diff --git a/history.php b/history.php index 66f29d0a..b5f55d57 100644 --- a/history.php +++ b/history.php @@ -129,7 +129,7 @@
-
' . e::h(($revision + 1)) . '
' . e::h($extra_message); + echo '
' . e::h(($revision + 1)) . '
' . e::h($extra_message); } else { echo '' . e::h($revision) . e::h($extra_message); } diff --git a/view_file.php b/view_file.php index bd6c9597..ffe5ce62 100644 --- a/view_file.php +++ b/view_file.php @@ -53,7 +53,13 @@ $prefix = (substr($realname, 0, (strrpos($realname, ".")))); $suffix = strtolower((substr($realname, ((strrpos($realname, ".")+1))))); } - + + // If we have a revision ID lets use the original + // request id that included the file id and revision number (ex. 1_0) + if (isset($revision_id)) { + $file_id = $request_id; + } + $mimetype = File::mime_by_ext($suffix); $GLOBALS['smarty']->assign('mimetype', $mimetype); @@ -93,12 +99,12 @@ } } elseif ($_GET['submit'] == 'Download') { $file_obj = new FileData($_REQUEST['id'], $pdo); - + // Added this check to keep unauthorized users from downloading - Thanks to Chad Bloomquist checkUserPermission($_REQUEST['id'], $file_obj->READ_RIGHT, $file_obj); - + $realname = $file_obj->getName(); - + if (isset($revision_id)) { $filename = $revision_dir . $request_id . ".dat"; } elseif ($file_obj->isArchived()) {