static function addLogEntry($fileId, $type, PDO $pdo) ':type' => $type ) ); - } - -} \ No newline at end of file +} diff --git a/Category_class.php b/Category_class.php index 1161b2e7..b4292241 100644 --- a/Category_class.php +++ b/Category_class.php @@ -17,8 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if (!defined('Category_class')) -{ +if (!defined('Category_class')) { define('Category_class', 'true', false); class Category @@ -36,12 +35,10 @@ public static function getAllCategories(PDO $pdo) $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $categoryListArray[] = $row; } return $categoryListArray; } - } - } diff --git a/Department_class.php b/Department_class.php index 608e2ca2..c081223d 100644 --- a/Department_class.php +++ b/Department_class.php @@ -21,8 +21,7 @@ class. The only difference is that it provides it's own constructor to handle i Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('Department_class') ) -{ +if (!defined('Department_class')) { define('Department_class', 'true', false); class Department extends databaseData { @@ -31,7 +30,7 @@ class Department extends databaseData * @param int $id * @param PDO $connection */ - function Department($id, PDO $connection) + public function Department($id, PDO $connection) { $this->field_name = 'name'; $this->field_id = 'id'; @@ -47,7 +46,7 @@ function Department($id, PDO $connection) * @param PDO $pdo * @returns array */ - static function getAllDepartments(PDO $pdo) + public static function getAllDepartments(PDO $pdo) { $departments = array(); $query = "SELECT name, id FROM {$GLOBALS['CONFIG']['db_prefix']}department ORDER by name"; @@ -63,7 +62,5 @@ static function getAllDepartments(PDO $pdo) } return $departments; } - - } - } +} diff --git a/Dept_Perms_class.php b/Dept_Perms_class.php index d9eded46..2f41ef35 100644 --- a/Dept_Perms_class.php +++ b/Dept_Perms_class.php @@ -18,35 +18,34 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('Dept_Perms_class') ) -{ +if (!defined('Dept_Perms_class')) { define('Dept_Perms_class', 'true'); class Dept_Perms extends databaseData { - var $fid; - var $id; - var $rights; - var $file_obj; - var $error; - var $chosen_mode; + public $fid; + public $id; + public $rights; + public $file_obj; + public $error; + public $chosen_mode; protected $connection; - var $error_flag = FALSE; + public $error_flag = false; - var $NONE_RIGHT = 0; - var $VIEW_RIGHT = 1; - var $READ_RIGHT = 2; - var $WRITE_RIGHT = 3; - var $ADMIN_RIGHT = 4; - var $FORBIDDEN_RIGHT = -1; - var $USER_MODE = 0; - var $FILE_MODE = 1; + public $NONE_RIGHT = 0; + public $VIEW_RIGHT = 1; + public $READ_RIGHT = 2; + public $WRITE_RIGHT = 3; + public $ADMIN_RIGHT = 4; + public $FORBIDDEN_RIGHT = -1; + public $USER_MODE = 0; + public $FILE_MODE = 1; /** * @param int $id * @param PDO $connection */ - function Dept_Perms($id, PDO $connection) + public function Dept_Perms($id, PDO $connection) { // this can be fid or uid $this->id = $id; @@ -57,7 +56,7 @@ function Dept_Perms($id, PDO $connection) * @param bool $limit * @return array */ - function getCurrentViewOnly($limit = true) + public function getCurrentViewOnly($limit = true) { return $this->loadData_UserPerm($this->VIEW_RIGHT, $limit); } @@ -66,7 +65,7 @@ function getCurrentViewOnly($limit = true) * @param bool $limit * @return array */ - function getCurrentNoneRight($limit = true) + public function getCurrentNoneRight($limit = true) { return $this->loadData_UserPerm($this->NONE_RIGHT, $limit); } @@ -75,7 +74,7 @@ function getCurrentNoneRight($limit = true) * @param bool $limit * @return array */ - function getCurrentReadRight($limit = true) + public function getCurrentReadRight($limit = true) { return $this->loadData_UserPerm($this->READ_RIGHT, $limit); } @@ -84,7 +83,7 @@ function getCurrentReadRight($limit = true) * @param bool $limit * @return array */ - function getCurrentWriteRight($limit = true) + public function getCurrentWriteRight($limit = true) { return $this->loadData_UserPerm($this->WRITE_RIGHT, $limit); } @@ -93,7 +92,7 @@ function getCurrentWriteRight($limit = true) * @param bool $limit * @return array */ - function getCurrentAdminRight($limit = true) + public function getCurrentAdminRight($limit = true) { return $this->loadData_UserPerm($this->ADMIN_RIGHT, $limit); } @@ -101,7 +100,7 @@ function getCurrentAdminRight($limit = true) /** * @return int */ - function getId() + public function getId() { return $this->id; } @@ -112,7 +111,7 @@ function getId() * @param bool $limit * @return array */ - function loadData_UserPerm($right, $limit = true) + public function loadData_UserPerm($right, $limit = true) { $limit_query = ($limit) ? "LIMIT {$GLOBALS['CONFIG']['max_query']}" : ''; @@ -145,21 +144,17 @@ function loadData_UserPerm($right, $limit = true) * @param int $data_id * @return bool */ - function canView($data_id) + public function canView($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or - //if this file is publishable - if(!$this->isForbidden($data_id) and $filedata->isPublishable() ) - { + //if this file is publishable + if (!$this->isForbidden($data_id) and $filedata->isPublishable()) { // return whether or not this deptartment can view the file - if($this->canDept($data_id, $this->VIEW_RIGHT)) - { + if ($this->canDept($data_id, $this->VIEW_RIGHT)) { return true; - } - else - { + } else { false; } } @@ -172,21 +167,17 @@ function canView($data_id) * @param int $data_id * @return bool */ - function canRead($data_id) + public function canRead($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or - //if this file is publishable - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { + //if this file is publishable + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { // return whether or not this deptartment can read the file - if($this->canDept($data_id, $this->READ_RIGHT) or !$filedata->isPublishable($data_id) ) - { + if ($this->canDept($data_id, $this->READ_RIGHT) or !$filedata->isPublishable($data_id)) { return true; - } - else - { + } else { false; } } @@ -199,25 +190,20 @@ function canRead($data_id) * @param int $data_id * @return bool */ - function canWrite($data_id) + public function canWrite($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or //if this file is publishable - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { // return whether or not this deptartment can modify the file - if($this->canDept($data_id, $this->WRITE_RIGHT)) - { + if ($this->canDept($data_id, $this->WRITE_RIGHT)) { return true; - } - else - { + } else { false; } } - } /** @@ -226,25 +212,20 @@ function canWrite($data_id) * @param int $data_id * @return bool */ - function canAdmin($data_id) + public function canAdmin($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or - //if this file is publishable - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { + //if this file is publishable + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { // return whether or not this deptartment can admin the file - if($this->canDept($data_id, $this->ADMIN_RIGHT)) - { + if ($this->canDept($data_id, $this->ADMIN_RIGHT)) { return true; - } - else - { + } else { false; } } - } /** @@ -252,7 +233,7 @@ function canAdmin($data_id) * @param int $data_id * @return bool */ - function isForbidden($data_id) + public function isForbidden($data_id) { $this->error_flag = true; // reset flag $query = " @@ -272,19 +253,13 @@ function isForbidden($data_id) )); $result = $stmt->fetch(); - if($stmt->rowCount() == 1) - { - if($result['rights'] == $this->FORBIDDEN_RIGHT) - { + if ($stmt->rowCount() == 1) { + if ($result['rights'] == $this->FORBIDDEN_RIGHT) { return true; - } - else - { + } else { return false; } - } - else - { + } else { $this->error = "Non-unique database entry found in $this->TABLE_DEPT_PERMS"; $this->error_flag = false; return 0; @@ -298,7 +273,7 @@ function isForbidden($data_id) * @param int $right * @return bool */ - function canDept($data_id, $right) + public function canDept($data_id, $right) { $query = " SELECT @@ -320,8 +295,7 @@ function canDept($data_id, $right) )); $num_results = $stmt->rowCount(); - switch($num_results) - { + switch ($num_results) { case 1: return true; break; case 0: return false; @@ -336,9 +310,8 @@ function canDept($data_id, $right) * @param int $data_id * @return int|string */ - function getPermission($data_id) + public function getPermission($data_id) { - $query = " SELECT rights @@ -356,19 +329,14 @@ function getPermission($data_id) $results = $stmt->fetch(); $num_results = $stmt->rowCount(); - if($num_results == 1) - { + if ($num_results == 1) { $permission = $results['rights']; return $permission; - } - else if ($num_results == 0) - { + } elseif ($num_results == 0) { return 0; - } - else - { + } else { return 'Non-unique error'; } } } -} \ No newline at end of file +} diff --git a/Email_class.php b/Email_class.php index 1e1a690a..a9c7f2fd 100644 --- a/Email_class.php +++ b/Email_class.php @@ -28,9 +28,8 @@ class Email /* * Constructor */ - function Email () + public function Email() { - } /** @@ -38,7 +37,7 @@ function Email () */ public function getFullName() { - if(!isset($this->full_name)){ + if (!isset($this->full_name)) { return false; } return $this->full_name; @@ -64,7 +63,7 @@ public function getFrom() * @param string $from */ public function setFrom($from) - { + { $this->from = $from; } @@ -113,7 +112,7 @@ public function getHeaders() */ private function setHeaders() { - if(isset($this->from)) { + if (isset($this->from)) { $mail_headers = "From: {$this->getFrom()}" . "\r\n"; $mail_headers .="Content-Type: text/plain; charset=UTF-8" . "\r\n"; $this->headers = $mail_headers; @@ -133,8 +132,8 @@ public function getRecipients() * @return bool */ public function setRecipients($recipients) - { - if(!is_array($recipients)) { + { + if (!is_array($recipients)) { return false; } $this->recipients = $recipients; @@ -151,5 +150,4 @@ public function sendEmail() } return true; } - } diff --git a/FileData_class.php b/FileData_class.php index 48488e9d..7c7463b2 100644 --- a/FileData_class.php +++ b/FileData_class.php @@ -18,48 +18,47 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('FileData_class') ) -{ +if (!defined('FileData_class')) { define('FileData_class', 'true', false); /* - mysql> describe data; - +-------------------+----------------------+------+-----+---------------------+----------------+ - | id | smallint(5) unsigned | | PRI | NULL | auto_increment | - | category | tinyint(4) unsigned | | | 0 | | - | owner | tinyint(4) unsigned | | | 0 | | - | realname | varchar(255) | | | | | - | created | datetime | | | 0000-00-00 00:00:00 | | - | description | varchar(255) | YES | | NULL | | - | comment | varchar(255) | | | | | - | status | tinyint(4) unsigned | | | 0 | | - | department | tinyint(4) | | | 0 | | - | default_rights | int(4) | YES | | NULL | | - | publishable | int(4) | YES | | NULL | | - | reviewer | int(4) | YES | | NULL | | - | reviewer_comments | varchar(255) | YES | | NULL | | - +-------------------+----------------------+------+-----+---------------------+----------------+ + mysql> describe data; + +-------------------+----------------------+------+-----+---------------------+----------------+ + | id | smallint(5) unsigned | | PRI | NULL | auto_increment | + | category | tinyint(4) unsigned | | | 0 | | + | owner | tinyint(4) unsigned | | | 0 | | + | realname | varchar(255) | | | | | + | created | datetime | | | 0000-00-00 00:00:00 | | + | description | varchar(255) | YES | | NULL | | + | comment | varchar(255) | | | | | + | status | tinyint(4) unsigned | | | 0 | | + | department | tinyint(4) | | | 0 | | + | default_rights | int(4) | YES | | NULL | | + | publishable | int(4) | YES | | NULL | | + | reviewer | int(4) | YES | | NULL | | + | reviewer_comments | varchar(255) | YES | | NULL | | + +-------------------+----------------------+------+-----+---------------------+----------------+ */ class FileData extends databaseData { - var $category; - var $owner; - var $created_date; - var $description; - var $comment; - var $status; - var $department; - var $default_rights; - var $view_users; - var $read_users; - var $write_users; - var $admin_users; - var $filesize; - var $isLocked; + public $category; + public $owner; + public $created_date; + public $description; + public $comment; + public $status; + public $department; + public $default_rights; + public $view_users; + public $read_users; + public $write_users; + public $admin_users; + public $filesize; + public $isLocked; protected $connection; - function FileData($id, $connection) + public function FileData($id, $connection) { $this->field_name = 'realname'; $this->field_id = 'id'; @@ -75,7 +74,7 @@ function FileData($id, $connection) * Return a boolean whether this file exists * @return bool|string */ - function exists() + public function exists() { $query = " SELECT @@ -88,8 +87,7 @@ function exists() $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $this->id)); - switch($stmt->rowCount()) - { + switch ($stmt->rowCount()) { case 1: return true; break; case 0: return false; @@ -104,9 +102,8 @@ function exists() * This is a more complex version of base class's loadData. * This function loads up all the fields in data table */ - function loadData() + public function loadData() { - $query = " SELECT category, @@ -127,8 +124,8 @@ function loadData() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchAll(); - if( $stmt->rowCount() == $this->result_limit ) { - foreach($result as $row) { + if ($stmt->rowCount() == $this->result_limit) { + foreach ($result as $row) { $this->category = $row['category']; $this->owner = $row['owner']; $this->created_date = $row['created']; @@ -147,7 +144,7 @@ function loadData() /** * Update the dynamic values of the file */ - function updateData() + public function updateData() { $query = " UPDATE @@ -181,7 +178,7 @@ function updateData() * return filesize * @return mixed */ - function getFileSize() + public function getFileSize() { return $this->filesize; } @@ -190,7 +187,7 @@ function getFileSize() * return this file's category id * @return int */ - function getCategory() + public function getCategory() { return $this->category; } @@ -198,7 +195,7 @@ function getCategory() /** * @param int $value */ - function setCategory($value) + public function setCategory($value) { $this->category = $value; } @@ -207,9 +204,8 @@ function setCategory($value) * return this file's category name * @return string */ - function getCategoryName() + public function getCategoryName() { - $query = " SELECT name @@ -232,7 +228,7 @@ function getCategoryName() * @param int $uid * @return bool */ - function isOwner($uid) + public function isOwner($uid) { return ($this->getOwner() == $uid); } @@ -241,7 +237,7 @@ function isOwner($uid) * return the ID of the owner of this file * @return int */ - function getOwner() + public function getOwner() { return $this->owner; } @@ -250,7 +246,7 @@ function getOwner() * set the user_id of the file * @param int $value */ - function setOwner($value) + public function setOwner($value) { $this->owner = $value; } @@ -259,7 +255,7 @@ function setOwner($value) * return the username of the owner * @return mixed */ - function getOwnerName() + public function getOwnerName() { $user_obj = new User($this->owner, $this->connection); return $user_obj->getName(); @@ -270,7 +266,7 @@ function getOwnerName() * and index=1 corresponds to the first name * @return mixed */ - function getOwnerFullName() + public function getOwnerFullName() { $user_obj = new User($this->owner, $this->connection); return $user_obj->getFullName(); @@ -282,7 +278,7 @@ function getOwnerFullName() * the file's department will not be the same as it's owner's. * @return string */ - function getOwnerDeptId() + public function getOwnerDeptId() { $user_obj = new User($this->getOwner(), $this->connection); return $user_obj->getDeptId(); @@ -293,7 +289,7 @@ function getOwnerDeptId() * the department name instead of department id * @return string */ - function getOwnerDeptName() + public function getOwnerDeptName() { $user_obj = new User($this->getOwner(), $this->connection); return $user_obj->getDeptName(); @@ -303,7 +299,7 @@ function getOwnerDeptName() * return file description * @return string */ - function getDescription() + public function getDescription() { return $this->description; } @@ -311,7 +307,7 @@ function getDescription() /** * @param string $value */ - function setDescription($value) + public function setDescription($value) { $this->description = $value; } @@ -319,7 +315,7 @@ function setDescription($value) /** * @return int */ - function getDefaultRights() + public function getDefaultRights() { return $this->default_rights; } @@ -327,7 +323,7 @@ function getDefaultRights() /** * @param int $value */ - function setDefaultRights($value) + public function setDefaultRights($value) { $this->default_rights = $value; } @@ -336,7 +332,7 @@ function setDefaultRights($value) * return file commnents * @return mixed */ - function getComment() + public function getComment() { return $this->comment; } @@ -344,7 +340,7 @@ function getComment() /** * @param string $value */ - function setComment($value) + public function setComment($value) { $this->comment = $value; } @@ -353,7 +349,7 @@ function setComment($value) * return the status of the file * @return int */ - function getStatus() + public function getStatus() { return $this->status; } @@ -361,7 +357,7 @@ function getStatus() /** * @param int $status Status of file */ - function setStatus($status) + public function setStatus($status) { $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA set status = :status where id = :id"; $stmt = $this->connection->prepare($query); @@ -375,7 +371,7 @@ function setStatus($status) * return a User OBJ of the person who checked out this file * @return User */ - function getCheckerOBJ() + public function getCheckerOBJ() { $user = new User($this->status, $this->connection); return $user; @@ -385,7 +381,7 @@ function getCheckerOBJ() * return the department ID of the file * @return int */ - function getDepartment() + public function getDepartment() { return $this->department; } @@ -393,7 +389,7 @@ function getDepartment() /** * @param int $value */ - function setDepartment($value) + public function setDepartment($value) { $this->department = $value; } @@ -402,15 +398,14 @@ function setDepartment($value) * return the name of the department of the file * @return string */ - function getDeptName() + public function getDeptName() { $query = "SELECT name FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPARTMENT WHERE id = :department_id"; $stmt = $this->connection->prepare($query); $stmt->execute(array(':department_id' => $this->getDepartment())); $result = $stmt->fetchColumn(); - if ($stmt->rowCount() == 0) - { + if ($stmt->rowCount() == 0) { echo('ERROR: No database entry exists in department table for ID = '.$this->getDepartment().'.'); return "ERROR"; //exit; @@ -423,7 +418,7 @@ function getDeptName() * return the date that the file was created * @return string */ - function getCreatedDate() + public function getCreatedDate() { return $this->created_date; } @@ -432,9 +427,8 @@ function getCreatedDate() * return the latest modifying date on the file * @return string */ - function getModifiedDate() + public function getModifiedDate() { - $query = "SELECT modified_on FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_LOG WHERE id = :id ORDER BY modified_on DESC limit 1"; $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $this->id)); @@ -448,7 +442,7 @@ function getModifiedDate() * return the realname of the file * @return string */ - function getRealName() + public function getRealName() { return databaseData::getName(); } @@ -458,7 +452,7 @@ function getRealName() * @param int $dept_id * @return int */ - function getDeptRights($dept_id) + public function getDeptRights($dept_id) { $query = " SELECT @@ -485,11 +479,10 @@ function getDeptRights($dept_id) * @param array $uid_array * @return array */ - function toUserOBJs($uid_array) + public function toUserOBJs($uid_array) { $UserOBJ_array = array(); - for($i = 0; $iconnection); } return $UserOBJ_array; @@ -499,7 +492,7 @@ function toUserOBJs($uid_array) * Return a boolean on whether or not this file is publishable * @return string */ - function isPublishable() + public function isPublishable() { $query = " SELECT @@ -513,8 +506,7 @@ function isPublishable() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); - if($stmt->rowCount() != 1) - { + if ($stmt->rowCount() != 1) { echo('DB error. Unable to locate file id ' . $this->id . ' in table '.$GLOBALS['CONFIG']['db_prefix'].'data. Please contact ' . $GLOBALS['CONFIG']['site_mail'] . 'for help'); exit; } @@ -525,7 +517,7 @@ function isPublishable() /** * @return bool */ - function isArchived() + public function isArchived() { $query = " SELECT @@ -539,8 +531,7 @@ function isArchived() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); - if($stmt->rowCount() != 1) - { + if ($stmt->rowCount() != 1) { echo('DB error. Unable to locate file id ' . $this->id . ' in table '.$GLOBALS['CONFIG']['db_prefix'].'data. Please contact ' . $GLOBALS['CONFIG']['site_mail'] . 'for help'); exit; } @@ -552,7 +543,7 @@ function isArchived() * This function sets the publishable field in the data table to $boolean * @param bool $boolean */ - function Publishable($boolean = true) + public function Publishable($boolean = true) { $query = " UPDATE @@ -569,14 +560,13 @@ function Publishable($boolean = true) ':uid' => $_SESSION['uid'], ':id' => $this->id )); - } /** * return the user id of the reviewer * @return int */ - function getReviewerID() + public function getReviewerID() { $query = " SELECT @@ -597,11 +587,10 @@ function getReviewerID() * return the username of the reviewer * @return bool */ - function getReviewerName() + public function getReviewerName() { $reviewer_id = $this->getReviewerID(); - if(isset($reviewer_id)) - { + if (isset($reviewer_id)) { $user_obj = new User($reviewer_id, $this->connection); return $user_obj->getName(); } @@ -612,7 +601,7 @@ function getReviewerName() * Set $comments into the reviewer comment field in the DB * @param $comments */ - function setReviewerComments($comments) + public function setReviewerComments($comments) { $query = " UPDATE @@ -627,7 +616,6 @@ function setReviewerComments($comments) ':comments' => $comments, ':id' => $this->id )); - } @@ -635,9 +623,8 @@ function setReviewerComments($comments) * Return the reviewers' comment toward this file * @return string */ - function getReviewerComments() + public function getReviewerComments() { - $query = " SELECT reviewer_comments @@ -656,7 +643,7 @@ function getReviewerComments() /** * */ - function temp_delete() + public function temp_delete() { $query = " UPDATE @@ -673,7 +660,7 @@ function temp_delete() /** * */ - function undelete() + public function undelete() { $query = " UPDATE @@ -690,9 +677,9 @@ function undelete() /** * @return bool */ - function isLocked() + public function isLocked() { return $this->isLocked; } } -} \ No newline at end of file +} diff --git a/FileTypes_class.php b/FileTypes_class.php index 08f25a4c..d2192780 100644 --- a/FileTypes_class.php +++ b/FileTypes_class.php @@ -18,8 +18,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('FileTypes_class') ) -{ +if (!defined('FileTypes_class')) { define('FileTypes_class', 'true', false); /** @@ -27,10 +26,10 @@ */ class FileTypes_class { - protected $connection; - public function FileTypes_class(PDO $pdo) { + public function FileTypes_class(PDO $pdo) + { $this->connection = $pdo; } @@ -38,9 +37,8 @@ public function FileTypes_class(PDO $pdo) { * Get value for a specific file type based on the key * @param string $data */ - function get($data) + public function get($data) { - } /** @@ -48,7 +46,7 @@ function get($data) * @param string $data * @return bool */ - function add($data) + public function add($data) { $query = " INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}filetypes @@ -59,7 +57,7 @@ function add($data) $stmt = $this->connection->prepare($query); $stmt->execute(array(':data' => $data['filetype'])); - return TRUE; + return true; } /** @@ -67,7 +65,7 @@ function add($data) * @param array $data Array of values to be saved ($key,$value) * @return bool */ - function save($data) + public function save($data) { // First, uncheck all status values $query = " @@ -91,9 +89,8 @@ function save($data) "; $stmt = $this->connection->prepare($query2); $stmt->execute(array(':value' => $value)); - } - return TRUE; + return true; } return false; } @@ -101,7 +98,7 @@ function save($data) /** * Load active file types into a global array */ - function load() + public function load() { $GLOBALS['CONFIG']['allowedFileTypes'] = array(); $query = " @@ -116,7 +113,7 @@ function load() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { array_push($GLOBALS['CONFIG']['allowedFileTypes'], $row['type']); } } @@ -124,7 +121,7 @@ function load() /* * Show the file types edit form */ - function edit() + public function edit() { $filetypes_arr = array(); $query = " @@ -137,18 +134,18 @@ function edit() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $filetypes_arr[] = $row; } - $GLOBALS['smarty']->assign('filetypes_array',$filetypes_arr); + $GLOBALS['smarty']->assign('filetypes_array', $filetypes_arr); display_smarty_template('filetypes.tpl'); } /* * Show the form in order to Delete a filetype */ - function deleteSelect() + public function deleteSelect() { $filetypes_arr = array(); $query = " @@ -161,18 +158,17 @@ function deleteSelect() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $filetypes_arr[] = $row; } - $GLOBALS['smarty']->assign('filetypes_array',$filetypes_arr); + $GLOBALS['smarty']->assign('filetypes_array', $filetypes_arr); display_smarty_template('filetypes_deleteshow.tpl'); } - function delete($data) + public function delete($data) { - foreach($data['types'] as $id) - { + foreach ($data['types'] as $id) { $query = " DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes @@ -182,7 +178,7 @@ function delete($data) $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $id)); } - return TRUE; + return true; } } } diff --git a/Plugin_class.php b/Plugin_class.php index f6188c50..214ccca3 100644 --- a/Plugin_class.php +++ b/Plugin_class.php @@ -21,17 +21,16 @@ * * @author Stephen J. Lawrence Jr. */ -class Plugin +class Plugin { - - var $name = ''; - var $version = ''; - var $author = ''; - var $homepage = ''; - var $description = ''; - var $pluginslist = ''; + public $name = ''; + public $version = ''; + public $author = ''; + public $homepage = ''; + public $description = ''; + public $pluginslist = ''; - function Plugin() + public function Plugin() { $name = $this->name; $version = $this->version; @@ -46,16 +45,13 @@ function Plugin() * INCLUDE ALL PLUGINS * @return array $pluginslist An array of plugin names currently in the plug-ins folder */ - function getPluginsList() + public function getPluginsList() { $pluginslist = array(); $curdir = dirname(__FILE__); - if ($handle = opendir($curdir . '/plug-ins')) - { - while (false !== ($file = readdir($handle))) - { - if ($file != 'index.html' && $file != '.htaccess' && $file != "." && $file != ".." && $file != '.svn' && $file != '.git' && is_file('plug-ins/' . $file . '/' . $file . '_class.php')) - { + if ($handle = opendir($curdir . '/plug-ins')) { + while (false !== ($file = readdir($handle))) { + if (file != 'index.html' && $file != '.htaccess' && $file != "." && $file != ".." && $file != '.svn' && is_file('plug-ins/' . $file . '/' . $file . '_class.php')) { array_push($pluginslist, $file); } } @@ -67,7 +63,7 @@ function getPluginsList() /* * Set the value for the pluginslist variable */ - function setPluginsList($var) + public function setPluginsList($var) { $this->pluginslist = $var; } @@ -76,10 +72,9 @@ function setPluginsList($var) * Include all the plugin class files * @return true */ - function loadPlugins() + public function loadPlugins() { - foreach($this->getPluginsList() as $file) - { + foreach ($this->getPluginsList() as $file) { include_once('plug-ins/' . $file . '/' . $file . '_class.php'); } return true; @@ -88,150 +83,206 @@ function loadPlugins() /* * This function allows for new admin menu items to display for your plugin */ - function onAdminMenu() {} + public function onAdminMenu() + { + } /* * This function is run on the Add File page */ - function onBeforeAdd() {} + public function onBeforeAdd() + { + } /* * This function is run on while the file is being added to the database */ - function onDuringAdd($fileid) {} + public function onDuringAdd($fileid) + { + } /* * This function is run after a new file is added */ - function onAfterAdd($fileid) {} + public function onAfterAdd($fileid) + { + } /* * This function is run before the edit file form is finished being rendered */ - function onBeforeEditFile($fileid) {} + public function onBeforeEditFile($fileid) + { + } /* * This function is run after the user saves and change to a file */ - function onAfterEditFile($fileid) {} + public function onAfterEditFile($fileid) + { + } /* * This function is run after the user deletes a file (aka archive) */ - function onAfterArchiveFile() {} + public function onAfterArchiveFile() + { + } /* * This function is run after the admin permanently deletes a file */ - function onAfterDeleteFile() {} + public function onAfterDeleteFile() + { + } /* * This function is run before a user is logged in */ - function onBeforeLogin() {} + public function onBeforeLogin() + { + } /* * This function is run after a user is logged in */ - function onAfterLogin() {} + public function onAfterLogin() + { + } /* * This function is run after the user session is cleared */ - function onAfterLogout(){} + public function onAfterLogout() + { + } /* * This function is called after a failed login */ - function onFailedLogin(){} + public function onFailedLogin() + { + } /* * This function is called after the user views a file */ - function onViewFile() {} + public function onViewFile() + { + } /* * This function is performed after a search has been initiated */ - function onSearch() {} + public function onSearch() + { + } /* * This function is run at the top of the add user form */ - function onBeforeAddUser() {} + public function onBeforeAddUser() + { + } /* * This function is run after the add user form is saved */ - function onAfterAddUser() {} + public function onAfterAddUser() + { + } /* * This function allows for setting of class settings */ - function setProperties(){} + public function setProperties() + { + } /* * This function allows for getting of class settings */ - function getProperties(){} + public function getProperties() + { + } /* * This function is run during the details view */ - function onDuringDetails($fileid){} + public function onDuringDetails($fileid) + { + } /* * This function is run after the details view */ - function onAfterDetails($fileid){} + public function onAfterDetails($fileid) + { + } /* * This function is run before the file list view */ - function onBeforeListFiles($fileList){} + public function onBeforeListFiles($fileList) + { + } /* * This function is run after the file list view is drawn */ - function onAfterListFiles() {} + public function onAfterListFiles() + { + } /* * This function is run before the edited file object is saved to the db */ - function onBeforeEditFileSaved() {} + public function onBeforeEditFileSaved() + { + } /* * This function is run while the add department form is being drawn */ - function onDepartmentAddForm() {} + public function onDepartmentAddForm() + { + } /* * This function is run while the edit department form is being drawn * @param int $deptId The ID for the department being edited */ - function onDepartmentEditForm($deptId) {} + public function onDepartmentEditForm($deptId) + { + } /* * This function is run while the edit department form is being drawn * @param array $formData The _REQUEST passed in */ - function onDepartmentModifySave($formData) {} + public function onDepartmentModifySave($formData) + { + } /* * This function is run while the add department form is being submitted * @param int $deptId The new department ID */ - function onDepartmentAddSave($deptId) {} + public function onDepartmentAddSave($deptId) + { + } /* * This function is run after the file history page is displayed * @param int $file_id The new file id */ - function onAfterHistory($file_id) {} + public function onAfterHistory($file_id) + { + } } diff --git a/Reviewer_class.php b/Reviewer_class.php index 5d79da96..05d5b6cf 100644 --- a/Reviewer_class.php +++ b/Reviewer_class.php @@ -20,12 +20,12 @@ class Reviewer extends databaseData { protected $connection; - function Reviewer ($id, PDO $pdo) + public function Reviewer($id, PDO $pdo) { $this->id = $id; $this->connection = $pdo; } - function getReviewersForDepartment($dept_id) + public function getReviewersForDepartment($dept_id) { $reviewers = array(); $query = " @@ -49,12 +49,11 @@ function getReviewersForDepartment($dept_id) } $count = 0; - foreach($result as $row) { + foreach ($result as $row) { $reviewers[$count] = $row['user_id']; $count++; } return $reviewers; } - } diff --git a/Settings_class.php b/Settings_class.php index 0e08a912..6d6e5414 100644 --- a/Settings_class.php +++ b/Settings_class.php @@ -18,8 +18,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('Settings_class') ) -{ +if (!defined('Settings_class')) { define('Settings_class', 'true', false); /** @@ -31,7 +30,8 @@ class Settings { protected $connection; - public function Settings(PDO $pdo){ + public function Settings(PDO $pdo) + { $this->connection = $pdo; } @@ -39,9 +39,8 @@ public function Settings(PDO $pdo){ * Get value for a specific setting based on the key * @param string $key */ - function get($key) + public function get($key) { - } /** @@ -49,10 +48,9 @@ function get($key) * @param array $data Array of values to be saved ($key,$value) * @return bool */ - function save($data) + public function save($data) { - foreach ($data as $key=>$value) - { + foreach ($data as $key=>$value) { $query = " UPDATE {$GLOBALS['CONFIG']['db_prefix']}settings @@ -65,7 +63,6 @@ function save($data) ':value' => $value, ':key' => $key )); - } return true; } @@ -73,7 +70,7 @@ function save($data) * Load settings to an array * return array */ - function load() + public function load() { $query = " SELECT @@ -89,13 +86,12 @@ function load() foreach ($result as $row) { $GLOBALS['CONFIG'][$row['name']] = $row['value']; } - } /** * Show the settings edit form */ - function edit() + public function edit() { $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}settings"; $stmt = $this->connection->prepare($query); @@ -114,7 +110,7 @@ function edit() * @param string $key The name of the setting to be tested * @param string $value The value of the setting to be tested */ - function validate($key, $value) + public function validate($key, $value) { // NOT IMPLEMENTED } @@ -123,35 +119,32 @@ function validate($key, $value) * This function will return an array of the possible theme names found in the /templates folder * for use in the settings form */ - function getThemes() + public function getThemes() { - $themes = $this->getFolders( ABSPATH . 'templates'); + $themes = $this->getFolders(ABSPATH . 'templates'); return $themes; } /** * @return mixed */ - function getLanguages() + public function getLanguages() { - $languages = $this->getFolders( ABSPATH . 'includes/language'); - return str_replace('.php','',$languages); + $languages = $this->getFolders(ABSPATH . 'includes/language'); + return str_replace('.php', '', $languages); } /** * @param string $path * @return array */ - function getFolders($path = '.') + public function getFolders($path = '.') { $file_list=array(); - if ($handle = opendir($path)) - { - while (false !== ($file = readdir($handle))) - { + if ($handle = opendir($path)) { + while (false !== ($file = readdir($handle))) { // Filter out any other types of folders that might be in here - if ($file != "." && $file != ".." && $file != ".svn" && $file != 'README' && $file != 'sync.sh' && $file != 'common' && $file != 'DataTables') - { + if ($file != "." && $file != ".." && $file != ".svn" && $file != 'README' && $file != 'sync.sh' && $file != 'common' && $file != 'DataTables') { array_push($file_list, $file); } } @@ -164,7 +157,7 @@ function getFolders($path = '.') * Return an array of user names * @return array */ - function getUserIdNums() + public function getUserIdNums() { $query = " SELECT @@ -179,6 +172,5 @@ function getUserIdNums() return $result; } - } } diff --git a/UserPermission_class.php b/UserPermission_class.php index 98a1f8f5..24e312a2 100644 --- a/UserPermission_class.php +++ b/UserPermission_class.php @@ -18,29 +18,28 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('UserPermission_class') ) -{ +if (!defined('UserPermission_class')) { define('UserPermission_class', 'true', false); class UserPermission extends databaseData { - var $connection; - var $uid; - var $user_obj; - var $user_perms_obj; - var $dept_perms_obj; - var $FORBIDDEN_RIGHT; - var $NONE_RIGHT; - var $VIEW_RIGHT; - var $READ_RIGHT; - var $WRITE_RIGHT; - var $ADMIN_RIGHT; + public $connection; + public $uid; + public $user_obj; + public $user_perms_obj; + public $dept_perms_obj; + public $FORBIDDEN_RIGHT; + public $NONE_RIGHT; + public $VIEW_RIGHT; + public $READ_RIGHT; + public $WRITE_RIGHT; + public $ADMIN_RIGHT; /** * @param int $uid * @param PDO $connection */ - function UserPermission($uid, PDO $connection) + public function UserPermission($uid, PDO $connection) { $this->uid = $uid; $this->connection = $connection; @@ -60,13 +59,13 @@ function UserPermission($uid, PDO $connection) * @param bool $limit * @return array */ - function getAllowedFileIds($limit) + public function getAllowedFileIds($limit) { $viewable_array = $this->getViewableFileIds($limit); $readable_array = $this->getReadableFileIds($limit); $writeable_array = $this->getWriteableFileIds($limit); $adminable_array = $this->getAdminableFileIds($limit); - $result_array = array_values( array_unique( array_merge($viewable_array, $readable_array, $writeable_array, $adminable_array) ) ); + $result_array = array_values(array_unique(array_merge($viewable_array, $readable_array, $writeable_array, $adminable_array))); return $result_array; } @@ -75,16 +74,16 @@ function getAllowedFileIds($limit) * @param bool $limit * @return array */ - function getAllowedFileOBJs($limit = true) + public function getAllowedFileOBJs($limit = true) { - return $this->convertToFileDataOBJ( $this->getAllowedFileIds($limit) ); + return $this->convertToFileDataOBJ($this->getAllowedFileIds($limit)); } /** * @param bool $limit * @return array */ - function getViewableFileIds($limit = true) + public function getViewableFileIds($limit = true) { //These 2 below takes half of the execution time for this function $user_perms_file_array = ($this->user_perms_obj->getCurrentViewOnly($limit)); @@ -113,7 +112,7 @@ function getViewableFileIds($limit = true) $dept_perms_file_array = array_diff($dept_perms_file_array, $array); $dept_perms_file_array = array_diff($dept_perms_file_array, $user_perms_file_array); - $total_listing = array_merge($user_perms_file_array , $dept_perms_file_array); + $total_listing = array_merge($user_perms_file_array, $dept_perms_file_array); //$total_listing = array_unique( $total_listing); //$result_array = array_values($total_listing); return $total_listing; @@ -124,7 +123,7 @@ function getViewableFileIds($limit = true) * @param bool $limit * @return array */ - function getViewableFileOBJs($limit = true) + public function getViewableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getViewableFileIds($limit)); } @@ -134,12 +133,12 @@ function getViewableFileOBJs($limit = true) * @param bool $limit * @return array */ - function getReadableFileIds($limit = true) + public function getReadableFileIds($limit = true) { $user_perms_file_array = $this->user_perms_obj->getCurrentReadRight($limit); $dept_perms_file_array = $this->dept_perms_obj->getCurrentReadRight($limit); $published_file_array = $this->user_obj->getPublishedData(1); - $result_array = array_values( array_unique( array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array) ) ); + $result_array = array_values(array_unique(array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array))); return $result_array; } @@ -148,7 +147,7 @@ function getReadableFileIds($limit = true) * @param bool $limit * @return array */ - function getReadableFileOBJs($limit = true) + public function getReadableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getReadableFileIds($limit)); } @@ -158,12 +157,12 @@ function getReadableFileOBJs($limit = true) * @param bool $limit * @return array */ - function getWriteableFileIds($limit = true) + public function getWriteableFileIds($limit = true) { $user_perms_file_array = $this->user_perms_obj->getCurrentWriteRight($limit); $dept_perms_file_array = $this->dept_perms_obj->getCurrentWriteRight($limit); $published_file_array = $this->user_obj->getPublishedData(1); - $result_array = array_values( array_unique( array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array) ) ); + $result_array = array_values(array_unique(array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array))); return $result_array; } @@ -172,7 +171,7 @@ function getWriteableFileIds($limit = true) * @param bool $limit * @return array */ - function getWriteableFileOBJs($limit = true) + public function getWriteableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getWriteableFileIds($limit)); } @@ -182,12 +181,12 @@ function getWriteableFileOBJs($limit = true) * @param bool $limit * @return array */ - function getAdminableFileIds($limit = true) + public function getAdminableFileIds($limit = true) { $user_perms_file_array = $this->user_perms_obj->getCurrentAdminRight($limit); $dept_perms_file_array = $this->dept_perms_obj->getCurrentAdminRight($limit); $published_file_array = $this->user_obj->getPublishedData(1); - $result_array = array_values( array_unique( array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array) ) ); + $result_array = array_values(array_unique(array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array))); return $result_array; } @@ -196,7 +195,7 @@ function getAdminableFileIds($limit = true) * @param bool $limit * @return array */ - function getAdminableFileOBJs($limit = true) + public function getAdminableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getAdminableFileIds($limit)); } @@ -207,7 +206,7 @@ function getAdminableFileOBJs($limit = true) * @param array $low_priority_array * @return array */ - function combineArrays($high_priority_array, $low_priority_array) + public function combineArrays($high_priority_array, $low_priority_array) { return databaseData::combineArrays($high_priority_array, $low_priority_array); } @@ -219,7 +218,7 @@ function combineArrays($high_priority_array, $low_priority_array) * @param int $data_id * @return int */ - function getAuthority($data_id) + public function getAuthority($data_id) { $data_id = (int) $data_id; $fileData = new FileData($data_id, $this->connection); @@ -241,7 +240,5 @@ function getAuthority($data_id) return $department_permissions; } } - } - -} \ No newline at end of file +} diff --git a/User_Perms_class.php b/User_Perms_class.php index bbcc3502..3eef3203 100644 --- a/User_Perms_class.php +++ b/User_Perms_class.php @@ -18,36 +18,35 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if ( !defined('User_Perms_class') ) -{ +if (!defined('User_Perms_class')) { define('User_Perms_class', 'true', false); class User_Perms extends databaseData { - var $fid; - var $id; - var $rights; - var $user_obj; - var $dept_perms_obj; - var $file_obj; - var $error; - var $chosen_mode; - var $connection; - - var $NONE_RIGHT = 0; - var $VIEW_RIGHT = 1; - var $READ_RIGHT = 2; - var $WRITE_RIGHT = 3; - var $ADMIN_RIGHT = 4; - var $FORBIDDEN_RIGHT = -1; - var $USER_MODE = 0; - var $FILE_MODE = 1; + public $fid; + public $id; + public $rights; + public $user_obj; + public $dept_perms_obj; + public $file_obj; + public $error; + public $chosen_mode; + public $connection; + + public $NONE_RIGHT = 0; + public $VIEW_RIGHT = 1; + public $READ_RIGHT = 2; + public $WRITE_RIGHT = 3; + public $ADMIN_RIGHT = 4; + public $FORBIDDEN_RIGHT = -1; + public $USER_MODE = 0; + public $FILE_MODE = 1; /** * @param int $id * @param PDO $connection */ - function User_Perms($id, PDO $connection) + public function User_Perms($id, PDO $connection) { $this->id = $id; // this can be fid or uid $this->user_obj = new User($id, $connection); @@ -60,7 +59,7 @@ function User_Perms($id, PDO $connection) * @param bool $limit * @return array */ - function getCurrentViewOnly($limit = true) + public function getCurrentViewOnly($limit = true) { return $this->loadData_UserPerm($this->VIEW_RIGHT, $limit); } @@ -70,7 +69,7 @@ function getCurrentViewOnly($limit = true) * @param bool $limit * @return array */ - function getCurrentNoneRight($limit = true) + public function getCurrentNoneRight($limit = true) { return $this->loadData_UserPerm($this->NONE_RIGHT, $limit); } @@ -80,7 +79,7 @@ function getCurrentNoneRight($limit = true) * @param bool $limit * @return array */ - function getCurrentReadRight($limit = true) + public function getCurrentReadRight($limit = true) { return $this->loadData_UserPerm($this->READ_RIGHT, $limit); } @@ -90,7 +89,7 @@ function getCurrentReadRight($limit = true) * @param bool $limit * @return array */ - function getCurrentWriteRight($limit = true) + public function getCurrentWriteRight($limit = true) { return $this->loadData_UserPerm($this->WRITE_RIGHT, $limit); } @@ -100,7 +99,7 @@ function getCurrentWriteRight($limit = true) * @param bool $limit * @return array */ - function getCurrentAdminRight($limit = true) + public function getCurrentAdminRight($limit = true) { return $this->loadData_UserPerm($this->ADMIN_RIGHT, $limit); } @@ -108,7 +107,7 @@ function getCurrentAdminRight($limit = true) /** * @return int */ - function getId() + public function getId() { return $this->id; } @@ -122,12 +121,11 @@ function getId() * @param boolean $limit boolean Should we limit the query to max_query size? * @return array */ - function loadData_UserPerm($right, $limit) + public function loadData_UserPerm($right, $limit) { $limit_query = ($limit) ? "LIMIT {$GLOBALS['CONFIG']['max_query']}" : ''; - if($this->user_obj->isAdmin()) - { + if ($this->user_obj->isAdmin()) { $query = "SELECT d.id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA as d @@ -137,9 +135,7 @@ function loadData_UserPerm($right, $limit) $stmt = $this->connection->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); - } - elseif ($this->user_obj->isReviewer()) - { + } elseif ($this->user_obj->isReviewer()) { // If they are a reviewer, let them see files in all departments they are a reviewer for $query = "SELECT d.id FROM @@ -157,9 +153,7 @@ function loadData_UserPerm($right, $limit) ':id' => $this->id )); $result = $stmt->fetchAll(); - } - else - { + } else { //Select fid, owner_id, owner_name of the file that user-->$id has rights >= $right $query = " SELECT @@ -190,9 +184,8 @@ function loadData_UserPerm($right, $limit) //$fileid_array[$index][1] ==> owner //$fileid_array[$index][2] ==> username $llen = $stmt->rowCount(); - while($index < $llen ) - { - list($fileid_array[$index] ) = $result[$index]; + while ($index < $llen) { + list($fileid_array[$index]) = $result[$index]; $index++; } return $fileid_array; @@ -203,17 +196,13 @@ function loadData_UserPerm($right, $limit) * @param int $data_id * @return bool */ - function canView($data_id) + public function canView($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { - if($this->canUser($data_id, $this->VIEW_RIGHT) or $this->dept_perms_obj->canView($data_id)or $this->canAdmin($data_id)) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { + if ($this->canUser($data_id, $this->VIEW_RIGHT) or $this->dept_perms_obj->canView($data_id)or $this->canAdmin($data_id)) { return true; - } - else - { + } else { false; } } @@ -224,21 +213,16 @@ function canView($data_id) * @param $data_id * @return bool */ - function canRead($data_id) + public function canRead($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->i->isPublishable() ) - { - if($this->canUser($data_id, $this->READ_RIGHT) or $this->dept_perms_obj->canRead($data_id) or $this->canAdmin($data_id) ) - { + if (!$this->isForbidden($data_id) or !$filedata->i->isPublishable()) { + if ($this->canUser($data_id, $this->READ_RIGHT) or $this->dept_perms_obj->canRead($data_id) or $this->canAdmin($data_id)) { return true; - } - else - { + } else { false; } } - } /** @@ -246,21 +230,16 @@ function canRead($data_id) * @param $data_id * @return bool */ - function canWrite($data_id) + public function canWrite($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { - if($this->canUser($data_id, $this->WRITE_RIGHT) or $this->dept_perms_obj->canWrite($data_id) or $this->canAdmin($data_id) ) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { + if ($this->canUser($data_id, $this->WRITE_RIGHT) or $this->dept_perms_obj->canWrite($data_id) or $this->canAdmin($data_id)) { return true; - } - else - { + } else { false; } } - } /** @@ -268,17 +247,13 @@ function canWrite($data_id) * @param $data_id * @return bool */ - function canAdmin($data_id) + public function canAdmin($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { - if($this->canUser($data_id, $this->ADMIN_RIGHT) or $this->dept_perms_obj->canAdmin($data_id) or $filedata->isOwner($this->id)) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { + if ($this->canUser($data_id, $this->ADMIN_RIGHT) or $this->dept_perms_obj->canAdmin($data_id) or $filedata->isOwner($this->id)) { return true; - } - else - { + } else { false; } } @@ -289,7 +264,7 @@ function canAdmin($data_id) * @param $data_id * @return bool */ - function isForbidden($data_id) + public function isForbidden($data_id) { $query = " SELECT @@ -305,15 +280,11 @@ function isForbidden($data_id) )); $result = $stmt->fetch(); - if($stmt->rowCount() == 1) - { - list ($right) = $result[0]; - if($right == $this->FORBIDDEN_RIGHT) - { + if ($stmt->rowCount() == 1) { + list($right) = $result[0]; + if ($right == $this->FORBIDDEN_RIGHT) { return true; - } - else - { + } else { return false; } } @@ -327,10 +298,9 @@ function isForbidden($data_id) * @param integer $right The number of the "right" ID that is being checked * @return true They CAN perform the right */ - function canUser($data_id, $right) + public function canUser($data_id, $right) { - if($this->user_obj->isAdmin() || $this->user_obj->isReviewerForFile($data_id)) - { + if ($this->user_obj->isAdmin() || $this->user_obj->isReviewerForFile($data_id)) { return true; } $query = " @@ -353,8 +323,7 @@ function canUser($data_id, $right) )); - switch($stmt->rowCount() ) - { + switch ($stmt->rowCount()) { case 1: return true; break; case 0: return false; @@ -369,10 +338,9 @@ function canUser($data_id, $right) * @param int $data_id * @return int|string */ - function getPermission($data_id) + public function getPermission($data_id) { - if($GLOBALS['CONFIG']['root_id'] == $this->user_obj->getId()) - { + if ($GLOBALS['CONFIG']['root_id'] == $this->user_obj->getId()) { return 4; } @@ -393,12 +361,9 @@ function getPermission($data_id) )); $result = $stmt->fetchColumn(); - if($stmt->rowCount() == 1) - { + if ($stmt->rowCount() == 1) { return $result; - } - elseif ($stmt->rowCount() == 0) - { + } elseif ($stmt->rowCount() == 0) { return -999; } } @@ -429,6 +394,5 @@ public function getPermissionForUser($user_id, $data_id) return $result; } - } -} \ No newline at end of file +} diff --git a/User_class.php b/User_class.php index 423526bc..cf2b19d6 100644 --- a/User_class.php +++ b/User_class.php @@ -19,29 +19,28 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('User_class') ) -{ +if (!defined('User_class')) { define('User_class', 'true', false); class User extends databaseData { - var $root_id; - var $id; - var $username; - var $first_name; - var $last_name; - var $email; - var $phone; - var $department; - var $pw_reset_code; - var $can_add; - var $can_checkin; + public $root_id; + public $id; + public $username; + public $first_name; + public $last_name; + public $email; + public $phone; + public $department; + public $pw_reset_code; + public $can_add; + public $can_checkin; /** * @param int $id * @param PDO $connection */ - function User($id, PDO $connection) + public function User($id, PDO $connection) { $this->root_id = $GLOBALS['CONFIG']['root_id']; $this->field_name = 'username'; @@ -73,8 +72,8 @@ function User($id, PDO $connection) $result = $stmt->fetch(); list( - $this->id, - $this->username, + $this->id, + $this->username, $this->department, $this->phone, $this->email, @@ -90,7 +89,7 @@ function User($id, PDO $connection) * Return department name for current user * @return string */ - function getDeptName() + public function getDeptName() { $query = " SELECT @@ -115,10 +114,9 @@ function getDeptName() * Return department ID for current user * @return string */ - function getDeptId() + public function getDeptId() { return $this->department; - } /** @@ -126,7 +124,7 @@ function getDeptId() * @return array * @param object $publishable */ - function getPublishedData($publishable) + public function getPublishedData($publishable) { $data_published = array(); $index = 0; @@ -149,7 +147,7 @@ function getPublishedData($publishable) )); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $data_published[$index] = $row; $index++; } @@ -160,10 +158,9 @@ function getPublishedData($publishable) * Check whether user from object has Admin rights * @return Boolean */ - function isAdmin() + public function isAdmin() { - if ($this->isRoot()) - { + if ($this->isRoot()) { return true; } $query = " @@ -180,8 +177,7 @@ function isAdmin() )); $result = $stmt->fetchColumn(); - if($stmt->rowCount() !=1 ) - { + if ($stmt->rowCount() !=1) { return false; } @@ -192,7 +188,7 @@ function isAdmin() * Check whether user from object is root * @return bool */ - function isRoot() + public function isRoot() { return ($this->root_id == $this->getId()); } @@ -200,12 +196,12 @@ function isRoot() /** * @return boolean */ - function canAdd() + public function canAdd() { - if($this->isAdmin()) { + if ($this->isAdmin()) { return true; } - if($this->can_add) { + if ($this->can_add) { return true; } return false; @@ -214,12 +210,12 @@ function canAdd() /** * @return boolean */ - function canCheckIn() + public function canCheckIn() { - if($this->isAdmin()) { + if ($this->isAdmin()) { return true; } - if($this->can_checkin) { + if ($this->can_checkin) { return true; } return false; @@ -228,7 +224,7 @@ function canCheckIn() /** * @return string */ - function getPassword() + public function getPassword() { $query = " SELECT @@ -242,21 +238,19 @@ function getPassword() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); - if($stmt->rowCount() !=1 ) - { + if ($stmt->rowCount() !=1) { header('Location:' . $GLOBALS['CONFIG']['base_url'] . 'error.php?ec=14'); exit; } return $result; - } /** * @param string $non_encrypted_password * @return bool */ - function changePassword($non_encrypted_password) + public function changePassword($non_encrypted_password) { $query = " UPDATE @@ -278,7 +272,7 @@ function changePassword($non_encrypted_password) * @param string $non_encrypted_password * @return bool */ - function validatePassword($non_encrypted_password) + public function validatePassword($non_encrypted_password) { $query = " SELECT @@ -295,7 +289,7 @@ function validatePassword($non_encrypted_password) ':non_encrypted_password' => $non_encrypted_password, ':id' => $this->id )); - if($stmt->rowCount() == 1) { + if ($stmt->rowCount() == 1) { return true; } else { // Check the old password() style user password @@ -314,7 +308,7 @@ function validatePassword($non_encrypted_password) ':non_encrypted_password' => $non_encrypted_password, ':id' => $this->id )); - if($stmt->rowCount() == 1) { + if ($stmt->rowCount() == 1) { return true; } } @@ -325,7 +319,7 @@ function validatePassword($non_encrypted_password) * @param string $new_name * @return bool */ - function changeName($new_name) + public function changeName($new_name) { $query = " UPDATE @@ -347,10 +341,10 @@ function changeName($new_name) * Determine if the current user is a reviewer or not * @return boolean */ - function isReviewer() + public function isReviewer() { // If they are an admin, they can review - if($this->isAdmin()) { + if ($this->isAdmin()) { return true; } @@ -367,7 +361,7 @@ function isReviewer() $stmt->execute(array( ':id' => $this->id )); - if($stmt->rowCount() > 0) { + if ($stmt->rowCount() > 0) { return true; } else { return false; @@ -379,9 +373,9 @@ function isReviewer() * @param int $file_id * @return boolean */ - function isReviewerForFile($file_id) + public function isReviewerForFile($file_id) { - $query = "SELECT + $query = "SELECT d.id FROM {$GLOBALS['CONFIG']['db_prefix']}data as d, @@ -400,8 +394,7 @@ function isReviewerForFile($file_id) )); $num_rows = $stmt->rowCount(); - if($num_rows < 1) - { + if ($num_rows < 1) { return false; } return true; @@ -411,10 +404,9 @@ function isReviewerForFile($file_id) * this functions assume that you are an admin thus allowing you to review all departments * @return array */ - function getAllRevieweeIds() + public function getAllRevieweeIds() { - if($this->isAdmin()) - { + if ($this->isAdmin()) { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA WHERE publishable = 0"; $stmt = $this->connection->prepare($query); $stmt->execute(array()); @@ -422,7 +414,7 @@ function getAllRevieweeIds() $file_data = array(); $index = 0; - foreach($result as $row) { + foreach ($result as $row) { $file_data[$index] = $row[0]; $index++; } @@ -435,10 +427,9 @@ function getAllRevieweeIds() * getRevieweeIds - Return an array of files that need reviewing under this person * @return array */ - function getRevieweeIds() + public function getRevieweeIds() { - if($this->isReviewer()) - { + if ($this->isReviewer()) { // Which departments can this user review? $query = "SELECT dept_id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_REVIEWER WHERE user_id = :id"; $stmt = $this->connection->prepare($query); @@ -451,14 +442,11 @@ function getRevieweeIds() $index = 0; // Build the query $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE ("; - foreach($result as $row) { + foreach ($result as $row) { $dept = $row['dept_id']; - if($index != $num_depts -1) - { + if ($index != $num_depts -1) { $query = $query . " department = :dept OR "; - } - else - { + } else { $query = $query . " department = :dept )"; } $index++; @@ -472,8 +460,7 @@ function getRevieweeIds() $file_data = array(); $num_files = $stmt->rowCount(); - for($index = 0; $index< $num_files; $index++) - { + for ($index = 0; $index< $num_files; $index++) { $fid = $result[$index]['id']; $file_data[$index] = $fid; } @@ -484,7 +471,7 @@ function getRevieweeIds() /** * @return array */ - function getAllRejectedFileIds() + public function getAllRejectedFileIds() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA WHERE publishable = '-1'"; $stmt = $this->connection->prepare($query); @@ -494,8 +481,7 @@ function getAllRejectedFileIds() $file_data = array(); $num_files = $stmt->rowCount(); - for($index = 0; $index< $num_files; $index++) - { + for ($index = 0; $index< $num_files; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -505,7 +491,7 @@ function getAllRejectedFileIds() /** * @return array */ - function getRejectedFileIds() + public function getRejectedFileIds() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE publishable = '-1' and owner = :id"; $stmt = $this->connection->prepare($query); @@ -517,8 +503,7 @@ function getRejectedFileIds() $file_data = array(); $num_files = $stmt->rowCount(); - for($index = 0; $index< $num_files; $index++) - { + for ($index = 0; $index< $num_files; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -528,7 +513,7 @@ function getRejectedFileIds() /** * @return array */ - function getExpiredFileIds() + public function getExpiredFileIds() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status = -1 AND owner = :id"; $stmt = $this->connection->prepare($query); @@ -540,8 +525,7 @@ function getExpiredFileIds() $len = $stmt->rowCount(); $file_data = array(); - for($index = 0; $index< $len; $index++) - { + for ($index = 0; $index< $len; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -551,7 +535,7 @@ function getExpiredFileIds() /** * @return int */ - function getNumExpiredFiles() + public function getNumExpiredFiles() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status =- 1 AND owner = :id"; $stmt = $this->connection->prepare($query); @@ -564,7 +548,7 @@ function getNumExpiredFiles() /** * @return mixed */ - function getEmailAddress() + public function getEmailAddress() { return $this->email; } @@ -572,7 +556,7 @@ function getEmailAddress() /** * @return mixed */ - function getPhoneNumber() + public function getPhoneNumber() { return $this->phone; } @@ -581,7 +565,7 @@ function getPhoneNumber() * /Return full name array where array[0]=firstname and array[1]=lastname * @return mixed */ - function getFullName() + public function getFullName() { $full_name[0] = $this->first_name; $full_name[1] = $this->last_name; @@ -593,7 +577,7 @@ function getFullName() * Return username of current user * @return mixed */ - function getUserName() + public function getUserName() { return $this->username; } @@ -602,10 +586,9 @@ function getUserName() * Return list of checked out files to root * @return array */ - function getCheckedOutFiles() + public function getCheckedOutFiles() { - if ($this->isRoot()) - { + if ($this->isRoot()) { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status > 0"; $stmt = $this->connection->prepare($query); $stmt->execute(); @@ -613,8 +596,7 @@ function getCheckedOutFiles() $len = $stmt->rowCount(); $file_data = array(); - for ($index = 0; $index < $len; $index++) - { + for ($index = 0; $index < $len; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -633,11 +615,10 @@ public static function getAllUsers($pdo) $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $userListArray[] = $row; } return $userListArray; } - } -} \ No newline at end of file +} diff --git a/access_log.php b/access_log.php index 19e2e99e..69e9df62 100644 --- a/access_log.php +++ b/access_log.php @@ -22,8 +22,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -32,8 +31,7 @@ // open a connection to the database $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } @@ -61,18 +59,18 @@ "A" => msg('accesslogpage_file_added'), "B" => msg('accesslogpage_reserved'), "C" => msg('accesslogpage_reserved'), - "V" => msg('accesslogpage_file_viewed'), - "D" => msg('accesslogpage_file_downloaded'), - "M" => msg('accesslogpage_file_modified'), - "I" => msg('accesslogpage_file_checked_in'), - "O" => msg('accesslogpage_file_checked_out'), - "X" => msg('accesslogpage_file_deleted'), - "Y" => msg('accesslogpage_file_authorized'), + "V" => msg('accesslogpage_file_viewed'), + "D" => msg('accesslogpage_file_downloaded'), + "M" => msg('accesslogpage_file_modified'), + "I" => msg('accesslogpage_file_checked_in'), + "O" => msg('accesslogpage_file_checked_out'), + "X" => msg('accesslogpage_file_deleted'), + "Y" => msg('accesslogpage_file_authorized'), "R" => msg('accesslogpage_file_rejected') ); $accesslog_array = array(); -foreach($result as $row) { +foreach ($result as $row) { $details_link = 'details.php?id=' . $row['file_id'] . '&state=' . ($_REQUEST['state'] + 1); $accesslog_array[] = array( diff --git a/add.php b/add.php index 407325dc..2272db67 100644 --- a/add.php +++ b/add.php @@ -19,7 +19,7 @@ */ /* - ADD.PHP DOCUMENTATION + ADD.PHP DOCUMENTATION This page will allow user to set rights to every department. It uses javascript to handle client-side data-storing and data-swapping. Each time the data is stored, it is stored onto an array of objects of class Departments. It is also stored onto @@ -42,8 +42,7 @@ function is invoked. After the data is loaded for the chosen department, if the include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -55,12 +54,11 @@ function is invoked. After the data is loaded for the chosen department, if the $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->canAdd()){ +if (!$user_obj->canAdd()) { redirect_visitor('out.php'); } -if(!isset($_POST['submit'])) -{ +if (!isset($_POST['submit'])) { $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); draw_header(msg('area_add_new_file'), $last_message); $current_user_dept = $user_obj->getDeptId(); @@ -87,18 +85,18 @@ function is invoked. After the data is loaded for the chosen department, if the // We need to set a form value for the current user so that // they can be pre-selected on the form - + $avail_users = $user_obj->getAllUsers($pdo); $users_array = array(); - foreach($avail_users as $avail_user) { + foreach ($avail_users as $avail_user) { if ($avail_user['id'] == $_SESSION['uid']) { $avail_user['selected'] = 'selected'; } else { $avail_user['selected'] = ''; } - array_push($users_array, $avail_user); + array_push($users_array, $avail_user); } // We need to set a form value for the current department so that @@ -106,7 +104,7 @@ function is invoked. After the data is loaded for the chosen department, if the $avail_departments = Department::getAllDepartments($pdo); $departments_array = array(); - foreach($avail_departments as $avail_department) { + foreach ($avail_departments as $avail_department) { if ($avail_department['id'] == $current_user_dept) { $avail_department['selected'] = 'selected'; } else { @@ -118,13 +116,13 @@ function is invoked. After the data is loaded for the chosen department, if the $avail_categories = Category::getAllCategories($pdo); $cats_array = array(); - foreach($avail_categories as $avail_category) { + foreach ($avail_categories as $avail_category) { array_push($cats_array, $avail_category); } //////Populate department perm list///////////////// $dept_perms_array = array(); - foreach($departments_array as $dept) { + foreach ($departments_array as $dept) { $avail_dept_perms['name'] = $dept['name']; $avail_dept_perms['id'] = $dept['id']; array_push($dept_perms_array, $avail_dept_perms); @@ -150,13 +148,9 @@ function is invoked. After the data is loaded for the chosen department, if the callPluginMethod('onBeforeAdd'); display_smarty_template('_add_footer.tpl'); - -} -else -{ +} else { //invalid file - if (empty($_FILES)) - { + if (empty($_FILES)) { header('Location:error.php?ec=11'); exit; } @@ -166,8 +160,7 @@ function is invoked. After the data is loaded for the chosen department, if the // First we need to make sure all files are allowed types for ($count = 0; $count < $numberOfFiles; $count++) { - - if(empty($_FILES['file']['name'][$count])) { + if (empty($_FILES['file']['name'][$count])) { $last_message = $GLOBALS['lang']['addpage_file_missing']; header('Location: error.php?last_message=' . urlencode($last_message)); exit; @@ -188,16 +181,14 @@ function is invoked. After the data is loaded for the chosen department, if the // check file type foreach ($GLOBALS['CONFIG']['allowedFileTypes'] as $allowed_type) { - if ($file_mime == $allowed_type) { $allowedFile = 1; break; } - } + } // illegal file type! - if (!isset($allowedFile) || $allowedFile != 1) - { + if (!isset($allowedFile) || $allowedFile != 1) { $last_message = 'MIMETYPE: ' . $file_mime . ' Failed'; header('Location:error.php?ec=13&last_message=' . urlencode($last_message)); exit; @@ -205,55 +196,41 @@ function is invoked. After the data is loaded for the chosen department, if the } //submited form - for ($count = 0; $count<$numberOfFiles; $count++) - { - - if ($GLOBALS['CONFIG']['authorization'] == 'True') - { + for ($count = 0; $count<$numberOfFiles; $count++) { + if ($GLOBALS['CONFIG']['authorization'] == 'True') { $publishable = '0'; - } - else - { + } else { $publishable= '1'; } $result_array = array(); // If the admin has chosen to assign the department // Set it here. Otherwise just use the session UID's department - if($user_obj->isAdmin() && isset($_REQUEST['file_department'])) - { + if ($user_obj->isAdmin() && isset($_REQUEST['file_department'])) { $current_user_dept = $_REQUEST['file_department']; - } - else - { + } else { $current_user_dept = $user_obj->getDeptId(); } // File is bigger than what php.ini post/upload/memory limits allow. - if($_FILES['file']['error'][$count] == '1') - { - header('Location:error.php?ec=26'); + if ($_FILES['file']['error'][$count] == '1') { + header('Location:error.php?ec=26'); exit; } // File too big? - if($_FILES['file']['size'][$count] > $GLOBALS['CONFIG']['max_filesize'] ) - { + if ($_FILES['file']['size'][$count] > $GLOBALS['CONFIG']['max_filesize']) { header('Location:error.php?ec=25'); exit; } // Check to make sure the dir is available and writeable - if (!is_dir($GLOBALS['CONFIG']['dataDir'])) - { + if (!is_dir($GLOBALS['CONFIG']['dataDir'])) { $last_message=$GLOBALS['CONFIG']['dataDir'] . ' missing!'; header('Location:error.php?ec=23&last_message=' .$last_message); exit; - } - else - { - if (!is_writeable($GLOBALS['CONFIG']['dataDir'])) - { + } else { + if (!is_writeable($GLOBALS['CONFIG']['dataDir'])) { $last_message=msg('message_folder_perms_error'). ': ' . $GLOBALS['CONFIG']['dataDir'] . ' ' . msg('message_not_writeable'); header('Location:error.php?ec=23&last_message=' .$last_message); exit; @@ -261,8 +238,7 @@ function is invoked. After the data is loaded for the chosen department, if the } // We need to verify that the temporary upload is there before we continue - if (!is_uploaded_file($tmp_name[$count])) - { + if (!is_uploaded_file($tmp_name[$count])) { header('Location: error.php?ec=18'); exit; } @@ -274,12 +250,9 @@ function is invoked. After the data is loaded for the chosen department, if the // If the admin has chosen to assign the owner // Set it here. Otherwise just use the session UID - if($user_obj->isAdmin() && isset($_REQUEST['file_owner'])) - { + if ($user_obj->isAdmin() && isset($_REQUEST['file_owner'])) { $owner_id = $_REQUEST['file_owner']; - } - else - { + } else { $owner_id = $_SESSION['uid']; } @@ -368,21 +341,18 @@ function is invoked. After the data is loaded for the chosen department, if the $dept_perms_stmt->bindParam(':dept_perm', $dept_perm); $dept_perms_stmt->bindParam(':dept_id', $dept_id); $dept_perms_stmt->execute(); - } // Search for similar names in the two array (merge the array. repetitions are deleted) // In case of repetitions, higher priority ones stay. // Priority is in this order (admin, modify, read, view) - - foreach ($_REQUEST['user_permission'] as $user_id => $permission) { + foreach ($_REQUEST['user_permission'] as $user_id => $permission) { $user_perms_query = "INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}user_perms (fid, uid, rights) VALUES($fileId, :user_id, :permission)"; $user_perms_stmt = $pdo->prepare($user_perms_query); $user_perms_stmt->bindParam(':user_id', $user_id); $user_perms_stmt->bindParam(':permission', $permission); $user_perms_stmt->execute(); - } // use id to generate a file name @@ -391,7 +361,7 @@ function is invoked. After the data is loaded for the chosen department, if the move_uploaded_file($tmp_name[$count], $GLOBALS['CONFIG']['dataDir'] . '/' . $newFileName); //copy($GLOBALS['CONFIG']['dataDir'] . '/' . ($fileId-1) . '.dat', $GLOBALS['CONFIG']['dataDir'] . '/' . $newFileName); - + AccessLog::addLogEntry($fileId, 'A', $pdo); // back to main page @@ -428,7 +398,7 @@ function is invoked. After the data is loaded for the chosen department, if the $email_obj->setSubject($mail_subject); $email_obj->setFrom($from); $email_obj->setRecipients($reviewer_list); - $email_obj->setBody($mail_body2); + $email_obj->setBody($mail_body2); $email_obj->sendEmail(); //email_users_id($mail_from, $reviewer_list, $mail_subject, $mail_body2, $mail_headers); diff --git a/admin.php b/admin.php index d2b7bb28..3d58bf2c 100644 --- a/admin.php +++ b/admin.php @@ -25,8 +25,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -36,8 +35,7 @@ $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } @@ -46,10 +44,13 @@ draw_header(msg('label_admin'), $last_message); ?> - isRoot()) echo ''; ?> + isRoot()) { + echo ''; +} ?> isRoot()) + if ($user_obj->isRoot()) { udf_admin_header(); + } ?>
' . msg('file') . '' . msg('file') . '
@@ -103,28 +104,35 @@
-isRoot() ) { ?> +isRoot()) { + ?> - + - + - + - + - +
- + @@ -134,33 +142,43 @@ - + - + - + - + - +
- + - + @@ -169,13 +187,13 @@ - +
 
getPluginsList()) && $user_obj->isRoot()) -{ +if (is_array($GLOBALS['plugin']->getPluginsList()) && $user_obj->isRoot()) { ?> @@ -184,12 +202,13 @@ + ?>
@@ -45,8 +45,8 @@ $stmt->execute(); $udf_tables_names_result = $stmt->fetchAll(); -if($q != "" && $add_value != "add" && $add_value != "edit"){ -?> +if ($q != "" && $add_value != "add" && $add_value != "edit") { + ?> prepare("SELECT * FROM $add_value"); $stmt->execute(); $result = $stmt->fetchAll(); @@ -96,7 +94,7 @@ ' . msg('value') . ' '; - if (( ( (int) $q == $q && (int) $q > 0 ) || $q == 'primary')) { + if ((((int) $q == $q && (int) $q > 0) || $q == 'primary')) { // Find out if the passed argument matches an actual tablename $full_table_name = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $field_name . $table_name; @@ -130,10 +128,10 @@ ' . msg('new') . ': '; - echo ''; - echo '
+ echo ''; + echo '
'; -?> + ?>
@@ -145,7 +143,6 @@ } if ($add_value == "add") { - $add_table_name = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary'; $white_listed = false; @@ -168,7 +165,6 @@ } if ($add_value == "edit") { - $edit_tablename = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary'; $white_listed = false; foreach ($udf_tables_names_result as $white_list) { @@ -177,7 +173,6 @@ } } if ($white_list) { - $stmt = $pdo->prepare("Select * FROM $edit_tablename WHERE pr_id = :q"); $stmt->execute(array(':q' => $q)); $result = $stmt->fetchAll(); diff --git a/category.php b/category.php index a02b9733..3bd4b01b 100644 --- a/category.php +++ b/category.php @@ -24,26 +24,24 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if(isset($_GET['submit']) && $_GET['submit'] == 'add') -{ +if (isset($_GET['submit']) && $_GET['submit'] == 'add') { draw_header(msg('area_add_new_category'), $last_message); ?> -
+ @@ -68,12 +66,9 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } @@ -85,12 +80,9 @@ // back to main page $last_message = urlencode(msg('message_category_successfully_added')); header('Location:admin.php?last_message=' . $last_message); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'delete') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'delete') { // If demo mode, don't allow them to update the demo account - if ($GLOBALS['CONFIG']['demo'] == 'True') - { + if ($GLOBALS['CONFIG']['demo'] == 'True') { draw_header(msg('area_delete_category'), $last_message); echo msg('message_sorry_demo_mode'); draw_footer(); @@ -112,23 +104,25 @@ echo ''; ?> - + @@ -147,9 +141,7 @@
'.msg('label_name').' :' . $result['name'] . '
- : + :
- - + + @@ -213,9 +205,7 @@
fetchAll(); echo(''); - foreach($result as $row) { + foreach ($result as $row) { echo ''; echo ''; echo ''; @@ -237,7 +227,8 @@ echo ''; } ?> - + @@ -253,32 +244,33 @@ )); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { echo 'ID: ' . $row['id'] . ',' . $row['realname'] . '
'; } draw_footer(); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'showpick') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'showpick') { draw_header(msg('area_view_category') . ' : ' . msg('choose'), $last_message); ?>
' . msg('label_name') . '' . msg('label_id') . '
' . $row['name'] . '
- - + + @@ -295,12 +287,11 @@ - +
- - + +
@@ -356,14 +347,14 @@ prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - foreach($result as $row) { - echo ''; - } - ?> + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + foreach ($result as $row) { + echo ''; + } + ?>
: @@ -382,12 +373,9 @@
isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } @@ -403,9 +391,7 @@ // back to main page $last_message = urlencode(msg('message_category_successfully_updated') .' : ' . $_REQUEST['name']); header('Location: admin.php?last_message=' . $last_message); -} -elseif (isset($_REQUEST['cancel']) && $_REQUEST['cancel'] == 'Cancel') -{ +} elseif (isset($_REQUEST['cancel']) && $_REQUEST['cancel'] == 'Cancel') { $last_message=urlencode(msg('message_action_cancelled')); - header ('Location: admin.php?last_message=' . $last_message); -} \ No newline at end of file + header('Location: admin.php?last_message=' . $last_message); +} diff --git a/check-in.php b/check-in.php index 41fd8301..9b9640f3 100644 --- a/check-in.php +++ b/check-in.php @@ -24,8 +24,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -36,14 +35,13 @@ $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->canCheckIn()){ +if (!$user_obj->canCheckIn()) { redirect_visitor('out.php'); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') -{ +if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { $last_message='Failed'; header('Location:error.php?ec=2&last_message=' . urlencode($last_message)); exit; @@ -52,8 +50,7 @@ // includes // open connection -if (!isset($_POST['submit'])) -{ +if (!isset($_POST['submit'])) { $id = (int) $_REQUEST['id']; // form not yet submitted, display initial form @@ -68,45 +65,49 @@ $result = $stmt->fetch(); // in case script is directly accessed, query above will return 0 rows - if ($stmt->rowCount() <= 0) - { + if ($stmt->rowCount() <= 0) { $last_message='Failed'; header('Location:error.php?ec=2&last_message=' . urlencode($last_message)); exit; - } - else - { - draw_header(msg('button_check_in'),$last_message); + } else { + draw_header(msg('button_check_in'), $last_message); $description = $result['description']; $real_name = $result['realname']; - if($description == '') - { + if ($description == '') { $description = msg('message_no_description_available'); } // start displaying form ?> - - + + - - + + - - + + - + - + @@ -133,16 +134,13 @@ function check(select, send_dept, send_all) } getError() == '' && $file_data_obj->getStatus() == $_SESSION['uid']) - { + if ($file_data_obj->getError() == '' && $file_data_obj->getStatus() == $_SESSION['uid']) { //look to see how many revision are there $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = :id"; $stmt = $pdo->prepare($query); @@ -203,34 +197,29 @@ function check(select, send_dept, send_all) $revision_number = $stmt->rowCount(); // if dir not available, create it - if( !is_dir($GLOBALS['CONFIG']['revisionDir']) ) - { - if (!mkdir($GLOBALS['CONFIG']['revisionDir'], 0775)) - { + if (!is_dir($GLOBALS['CONFIG']['revisionDir'])) { + if (!mkdir($GLOBALS['CONFIG']['revisionDir'], 0775)) { $last_message=msg('message_directory_creation_failed'). ': ' . $GLOBALS['CONFIG']['revisionDir'] ; header('Location:error.php?ec=23&last_message=' . urlencode($last_message)); exit; } } - if( !is_dir($GLOBALS['CONFIG']['revisionDir'] . $id) ) - { - if (!mkdir($GLOBALS['CONFIG']['revisionDir'] . $id, 0775)) - { + if (!is_dir($GLOBALS['CONFIG']['revisionDir'] . $id)) { + if (!mkdir($GLOBALS['CONFIG']['revisionDir'] . $id, 0775)) { $last_message=msg('message_directory_creation_failed') . ': ' . $GLOBALS['CONFIG']['revisionDir'] . $id; header('Location:error.php?ec=23&last_message=' . urlencode($last_message)); exit; } - } $file_name = $GLOBALS['CONFIG']['dataDir'] . $id .'.dat'; //read and close - $file_handler = fopen ($file_name, "r"); - $file_content = fread($file_handler, filesize ($file_name)); - fclose ($file_handler); + $file_handler = fopen($file_name, "r"); + $file_content = fread($file_handler, filesize($file_name)); + fclose($file_handler); //write and close - $file_handler = fopen ($GLOBALS['CONFIG']['revisionDir'] . $id . '/' . $id . '_' . ($revision_number - 1) . '.dat', "w"); + $file_handler = fopen($GLOBALS['CONFIG']['revisionDir'] . $id . '/' . $id . '_' . ($revision_number - 1) . '.dat', "w"); fwrite($file_handler, $file_content); - fclose ($file_handler); + fclose($file_handler); // all OK, proceed! $query = "SELECT username FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id = :uid"; @@ -300,11 +289,11 @@ function check(select, send_dept, send_all) $email_obj->setSubject($mail_subject); $email_obj->setFrom($full_name . ' <' . $user_obj->getEmailAddress() . '>'); $email_obj->setRecipients($reviewer_list); - $email_obj->setBody($mail_body2); + $email_obj->setBody($mail_body2); $email_obj->sendEmail(); // clean up and back to main page - $last_message = msg('message_document_checked_in'); + $last_message = msg('message_document_checked_in'); header('Location: out.php?last_message=' . urlencode($last_message)); } } diff --git a/check-out.php b/check-out.php index 54de288c..6d9d3210 100644 --- a/check-out.php +++ b/check-out.php @@ -24,8 +24,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -33,12 +32,10 @@ $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if(strchr($_REQUEST['id'], '_') ) -{ +if (strchr($_REQUEST['id'], '_')) { header('Location:error.php?ec=20'); } -if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') -{ +if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { header('Location:error.php?ec=2'); exit; } @@ -48,13 +45,11 @@ */ $file_data_obj = new FileData($_GET['id'], $pdo); $file_data_obj->setId($_GET['id']); -if ($file_data_obj->getError() != NULL || $file_data_obj->getStatus() > 0 || $file_data_obj->isArchived()) -{ +if ($file_data_obj->getError() != null || $file_data_obj->getStatus() > 0 || $file_data_obj->isArchived()) { header('Location:error.php?ec=2'); exit; } -if (!isset($_GET['submit'])) -{ +if (!isset($_GET['submit'])) { draw_header(msg('area_check_out_file'), $last_message); // form not yet submitted // display information on how to initiate download @@ -64,9 +59,12 @@

- - - + + +

 
 . @@ -74,14 +72,12 @@ draw_footer(); } // form submitted - download -else -{ +else { $id = (int) $_REQUEST['id']; checkUserPermission($id, $file_data_obj->WRITE_RIGHT, $file_data_obj); $real_name = $file_data_obj->getName(); - if($_GET['access_right'] == 'modify') - { + if ($_GET['access_right'] == 'modify') { // since this user has checked it out and will modify it // update db to reflect new status $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}data SET status = :uid WHERE id = :id"; @@ -94,20 +90,17 @@ // calculate filename $filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat'; - if (file_exists($filename)) - { + if (file_exists($filename)) { // send headers to browser to initiate file download - header ('Content-Type: application/octet-stream'); - header ('Content-Disposition: attachment; filename="' . $real_name . '"'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename="' . $real_name . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); readfile($filename); AccessLog::addLogEntry($id, 'O', $pdo); AccessLog::addLogEntry($id, 'D', $pdo); - } - else - { + } else { echo 'File does not exist...'; } -} \ No newline at end of file +} diff --git a/check_exp.php b/check_exp.php index 0b76b9fa..fbdda46f 100644 --- a/check_exp.php +++ b/check_exp.php @@ -43,16 +43,13 @@ )); $user_result = $stmt->fetch(); -if($stmt->rowCount() != 1) -{ +if ($stmt->rowCount() != 1) { header('location:error.php?ec=22'); -} -else -{ +} else { $root_id = $user_result['id']; } // calculate current date -$current_date = date ('Y-m-d'); +$current_date = date('Y-m-d'); $current_year = intval(date('Y)')); $current_month = intval(date('m')); $current_day = intval(date('d')); @@ -64,14 +61,12 @@ $exp_days = $remainder - $exp_months*30; // calculate oldest non-expired date -if($current_day < $exp_days) -{ +if ($current_day < $exp_days) { --$current_month; $current_day += 30; } $ok_day = $current_day - $exp_days; -if($current_month < $exp_months) -{ +if ($current_month < $exp_months) { --$current_year; $current_month += 12; } @@ -109,12 +104,12 @@ echo msg('message_rejecting_files'). ' ' . $expired_revision . '
'; echo msg('message_rejected') . ' ' . $stmt->rowCount() . ' file(s)
'; $count = 0; -foreach($data_result as $row) { +foreach ($data_result as $row) { echo '  ' . $count . ' File ID: ' . $row['id'] . '
'; $count++; } // Notify owner -if($GLOBALS['CONFIG']['file_expired_action'] != 4) { +if ($GLOBALS['CONFIG']['file_expired_action'] != 4) { $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because'). ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' .msg('days') . ';'; $user_obj = new user($root_id, $pdo); $date = date("D F d Y"); @@ -127,7 +122,7 @@ $mail_greeting=msg('email_greeting') . ":\n\r\t" . msg('email_i_would_like_to_inform'); $mail_body = msg('email_was_declined_for_publishing_at') . ' ' .$time.' on '.$date.' ' . msg('email_because_you_did_not_revise') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' '. msg('days'); $mail_salute="\n\r\n\r" . msg('email_salute') . ",\n\r$full_name"; - foreach($data_result as $row) { + foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); $mail_to = $user_obj->getEmailAddress(); @@ -138,9 +133,9 @@ } //do not show file -if($GLOBALS['CONFIG']['file_expired_action'] == 1 ) { +if ($GLOBALS['CONFIG']['file_expired_action'] == 1) { $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because'). ' ' .$GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days'); - foreach($data_result as $row) { + foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $file_obj->Publishable(-1); $file_obj->setReviewerComments($reviewer_comments); @@ -148,11 +143,11 @@ } //lock file, not check-outable -if( $GLOBALS['CONFIG']['file_expired_action'] == 2 ) { - foreach($data_result as $row) { +if ($GLOBALS['CONFIG']['file_expired_action'] == 2) { + foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $file_obj->setStatus(-1); } } echo msg('message_all_actions_successfull'); -draw_footer(); \ No newline at end of file +draw_footer(); diff --git a/classHeaders.php b/classHeaders.php index 458f5d02..920402a2 100644 --- a/classHeaders.php +++ b/classHeaders.php @@ -19,8 +19,7 @@ classHeaders.php - loads common classes Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('classHeader') ) -{ +if (!defined('classHeader')) { define('classHeader', 'true', false); include_once('databaseData_class.php'); include_once('User_class.php'); @@ -42,36 +41,28 @@ function advanceCombineArrays($hi_priority_array, $hi_postfix, $low_priority_arr //merge higher priority onto lower priority one. $user_rights = array(); $k = 0; - $foundFlag = false; + $foundFlag = false; //create a multidimension array: element of view and right of view - for($i = 0; $i $value) - { + foreach ($_POST as $key => $value) { $tstr.=$key."=".urlencode($value)."&"; } // pop off the last & - $tstr = rtrim ($tstr, "&"); + $tstr = rtrim($tstr, "&"); } @@ -67,10 +59,9 @@ function addCrumb($level, $title, $url, $post = false) * @param level int * @desc Deletes a bread crumb. */ - function delCrumb($level) + public function delCrumb($level) { - if (isset($_SESSION['crumbs'][$level])) - { + if (isset($_SESSION['crumbs'][$level])) { unset($_SESSION['crumbs'][$level]); } } //end delCrumb() @@ -81,26 +72,20 @@ function delCrumb($level) * @param cur_level int * @desc Print out the current crumb trail from $cur_level on down. */ - function printTrail($cur_level) + public function printTrail($cur_level) { $trail = ""; - for ($i=1; $i != $cur_level+1; $i++) - { - - if (isset($_SESSION['crumbs'][$i])) - { - if ($i != $cur_level) - { + for ($i=1; $i != $cur_level+1; $i++) { + if (isset($_SESSION['crumbs'][$i])) { + if ($i != $cur_level) { $trail .= "'; $trail .= $_SESSION['crumbs'][$i]['title']; $trail .= ""; - }else - { + } else { $trail .= '' . $_SESSION['crumbs'][$i]['title'] . ''; $trail .= ""; } - if ($i != $cur_level) - { + if ($i != $cur_level) { $trail .= " > "; } } @@ -109,7 +94,6 @@ function printTrail($cur_level) return $trail; } // end printTrail() - } //end class crumb // ################# Example ############################# @@ -132,4 +116,4 @@ function printTrail($cur_level) //Page4 // $crumb = new crumb(); // $crumb->addCrumb(4, "Review", $_SERVER['REQUEST_URI']); -// $crumb->printTrail(4); \ No newline at end of file +// $crumb->printTrail(4); diff --git a/databaseData_class.php b/databaseData_class.php index f4576bcd..9c3539f1 100644 --- a/databaseData_class.php +++ b/databaseData_class.php @@ -19,44 +19,44 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined("databaseData_class") ); +if (!defined("databaseData_class")); { define("databaseData_class", "true", false); //DO NOT INSTANTIATE THIS ABSTRACT CLASS class databaseData { - var $DB_PREFIX; - var $TABLE_ADMIN = 'admin'; - var $TABLE_CATEGORY = 'category'; - var $TABLE_DATA = 'data'; - var $TABLE_DEPARTMENT = 'department'; - var $TABLE_DEPT_PERMS = 'dept_perms'; - var $TABLE_DEPT_REVIEWER = 'dept_reviewer'; - var $TABLE_LOG = 'log'; - var $TABLE_RIGHTS = 'rights'; - var $TABLE_USER = 'user'; - var $TABLE_USER_PERMS = 'user_perms'; - var $FORBIDDEN_RIGHT = -1; - var $NONE_RIGHT = 0; - var $VIEW_RIGHT = 1; - var $READ_RIGHT = 2; - var $WRITE_RIGHT = 3; - var $ADMIN_RIGHT = 4; - var $name; - var $id; + public $DB_PREFIX; + public $TABLE_ADMIN = 'admin'; + public $TABLE_CATEGORY = 'category'; + public $TABLE_DATA = 'data'; + public $TABLE_DEPARTMENT = 'department'; + public $TABLE_DEPT_PERMS = 'dept_perms'; + public $TABLE_DEPT_REVIEWER = 'dept_reviewer'; + public $TABLE_LOG = 'log'; + public $TABLE_RIGHTS = 'rights'; + public $TABLE_USER = 'user'; + public $TABLE_USER_PERMS = 'user_perms'; + public $FORBIDDEN_RIGHT = -1; + public $NONE_RIGHT = 0; + public $VIEW_RIGHT = 1; + public $READ_RIGHT = 2; + public $WRITE_RIGHT = 3; + public $ADMIN_RIGHT = 4; + public $name; + public $id; protected $connection; - var $tablename; - var $error; - var $field_name; - var $field_id; - var $result_limit; + public $tablename; + public $error; + public $field_name; + public $field_id; + public $result_limit; /** * @param int $id * @param PDO $connection */ - function databaseData($id, PDO $connection) + public function databaseData($id, PDO $connection) { $this->connection = $connection; $this->setId($id); //setId not only set the $id data member but also find and set name @@ -66,7 +66,7 @@ function databaseData($id, PDO $connection) /** * @param string $table_name */ - function setTableName($table_name) + public function setTableName($table_name) { $this->tablename = "$table_name"; } @@ -77,7 +77,7 @@ function setTableName($table_name) * the data member field $name * @param int $id */ - function setId($id) + public function setId($id) { $this->id = (int) $id; $this->name = $this->findName(); @@ -88,7 +88,7 @@ function setId($id) * the name field in the DB is unique, e.g. username * @param string $name */ - function setName($name) + public function setName($name) { $this->name = $name; $this->id = findId(); @@ -97,7 +97,7 @@ function setName($name) /** * @return string */ - function getName() + public function getName() { return $this->name; } @@ -105,7 +105,7 @@ function getName() /** * @return int */ - function getId() + public function getId() { return $this->id; } @@ -113,7 +113,7 @@ function getId() /** * @return int */ - function findId() + public function findId() { $query = " SELECT @@ -130,7 +130,7 @@ function findId() $result = $stmt->fetchAll(); $row_count = $stmt->rowCount(); - if( $row_count > $this->result_limit AND result_limit != 'UNLIMITED') { + if ($row_count > $this->result_limit and result_limit != 'UNLIMITED') { /*if the result is more than expected error var is set*/ $this->error='Error: non-unique'; } elseif ($row_count == 0) { @@ -147,9 +147,8 @@ function findId() * comments if you need help with this function * @return string */ - function findName() + public function findName() { - $name = ''; $query = "SELECT $this->field_name @@ -164,7 +163,7 @@ function findName() $result = $stmt->fetchAll(); $row_count = $stmt->rowCount(); - if($row_count > $this->result_limit AND result_limit != 'UNLIMITED') { + if ($row_count > $this->result_limit and result_limit != 'UNLIMITED') { $this->error='Error: non-unique'; } elseif ($row_count == 0) { $this->error = 'Error: unable to find id in database'; @@ -177,7 +176,7 @@ function findName() /** * assuming that userid will never change */ - function reloadData() + public function reloadData() { //Since all the data are set at the time when $id or $name //is set. If another program access the DB and changes any @@ -189,7 +188,7 @@ function reloadData() /** * @return mixed */ - function getError() + public function getError() { /* Get error will return the last thrown error */ return $this->error; @@ -207,32 +206,28 @@ function getError() * @param array $low_priority_array * @return array */ - function combineArrays($high_priority_array, $low_priority_array) + public function combineArrays($high_priority_array, $low_priority_array) { $found = false; $result_array = array(); $result_array = $high_priority_array; //$high is being kept $result_array_index = sizeof($high_priority_array); //iterate through $low - for($l = 0 ; $lconnection); } return $file_data_array; } - } -} \ No newline at end of file +} diff --git a/delete.php b/delete.php index 27be2390..5d560cd9 100644 --- a/delete.php +++ b/delete.php @@ -21,8 +21,7 @@ // check session session_start(); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { header('Location:error.php?ec=1'); exit; } @@ -36,35 +35,27 @@ $userperm_obj = new User_Perms($_SESSION['uid'], $pdo); // User has requested a deletion from the file detail page -if( isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'tmpdel' ) -{ - if(!isset($_REQUEST['num_checkboxes'] )) - { +if (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'tmpdel') { + if (!isset($_REQUEST['num_checkboxes'])) { $_REQUEST['num_checkboxes'] =1; } // all ok, proceed! - if( !is_dir($GLOBALS['CONFIG']['archiveDir']) ) - { + if (!is_dir($GLOBALS['CONFIG']['archiveDir'])) { // Make sure directory is writeable - if(!mkdir($GLOBALS['CONFIG']['archiveDir'], 0775)) - { + if (!mkdir($GLOBALS['CONFIG']['archiveDir'], 0775)) { $last_message='Could not create ' . $GLOBALS['CONFIG']['archiveDir']; header('Location:error.php?ec=23&last_message=' .$last_message); exit; } } - for($i = 0; $i<$_REQUEST['num_checkboxes']; $i++) - { - if(isset($_REQUEST['id' . $i])) - { + for ($i = 0; $i<$_REQUEST['num_checkboxes']; $i++) { + if (isset($_REQUEST['id' . $i])) { $id = $_REQUEST['id' . $i]; - if(strchr($id, '_') ) - { + if (strchr($id, '_')) { header('Location:error.php?ec=20'); } - if($userperm_obj->canAdmin($id)) - { + if ($userperm_obj->canAdmin($id)) { $file_obj = new FileData($id, $pdo); $file_obj->temp_delete(); fmove($GLOBALS['CONFIG']['dataDir'] . $id . '.dat', $GLOBALS['CONFIG']['archiveDir'] . $id . '.dat'); @@ -80,9 +71,7 @@ callPluginMethod('onAfterArchiveFile'); header('Location: out.php?last_message=' . $last_message); -} -elseif( isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive' ) -{ +} elseif (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive') { isset($_REQUEST['mode']) ? $_REQUEST['mode'] : ''; //publishable=2 for archive deletion @@ -93,7 +82,7 @@ $array_id = array(); $i = 0; - foreach($result as $row) { + foreach ($result as $row) { $array_id[$i] = $row['id']; $i++; } @@ -108,32 +97,23 @@ $list_status = list_files($array_id, $userperms, $GLOBALS['CONFIG']['archiveDir'], true); - if( $list_status != -1 ) - { + if ($list_status != -1) { $GLOBALS['smarty']->assign('lmode', ''); display_smarty_template('deleteview.tpl'); } -} -elseif(isset($_POST['submit']) && $_POST['submit']=='Delete file(s)') -{ +} elseif (isset($_POST['submit']) && $_POST['submit']=='Delete file(s)') { isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : ''; - foreach($_REQUEST['checkbox'] as $value) - { - if(!pmt_delete($value)) - { + foreach ($_REQUEST['checkbox'] as $value) { + if (!pmt_delete($value)) { header('Location: error.php?ec=21'); exit; } } header('Location:' . $redirect . '?last_message=' . urlencode(msg('undeletepage_file_permanently_deleted'))); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Undelete') -{ - if(isset($_REQUEST['checkbox'])) - { - foreach ($_REQUEST['checkbox'] as $fileId) - { +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Undelete') { + if (isset($_REQUEST['checkbox'])) { + foreach ($_REQUEST['checkbox'] as $fileId) { $file_obj = new FileData($fileId, $pdo); $file_obj->undelete(); fmove($GLOBALS['CONFIG']['archiveDir'] . $fileId . '.dat', $GLOBALS['CONFIG']['dataDir'] . $fileId . '.dat'); @@ -154,20 +134,16 @@ function pmt_delete($id) $userperm_obj = new User_Perms($_SESSION['uid'], $pdo); - if( !$userperm_obj->user_obj->isRoot() ) - { + if (!$userperm_obj->user_obj->isRoot()) { header('Location: error.php?ec=4'); exit; } // all ok, proceed! - if(isset($id)) - { - if(strchr($id, '_') ) - { + if (isset($id)) { + if (strchr($id, '_')) { header('Location:error.php?ec=20'); } - if($userperm_obj->canAdmin($id)) - { + if ($userperm_obj->canAdmin($id)) { // delete from db $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE id = :id"; $stmt = $pdo->prepare($query); @@ -187,17 +163,13 @@ function pmt_delete($id) $stmt->execute(array(':id' => $id)); $filename = $id . ".dat"; - unlink($GLOBALS['CONFIG']['archiveDir'] . $filename); - if( is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/') ) - { + unlink($GLOBALS['CONFIG']['archiveDir'] . $filename); + if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) { $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/'); - if( is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/') ) - { + if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) { $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/'); - while($lreadfile = readdir($dir)) - { - if(is_file($GLOBALS['CONFIG']['revisionDir'] . "$id/$lreadfile")) - { + while ($lreadfile = readdir($dir)) { + if (is_file($GLOBALS['CONFIG']['revisionDir'] . "$id/$lreadfile")) { unlink($GLOBALS['CONFIG']['revisionDir'] . "$id/$lreadfile"); } } @@ -208,4 +180,4 @@ function pmt_delete($id) } } return false; -} \ No newline at end of file +} diff --git a/department.php b/department.php index a2816d06..9c6da6bf 100644 --- a/department.php +++ b/department.php @@ -24,8 +24,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -36,8 +35,7 @@ //If the user is not an admin and he/she is trying to access other account that // is not his, error out. -if(!$user_obj->isAdmin() == true) -{ +if (!$user_obj->isAdmin() == true) { header('Location:error.php?ec=4'); exit; } @@ -45,8 +43,7 @@ /* Add A New Department */ -if(isset($_GET['submit']) && $_GET['submit']=='add') -{ +if (isset($_GET['submit']) && $_GET['submit']=='add') { draw_header(msg('area_add_new_department'), $last_message); ?> @@ -61,7 +58,7 @@ + ?> '; echo ''; echo ''; -?> + ?> @@ -220,8 +210,9 @@ foreach ($result as $row) { echo ''; } -?> - + ?> + @@ -229,16 +220,17 @@ + ?>
@@ -84,20 +81,17 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } $department = (isset($_POST['department']) ? $_POST['department'] : ''); - if($department == '') { + if ($department == '') { $last_message=msg('departmentpage_department_name_required'); header('Location: admin.php?last_message=' . $last_message); @@ -109,8 +103,7 @@ $stmt->execute(array(':department' => $department)); $result = $stmt->fetchAll(); - if($stmt->rowCount() != 0) - { + if ($stmt->rowCount() != 0) { header('Location: error.php?ec=3&message=' . htmlentities($department) . ' already exist in the database'); exit; } @@ -131,7 +124,7 @@ $data_array = array(); $index = 0; - foreach($result as $row) { + foreach ($result as $row) { $data_array[$index][0] = $row[0]; $data_array[$index][1] = $row[1]; $index++; @@ -144,8 +137,7 @@ $result = $stmt->fetchAll(); $num_rows = $stmt->rowCount(); - if( $num_rows != 1 ) - { + if ($num_rows != 1) { header('Location: error.php?ec=14&message=unable to identify ' . $department); exit; } @@ -154,8 +146,7 @@ ////Set default rights into department////// $num_rows = sizeof($data_array); - for($index = 0; $index < $num_rows; $index++) - { + for ($index = 0; $index < $num_rows; $index++) { $query = " INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}dept_perms ( @@ -179,14 +170,13 @@ callPluginMethod('onDepartmentAddSave', $result['id']); header('Location: admin.php?last_message=' . $last_message); -} -elseif(isset($_POST['submit']) && $_POST['submit'] == 'Show Department') -{ +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Show Department') { // query to show item draw_header(msg('area_department_information'), $last_message); //select name $query = "SELECT name,id FROM {$GLOBALS['CONFIG']['db_prefix']}department where id = :item"; - $stmt = $pdo->prepare($query);; + $stmt = $pdo->prepare($query); + ; $stmt->execute(array(':item' => $_POST['item'])); $result = $stmt->fetch(); @@ -194,7 +184,7 @@ echo 'ID' . msg('department') . '
' . $result['id'] . '' . $result['name'] . '
' . $row['first_name'] . ' ' . $row['last_name'] . '
- + - + '; - ?> - + ?> + @@ -333,32 +324,33 @@
'.msg('label_name').' :' . $row['name'] . '
- : + :
- - + + @@ -377,12 +369,9 @@
isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } @@ -429,11 +418,9 @@ // back to main page $last_message = urlencode(msg('message_all_actions_successfull') . ' id:' . (int) $_REQUEST['id']); header('Location: admin.php?last_message=' . $last_message); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'modify') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'modify') { $dept_obj = new Department($_REQUEST['item'], $pdo); - draw_header(msg('area_update_department') .': ' . $dept_obj->getName(),$last_message); + draw_header(msg('area_update_department') .': ' . $dept_obj->getName(), $last_message); ?> @@ -441,26 +428,29 @@ prepare($query); - $stmt->execute(array(':item' => $_REQUEST['item'])); - $result = $stmt->fetchAll(); + $stmt = $pdo->prepare($query); + $stmt->execute(array(':item' => $_REQUEST['item'])); + $result = $stmt->fetchAll(); - foreach ($result as $row) { - ?> + foreach ($result as $row) { + ?> + + } + ?> + if ($list_status != -1) { + ?>
- - + + + ?>
@@ -483,13 +473,13 @@ - - + + @@ -497,14 +487,14 @@ prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - foreach ($result as $row) { - echo ''; - } - ?> + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + foreach ($result as $row) { + echo ''; + } + ?> - + - + @@ -558,7 +551,8 @@ function print_intro()
:
@@ -521,21 +511,18 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } $name = (isset($_POST['name']) ? $_POST['name'] : ''); - if($name == '') { + if ($name == '') { $last_message=msg('departmentpage_department_name_required'); header('Location: admin.php?last_message=' . $last_message); @@ -551,14 +538,14 @@ )); $result = $stmt->fetchAll(); - if($stmt->rowCount() != 0) - { + if ($stmt->rowCount() != 0) { header('Location: error.php?ec=3&last_message=' . $_POST['name'] . ' already exist in the database'); exit; } $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}department SET name = :name WHERE id = :id"; - $stmt = $pdo->prepare($query);; + $stmt = $pdo->prepare($query); + ; $stmt->execute(array( ':id' => $_POST['id'], ':name' => $_POST['name'] @@ -571,14 +558,8 @@ callPluginMethod('onDepartmentModifySave', $_REQUEST); header('Location: admin.php?last_message=' . $last_message); -} -elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') { header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled'))); -} -else -{ +} else { header('Location: admin.php?last_message="' . urlencode(msg('message_nothing_to_do'))); } - - diff --git a/details.php b/details.php index 7a086986..f2af4a8e 100644 --- a/details.php +++ b/details.php @@ -175,10 +175,10 @@ $revision = "$rows"; } -$file_under_review = ( ($file_data_obj->isPublishable() == -1) ? true : false); +$file_under_review = (($file_data_obj->isPublishable() == -1) ? true : false); $to_value = (isset($reviewer_comments_fields[0]) ? (substr($reviewer_comments_fields[0], 3)) : ''); -$subject_value = (isset($reviewer_comments_fields[1]) ? (substr($reviewer_comments_fields[1],8)) : ''); +$subject_value = (isset($reviewer_comments_fields[1]) ? (substr($reviewer_comments_fields[1], 8)) : ''); $comments_value = (isset($reviewer_comments_fields[2]) ? (substr($reviewer_comments_fields[2], 9)) : ''); $file_detail = array( @@ -219,7 +219,7 @@ } // Lets figure out which buttons to show -if ($status == 0 || ($status == -1 && $file_data_obj->isOwner($_SESSION['uid']) )) { +if ($status == 0 || ($status == -1 && $file_data_obj->isOwner($_SESSION['uid']))) { // check if user has modify rights $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']); diff --git a/edit.php b/edit.php index 8bef3ece..2abc6144 100644 --- a/edit.php +++ b/edit.php @@ -23,9 +23,8 @@ session_start(); include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ - redirect_visitor(); +if (!isset($_SESSION['uid'])) { + redirect_visitor(); } include('udf_functions.php'); @@ -61,7 +60,7 @@ $data_id = $_REQUEST['id']; // includes $department_query = "SELECT department FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id=:user_id"; - $department_stmt = $pdo->prepare($department_query); + $department_stmt = $pdo->prepare($department_query); $department_stmt->bindParam(':user_id', $_SESSION['uid']); $department_stmt->execute(); $result = $department_stmt->fetchAll(); @@ -95,7 +94,7 @@ $t_name = array(); $i = 0; - foreach($result as $data) { + foreach ($result as $data) { $explode_v = explode('_', $data['table_name']); $t_name = $explode_v[2]; $i++; @@ -119,7 +118,7 @@ //////Populate department perm list///////////////// $dept_perms_array = array(); - foreach ($avail_departments as $dept) { + foreach ($avail_departments as $dept) { $avail_dept_perms['name'] = $dept['name']; $avail_dept_perms['id'] = $dept['id']; $avail_dept_perms['rights'] = $filedata->getDeptRights($dept['id']); @@ -128,12 +127,12 @@ //////Populate users perm list///////////////// $user_perms_array = array(); - foreach ($avail_users as $user) { + foreach ($avail_users as $user) { $avail_user_perms['fid'] = $data_id; $avail_user_perms['first_name'] = $user['first_name']; $avail_user_perms['last_name'] = $user['last_name']; $avail_user_perms['id'] = $user['id']; - $avail_user_perms['rights'] = $user_perms_obj->getPermissionForUser($user['id'], $data_id); + $avail_user_perms['rights'] = $user_perms_obj->getPermissionForUser($user['id'], $data_id); array_push($user_perms_array, $avail_user_perms); } @@ -162,7 +161,7 @@ display_smarty_template('_edit_footer.tpl'); }//end else -} else { +} else { // form submitted, process data $fileId = $_REQUEST['id']; $filedata = new FileData($fileId, $pdo); @@ -174,14 +173,13 @@ $perms_error = false; // check submitted data // at least one user must have "view" and "modify" rights - foreach( $_REQUEST['user_permission'] as $permission ) { - + foreach ($_REQUEST['user_permission'] as $permission) { if ($permission > 2) { $perms_error = true; } } - if(!$perms_error) { + if (!$perms_error) { header("Location:error.php?ec=12"); exit; } @@ -222,9 +220,8 @@ $del_dept_perms_stmt->execute(); $result_array = array(); // init; - - foreach($_REQUEST['user_permission'] as $user_id=>$permission) { - + + foreach ($_REQUEST['user_permission'] as $user_id=>$permission) { $insert_user_perms_query = " INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}user_perms ( diff --git a/error.php b/error.php index 58385130..e063f8c5 100644 --- a/error.php +++ b/error.php @@ -27,10 +27,8 @@ draw_header(msg('error'), $last_message); -if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) -{ - switch ($_REQUEST['ec']) - { +if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) { + switch ($_REQUEST['ec']) { // login failure case 0: $message = msg('message_there_was_an_error_loggin_you_in'); @@ -79,11 +77,10 @@ // illegal file type case 13: - $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '' ); + $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); $message = msg('message_that_filetype_not_supported') . ' Admin->Settings->allowedFileTypes:

Current allowed filetypes:
    '; //echo "_File array is " . array_values($_FILES['file']); - foreach($GLOBALS['CONFIG']['allowedFileTypes'] as $thistype) - { + foreach ($GLOBALS['CONFIG']['allowedFileTypes'] as $thistype) { $message .= '
  • '.$thistype; } $message .= '
'; diff --git a/file_ops.php b/file_ops.php index 7fa46088..10cbe0d7 100644 --- a/file_ops.php +++ b/file_ops.php @@ -21,9 +21,8 @@ session_start(); include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ - redirect_visitor(); +if (!isset($_SESSION['uid'])) { + redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); @@ -31,44 +30,34 @@ // get a list of documents the user has "view" permission for // get current user's information-->department $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->isRoot()) -{ - header('Location:error.php?ec=24'); +if (!$user_obj->isRoot()) { + header('Location:error.php?ec=24'); } $flag = 0; -if(isset($_GET['submit']) && $_GET['submit'] == 'view_checkedout') -{ - echo "\n" . '
'; - echo "\n" . ''; - draw_header(msg('label_checked_out_files'), $last_message); +if (isset($_GET['submit']) && $_GET['submit'] == 'view_checkedout') { + echo "\n" . ''; + echo "\n" . ''; + draw_header(msg('label_checked_out_files'), $last_message); - $file_id_array = $user_obj->getCheckedOutFiles(); - - $page_url = $_SERVER['PHP_SELF'] . '?'; - $user_perm_obj = new UserPermission($_SESSION['uid'], $pdo); - $list_status = list_files($file_id_array, $user_perm_obj, $GLOBALS['CONFIG']['dataDir'], true, true); - if($list_status != -1 ) - { - echo "\n" . '

'; - echo "\n" . '
'; - } - draw_footer(); -} -elseif (isset($_POST['submit']) && $_POST['submit'] == 'Clear Status') -{ - if(isset($_POST["checkbox"])) - { - foreach($_POST['checkbox'] as $cbox) - { + $file_id_array = $user_obj->getCheckedOutFiles(); + + $page_url = $_SERVER['PHP_SELF'] . '?'; + $user_perm_obj = new UserPermission($_SESSION['uid'], $pdo); + $list_status = list_files($file_id_array, $user_perm_obj, $GLOBALS['CONFIG']['dataDir'], true, true); + if ($list_status != -1) { + echo "\n" . '

'; + echo "\n" . ''; + } + draw_footer(); +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Clear Status') { + if (isset($_POST["checkbox"])) { + foreach ($_POST['checkbox'] as $cbox) { $file_id = $cbox; $file_obj = new FileData($file_id, $pdo); $file_obj->setStatus(0); } - } header('Location:' . $_SERVER['PHP_SELF'] . '?state=2&submit=view_checkedout'); -} -else -{ +} else { echo 'Nothing to do'; } diff --git a/filetypes.php b/filetypes.php index 81670414..41efd125 100644 --- a/filetypes.php +++ b/filetypes.php @@ -24,8 +24,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -35,52 +34,36 @@ $filetypes = new FileTypes_class($pdo); //If the user is not an admin error out. -if(!$user_obj->isRoot() == true) -{ +if (!$user_obj->isRoot() == true) { header('Location: error.php?ec=24'); exit; } -if(isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') -{ +if (isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') { draw_header(msg('label_filetypes'), $last_message); $filetypes->edit(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') { draw_header(msg('label_filetypes'), $last_message); - if($filetypes->save($_POST)) - { + if ($filetypes->save($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } $GLOBALS['smarty']->assign('last_message', $_POST['last_message']); $filetypes->edit(); draw_footer(); -} -elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') { header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled'))); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNew') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNew') { draw_header(msg('label_filetypes'), $last_message); display_smarty_template('filetype_add.tpl'); draw_footer(); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNewSave') -{ - if($filetypes->add($_POST)) - { +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNewSave') { + if ($filetypes->add($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } $GLOBALS['smarty']->assign('last_message', $_POST['last_message']); @@ -89,31 +72,21 @@ $filetypes->edit(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'DeleteSelect') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'DeleteSelect') { draw_header(msg('label_filetypes'), $last_message); $filetypes->deleteSelect(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Delete') -{ - if($filetypes->delete($_POST)) - { +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Delete') { + if ($filetypes->delete($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } $GLOBALS['smarty']->assign('last_message', $_POST['last_message']); draw_header(msg('label_filetypes'), $last_message); $filetypes->edit(); draw_footer(); -} -else -{ +} else { header('Location: admin.php?last_message=' . urlencode(msg('message_nothing_to_do'))); } - diff --git a/forgot_password.php b/forgot_password.php index deb89b0b..3e44df96 100644 --- a/forgot_password.php +++ b/forgot_password.php @@ -22,14 +22,12 @@ include_once('odm-load.php'); -if(isset($GLOBALS['CONFIG']['allow_password_reset']) && $GLOBALS['CONFIG']['allow_password_reset'] != 'True') -{ +if (isset($GLOBALS['CONFIG']['allow_password_reset']) && $GLOBALS['CONFIG']['allow_password_reset'] != 'True') { echo msg('message_sorry_not_allowed'); exit; } -if (!isset($_REQUEST['last_message'])) -{ +if (!isset($_REQUEST['last_message'])) { $_REQUEST['last_message']=''; } @@ -101,14 +99,11 @@ ':code' => $code )); - if ($stmt->rowCount() < 1) - { + if ($stmt->rowCount() < 1) { $redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_the_code_you_are_using')); header("Location: $redirect"); exit; - } - else - { + } else { $userInfo = $stmt->fetch(); $user_id = $userInfo['id']; // build the header and navigation @@ -124,17 +119,21 @@ */ - if (strlen($_REQUEST['last_message'])) + if (strlen($_REQUEST['last_message'])) { draw_error($_REQUEST['last_message']); + } ?>

- - - + + + @@ -162,9 +161,7 @@ */ } -} -else if (isset($_POST['username']) && strlen($_POST['username']) > 0) -{ +} elseif (isset($_POST['username']) && strlen($_POST['username']) > 0) { // they have sent an username $username = trim($_POST['username']); @@ -182,14 +179,11 @@ $stmt->execute(array(':username' => $username)); // send them back if we didn't find the username - if ($stmt->rowCount() == 0) - { + if ($stmt->rowCount() == 0) { $redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_the_username_you_entered')); header("Location: $redirect"); exit; - } - else - { + } else { $user_info = $stmt->fetch(); $user_id = $user_info['id']; $email = $user_info['Email']; @@ -198,8 +192,7 @@ $salt = "abcdefghjkmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789"; $i = 0; $randstring = ''; - while ($i <= 7) - { + while ($i <= 7) { $num = rand() % 63; $tmp = substr($salt, $num, 1); $randstring .= $tmp; @@ -232,8 +225,7 @@ $mail_body .= msg('area_admin') . "\n\n"; // send the email - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($email, msg('area_reset_password'), $mail_body, $mail_headers); } @@ -244,10 +236,10 @@ } // default form -else -{ - if (strlen($_REQUEST['last_message'])) +else { + if (strlen($_REQUEST['last_message'])) { draw_error($_REQUEST['last_message']); + } ?>

@@ -267,4 +259,5 @@ compile_dir = dirname(__FILE__) . '/templates_c/'; /**** SET g_ vars from Global Config arr ***/ -foreach($GLOBALS['CONFIG'] as $key => $value) -{ - $GLOBALS['smarty']->assign('g_' . $key,$value); +foreach ($GLOBALS['CONFIG'] as $key => $value) { + $GLOBALS['smarty']->assign('g_' . $key, $value); } include_once('classHeaders.php'); @@ -45,18 +44,14 @@ functions.php - various utility functions require_once("File_class.php"); /* Set language vars */ -foreach($GLOBALS['lang'] as $key=>$value) -{ +foreach ($GLOBALS['lang'] as $key=>$value) { $GLOBALS['smarty']->assign('g_lang_' . $key, msg($key)); } // Check if dataDir is working -if(!is_dir($GLOBALS['CONFIG']['dataDir'])) -{ +if (!is_dir($GLOBALS['CONFIG']['dataDir'])) { echo $GLOBALS['lang']['message_datadir_problem_exists'] . ' ' . $GLOBALS['lang']['label_settings'] . '
'; -} -elseif(!is_writable($GLOBALS['CONFIG']['dataDir'])) -{ +} elseif (!is_writable($GLOBALS['CONFIG']['dataDir'])) { echo $GLOBALS['lang']['message_datadir_problem_writable'] . ' ' . $GLOBALS['lang']['label_settings'] . '
'; } @@ -66,16 +61,13 @@ functions.php - various utility functions function fix_date($val) { //split it up into components - if( $val != 0 ) - { + if ($val != 0) { $arr = explode(' ', $val); $timearr = explode(':', $arr[1]); $datearr = explode('-', $arr[0]); // create a timestamp with mktime(), format it with date() return date('d M Y (H:i)', mktime($timearr[0], $timearr[1], $timearr[2], $datearr[1], $datearr[2], $datearr[0])); - } - else - { + } else { return 0; } } @@ -85,10 +77,8 @@ function space_to_underscore($string) { $string_len = strlen($string); $index = 0; - while( $index< $string_len ) - { - if($string[$index] == ' ') - { + while ($index< $string_len) { + if ($string[$index] == ' ') { $string[$index]= '_'; } $index++; @@ -118,8 +108,7 @@ function draw_header($pageTitle, $lastmessage='') $uid = (isset($_SESSION['uid']) ? $_SESSION['uid'] : ''); // Is the uid set? - if ($uid != NULL) - { + if ($uid != null) { $current_user_obj = new User($uid, $pdo); $GLOBALS['smarty']->assign('userName', $current_user_obj->getName()); $GLOBALS['smarty']->assign('can_add', $current_user_obj->can_add); @@ -127,15 +116,13 @@ function draw_header($pageTitle, $lastmessage='') } // Are they an Admin? - if ($uid != NULL && $current_user_obj->isAdmin()) - { + if ($uid != null && $current_user_obj->isAdmin()) { $GLOBALS['smarty']->assign('isadmin', 'yes'); } - if(!isset($_REQUEST['state'])) - { + if (!isset($_REQUEST['state'])) { $_REQUEST['state']=1; - } + } $lastmessage = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : $lastmessage); @@ -151,11 +138,9 @@ function draw_header($pageTitle, $lastmessage='') $GLOBALS['smarty']->assign('lastmessage', htmlspecialchars($lastmessage)); display_smarty_template('header.tpl'); - if (is_dir('install')) - { + if (is_dir('install')) { echo '' . msg('install_folder') . ''; } - } function draw_error($message) @@ -187,9 +172,8 @@ function email_all($mail_subject, $mail_body, $mail_header) $stmt->execute(); $result = $stmt->fetchColumn(); - foreach($result as $row) { - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + foreach ($result as $row) { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($row['Email'], $mail_subject, $mail_body, $mail_header); } } @@ -219,7 +203,7 @@ function email_dept($dept_id, $mail_subject, $mail_body, $mail_header) )); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($row['Email'], $mail_subject, $mail_body, $mail_header); } @@ -234,10 +218,8 @@ function email_dept($dept_id, $mail_subject, $mail_body, $mail_header) */ function email_users_obj($user_OBJ_array, $mail_subject, $mail_body, $mail_header) { - for($i = 0; $i< sizeof($user_OBJ_array); $i++) - { - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + for ($i = 0; $i< sizeof($user_OBJ_array); $i++) { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($user_OBJ_array[$i]->getEmailAddress(), $mail_subject, $mail_body, $mail_header); } } @@ -253,21 +235,20 @@ function email_users_id($user_ID_array, $mail_subject, $mail_body, $mail_header) { global $pdo; - for($i = 0; $i 0)) { + for ($i = 0; $i 0)) { $OBJ_array[$i] = new User($user_ID_array[$i], $pdo); } - } + } - if(count($OBJ_array) > 0) { + if (count($OBJ_array) > 0) { email_users_obj($OBJ_array, $mail_subject, $mail_body, $mail_header); } } function getmicrotime() { - list($usec, $sec) = explode(" ",microtime()); + list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec); } @@ -285,34 +266,27 @@ function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = fal global $pdo; // print_r($fileid_array);exit; - if(sizeof($fileid_array)==0 || !isset($fileid_array[0])) - { + if (sizeof($fileid_array)==0 || !isset($fileid_array[0])) { echo'' . msg('message_no_files_found') . "\n"; return -1; } - foreach($fileid_array as $fileid) - { + foreach ($fileid_array as $fileid) { $file_obj = new FileData($fileid, $pdo); - $userAccessLevel = $userperms_obj->getAuthority($fileid,$file_obj); + $userAccessLevel = $userperms_obj->getAuthority($fileid, $file_obj); $description = $file_obj->getDescription(); - if ($file_obj->getStatus() == 0 and $userAccessLevel >= $userperms_obj->VIEW_RIGHT) - { + if ($file_obj->getStatus() == 0 and $userAccessLevel >= $userperms_obj->VIEW_RIGHT) { $lock = false; - } - else - { + } else { $lock = true; } - if ($description == '') - { + if ($description == '') { $description = msg('message_no_description_available'); } $created_date = fix_date($file_obj->getCreatedDate()); - if ($file_obj->getModifiedDate()) - { + if ($file_obj->getModifiedDate()) { $modified_date = fix_date($file_obj->getModifiedDate()); } else { $modified_date = $created_date; @@ -326,14 +300,11 @@ function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = fal //Get the file size in bytes. $filesize = display_filesize($dataDir . $fileid . '.dat'); - if ($userAccessLevel >= $userperms_obj->READ_RIGHT) - { - $suffix = strtolower((substr($realname,((strrpos($realname,".")+1))))); + if ($userAccessLevel >= $userperms_obj->READ_RIGHT) { + $suffix = strtolower((substr($realname, ((strrpos($realname, ".")+1))))); $mimetype = File::mime_by_ext($suffix); $view_link = 'view_file.php?submit=view&id=' . urlencode($fileid).'&mimetype='.urlencode("$mimetype"); - } - else - { + } else { $view_link = 'none'; } @@ -347,23 +318,19 @@ function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = fal //$rights[max][0] = admin, $rights[max-1][0]=write, ..., $right[min][0]=view //if $userright matches with $rights[max][0], then this user has all the rights of $rights[max][0] //and everything below it. - for($i = sizeof($rights)-1; $i>=0; $i--) - { - if($userAccessLevel==$rights[$i][0]) - { + for ($i = sizeof($rights)-1; $i>=0; $i--) { + if ($userAccessLevel==$rights[$i][0]) { $index_found = $i; $i = 0; } } //Found the user right, now bold every below it. For those that matches, make them different. - for($i = $index_found; $i>=0; $i--) - { + for ($i = $index_found; $i>=0; $i--) { $rights[$i][1]=''. $rights[$i][1] . ''; } //For everything above it, blank out - for($i = $index_found+1; $i= $GLOBALS['CONFIG']['max_query']) { + if (count($file_list_arr) >= $GLOBALS['CONFIG']['max_query']) { $limit_reached = true; } @@ -433,7 +400,7 @@ function loadItem(select_box) break; + ?> default : order_array = document.forms['browser_sort'].elements['category_item_order'].options; info_Array = new Array(); @@ -445,28 +412,28 @@ function loadItem(select_box) { case 'author': + echo("\tcategory_option_msg = '".msg('category_option_author')."';\n"); + ?> break; case 'department': + echo("\tcategory_option_msg = '".msg('category_option_department')."';\n"); + ?> break; case 'category': + echo("\tcategory_option_msg = '".msg('category_option_category')."';\n"); + ?> break; default : + echo("\tcategory_option_msg = '".msg('label_empty')."';\n"); + ?> break; } + ?> options_array[0].id= 0; options_array[0].value = 'choose_an_author'; @@ -486,11 +453,11 @@ function loadOrder(select_box) order_array = new Array(); + echo("\toptions_array[0] = new Option('".msg('outpage_choose_an_order')."');\n"); + ?> options_array[0].id= 0; options_array[0].value = 'choose_an_order'; for(i=0; i< order_array.length; i++) @@ -517,19 +484,19 @@ function load(select_box) ORDER BY last_name ASC "; - $stmt = $pdo->prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - $index = 0; - echo("author_array = new Array();\n"); - foreach($result as $row) { - $last_name = $row['last_name']; - $first_name = $row['first_name']; - $id = $row['id']; - echo("\tauthor_array[$index] = new Array(\"$last_name $first_name\", $id);\n"); - $index++; - } + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + $index = 0; + echo("author_array = new Array();\n"); + foreach ($result as $row) { + $last_name = $row['last_name']; + $first_name = $row['first_name']; + $id = $row['id']; + echo("\tauthor_array[$index] = new Array(\"$last_name $first_name\", $id);\n"); + $index++; + } ///////////////////////////////FOR DEPARTMENT////////////////////////// $query = " @@ -541,18 +508,18 @@ function load(select_box) ORDER BY name ASC "; - $stmt = $pdo->prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - $index = 0; - echo("department_array = new Array();\n"); - foreach($result as $row) { - $dept = $row['name']; - $id = $row['id']; - echo("\tdepartment_array[$index] = new Array(\"$dept\", $id);\n"); - $index++; - } + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + $index = 0; + echo("department_array = new Array();\n"); + foreach ($result as $row) { + $dept = $row['name']; + $id = $row['id']; + echo("\tdepartment_array[$index] = new Array(\"$dept\", $id);\n"); + $index++; + } ///////////////////////////////FOR FILE CATEGORY//////////////////////////////////////// $query = " @@ -564,66 +531,71 @@ function load(select_box) ORDER BY name ASC "; - $stmt = $pdo->prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - $index = 0; - echo("category_array = new Array();\n"); - foreach($result as $row) { - $category = $row['name']; - $id = $row['id']; - echo("\tcategory_array[$index] = new Array(\"$category\", $id);\n"); - $index++; - } - udf_functions_java_array(); + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + $index = 0; + echo("category_array = new Array();\n"); + foreach ($result as $row) { + $category = $row['name']; + $id = $row['id']; + echo("\tcategory_array[$index] = new Array(\"$category\", $id);\n"); + $index++; + } + udf_functions_java_array(); /////////////////////////////////////////////////////////////////////// echo ''."\n"; - ?> + ?>
:
- +
"); } } function display_array2D($array) { - for($i=0; $i"); } } @@ -634,8 +606,7 @@ function makeRandomPassword() $salt = 'abchefghjkmnpqrstuvw3456789'; srand((double)microtime()*1000000); $i = 0; - while ($i <= 7) - { + while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; @@ -653,8 +624,7 @@ function checkUserPermission($file_id, $permittable_right, $obj) global $pdo; $userperm_obj = new UserPermission($_SESSION['uid'], $pdo); - if(!$userperm_obj->user_obj->isAdmin() && $userperm_obj->getAuthority($file_id, $obj) < $permittable_right) - { + if (!$userperm_obj->user_obj->isAdmin() && $userperm_obj->getAuthority($file_id, $obj) < $permittable_right) { echo msg('error').': '.msg('message_unable_to_find_file') . "\n"; echo ' ' . msg('message_please_email') . ' ' . msg('area_admin') . ''; exit(); @@ -663,13 +633,13 @@ function checkUserPermission($file_id, $permittable_right, $obj) function fmove($source_file, $destination_file) { //read and close - $fhandler = fopen ($source_file, "r"); - $fcontent = fread($fhandler, filesize ($source_file)); - fclose ($fhandler); + $fhandler = fopen($source_file, "r"); + $fcontent = fread($fhandler, filesize($source_file)); + fclose($fhandler); //write and close - $fhandler = fopen ($destination_file, "w"); + $fhandler = fopen($destination_file, "w"); fwrite($fhandler, $fcontent); - fclose ($fhandler); + fclose($fhandler); //delete source file unlink($source_file); } @@ -677,8 +647,7 @@ function fmove($source_file, $destination_file) function display_filesize($file) { // Does the file exist? - if(is_file($file)) - { + if (is_file($file)) { //Setup some common file size measurements. $kb=1024; @@ -691,38 +660,28 @@ function display_filesize($file) //Format file size - if($size < $kb) - { + if ($size < $kb) { return $size." B"; + } elseif ($size < $mb) { + return round($size/$kb, 2)." KB"; + } elseif ($size < $gb) { + return round($size/$mb, 2)." MB"; + } elseif ($size < $tb) { + return round($size/$gb, 2)." GB"; + } else { + return round($size/$tb, 2)." TB"; } - elseif($size < $mb) - { - return round($size/$kb,2)." KB"; - } - elseif($size < $gb) - { - return round($size/$mb,2)." MB"; - } - elseif($size < $tb) - { - return round($size/$gb,2)." GB"; - } - else - { - return round($size/$tb,2)." TB"; - } - } - else - { + } else { return "X"; } } function valid_username($username) { - if(preg_match('/^\w+$/',$username)) + if (preg_match('/^\w+$/', $username)) { return true; - else + } else { return false; + } } @@ -744,17 +703,12 @@ function cleanInput($input) function sanitizeme($input) { - if (is_array($input)) - { - foreach($input as $var=>$val) - { + if (is_array($input)) { + foreach ($input as $var=>$val) { $output[$var] = sanitizeme($val); } - } - else - { - if (get_magic_quotes_gpc()) - { + } else { + if (get_magic_quotes_gpc()) { $input = stripslashes($input); } //echo "Raw Input:" . $input . "
"; @@ -762,14 +716,10 @@ function sanitizeme($input) //echo "Clean Input:" . $input . "
"; $output = $input; //echo "mysql_escape output" . $output . "
"; - } - if(isset($output) && $output != '') - { + if (isset($output) && $output != '') { return $output; - } - else - { + } else { return false; } } @@ -781,15 +731,12 @@ function sanitizeme($input) */ function msg($s) { - if (isset($GLOBALS['lang'][$s])) - { - return $GLOBALS['lang'][$s]; - } - else - { - return $s; - } + if (isset($GLOBALS['lang'][$s])) { + return $GLOBALS['lang'][$s]; + } else { + return $s; } +} /* * This function will check for the existence of a template file @@ -800,12 +747,9 @@ function msg($s) function display_smarty_template($template_file) { /* @var $template_file string */ - if(file_exists(ABSPATH . '/templates/' . $GLOBALS['CONFIG']['theme'] . '/' . $template_file)) - { + if (file_exists(ABSPATH . '/templates/' . $GLOBALS['CONFIG']['theme'] . '/' . $template_file)) { $GLOBALS['smarty']->display($template_file); - } - else - { + } else { $GLOBALS['smarty']->display(ABSPATH . '/templates/common/' . $template_file); } } @@ -868,7 +812,7 @@ function xss_clean($str) // * Made some quantifiers possessive // * Handle arrays recursively - if (is_array($str) OR is_object($str)) { + if (is_array($str) or is_object($str)) { foreach ($str as $k => $s) { $str[$k] = xss_clean($s); } @@ -916,12 +860,12 @@ function xss_clean($str) */ function redirect_visitor($url='') { - if($url=='') { + if ($url=='') { header('Location:index.php?redirection=' . urlencode($_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'])); exit; } else { // Lets make sure its not an outside URL - if(!preg_match('#^(http|https|ftp)://#', $url)) { + if (!preg_match('#^(http|https|ftp)://#', $url)) { header('Location:' . $url); exit; } else { @@ -929,5 +873,4 @@ function redirect_visitor($url='') exit; } } - } diff --git a/history.php b/history.php index d2675a00..1fa9a55d 100644 --- a/history.php +++ b/history.php @@ -25,125 +25,118 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') -{ +if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { header('Location:error.php?ec=2'); exit; } draw_header(msg('area_view_history'), $last_message); //revision parsing -if(strchr($_REQUEST['id'], '_') ) -{ - list($_REQUEST['id'], $revision_id) = explode('_' , $_REQUEST['id']); +if (strchr($_REQUEST['id'], '_')) { + list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']); } $datafile = new FileData($_REQUEST['id'], $pdo); // verify -if ($datafile->getError() != NULL) -{ +if ($datafile->getError() != null) { header('Location:error.php?ec=2'); exit; -} -else -{ -// obtain data from resultset +} else { + // obtain data from resultset $owner_full_name = $datafile->getOwnerFullName(); -$owner = $owner_full_name[1].', '.$owner_full_name[0]; -$real_name = $datafile->getRealName(); -$category = $datafile->getCategoryName(); -$created = $datafile->getCreatedDate(); -$description = $datafile->getDescription(); -$comments = $datafile->getComment(); -$status = $datafile->getStatus(); + $owner = $owner_full_name[1].', '.$owner_full_name[0]; + $real_name = $datafile->getRealName(); + $category = $datafile->getCategoryName(); + $created = $datafile->getCreatedDate(); + $description = $datafile->getDescription(); + $comments = $datafile->getComment(); + $status = $datafile->getStatus(); // corrections -if ($description == '') -{ +if ($description == '') { $description = msg('message_no_description_available'); } -if ($comments == '') -{ - $comments = msg('message_no_author_comments_available'); -} -if($datafile->isArchived()) -{ - $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . '.dat'; -} -else -{ - $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . '.dat'; -} -?> + if ($comments == '') { + $comments = msg('message_no_author_comments_available'); + } + if ($datafile->isArchived()) { + $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . '.dat'; + } else { + $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . '.dat'; + } + ?> '; -echo ''; -?> + echo ''; + echo ''; + ?> - + - + - + - + - + - + - @@ -153,7 +146,8 @@ - + @@ -161,17 +155,20 @@ @@ -264,7 +263,6 @@
'; -} -else -{ +} else { echo ''; } -echo ''.$real_name.''.$real_name.'
+
+ ?>
- - - - + + + + $revision_id )); $result = $stmt->fetchAll(); - } - else - { - $query = " + } else { + $query = " SELECT u.last_name, u.first_name, @@ -221,41 +216,45 @@ ':id' => $_REQUEST['id'] )); $result = $stmt->fetchAll(); - } + } $current_revision = $stmt->rowCount(); - // iterate through resultset - foreach($result as $row) { + // iterate through resultset + foreach ($result as $row) { $last_name = $row['last_name']; $first_name = $row['first_name']; $modified_on = $row['modified_on']; $note = $row['note']; $revision = $row['revision']; - if (isset($bgcolor) && $bgcolor == "#FCFCFC") { - $bgcolor = "#E3E7F9"; - } else { - $bgcolor = "#FCFCFC"; - } + if (isset($bgcolor) && $bgcolor == "#FCFCFC") { + $bgcolor = "#E3E7F9"; + } else { + $bgcolor = "#FCFCFC"; + } - echo ''; + echo ''; - $extra_message = ''; - if (is_file($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . "_$revision.dat")) { - echo ' - - - + + +
' . ($revision + 1) . '
' . $extra_message; - } else { - echo '
' . $revision . $extra_message; - } - ?> + $extra_message = ''; + if (is_file($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . "_$revision.dat")) { + echo '
' . ($revision + 1) . '
' . $extra_message; + } else { + echo '
' . $revision . $extra_message; + } + ?>
getId()); -draw_footer(); +callPluginMethod('onAfterHistory', $datafile->getId()); + draw_footer(); } - diff --git a/in.php b/in.php index 4f945943..595f93b1 100644 --- a/in.php +++ b/in.php @@ -25,14 +25,13 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->canCheckIn()){ +if (!$user_obj->canCheckIn()) { redirect_visitor('out.php'); } @@ -66,12 +65,9 @@ // how many records? $count = $stmt->rowCount(); -if ($count == 0) -{ +if ($count == 0) { echo ' ' . msg('message_no_documents_checked_out'); -} -else -{ +} else { echo ''; echo ''; echo ''; @@ -85,7 +81,7 @@ $row_color = "#FCFCFC"; // iterate through resultset - foreach($result as $row) { + foreach ($result as $row) { $id = $row['id']; $last_name = $row['last_name']; $first_name = $row['first_name']; @@ -95,8 +91,7 @@ $status = $row['status']; // correction - if ($description == '') - { + if ($description == '') { $description = msg('message_no_information_available'); } $filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat'; @@ -113,12 +108,9 @@ echo ' '; echo ''; - if ( $row_color == "#FCFCFC" ) - { + if ($row_color == "#FCFCFC") { $row_color = "#E3E7F9"; - } - else - { + } else { $row_color = "#FCFCFC"; } } @@ -128,4 +120,4 @@ echo '
' . msg('message_document_checked_out_to_you'). ' : ' . $count . '
' . display_filesize($filename) . '
'; } -draw_footer(); \ No newline at end of file +draw_footer(); diff --git a/includes/language/arabic.php b/includes/language/arabic.php index fb82ff6e..fff7247c 100644 --- a/includes/language/arabic.php +++ b/includes/language/arabic.php @@ -294,7 +294,7 @@ $lang['message_no_description_available'] = 'لايوجد وصف متاح'; $lang['message_no_documents_checked_out'] = 'لايوجد اي وثيقة للتفحص حاليا'; $lang['message_no_files_found'] = 'لا توجد ملفات'; -$lang['message_no_information_available'] = 'لاتوجد معلومات متاحة '; +$lang['message_no_information_available'] = 'لاتوجد معلومات متاحة '; $lang['message_non_unique_account'] = 'حساب غير وحيد'; //Abduh says :this value must be changed $lang['message_non_unique_key'] = 'مفتاح غير وحيد في قاعدة البيانات'; //Abduh says :this value must be changed $lang['message_nothing_to_do'] = 'لا توجد علاقة'; //Abduh says :this value must be changed @@ -485,4 +485,3 @@ //Search Page $lang['searchpage_all_meta'] = 'بحث في الحقول الرئيسية'; - diff --git a/includes/language/bangla.php b/includes/language/bangla.php index 8a743006..ca16457e 100644 --- a/includes/language/bangla.php +++ b/includes/language/bangla.php @@ -491,4 +491,4 @@ // Footer $lang['footer_support'] = 'সাপোর্ট'; $lang['footer_feedback'] = 'ফিডব্যাক'; -$lang['footer_bugs'] = 'বাগ'; \ No newline at end of file +$lang['footer_bugs'] = 'বাগ'; diff --git a/includes/language/spanish.php b/includes/language/spanish.php index 84339a61..e3222616 100644 --- a/includes/language/spanish.php +++ b/includes/language/spanish.php @@ -351,7 +351,7 @@ $lang['addpage_new_file_added'] = 'Un nuevo archivo ha sido añadido'; $lang['addpage_new'] = 'Nuevo'; $lang['addpage_uploader'] = 'Subió'; -$lang['addpage_file_missing'] = 'Please select a file to upload'; +$lang['addpage_file_missing'] = 'Please select a file to upload'; $lang['addpage_permissions'] = 'Permissions'; // Edit File Page diff --git a/index.php b/index.php index 1cc67e48..aba3b2c2 100644 --- a/index.php +++ b/index.php @@ -26,8 +26,7 @@ * Test to see if we have the config.php file. If not, must not be installed yet. */ -if(!file_exists('config.php')) -{ +if (!file_exists('config.php')) { if ( !extension_loaded('pdo') || !extension_loaded('pdo_mysql') @@ -44,33 +43,26 @@ exit; } -require_once ('odm-load.php'); +require_once('odm-load.php'); -if (!isset($_REQUEST['last_message'])) -{ +if (!isset($_REQUEST['last_message'])) { $_REQUEST['last_message'] = ''; } // Call the plugin API callPluginMethod('onBeforeLogin'); -if(isset($_SESSION['uid'])) -{ - // redirect to main page - if(isset($_REQUEST['redirection'])) - { +if (isset($_SESSION['uid'])) { + // redirect to main page + if (isset($_REQUEST['redirection'])) { redirect_visitor($_REQUEST['redirection']); - } - else - { + } else { redirect_visitor('out.php'); } } -if(isset($_POST['login'])) -{ - if(!is_dir($GLOBALS['CONFIG']['dataDir']) || !is_writeable($GLOBALS['CONFIG']['dataDir'])) - { +if (isset($_POST['login'])) { + if (!is_dir($GLOBALS['CONFIG']['dataDir']) || !is_writeable($GLOBALS['CONFIG']['dataDir'])) { echo "" . msg('message_datadir_problem'). ""; exit; } @@ -99,8 +91,7 @@ )); $result = $stmt->fetchAll(); - if(count($result) != 1) - { + if (count($result) != 1) { // Check old password() method $query = " SELECT @@ -120,12 +111,11 @@ ':frmuser' => $frmuser, ':frmpass' => $frmpass )); - $result = $stmt->fetchAll(); + $result = $stmt->fetchAll(); } // if row exists - login/pass is correct - if (count($result) == 1) - { + if (count($result) == 1) { // register the user's ID $id = $result[0]['id']; @@ -136,36 +126,27 @@ callPluginMethod('onAfterLogin'); // redirect to main page - if(isset($_REQUEST['redirection'])) - { + if (isset($_REQUEST['redirection'])) { redirect_visitor($_REQUEST['redirection']); - } - else - { - redirect_visitor('out.php'); + } else { + redirect_visitor('out.php'); } // close connection - } - else - { + } else { // Login Failed // redirect to error page - + // Call the plugin API callPluginMethod('onFailedLogin'); header('Location: error.php?ec=0'); } -} -elseif(!isset($_POST['login']) && $GLOBALS['CONFIG']['authen'] =='mysql') -{ +} elseif (!isset($_POST['login']) && $GLOBALS['CONFIG']['authen'] =='mysql') { $redirection = (isset($_REQUEST['redirection']) ? $_REQUEST['redirection'] : ''); $GLOBALS['smarty']->assign('redirection', $redirection); display_smarty_template('login.tpl'); -} -else -{ - echo 'Check your config'; +} else { + echo 'Check your config'; } draw_footer(); diff --git a/install/index.php b/install/index.php index 3957f602..70136f8b 100644 --- a/install/index.php +++ b/install/index.php @@ -18,8 +18,8 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ // Sanity check. -if ( false ) { -?> +if (false) { + ?> @@ -38,19 +38,15 @@ session_start(); -if ( file_exists('../config.php') && (!isset($_SESSION['datadir']) ) ) -{ +if (file_exists('../config.php') && (!isset($_SESSION['datadir']))) { echo "

Looks like the file 'config.php' already exists. If you need to re-install, please delete it or rename it first. You may then try again.

"; exit; } // Search for the config file in parent folder // If not found, redirect to index for install routine -if(file_exists('../config.php')) -{ +if (file_exists('../config.php')) { include('../config.php'); -} -else -{ +} else { Header('Location: ../index.php'); } @@ -77,14 +73,12 @@

'; - if(!is_writeable('../templates_c')) - { + if (!is_writeable('../templates_c')) { echo 'templates_c folder is Not writeable - Fix and go Back
'; exit; - } - else - { + } else { echo 'OK
'; } echo '
installing...
'; @@ -419,7 +410,7 @@ function do_update_1261() include("../config.php"); include("upgrade_1261.php"); echo 'All Done with update! Click HERE to login
'; - } + } function do_update_1262() { echo 'Updating from DB version 1.2.6.2...
'; @@ -433,7 +424,7 @@ function do_update_1263() include("../config.php"); include("upgrade_1263.php"); echo 'All Done with update! Click HERE to login
'; - } + } function do_update_128() { echo 'Updating from DB versions 1.2.8...
'; @@ -472,7 +463,7 @@ function print_intro() $result_array = $stmt->fetch(); $db_version = (!empty($result_array['sys_value']) ? $result_array['sys_value'] : 'Unknown'); } - ?> + ?>

Welcome to the OpenDocMan Database Installer/Updater Tool


@@ -494,13 +485,15 @@ function print_intro()
Your current DB version:

Your current DB version:

1) New Installation

New installation of the v release of OpenDocMan (Will wipe any current data!)

New installation of the v release of OpenDocMan (Will wipe any current data!)

Upgrade from version version 1.2.9

diff --git a/install/odm.php b/install/odm.php index 693304ce..ad8ef8d5 100644 --- a/install/odm.php +++ b/install/odm.php @@ -23,8 +23,7 @@ // Added for automated script installers $dbprefix = isset($GLOBALS['CONFIG']['db_prefix']) ? $GLOBALS['CONFIG']['db_prefix'] : $_SESSION['db_prefix']; -if(!isset($_SESSION['adminpass'])) -{ +if (!isset($_SESSION['adminpass'])) { echo 'No Admin Pass!'; exit; } @@ -342,8 +341,7 @@ "INSERT INTO `{$dbprefix}settings` VALUES(NULL, 'max_query', '500', 'Set this to the maximum number of rows you want to be returned in a file listing. If your file list is slow decrease this value.', 'num');" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } @@ -410,8 +408,7 @@ "INSERT INTO `{$dbprefix}filetypes` VALUES(NULL, 'drawing/x-dwf', 1);", "INSERT INTO `{$dbprefix}filetypes` VALUES(NULL, 'image/svg', 1);" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } diff --git a/install/setup-config.php b/install/setup-config.php index 8bea0ac8..7ec66e5c 100644 --- a/install/setup-config.php +++ b/install/setup-config.php @@ -28,38 +28,37 @@ */ error_reporting(0); -define( 'ABSPATH', dirname(dirname(__FILE__)) . '/' ); +define('ABSPATH', dirname(dirname(__FILE__)) . '/'); /**#@-*/ -if (!file_exists(ABSPATH . 'config-sample.php')) -{ - echo ('Sorry, I need a config-sample.php file to work from. Please re-upload this file from your OpenDocMan installation.'); - exit; +if (!file_exists(ABSPATH . 'config-sample.php')) { + echo('Sorry, I need a config-sample.php file to work from. Please re-upload this file from your OpenDocMan installation.'); + exit; } $configFile = file(ABSPATH . 'config-sample.php'); // Check if config.php has been created -if (file_exists(ABSPATH . 'config.php')) -{ - echo ("

The file 'config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try installing now.

"); - exit; - +if (file_exists(ABSPATH . 'config.php')) { + echo("

The file 'config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try installing now.

"); + exit; } -if (isset($_GET['step'])) - $step = $_GET['step']; -else - $step = 0; +if (isset($_GET['step'])) { + $step = $_GET['step']; +} else { + $step = 0; +} /** * Display setup config.php file header. * */ -function display_header() { - header( 'Content-Type: text/html; charset=utf-8' ); -?> +function display_header() +{ + header('Content-Type: text/html; charset=utf-8'); + ?> @@ -73,11 +72,12 @@ function display_header() {

OpenDocMan

Welcome to OpenDocMan. Before getting started, we need some information on the database. You will need to know the following items before proceeding.

@@ -125,11 +125,11 @@ function display_header() {

Let’s go!

+ case 1: + display_header(); + ?>

Below you should enter your database connection details. If you're not sure about these, contact your host.

@@ -188,131 +188,127 @@ function display_header() { $("#configform").validate(); getMessage() . "
"; - die(); - } - $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - - $dbname = sanitizeme(trim($_POST['dbname'])); - $uname = sanitizeme(trim($_POST['uname'])); - $passwrd = sanitizeme(trim($_POST['pwd'])); - $dbhost = sanitizeme(trim($_POST['dbhost'])); - $prefix = sanitizeme(trim($_POST['prefix'])); + /**#@+ + * @ignore + */ + define('DB_NAME', trim($_POST['dbname'])); + define('DB_USER', trim($_POST['uname'])); + define('DB_PASS', trim($_POST['pwd'])); + define('DB_HOST', trim($_POST['dbhost'])); + + // We'll fail here if the values are no good. + $dsn = "mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=utf8"; + try { + $pdo = new PDO($dsn, DB_USER, DB_PASS); + } catch (PDOException $e) { + print "Error!: " . $e->getMessage() . "
"; + die(); + } + $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + + $dbname = sanitizeme(trim($_POST['dbname'])); + $uname = sanitizeme(trim($_POST['uname'])); + $passwrd = sanitizeme(trim($_POST['pwd'])); + $dbhost = sanitizeme(trim($_POST['dbhost'])); + $prefix = sanitizeme(trim($_POST['prefix'])); $adminpass = sanitizeme(trim($_POST['adminpass'])); $datadir = sanitizeme(trim($_POST['datadir'])); $baseurl = sanitizeme(trim($_POST['baseurl'])); // Clean up the datadir a bit to make sure it ends with slash - if(substr($datadir,-1) != '/') - { + if (substr($datadir, -1) != '/') { $datadir .= '/'; } // If no prefix is set, use default - if ( empty($prefix) ) - $prefix = 'odm_'; + if (empty($prefix)) { + $prefix = 'odm_'; + } // Require values from form fields - // Validate $prefix: it can only contain letters, numbers and underscores - if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) - die('ERROR: "Table Prefix" can only contain numbers, letters, and underscores.' ); + // Validate $prefix: it can only contain letters, numbers and underscores + if (preg_match('|[^a-z0-9_]|i', $prefix)) { + die('ERROR: "Table Prefix" can only contain numbers, letters, and underscores.'); + } $_SESSION['db_prefix'] = $prefix; $_SESSION['datadir'] = $datadir; $_SESSION['baseurl'] = $baseurl; $_SESSION['adminpass'] = $adminpass; // Here we check their datadir value and try to create the folder. If we cannot, we will warn them. - if(!is_dir($datadir)) - { - if(!mkdir($datadir)) - { + if (!is_dir($datadir)) { + if (!mkdir($datadir)) { echo 'Sorry, we were unable to create the data directory folder. You will need to create it manually at ' . $datadir; } - } - elseif(!is_writable($datadir)) - { + } elseif (!is_writable($datadir)) { echo 'The data directory exists, but your web server cannot write to it. Please verify the folder permissions are correct on ' . $datadir; } // Verify the templates_c is writeable - if(!is_writable(ABSPATH . '/templates_c')) - { + if (!is_writable(ABSPATH . '/templates_c')) { echo 'Sorry, we were unable to write to the templates_c folder. You will need to make sure that ' . ABSPATH . '/templates_c is writeable by the web server'; } // We also need to guess at their base_url value // Now replace the default config values with the real ones - foreach ($configFile as $line_num => $line) { - switch (substr($line,0,16)) { - case "define('DB_NAME'": - $configFile[$line_num] = str_replace("database_name_here", $dbname, $line); - break; - case "define('DB_USER'": - $configFile[$line_num] = str_replace("'username_here'", "'$uname'", $line); - break; - case "define('DB_PASS'": - $configFile[$line_num] = str_replace("'password_here'", "'$passwrd'", $line); - break; - case "define('DB_HOST'": - $configFile[$line_num] = str_replace("localhost", $dbhost, $line); - break; - case '$GLOBALS[\'CONFIG': - $configFile[$line_num] = str_replace('odm_', $prefix, $line); - break; - } - } - if ( ! is_writable(ABSPATH) ) { - display_header(); -?> + foreach ($configFile as $line_num => $line) { + switch (substr($line, 0, 16)) { + case "define('DB_NAME'": + $configFile[$line_num] = str_replace("database_name_here", $dbname, $line); + break; + case "define('DB_USER'": + $configFile[$line_num] = str_replace("'username_here'", "'$uname'", $line); + break; + case "define('DB_PASS'": + $configFile[$line_num] = str_replace("'password_here'", "'$passwrd'", $line); + break; + case "define('DB_HOST'": + $configFile[$line_num] = str_replace("localhost", $dbhost, $line); + break; + case '$GLOBALS[\'CONFIG': + $configFile[$line_num] = str_replace('odm_', $prefix, $line); + break; + } + } + if (! is_writable(ABSPATH)) { + display_header(); + ?>

Sorry, but I can't write the config.php file.

You can create the config.php manually and paste the following text into it.

+ foreach ($configFile as $line) { + echo htmlentities($line, ENT_COMPAT, 'UTF-8'); + } + ?>

After you've done that, click "Proceed to the installer."

Proceed to the installer

+ + } else { + $handle = fopen(ABSPATH . 'config.php', 'w'); + foreach ($configFile as $line) { + fwrite($handle, $line); + } + fclose($handle); + chmod(ABSPATH . 'config.php', 0666); + display_header(); + ?>

Great! You've made it through this part of the installation. OpenDocMan can now communicate with your database. If you are ready, time now to…

Run the install

]*?>.*?@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags @@ -325,17 +321,12 @@ function cleanInput($input) function sanitizeme($input) { - if (is_array($input)) - { - foreach($input as $var=>$val) - { + if (is_array($input)) { + foreach ($input as $var=>$val) { $output[$var] = sanitizeme($val); } - } - else - { - if (get_magic_quotes_gpc()) - { + } else { + if (get_magic_quotes_gpc()) { $input = stripslashes($input); } //echo "Raw Input:" . $input . "
"; @@ -346,12 +337,9 @@ function sanitizeme($input) $input = $input; // Prevent SQL Injection $output=$input; } - if(isset($output) && $output != '') - { + if (isset($output) && $output != '') { return $output; - } - else - { + } else { return false; } } diff --git a/install/upgrade_10.php b/install/upgrade_10.php index d9b99998..cf57f362 100644 --- a/install/upgrade_10.php +++ b/install/upgrade_10.php @@ -129,4 +129,4 @@ $query = "ALTER TABLE user_perms ADD INDEX user_perms_idx (fid,uid,rights)"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_11.php b/install/upgrade_11.php index a4f3bc7c..307c34af 100644 --- a/install/upgrade_11.php +++ b/install/upgrade_11.php @@ -56,4 +56,4 @@ ADD INDEX uid (uid), ADD INDEX rights (rights)"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_11rc1.php b/install/upgrade_11rc1.php index 483c0c20..18712b94 100644 --- a/install/upgrade_11rc1.php +++ b/install/upgrade_11rc1.php @@ -20,4 +20,4 @@ */ // No Database changes -echo 'No database changes for this version'; \ No newline at end of file +echo 'No database changes for this version'; diff --git a/install/upgrade_11rc2.php b/install/upgrade_11rc2.php index d38b93eb..2f7c3145 100644 --- a/install/upgrade_11rc2.php +++ b/install/upgrade_11rc2.php @@ -24,4 +24,4 @@ $query = " ALTER TABLE data CHANGE COLUMN category category smallint(5) unsigned NOT NULL default '0'"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_124.php b/install/upgrade_124.php index bbf31def..c89d0bc6 100644 --- a/install/upgrade_124.php +++ b/install/upgrade_124.php @@ -29,4 +29,4 @@ field_type int ) ENGINE = MYISAM"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_1252.php b/install/upgrade_1252.php index 051e931b..86a8c9c5 100644 --- a/install/upgrade_1252.php +++ b/install/upgrade_1252.php @@ -81,4 +81,4 @@ // Create version number in db $query = "INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}odmsys VALUES (NULL,'version','1.2.6')"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_1256.php b/install/upgrade_1256.php index 75e77021..ef5fc38a 100644 --- a/install/upgrade_1256.php +++ b/install/upgrade_1256.php @@ -25,7 +25,7 @@ $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); -foreach($result as $row) { +foreach ($result as $row) { $rev_array = explode("-", $row['revision']); $rev_left = ltrim($rev_array[0], "("); $rev_right = rtrim($rev_array[1], ")"); @@ -49,7 +49,7 @@ $stmt->execute(); $result = $stmt->fetchAll(); -foreach($result as $row) { +foreach ($result as $row) { $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data CHANGE {$row['table_name']} {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$row['table_name']} int(11)"; $stmt = $pdo->prepare($query); $stmt->execute(); @@ -61,4 +61,4 @@ $query = "ALTER TABLE $table_name RENAME {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$row['table_name']}"; $stmt = $pdo->prepare($query); $stmt->execute(); -} \ No newline at end of file +} diff --git a/install/upgrade_1257.php b/install/upgrade_1257.php index 282466be..01d04706 100644 --- a/install/upgrade_1257.php +++ b/install/upgrade_1257.php @@ -60,8 +60,7 @@ "INSERT INTO `{$_SESSION['db_prefix']}settings` VALUES(NULL,'base_url', '{$_SESSION['baseurl']}', 'Set this to the url of the site. No need for trailing \"/\" here', 'url');" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } @@ -121,10 +120,9 @@ "INSERT INTO `{$_SESSION['db_prefix']}filetypes` VALUES(NULL, 'drawing/x-dwf', 1);" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } -echo 'Update to 1.2.6 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; \ No newline at end of file +echo 'Update to 1.2.6 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; diff --git a/install/upgrade_1261.php b/install/upgrade_1261.php index ed91c1c9..164ffb20 100644 --- a/install/upgrade_1261.php +++ b/install/upgrade_1261.php @@ -37,4 +37,4 @@ $stmt = $pdo->prepare($query); $stmt->execute(); -echo 'Update to 1.2.6.2 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; \ No newline at end of file +echo 'Update to 1.2.6.2 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; diff --git a/install/upgrade_12p1.php b/install/upgrade_12p1.php index 5b138990..92450e01 100644 --- a/install/upgrade_12p1.php +++ b/install/upgrade_12p1.php @@ -107,4 +107,4 @@ $query = "ALTER TABLE user_perms MODIFY uid int(11) unsigned NOT NULL"; $stmt = $pdo->prepare($query); $stmt->execute(); -// Fieldformat of 'user_perms.uid' changed from 'smallint(5) unsigned NOT NULL DEFAULT '0' COMMENT '' to int(11) unsigned NOT NULL DEFAULT '0' COMMENT ''. Possibly data modifications needed! \ No newline at end of file +// Fieldformat of 'user_perms.uid' changed from 'smallint(5) unsigned NOT NULL DEFAULT '0' COMMENT '' to int(11) unsigned NOT NULL DEFAULT '0' COMMENT ''. Possibly data modifications needed! diff --git a/install/upgrade_12p3.php b/install/upgrade_12p3.php index b59e7c96..5cfaf6cd 100644 --- a/install/upgrade_12p3.php +++ b/install/upgrade_12p3.php @@ -23,4 +23,4 @@ echo 'Updating user table
'; $query = "ALTER TABLE user ADD pw_reset_code CHAR(32) default NULL"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_12rc1.php b/install/upgrade_12rc1.php index 5b94d44b..509909d0 100644 --- a/install/upgrade_12rc1.php +++ b/install/upgrade_12rc1.php @@ -23,4 +23,4 @@ //$query = "ALTER IGNORE TABLE data // DROP filesize"; //$stmt = $pdo->prepare($query); -//$stmt->execute(); \ No newline at end of file +//$stmt->execute(); diff --git a/logout.php b/logout.php index 808b5ad9..b5e56fd9 100644 --- a/logout.php +++ b/logout.php @@ -18,7 +18,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -include ('odm-load.php'); +include('odm-load.php'); // If kerbauth, then display warning about shutting down browser session_start(); @@ -26,9 +26,7 @@ $_SESSION = array(); // Finally, destroy the session. session_destroy(); -if($GLOBALS["CONFIG"]["authen"] =='kerbauth') -{ - +if ($GLOBALS["CONFIG"]["authen"] =='kerbauth') { ?> @@ -68,16 +66,12 @@ \ No newline at end of file diff --git a/odm-init.php b/odm-init.php index 60260ac7..5c2172b6 100644 --- a/odm-init.php +++ b/odm-init.php @@ -48,19 +48,19 @@ /* * Load the Settings class */ -require_once ( 'Settings_class.php'); +require_once('Settings_class.php'); $settings = new Settings($pdo); $settings->load(); /* * Common functions */ -require_once( 'functions.php' ); +require_once('functions.php'); /* * Load the allowed file types list */ -require_once ( 'FileTypes_class.php' ); +require_once('FileTypes_class.php'); $filetypes = new FileTypes_class($pdo); $filetypes->load(); diff --git a/odm-load.php b/odm-load.php index 8a993318..3f5c83d8 100644 --- a/odm-load.php +++ b/odm-load.php @@ -32,24 +32,17 @@ * untouched. * */ -if (file_exists('config.php')) -{ +if (file_exists('config.php')) { // In the case of root folder calls - require_once( 'config.php' ); -} -elseif (file_exists('../config.php')) -{ + require_once('config.php'); +} elseif (file_exists('../config.php')) { // In the case of subfolders - require_once( '../config.php' ); -} -elseif (file_exists('../../config.php')) -{ + require_once('../config.php'); +} elseif (file_exists('../../config.php')) { // In the case of plugins - require_once( '../../config.php' ); -} -else -{ + require_once('../../config.php'); +} else { header('Location: index.php'); } -require_once(ABSPATH . 'odm-init.php'); \ No newline at end of file +require_once(ABSPATH . 'odm-init.php'); diff --git a/out.php b/out.php index 29236359..42c8d149 100644 --- a/out.php +++ b/out.php @@ -28,8 +28,7 @@ $GLOBALS['state'] = 1; require_once 'odm-load.php'; -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -40,33 +39,26 @@ $user_obj = new User($_SESSION['uid'], $pdo); -if ($user_obj->isAdmin()) -{ - $reviewIdCount = sizeof($user_obj->getAllRevieweeIds()); -} -elseif( $user_obj->isReviewer()) -{ +if ($user_obj->isAdmin()) { + $reviewIdCount = sizeof($user_obj->getAllRevieweeIds()); +} elseif ($user_obj->isReviewer()) { $reviewIdCount = sizeof($user_obj->getRevieweeIds()); -}else { +} else { $reviewIdCount = 0; -} +} -if($reviewIdCount > 0) -{ +if ($reviewIdCount > 0) { echo ''.msg('message_documents_waiting'). ': ' . $reviewIdCount . '
'; - } $rejected_files_obj = $user_obj->getRejectedFileIds(); -if(isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) -{ +if (isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) { echo ''. msg('message_documents_rejected') . ': ' .sizeof($rejected_files_obj) . '
'; } $llen = $user_obj->getNumExpiredFiles(); -if($llen > 0) -{ +if ($llen > 0) { echo '' .msg('message_documents_expired'). ': ' . $llen . '
'; } // get a list of documents the user has "view" permission for @@ -81,10 +73,10 @@ //$end_P = getmicrotime(); -list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'],false); +list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'], false); -draw_footer(); +draw_footer(); //Fb::log('
Load Page Time: ' . (getmicrotime() - $start_time) . ' '); //echo '
Load Permission Time: ' . ($end_P - $start_P) . ' '; //echo '
Load Sort Time: ' . ($lsort_e - $lsort_b) . ' '; -//echo '
Load Table Time: ' . ($llist_e - $llist_b) . ' '; \ No newline at end of file +//echo '
Load Table Time: ' . ($llist_e - $llist_b) . ' '; diff --git a/profile.php b/profile.php index 78d6ddb5..22f25a16 100644 --- a/profile.php +++ b/profile.php @@ -23,8 +23,7 @@ include('odm-load.php'); -if (!isset ($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -40,4 +39,4 @@
isAdmin() && @$_REQUEST['mode'] == 'root') - { + if ($user_obj->isAdmin() && @$_REQUEST['mode'] == 'root') { $fileid_array = $user_obj->getAllRejectedFileIds(); - } - else - { + } else { $fileid_array = $user_obj->getRejectedFileIds(); } - if(@$_REQUEST['mode']=='root') - { + if (@$_REQUEST['mode']=='root') { echo '
'; - } - else - { + } else { echo ''; } ?> @@ -67,62 +59,54 @@ $list_status = list_files($fileid_array, $user_perms_obj, $GLOBALS['CONFIG']['dataDir'], true, true); -?> + ?>
- - + +
+ ?>
Publishable(0); } } header('Location:' . $_SERVER['PHP_SELF'] . '?mode=' . @$_REQUEST['mode'] . '&last_message='. msg('message_file_authorized')); -} -elseif($_POST['submit'] == 'delete') -{ - if(!isset($_REQUEST['checkbox'])) - { +} elseif ($_POST['submit'] == 'delete') { + if (!isset($_REQUEST['checkbox'])) { header('Location: ' .$_SERVER['PHP_SELF'] . '?last_message=' . urlencode(msg('message_you_did_not_enter_value'))); exit; } $url = 'delete.php?mode=tmpdel&'; $id = 0; - if(isset($_POST["checkbox"])) - { + if (isset($_POST["checkbox"])) { $loop = 0; - foreach($_POST['checkbox'] as $num=>$cbox) - { + foreach ($_POST['checkbox'] as $num=>$cbox) { $fileid = $cbox; $url .= 'id'. $num . '='.$fileid.'&'; $id ++; diff --git a/reports/file_list.php b/reports/file_list.php index 4dc9bea9..79f02750 100644 --- a/reports/file_list.php +++ b/reports/file_list.php @@ -27,22 +27,20 @@ include('../odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor('../index.php?redirection=reports/file_list.php'); } // open a connection to the database $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:../error.php?ec=4'); exit; } function cleanExcelData(&$str) -{ +{ if (strstr($str, '"')) { $str = '"' . str_replace('"', '""', $str) . '"'; } @@ -81,15 +79,14 @@ function cleanExcelData(&$str) LEFT JOIN {$GLOBALS['CONFIG']['db_prefix']}log ON {$GLOBALS['CONFIG']['db_prefix']}log.id = {$GLOBALS['CONFIG']['db_prefix']}data.id ORDER BY id - "; + "; $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_ASSOC); -foreach($result as $row) { -// display field/column names as first row +foreach ($result as $row) { + // display field/column names as first row if (!$flag) { - fputcsv($out, array_keys($row), ',', '"'); $flag = true; } diff --git a/search.php b/search.php index d04e426a..3c3e23fd 100644 --- a/search.php +++ b/search.php @@ -23,8 +23,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -44,42 +43,55 @@ draw_header(msg('search'), $last_message); echo ''; -if(!isset($_GET['submit'])) -{ +if (!isset($_GET['submit'])) { ?>

- method="get"> + method="get"> - + - + - - + + @@ -88,25 +100,18 @@ Load Time: ' . time() - $start_time; draw_footer(); - -} -else -{ +} else { function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_array) { global $pdo; $remain =''; - if( $exact_phrase != 'on' ) - { + if ($exact_phrase != 'on') { $keyword = '%' . $keyword . '%'; } - if($case_sensitivity != 'on') - { + if ($case_sensitivity != 'on') { $equate = ' LIKE '; - } - else - { + } else { $equate = ' LIKE BINARY '; } @@ -131,8 +136,7 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra $author_first_name = ''; $author_last_name = ''; $use_uid = false; - switch($where) - { + switch ($where) { // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. case 'author_locked_files': @@ -148,8 +152,8 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra // Put all the author name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the author name array are synchronized. case 'author': - if( $exact_phrase=='on' ) { - $author_first_name = substr($keyword, strpos($keyword, ' ') +1 ); + if ($exact_phrase=='on') { + $author_first_name = substr($keyword, strpos($keyword, ' ') +1); $author_last_name = substr($keyword, 0, strpos($keyword, ' ')); $query .= " u.first_name $equate :author_first_name AND u.last_name $equate :author_last_name "; } else { @@ -200,7 +204,7 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra $stmt = $pdo->prepare($final_query); - if(!empty($use_uid)) { + if (!empty($use_uid)) { $stmt->bindParam(':uid', $_SESSION['uid']); $stmt->bindParam(':keyword', $keyword); } elseif (!empty($author_last_name) && $exact_phrase == 'on') { @@ -216,26 +220,22 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra $index = 0; $id_array = array(); - foreach($result as $row) { + foreach ($result as $row) { $id_array[$index++] = $row['id']; $index++; } - if(@$remain != '' && $exact_phrase != "on") - { - return array_values( array_unique( array_merge($id_array, search($where, substr($remain, 1), $exact_phrase, $case_sensitivity, $search_array) ) ) ); + if (@$remain != '' && $exact_phrase != "on") { + return array_values(array_unique(array_merge($id_array, search($where, substr($remain, 1), $exact_phrase, $case_sensitivity, $search_array)))); } - return array_values( array_intersect($id_array, $search_array) ); + return array_values(array_intersect($id_array, $search_array)); } $current_user = new User($_SESSION['uid'], $pdo); $user_perms = new User_Perms($_SESSION['uid'], $pdo); $current_user_permission = new UserPermission($_SESSION['uid'], $pdo); //$s_getFTime = getmicrotime(); - if($_GET['where'] == 'author_locked_files') - { + if ($_GET['where'] == 'author_locked_files') { $view_able_files_id = $current_user->getExpiredFileIds(); - } - else - { + } else { $view_able_files_id = $current_user_permission->getViewableFileIds(false); } //$e_getFTime = getmicrotime(); @@ -246,9 +246,9 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra // Call the plugin API callPluginMethod('onSearch'); - list_files($search_result, $current_user_permission, $GLOBALS['CONFIG']['dataDir'], false,false); + list_files($search_result, $current_user_permission, $GLOBALS['CONFIG']['dataDir'], false, false); echo '
'; draw_footer(); //echo '
Load Page Time: ' . (getmicrotime() - $start_time) . ' '; //echo '
Load Permission Time: ' . ($e_getFTime - $s_getFTime) . ' '; -} \ No newline at end of file +} diff --git a/settings.php b/settings.php index db2830d2..2a1494e1 100644 --- a/settings.php +++ b/settings.php @@ -23,8 +23,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -35,23 +34,18 @@ //If the user is not an admin and he/she is trying to access other account that // is not his, error out. -if(!$user_obj->isRoot() == true) -{ +if (!$user_obj->isRoot() == true) { header('Location: error.php?ec=24'); exit; } -if(isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') -{ - +if (isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') { draw_header(msg('label_settings'), $last_message); $settings->edit(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') { draw_header(msg('label_settings'), $last_message); // Clean up the datadir a bit to make sure it ends with slash @@ -62,29 +56,19 @@ } // Perform Input Validation - if(!is_dir($_POST['dataDir'])) - { + if (!is_dir($_POST['dataDir'])) { $_POST['last_message'] = $GLOBALS['lang']['message_datadir_problem_exists']; - } - elseif(!is_writable($_POST['dataDir'])) - { + } elseif (!is_writable($_POST['dataDir'])) { $_POST['last_message'] = $GLOBALS['lang']['message_datadir_problem_writable']; - } - elseif((!is_numeric($_POST['max_filesize'])) || (!is_numeric($_POST['revision_expiration']) || (!is_numeric($_POST['max_query'])) ) ) - { + } elseif ((!is_numeric($_POST['max_filesize'])) || (!is_numeric($_POST['revision_expiration']) || (!is_numeric($_POST['max_query'])))) { $_POST['last_message'] = $GLOBALS['lang']['message_config_value_problem']; - } - elseif($settings->save($_POST)) - { + } elseif ($settings->save($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } - if (!isset($_POST['last_message'])) - { + if (!isset($_POST['last_message'])) { $_POST['last_message']=''; } @@ -94,13 +78,8 @@ // Clear the tpl templates_c files after update in case they updated theme $GLOBALS['smarty']->clear_compiled_tpl(); -} -elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') { header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled'))); -} -else -{ +} else { header('Location: admin.php?last_message=' . urlencode(msg('message_nothing_to_do'))); } - diff --git a/signup.php b/signup.php index dd8d3873..8a892c54 100644 --- a/signup.php +++ b/signup.php @@ -23,12 +23,10 @@ // You can add signup_header.html and signup_footer.html files to display on this page automatically include('odm-load.php'); -if($GLOBALS['CONFIG']['allow_signup'] == 'True') -{ +if ($GLOBALS['CONFIG']['allow_signup'] == 'True') { // Submitted so insert data now - if(isset($_REQUEST['adduser'])) - { + if (isset($_REQUEST['adduser'])) { // Check to make sure user does not already exist $query = " SELECT @@ -43,13 +41,10 @@ $stmt->execute(); // If the above statement returns more than 0 rows, the user exists, so display error - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { echo msg('message_user_exists'); exit; - } - else - { + } else { $phonenumber = (!empty($_REQUEST['phonenumber']) ? $_REQUEST['phonenumber'] : ''); // INSERT into user $query = " @@ -88,9 +83,8 @@ $userid = $pdo->lastInsertId(); // mail user telling him/her that his/her account has been created. - echo msg ('message_account_created') . ' ' . $_POST['username'].'
'; - if($GLOBALS['CONFIG']['authen'] == 'mysql') - { + echo msg('message_account_created') . ' ' . $_POST['username'].'
'; + if ($GLOBALS['CONFIG']['authen'] == 'mysql') { echo msg('message_account_created_password') . ': '.$_REQUEST['password']."\n\n"; echo '
' . msg('login'). ''; exit; @@ -102,11 +96,10 @@ Sign Up + ?> Sign Up
@@ -114,9 +107,12 @@
: :
-
+
- - - + + + '; } ?> @@ -147,7 +142,7 @@ -
Phone Number @@ -136,9 +132,8 @@
Department
+
+ ?> isReviewer()) -{ +if (!$user_obj->isReviewer()) { header('Location:out.php?last_message=Access+denied'); } $comments = isset($_REQUEST['comments']) ? stripslashes($_REQUEST['comments']) : ''; -if(!isset($_REQUEST['submit'])) -{ +if (!isset($_REQUEST['submit'])) { draw_header(msg('message_documents_waiting'), $last_message); $userpermission = new UserPermission($_SESSION['uid'], $pdo); - if($user_obj->isAdmin()) - { + if ($user_obj->isAdmin()) { $id_array = $user_obj->getAllRevieweeIds(); - } - else - { + } else { $id_array = $user_obj->getRevieweeIds(); } $list_status = list_files($id_array, $userpermission, $GLOBALS['CONFIG']['dataDir'], true); - if( $list_status != -1 ) - { + if ($list_status != -1) { display_smarty_template('toBePublished.tpl'); } -} -elseif(isset($_REQUEST['submit']) && ($_REQUEST['submit'] =='commentAuthorize' || $_REQUEST['submit'] == 'commentReject')) -{ - if(!isset($_REQUEST['checkbox'])) - { +} elseif (isset($_REQUEST['submit']) && ($_REQUEST['submit'] =='commentAuthorize' || $_REQUEST['submit'] == 'commentReject')) { + if (!isset($_REQUEST['checkbox'])) { header('Location: ' .$_SERVER['PHP_SELF'] . '?last_message=' . urlencode(msg('message_you_did_not_enter_value'))); } @@ -80,16 +70,11 @@ } */ - if($_REQUEST['submit'] == 'commentReject') - { + if ($_REQUEST['submit'] == 'commentReject') { $submit_value='Reject'; - } - elseif ($_REQUEST['submit'] == 'commentAuthorize') - { + } elseif ($_REQUEST['submit'] == 'commentAuthorize') { $submit_value='Authorize'; - } - else - { + } else { $submit_value='None'; } @@ -109,10 +94,7 @@ $GLOBALS['smarty']->assign('submit_value', $submit_value); $GLOBALS['smarty']->assign('checkbox', $checkbox); display_smarty_template('commentform.tpl'); - -} -elseif (isset($_POST['submit']) && $_POST['submit'] == 'Reject') -{ +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Reject') { $to = isset($_POST['to']) ? $_POST['to'] : ''; $subject = isset($_POST['subject']) ? $_POST['subject'] : ''; $checkbox = isset($_POST['checkbox']) ? $_POST['checkbox'] : ''; @@ -132,29 +114,23 @@ $mail_body .= msg('email_was_declined_for_publishing_at') . ' ' .$date. ' ' . msg('email_for_the_following_reasons') . ':'."\n\n".$mail_break.$_REQUEST['comments']."\n".$mail_break; $mail_salute="\n\r\n\r" . msg('email_salute') . ",\n\r$full_name"; - if($user_obj->isAdmin()) - { + if ($user_obj->isAdmin()) { $id_array = $user_obj->getAllRevieweeIds(); - } - else - { + } else { $id_array = $user_obj->getRevieweeIds(); } $id_field = explode(' ', trim($checkbox)); - foreach($id_field as $key=>$value) - { + foreach ($id_field as $key=>$value) { // Check to make sure the current file_id is in their list of rejectable ID's - if(in_array($value, $id_array)) - { + if (in_array($value, $id_array)) { $fileid = $value; $file_obj = new FileData($fileid, $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); $mail_to = $user_obj->getEmailAddress(); $dept_id = $file_obj->getDepartment(); // Build email for author notification - if(isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) - { + if (isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) { // Lets unset this now so the new array will just be user_id's $_POST['send_to_users'] = array_slice($_POST['send_to_users'], 1); $mail_body1 = $comments . "\n\n"; @@ -187,30 +163,24 @@ $mail_body.=msg('email_automated_document_messenger'). "\n\n"; $mail_body.=$GLOBALS['CONFIG']['base_url'] . "\n\n"; - if(isset($_POST['send_to_all'])) - { - email_all($mail_subject,$mail_body,$mail_headers); + if (isset($_POST['send_to_all'])) { + email_all($mail_subject, $mail_body, $mail_headers); } - if (isset($_POST['send_to_dept'])) { + if (isset($_POST['send_to_dept'])) { email_dept($dept_id, $mail_subject, $mail_body, $mail_headers); } - if(isset($_POST['send_to_users']) && is_array($_POST['send_to_users']) && isset($_POST['send_to_users'][0])) - { - email_users_id($_POST['send_to_users'], $mail_subject,$mail_body,$mail_headers); + if (isset($_POST['send_to_users']) && is_array($_POST['send_to_users']) && isset($_POST['send_to_users'][0])) { + email_users_id($_POST['send_to_users'], $mail_subject, $mail_body, $mail_headers); } - } - else - { + } else { // If their user cannot reject this file_id, display error header("Location:$_SERVER[PHP_SELF]?last_message=" .urlencode(msg('message_error_performing_action'))); } } header("Location: out.php?last_message=" .urlencode(msg('message_file_rejected'))); -} -elseif (isset($_POST['submit']) && $_POST['submit'] == 'Authorize') -{ +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Authorize') { $checkbox = isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : ''; $reviewer_comments = "To=$_POST[to];Subject=$_POST[subject];Comments=$_POST[comments];"; $user_obj = new User($_SESSION['uid'], $pdo); @@ -222,22 +192,17 @@ $mail_headers = "From: $mail_from"."\r\n"; $mail_headers .="Content-Type: text/plain; charset=UTF-8"."\r\n"; - if($user_obj->isAdmin()) - { + if ($user_obj->isAdmin()) { $id_array = $user_obj->getAllRevieweeIds(); - } - else - { + } else { $id_array = $user_obj->getRevieweeIds(); } $id_field=explode(' ', trim($checkbox)); - foreach($id_field as $key=>$value) - { + foreach ($id_field as $key=>$value) { // Check to make sure the current file_id is in their list of reviewable ID's - if(in_array($value, $id_array)) - { + if (in_array($value, $id_array)) { $fileid = $value; $file_obj = new FileData($fileid, $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); @@ -245,8 +210,7 @@ $dept_id = $file_obj->getDepartment(); // Build email for author notification - if(isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) - { + if (isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) { // Lets unset this now so the new array will just be user_id's $_POST['send_to_users'] = array_slice($_POST['send_to_users'], 1); $mail_body1 = $comments . "\n\n"; @@ -258,8 +222,7 @@ $mail_body1.=msg('email_thank_you') . ',' . "\n\n"; $mail_body1.=msg('email_automated_document_messenger') . "\n\n"; $mail_body1.=$GLOBALS['CONFIG']['base_url'] . "\n\n"; - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($mail_to, $mail_subject . " " . $file_obj->getName(), $mail_body1, $mail_headers); } } @@ -280,39 +243,31 @@ $mail_body2.=msg('email_automated_document_messenger'). "\n\n"; $mail_body2.=$GLOBALS['CONFIG']['base_url'] . "\n\n"; - if(isset($_POST['send_to_all'])) - { - email_all($mail_subject,$mail_body2,$mail_headers); + if (isset($_POST['send_to_all'])) { + email_all($mail_subject, $mail_body2, $mail_headers); } - if(isset($_POST['send_to_dept'])) - { - email_dept($dept_id,$mail_subject ,$mail_body2,$mail_headers); - } - if(!empty($_POST['send_to_users'][0]) && is_array($_POST['send_to_users']) && $_POST['send_to_users'][0] > 0) - { - email_users_id($_POST['send_to_users'], $mail_subject,$mail_body2,$mail_headers); - } - } - else - { + if (isset($_POST['send_to_dept'])) { + email_dept($dept_id, $mail_subject, $mail_body2, $mail_headers); + } + if (!empty($_POST['send_to_users'][0]) && is_array($_POST['send_to_users']) && $_POST['send_to_users'][0] > 0) { + email_users_id($_POST['send_to_users'], $mail_subject, $mail_body2, $mail_headers); + } + } else { // If their user cannot authorize this file_id, display error header("Location:$_SERVER[PHP_SELF]?last_message=" .urlencode(msg('message_error_performing_action'))); } } header('Location: out.php?last_message=' .urlencode(msg('message_file_authorized'))); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'comments' && isset($_REQUEST['id'])) { +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'comments' && isset($_REQUEST['id'])) { /* * Used to display the reviewer comments in a popup */ $file_id = (int) $_REQUEST['id']; $file_obj = new FileData($file_id, $pdo); echo $file_obj->getReviewerComments(); -} -elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Cancel') { $last_message=urlencode(msg('message_action_cancelled')); - header ('Location: toBePublished.php?last_message=' . $last_message); + header('Location: toBePublished.php?last_message=' . $last_message); } - draw_footer(); \ No newline at end of file + draw_footer(); diff --git a/udf.php b/udf.php index 7dfe7bcc..e64eecb0 100644 --- a/udf.php +++ b/udf.php @@ -24,32 +24,29 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? htmlspecialchars($_REQUEST['last_message']) : ''); $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } -if(isset($_REQUEST['cancel']) and $_REQUEST['cancel'] != 'Cancel') -{ +if (isset($_REQUEST['cancel']) and $_REQUEST['cancel'] != 'Cancel') { draw_menu($_SESSION['uid']); } -if(isset($_GET['submit']) && $_GET['submit'] == 'add') -{ +if (isset($_GET['submit']) && $_GET['submit'] == 'add') { draw_header(msg('area_add_new_udf'), $last_message); // Check to see if user is admin ?> -

+ @@ -63,9 +60,12 @@ @@ -90,12 +90,9 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } @@ -104,24 +101,20 @@ $last_message = urlencode(msg('message_udf_successfully_added') . ': ' . $_REQUEST['display_name']); header('Location: admin.php?last_message=' . $last_message); -} -elseif(isset($_REQUEST['submit']) && ($_REQUEST['submit'] == 'delete') && (isset($_REQUEST['item']))) -{ -// If demo mode, don't allow them to update the demo account -if (@$GLOBALS['CONFIG']['demo'] == 'True') -{ - - draw_header(msg('label_delete') . ' ' . msg('label_user_defined_fields') ,$last_message); +} elseif (isset($_REQUEST['submit']) && ($_REQUEST['submit'] == 'delete') && (isset($_REQUEST['item']))) { + // If demo mode, don't allow them to update the demo account +if (@$GLOBALS['CONFIG']['demo'] == 'True') { + draw_header(msg('label_delete') . ' ' . msg('label_user_defined_fields'), $last_message); echo msg('message_sorry_demo_mode'); draw_footer(); exit; } -$delete=''; + $delete=''; -draw_header(msg('label_delete') . ' ' . msg('label_user_defined_fields'), $last_message); + draw_header(msg('label_delete') . ' ' . msg('label_user_defined_fields'), $last_message); // query to show item echo ''; -echo '
(limit 5)
'; + echo '
'; $query = " SELECT table_name, @@ -135,13 +128,14 @@ $stmt = $pdo->prepare($query); $stmt->execute(array(':item' => $_REQUEST['item'])); $result = $stmt->fetchAll(); -foreach($result as $row) { - echo ''; - echo ''; - echo ''; -} + foreach ($result as $row) { + echo ''; + echo ''; + echo ''; + } ?> - + @@ -156,12 +150,9 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } @@ -170,16 +161,16 @@ // back to main page $last_message = urlencode(msg('message_udf_successfully_deleted'). ': id=' . $_REQUEST['id']); header('Location: admin.php?last_message=' . $last_message); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'deletepick') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'deletepick') { $deletepick=''; draw_header(msg('select') . ' ' . msg('label_user_defined_fields'), $last_message); ?> - +
' . msg('label_name') . ':' . $row['table_name'] . '
' . msg('label_display') . ':' . $row['display_name'] . '
' . msg('label_name') . ':' . $row['table_name'] . '
' . msg('label_display') . ':' . $row['display_name'] . '
- + '; echo ''; echo ''; -?> - + ?> + @@ -258,15 +248,16 @@
@@ -222,11 +213,9 @@ ' . $result . '' . $_REQUEST['item'] . '
- - + +
User Defined Field
- + execute(array(':item' => $_REQUEST['item'])); $result = $stmt->fetchAll(); - foreach($result as $row) { - echo ''; - echo ''; - echo ''; - echo ''; - } -?> + foreach ($result as $row) { + echo ''; + echo ''; + echo ''; + echo ''; + } + ?> @@ -340,13 +332,13 @@
-
+
-
- + + @@ -366,10 +358,10 @@ $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { - echo ''; - } -?> + foreach ($result as $row) { + echo ''; + } + ?> @@ -384,19 +376,13 @@
User Defined Field to modify:
0 ) { - if ( isset($_REQUEST['x'.$max]) && $_REQUEST['x'.$max] == "on" ) { + while ($max > 0) { + if (isset($_REQUEST['x'.$max]) && $_REQUEST['x'.$max] == "on") { $query = " DELETE FROM {$_REQUEST['udf']} @@ -495,11 +480,12 @@ $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( isset($bg) && $bg == "FCFCFC" ) + foreach ($result as $row) { + if (isset($bg) && $bg == "FCFCFC") { $bg = "E3E7F9"; - else + } else { $bg = "FCFCFC"; + } echo ''.$row[1].''; } echo '' . msg('new') . ':'; @@ -520,14 +506,14 @@ }); $_REQUEST['primary_type'] )); } - } // Do Deletes @@ -615,44 +600,46 @@ $max--; } - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; //CHM - - echo '
' . msg('label_name') . ':' . $_REQUEST['udf'] . '
' . msg('label_display') . ' ' . msg('label_name') . ':
' . msg('label_type_pr_sec') . ':
'; ?> + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; //CHM + + echo '
' . msg('label_name') . ':' . $_REQUEST['udf'] . '
' . msg('label_display') . ' ' . msg('label_name') . ':
' . msg('label_type_pr_sec') . ':
'; + ?>
'; - echo '' .msg('button_delete') . '?' .msg('value') . ' '; - $query = " + echo ''; + echo ''; + $query = " SELECT * FROM {$_REQUEST['udf']} "; - $stmt = $pdo->prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - foreach($result as $row) { - if ( isset($bg) && $bg == "FCFCFC" ) - $bg = "E3E7F9"; - else - $bg = "FCFCFC"; - echo ''; - } - - echo ''; - echo ''; - echo ''; + } + + echo ''; + echo ''; + echo ''; } } @@ -149,7 +140,7 @@ function udf_add_file_insert($fileId) $result = $stmt->fetchAll(); $i = 0; //CHM - foreach($result as $row) { + foreach ($result as $row) { if ($row[1] == 1 || $row[1] == 2 || $row[1] == 3 || $row[1] == 4) { //CHM if (isset($_REQUEST[$row[0]]) && $_REQUEST[$row[0]] != "") { $explode_row = explode('_', $row[0]); @@ -211,12 +202,10 @@ function udf_edit_file_form() $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { echo ''; - } - elseif ($row[1] == 3) - { + } elseif ($row[1] == 3) { echo ''; - - //secondary dropdown + + //secondary dropdown echo ''; + echo ''; + echo ''; } - //CHM + //CHM } } @@ -399,7 +379,7 @@ function udf_edit_file_update() $result = $stmt->fetchAll(); $i = 0; //CHM - foreach($result as $row) { + foreach ($result as $row) { if ($row[1] == 1 || $row[1] == 2 || $row[1] == 3 || $row[1] == 4) { //CHM sub select option 4 added if (isset($_REQUEST[$row[2]]) && $_REQUEST[$row[2]] != "") { $query = " @@ -458,47 +438,38 @@ function udf_details_display($fileId) $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { $query = "SELECT value FROM {$GLOBALS['CONFIG']['db_prefix']}data, {$row['2']} WHERE {$GLOBALS['CONFIG']['db_prefix']}data.id = :file_id AND {$GLOBALS['CONFIG']['db_prefix']}data.{$row['2']}={$row['2']}.id"; $stmt = $pdo->prepare($query); $stmt->execute(array(':file_id' => $fileId)); $sub_row = $stmt->fetch(); - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { $return_string .= ''; } - } - elseif ($row[1] == 3) - { + } elseif ($row[1] == 3) { $query = "SELECT {$row[2]} FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE {$GLOBALS['CONFIG']['db_prefix']}data.id = :file_id "; $stmt = $pdo->prepare($query); $stmt->execute(array(':file_id' => $fileId)); $sub_row = $stmt->fetch(); - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { $return_string .= ''; } - } - //CHM - elseif ($row[1] == 4) - { + //CHM + elseif ($row[1] == 4) { $query = "SELECT value FROM {$GLOBALS['CONFIG']['db_prefix']}data, {$row['2']} WHERE {$GLOBALS['CONFIG']['db_prefix']}data.id = :file_id AND {$GLOBALS['CONFIG']['db_prefix']}data.{$row['2']}={$row['2']}.id"; $stmt = $pdo->prepare($query); $stmt->execute(array(':file_id' => $fileId)); $sub_row = $stmt->fetch(); - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { $return_string .= ''; } - } - //CHM + //CHM } return $return_string; } @@ -521,7 +492,7 @@ function udf_admin_menu() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { echo ''; } echo '
' .msg('button_delete') . '?' .msg('value') . '
'.$row[1].'
' . msg('new') . ':
'; - echo '
'; - ?> + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + foreach ($result as $row) { + if (isset($bg) && $bg == "FCFCFC") { + $bg = "E3E7F9"; + } else { + $bg = "FCFCFC"; + } + echo '
'.$row[1].'
' . msg('new') . ':
'; + echo '
'; + ?>
@@ -666,13 +653,12 @@ }); execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { echo '
'; - if (file_exists("udf_help.html")) - { + if (file_exists("udf_help.html")) { echo ''.$row[2].''; - } - else - { + } else { echo $row[2]; } echo ''; //Type is Select List - if ( $row[1] == 1 ) - { + if ($row[1] == 1) { echo ''; } // Type is Radio - if ( $row[1] == 2 ) - { + if ($row[1] == 2) { $query = " SELECT id, @@ -92,41 +86,38 @@ function udf_add_file_form() $stmt->execute(); $sub_result = $stmt->fetchAll(); - foreach($sub_result as $sub_row) { + foreach ($sub_result as $sub_row) { echo ''.$sub_row[1]; } } // Type is Text - if ( $row[1] == 3 ) - { + if ($row[1] == 3) { echo ''; } - - //CHM + + //CHM // Type is Sub-Select - if ( $row[1] == 4 ) - { - $explode_row = explode('_',$row[0]); - $field_name = $explode_row[2]; - + if ($row[1] == 4) { + $explode_row = explode('_', $row[0]); + $field_name = $explode_row[2]; + $query = "SELECT * FROM {$row[0]}"; $stmt = $pdo->prepare($query); $stmt->execute(); $sub_result = $stmt->fetchAll(); - echo ''; + echo ''; + foreach ($sub_result as $sub_row) { + echo ''; } - echo ''; - - echo '
Secondary items will show up here.
'; - + echo ''; + + echo '
Secondary items will show up here.
'; } - //CHM - + //CHM + echo '
' . $row[0] . ''; - if ( $row[1] == 1 ) - { + if ($row[1] == 1) { echo '' . $sub_row[1]; } } - if ($row[1] == 1) + if ($row[1] == 1) { echo ''; + } echo '
' . $row[0] . ''; $query = " SELECT @@ -283,15 +268,14 @@ function udf_edit_file_form() echo ''; } - //CHM - elseif( $row[1] == 4) - { - $explode_row = explode('_',$row[2]); - $field_name = $explode_row[2]; - + //CHM + elseif ($row[1] == 4) { + $explode_row = explode('_', $row[2]); + $field_name = $explode_row[2]; + echo '
' . $row[0] . ''; - echo ''; + echo ''; $query = " SELECT @@ -312,24 +296,22 @@ function udf_edit_file_form() $stmt->execute(); $sub_result = $stmt->fetchAll(); - foreach($sub_result as $sub_row) { - if ( $row[1] == 4 ) - { + foreach ($sub_result as $sub_row) { + if ($row[1] == 4) { echo ''; } } - echo ''; - + echo ''; + echo '
 
'; - + $query = " SELECT {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$field_name}_secondary @@ -343,10 +325,10 @@ function udf_edit_file_form() $sub_row = $stmt->fetch(); $sel = $sub_row[0]; - - if($sel ==''){ - echo 'Secondary items will show up here.'; - }else{ + + if ($sel =='') { + echo 'Secondary items will show up here.'; + } else { $query = " SELECT id, @@ -360,23 +342,21 @@ function udf_edit_file_form() $stmt->execute(array(':sel_pri' => $sel_pri)); $sub_result = $stmt->fetchAll(); - echo ''; - echo '
' . $row[0] . ':' . $sub_row[0] . '
' . $row[0] . ':' . $sub_row[0] . '
' . $row[0] . ':' . $sub_row[0] . '
'.$row[2].'
'; @@ -536,9 +507,8 @@ function udf_functions_java_menu() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2 || $row[1] == 3 ) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2 || $row[1] == 3) { echo "case '".$row[2]."':\n"; echo " info_Array = ".$row[0]."_array;\n"; echo " break;\n"; @@ -555,17 +525,16 @@ function udf_functions_java_array() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ($row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { $query = "SELECT id,value FROM {$row[0]}"; $stmt = $pdo->prepare($query); $stmt->execute(array()); $sub_result = $stmt->fetchAll(); - echo $row[0] . "_array = new Array();\n"; + echo $row[0] . "_array = new Array();\n"; $index = 0; - foreach($sub_result as $sub_row) { + foreach ($sub_result as $sub_row) { echo "\t" . $row[0] . "_array[" . $index . "] = new Array(\"" . $sub_row[1] . "\", " . $sub_row[0] . ");\n"; $index++; } @@ -582,9 +551,8 @@ function udf_functions_java_options($id) $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { echo ''; $id++; } @@ -595,22 +563,19 @@ function udf_functions_add_udf() { global $pdo; - if(empty($_REQUEST['table_name'])) - { - header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank') ); + if (empty($_REQUEST['table_name'])) { + header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank')); exit; } - if(empty($_REQUEST['display_name'])) - { - header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank') ); + if (empty($_REQUEST['display_name'])) { + header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank')); exit; } $table_name = str_replace(' ', '', $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $_REQUEST['table_name']); - if(!preg_match('/^\w+$/', $table_name)) - { + if (!preg_match('/^\w+$/', $table_name)) { header('Location: admin.php?last_message=Error+:+Invalid+Name+(A-Z 0-9 Only)'); exit; } @@ -620,10 +585,8 @@ function udf_functions_add_udf() $stmt = $pdo->prepare($query); $stmt->execute(array(':table_name' => $table_name)); - if ($stmt->rowCount() == 0) - { - if ($_REQUEST['field_type'] == 1 || $_REQUEST['field_type'] == 2) - { + if ($stmt->rowCount() == 0) { + if ($_REQUEST['field_type'] == 1 || $_REQUEST['field_type'] == 2) { // They have chosen Select list of Radio list // // First we add a new column in the data table @@ -631,8 +594,7 @@ function udf_functions_add_udf() $stmt = $pdo->prepare($query); $stmt->execute(array(':table_name' => $table_name)); - if (!$stmt) - { + if (!$stmt) { header('Location: admin.php?last_message=Error+:+Problem+With+Alter'); exit; } @@ -642,8 +604,7 @@ function udf_functions_add_udf() $stmt = $pdo->prepare($query); $stmt->execute(); - if (!$stmt) - { + if (!$stmt) { // If the CREATE fails, rollback the ALTER $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data DROP COLUMN $table_name"; $stmt = $pdo->prepare($query); @@ -780,13 +741,12 @@ function udf_functions_add_udf() header('Location: admin.php?last_message=Error+:+Duplicate+UDF+Name'); exit; } - } elseif ($_REQUEST['field_type'] == 3) { + } elseif ($_REQUEST['field_type'] == 3) { // The have chosen a text field $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data ADD COLUMN {$table_name} varchar(255) AFTER category"; $stmt = $pdo->prepare($query); $stmt->execute(); - if (!$stmt) - { + if (!$stmt) { header('Location: admin.php?last_message=Error+:+Problem+With+Alter'); exit; } @@ -808,8 +768,7 @@ function udf_functions_add_udf() ':display_name' => $_REQUEST['display_name'], ':field_type' => $_REQUEST['field_type'] )); - if (!$stmt) - { + if (!$stmt) { // If the INSERT fails, rollback the ALTER $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data DROP COLUMN {$table_name}"; $stmt = $pdo->prepare($query); @@ -819,9 +778,7 @@ function udf_functions_add_udf() exit; } } - } - else - { + } else { header('Location: admin.php?last_message=Error+:+Duplicate+Table+Name'); exit; } @@ -833,7 +790,7 @@ function udf_functions_delete_udf() // If we are deleting a sub-select, we have two entries to delete // , a _primary, and a _secondary - if(isset($_REQUEST['type']) && $_REQUEST['type'] == 4) { + if (isset($_REQUEST['type']) && $_REQUEST['type'] == 4) { $explode_row = explode('_', $_REQUEST['id']); $subselect_table_name = $explode_row[2]; @@ -878,8 +835,7 @@ function udf_functions_search_options() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) - { + foreach ($result as $row) { echo ''; } } @@ -904,17 +860,14 @@ function udf_functions_search($where, $query_pre, $query, $equate, $keyword) )); $row = $stmt->fetch(); - if ($row[1] == 1 || $row[1] == 2 || $row[1] == 4) - { + if ($row[1] == 1 || $row[1] == 2 || $row[1] == 4) { $query_pre .= ', ' . $row[0]; $query .= $row[0] . '.value' . $equate . '\'' . $keyword . '\''; $query .= ' AND d.' . $row[0] . ' = ' . $row[0] . '.id'; - } - elseif ($row[1] == 3) - { + } elseif ($row[1] == 3) { $query .= $row[0] . $equate . '\'' . $keyword . '\''; } return array($query_pre,$query); } -} \ No newline at end of file +} diff --git a/user.php b/user.php index c869cfd3..a25e3c7c 100644 --- a/user.php +++ b/user.php @@ -136,7 +136,8 @@ )); // INSERT into admin - $user_id = $pdo->lastInsertId();; + $user_id = $pdo->lastInsertId(); + ; if (!isset($_POST['admin'])) { $_POST['admin'] = '0'; } @@ -252,7 +253,6 @@ display_smarty_template('user_delete_pick.tpl'); draw_footer(); } elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Show User') { - $user_obj = new User($_POST['item'], $pdo); draw_header(msg('userpage_show_user') . $user_obj->getName(), $last_message); @@ -366,7 +366,6 @@ } draw_footer(); - } elseif (isset($_POST['submit']) && 'Update User' == $_POST['submit']) { // Check to make sue they are either the user being modified or an admin @@ -478,9 +477,7 @@ $last_message = urlencode(msg('message_user_successfully_updated')); header('Location: out.php?last_message=' . $last_message); - } elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'updatepick') { - draw_header(msg('userpage_modify_user'), $last_message); // Check to see if user is admin @@ -505,10 +502,9 @@ display_smarty_template('user/edit_pick.tpl'); draw_footer(); - } elseif (isset($_REQUEST['cancel']) and $_REQUEST['cancel'] == 'Cancel') { $last_message = "Action Cancelled"; header('Location: admin.php?last_message=' . $last_message); } else { header('Location: admin.php?last_message=' . urlencode('Unrecognizalbe action')); -} \ No newline at end of file +} diff --git a/view.php b/view.php index 4814ca42..7eada517 100644 --- a/view.php +++ b/view.php @@ -26,15 +26,13 @@ include_once('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if (!isset($id) || $id == '') -{ +if (!isset($id) || $id == '') { header('Location:error.php?ec=2'); exit; } @@ -46,58 +44,47 @@ $filedata = new FileData($id, $pdo); $filedata->setId($id); -if ($filedata->getError() != '') -{ +if ($filedata->getError() != '') { header('Location:error.php?ec=2'); - ob_end_flush(); // Flush buffer onto screens - ob_end_clean(); // Clean up buffer + ob_end_flush(); // Flush buffer onto screens + ob_end_clean(); // Clean up buffer exit; -} -else -{ +} else { // all checks completed /* to avoid problems with some browsers, - download script should not include parameters on the URL - so let's use a form and pass the parameters via POST + download script should not include parameters on the URL + so let's use a form and pass the parameters via POST */ // form not yet submitted // display information on how to initiate download - if (!isset($submit)) - { + if (!isset($submit)) { draw_header('View File', $last_message); $GLOBALS['smarty']->assign('file_id', $filedata->getId()); display_smarty_template('view.tpl'); - draw_footer(); - + draw_footer(); } // form submitted - begin download - else - { + else { $id = $filedata->getId(); $realname = $filedata->getName(); // get the filename $filename = $GLOBALS['CONFIG']['dataDir'] . $_POST['id'] . '.dat'; - if ( file_exists($filename) ) - { + if (file_exists($filename)) { // send headers to browser to initiate file download - header ('Content-Type: application/octet-stream'); - header ('Content-Disposition: attachment; filename='.rawurlencode($realname)); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename='.rawurlencode($realname)); readfile($filename); // Call the plugin API callPluginMethod('onViewFile'); - - } - else - { + } else { echo 'File not readable...'; } - } -} \ No newline at end of file +} diff --git a/view_file.php b/view_file.php index d433f021..776db67b 100644 --- a/view_file.php +++ b/view_file.php @@ -24,8 +24,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -34,15 +33,13 @@ $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); $request_id = $_REQUEST['id']; //save an original copy of id -if(strchr($_REQUEST['id'], '_') ) -{ - list($_REQUEST['id'], $revision_id) = explode('_' , $_REQUEST['id']); +if (strchr($_REQUEST['id'], '_')) { + list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']); $revision_dir = $GLOBALS['CONFIG']['revisionDir'] . '/'. $_REQUEST['id'] . '/'; } -if(!isset($_GET['submit'])) -{ - draw_header(msg('view') . ' ' . msg('file'),$last_message); +if (!isset($_GET['submit'])) { + draw_header(msg('view') . ' ' . msg('file'), $last_message); $file_obj = new FileData($_REQUEST['id'], $pdo); $file_name = $file_obj->getName(); $file_id = $file_obj->getId(); @@ -51,11 +48,10 @@ // Get the suffix of the file so we can look it up // in the $mimetypes array $suffix = ''; - if(strchr($realname, '.')) - { + if (strchr($realname, '.')) { // Fix by blackwes - $prefix = (substr($realname,0,(strrpos($realname,".")))); - $suffix = strtolower((substr($realname,((strrpos($realname,".")+1))))); + $prefix = (substr($realname, 0, (strrpos($realname, ".")))); + $suffix = strtolower((substr($realname, ((strrpos($realname, ".")+1))))); } $mimetype = File::mime_by_ext($suffix); @@ -66,48 +62,36 @@ // drw form display_smarty_template('view_file.tpl'); draw_footer(); -} -elseif ($_GET['submit'] == 'view') -{ +} elseif ($_GET['submit'] == 'view') { $file_obj = new FileData($_REQUEST['id'], $pdo); // Added this check to keep unauthorized users from downloading - Thanks to Chad Bloomquist checkUserPermission($_REQUEST['id'], $file_obj->READ_RIGHT, $file_obj); $realname = $file_obj->getName(); - if( isset($revision_id) ) - { + if (isset($revision_id)) { $filename = $revision_dir . $request_id . ".dat"; - } - elseif( $file_obj->isArchived() ) - { + } elseif ($file_obj->isArchived()) { $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat"; - } - else - { + } else { $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat"; } - if ( file_exists($filename) ) - { + if (file_exists($filename)) { // send headers to browser to initiate file download header('Content-Length: '.filesize($filename)); // Pass the mimetype so the browser can open it - header ('Cache-control: private'); + header('Cache-control: private'); header('Content-Type: ' . $_GET['mimetype']); header('Content-Disposition: attachment; filename="' . rawurlencode($realname) . '"'); // Apache is sending Last Modified header, so we'll do it, too $modified=filemtime($filename); - header('Last-Modified: '. date('D, j M Y G:i:s T',$modified)); // something like Thu, 03 Oct 2002 18:01:08 GMT + header('Last-Modified: '. date('D, j M Y G:i:s T', $modified)); // something like Thu, 03 Oct 2002 18:01:08 GMT readfile($filename); AccessLog::addLogEntry($_REQUEST['id'], 'V', $pdo); - } - else - { + } else { echo msg('message_file_does_not_exist'); } -} -elseif ($_GET['submit'] == 'Download') -{ +} elseif ($_GET['submit'] == 'Download') { $file_obj = new FileData($_REQUEST['id'], $pdo); // Added this check to keep unauthorized users from downloading - Thanks to Chad Bloomquist @@ -115,38 +99,27 @@ $realname = $file_obj->getName(); - if( isset($revision_id) ) - { + if (isset($revision_id)) { $filename = $revision_dir . $request_id . ".dat"; - } - elseif( $file_obj->isArchived() ) - { + } elseif ($file_obj->isArchived()) { $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat"; - } - else - { + } else { $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat"; } - if (file_exists($filename)) - { + if (file_exists($filename)) { // send headers to browser to initiate file download header('Cache-control: private'); - header ('Content-Type: '.$_GET['mimetype']); - header ('Content-Disposition: attachment; filename="' . $realname . '"'); + header('Content-Type: '.$_GET['mimetype']); + header('Content-Disposition: attachment; filename="' . $realname . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); readfile($filename); AccessLog::addLogEntry($_REQUEST['id'], 'D', $pdo); - } - else - { + } else { echo msg('message_file_does_not_exist'); } - -} -else -{ +} else { echo msg('message_nothing_to_do'); echo 'submit is ' . $_GET['submit']; -} \ No newline at end of file +}