diff --git a/AccessLog_class.php b/AccessLog_class.php index cb2944f3..a25621b9 100644 --- a/AccessLog_class.php +++ b/AccessLog_class.php @@ -25,15 +25,16 @@ * @author Stephen Lawrence Jr. * @param string $accesslog */ -class AccessLog extends Plugin { - - var $accesslog=''; +class AccessLog extends Plugin +{ + public $accesslog=''; /** * AccessLog constructor for the AccessLog plugin * @param string $_accesslog Message to display */ - function AccessLog($_accesslog='') { + public function AccessLog($_accesslog='') + { $this->name = 'AccessLog'; $this->author = 'Stephen Lawrence Jr'; $this->version = '1.0'; @@ -46,14 +47,16 @@ function AccessLog($_accesslog='') { /** * @param string $_var The string to display */ - function setAccessLog($_var) { + public function setAccessLog($_var) + { $this->accesslog = $_var; } /** * @returns string $var Get the value of accesslog var */ - function getAccessLog() { + public function getAccessLog() + { $var = $this->accesslog; return $var; } @@ -62,7 +65,7 @@ function getAccessLog() { * Draw the admin menu * Required if you want an admin menu to show for your plugin */ - function onAdminMenu() + public function onAdminMenu() { $curdir = dirname(__FILE__); $GLOBALS['smarty']->display('file:' . $curdir . '/templates/accesslog.tpl'); @@ -74,10 +77,9 @@ function onAdminMenu() * @param string $type The type of entry to describe what happened * @param PDO $pdo */ - static function addLogEntry($fileId, $type, PDO $pdo) + public static function addLogEntry($fileId, $type, PDO $pdo) { - if ($fileId == 0) - { + if ($fileId == 0) { global $id; $fileId = $id; } @@ -91,7 +93,5 @@ static function addLogEntry($fileId, $type, PDO $pdo) ':type' => $type ) ); - } - -} \ No newline at end of file +} diff --git a/Category_class.php b/Category_class.php index 1161b2e7..b4292241 100644 --- a/Category_class.php +++ b/Category_class.php @@ -17,8 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if (!defined('Category_class')) -{ +if (!defined('Category_class')) { define('Category_class', 'true', false); class Category @@ -36,12 +35,10 @@ public static function getAllCategories(PDO $pdo) $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $categoryListArray[] = $row; } return $categoryListArray; } - } - } diff --git a/Department_class.php b/Department_class.php index 608e2ca2..c081223d 100644 --- a/Department_class.php +++ b/Department_class.php @@ -21,8 +21,7 @@ class. The only difference is that it provides it's own constructor to handle i Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('Department_class') ) -{ +if (!defined('Department_class')) { define('Department_class', 'true', false); class Department extends databaseData { @@ -31,7 +30,7 @@ class Department extends databaseData * @param int $id * @param PDO $connection */ - function Department($id, PDO $connection) + public function Department($id, PDO $connection) { $this->field_name = 'name'; $this->field_id = 'id'; @@ -47,7 +46,7 @@ function Department($id, PDO $connection) * @param PDO $pdo * @returns array */ - static function getAllDepartments(PDO $pdo) + public static function getAllDepartments(PDO $pdo) { $departments = array(); $query = "SELECT name, id FROM {$GLOBALS['CONFIG']['db_prefix']}department ORDER by name"; @@ -63,7 +62,5 @@ static function getAllDepartments(PDO $pdo) } return $departments; } - - } - } +} diff --git a/Dept_Perms_class.php b/Dept_Perms_class.php index d9eded46..2f41ef35 100644 --- a/Dept_Perms_class.php +++ b/Dept_Perms_class.php @@ -18,35 +18,34 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('Dept_Perms_class') ) -{ +if (!defined('Dept_Perms_class')) { define('Dept_Perms_class', 'true'); class Dept_Perms extends databaseData { - var $fid; - var $id; - var $rights; - var $file_obj; - var $error; - var $chosen_mode; + public $fid; + public $id; + public $rights; + public $file_obj; + public $error; + public $chosen_mode; protected $connection; - var $error_flag = FALSE; + public $error_flag = false; - var $NONE_RIGHT = 0; - var $VIEW_RIGHT = 1; - var $READ_RIGHT = 2; - var $WRITE_RIGHT = 3; - var $ADMIN_RIGHT = 4; - var $FORBIDDEN_RIGHT = -1; - var $USER_MODE = 0; - var $FILE_MODE = 1; + public $NONE_RIGHT = 0; + public $VIEW_RIGHT = 1; + public $READ_RIGHT = 2; + public $WRITE_RIGHT = 3; + public $ADMIN_RIGHT = 4; + public $FORBIDDEN_RIGHT = -1; + public $USER_MODE = 0; + public $FILE_MODE = 1; /** * @param int $id * @param PDO $connection */ - function Dept_Perms($id, PDO $connection) + public function Dept_Perms($id, PDO $connection) { // this can be fid or uid $this->id = $id; @@ -57,7 +56,7 @@ function Dept_Perms($id, PDO $connection) * @param bool $limit * @return array */ - function getCurrentViewOnly($limit = true) + public function getCurrentViewOnly($limit = true) { return $this->loadData_UserPerm($this->VIEW_RIGHT, $limit); } @@ -66,7 +65,7 @@ function getCurrentViewOnly($limit = true) * @param bool $limit * @return array */ - function getCurrentNoneRight($limit = true) + public function getCurrentNoneRight($limit = true) { return $this->loadData_UserPerm($this->NONE_RIGHT, $limit); } @@ -75,7 +74,7 @@ function getCurrentNoneRight($limit = true) * @param bool $limit * @return array */ - function getCurrentReadRight($limit = true) + public function getCurrentReadRight($limit = true) { return $this->loadData_UserPerm($this->READ_RIGHT, $limit); } @@ -84,7 +83,7 @@ function getCurrentReadRight($limit = true) * @param bool $limit * @return array */ - function getCurrentWriteRight($limit = true) + public function getCurrentWriteRight($limit = true) { return $this->loadData_UserPerm($this->WRITE_RIGHT, $limit); } @@ -93,7 +92,7 @@ function getCurrentWriteRight($limit = true) * @param bool $limit * @return array */ - function getCurrentAdminRight($limit = true) + public function getCurrentAdminRight($limit = true) { return $this->loadData_UserPerm($this->ADMIN_RIGHT, $limit); } @@ -101,7 +100,7 @@ function getCurrentAdminRight($limit = true) /** * @return int */ - function getId() + public function getId() { return $this->id; } @@ -112,7 +111,7 @@ function getId() * @param bool $limit * @return array */ - function loadData_UserPerm($right, $limit = true) + public function loadData_UserPerm($right, $limit = true) { $limit_query = ($limit) ? "LIMIT {$GLOBALS['CONFIG']['max_query']}" : ''; @@ -145,21 +144,17 @@ function loadData_UserPerm($right, $limit = true) * @param int $data_id * @return bool */ - function canView($data_id) + public function canView($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or - //if this file is publishable - if(!$this->isForbidden($data_id) and $filedata->isPublishable() ) - { + //if this file is publishable + if (!$this->isForbidden($data_id) and $filedata->isPublishable()) { // return whether or not this deptartment can view the file - if($this->canDept($data_id, $this->VIEW_RIGHT)) - { + if ($this->canDept($data_id, $this->VIEW_RIGHT)) { return true; - } - else - { + } else { false; } } @@ -172,21 +167,17 @@ function canView($data_id) * @param int $data_id * @return bool */ - function canRead($data_id) + public function canRead($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or - //if this file is publishable - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { + //if this file is publishable + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { // return whether or not this deptartment can read the file - if($this->canDept($data_id, $this->READ_RIGHT) or !$filedata->isPublishable($data_id) ) - { + if ($this->canDept($data_id, $this->READ_RIGHT) or !$filedata->isPublishable($data_id)) { return true; - } - else - { + } else { false; } } @@ -199,25 +190,20 @@ function canRead($data_id) * @param int $data_id * @return bool */ - function canWrite($data_id) + public function canWrite($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or //if this file is publishable - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { // return whether or not this deptartment can modify the file - if($this->canDept($data_id, $this->WRITE_RIGHT)) - { + if ($this->canDept($data_id, $this->WRITE_RIGHT)) { return true; - } - else - { + } else { false; } } - } /** @@ -226,25 +212,20 @@ function canWrite($data_id) * @param int $data_id * @return bool */ - function canAdmin($data_id) + public function canAdmin($data_id) { $filedata = new FileData($data_id, $this->connection); //check to see if this department doesn't have a forbidden right or - //if this file is publishable - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { + //if this file is publishable + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { // return whether or not this deptartment can admin the file - if($this->canDept($data_id, $this->ADMIN_RIGHT)) - { + if ($this->canDept($data_id, $this->ADMIN_RIGHT)) { return true; - } - else - { + } else { false; } } - } /** @@ -252,7 +233,7 @@ function canAdmin($data_id) * @param int $data_id * @return bool */ - function isForbidden($data_id) + public function isForbidden($data_id) { $this->error_flag = true; // reset flag $query = " @@ -272,19 +253,13 @@ function isForbidden($data_id) )); $result = $stmt->fetch(); - if($stmt->rowCount() == 1) - { - if($result['rights'] == $this->FORBIDDEN_RIGHT) - { + if ($stmt->rowCount() == 1) { + if ($result['rights'] == $this->FORBIDDEN_RIGHT) { return true; - } - else - { + } else { return false; } - } - else - { + } else { $this->error = "Non-unique database entry found in $this->TABLE_DEPT_PERMS"; $this->error_flag = false; return 0; @@ -298,7 +273,7 @@ function isForbidden($data_id) * @param int $right * @return bool */ - function canDept($data_id, $right) + public function canDept($data_id, $right) { $query = " SELECT @@ -320,8 +295,7 @@ function canDept($data_id, $right) )); $num_results = $stmt->rowCount(); - switch($num_results) - { + switch ($num_results) { case 1: return true; break; case 0: return false; @@ -336,9 +310,8 @@ function canDept($data_id, $right) * @param int $data_id * @return int|string */ - function getPermission($data_id) + public function getPermission($data_id) { - $query = " SELECT rights @@ -356,19 +329,14 @@ function getPermission($data_id) $results = $stmt->fetch(); $num_results = $stmt->rowCount(); - if($num_results == 1) - { + if ($num_results == 1) { $permission = $results['rights']; return $permission; - } - else if ($num_results == 0) - { + } elseif ($num_results == 0) { return 0; - } - else - { + } else { return 'Non-unique error'; } } } -} \ No newline at end of file +} diff --git a/Email_class.php b/Email_class.php index b7fb39e3..30d050b3 100644 --- a/Email_class.php +++ b/Email_class.php @@ -28,9 +28,8 @@ class Email /* * Constructor */ - function Email () + public function Email() { - } /** @@ -38,7 +37,7 @@ function Email () */ public function getFullName() { - if(!isset($this->full_name)){ + if (!isset($this->full_name)) { return false; } return $this->full_name; @@ -64,7 +63,7 @@ public function getFrom() * @param string $from */ public function setFrom($from) - { + { $this->from = $from; } @@ -133,8 +132,8 @@ public function getRecipients() * @return bool */ public function setRecipients($recipients) - { - if(!is_array($recipients)) { + { + if (!is_array($recipients)) { return false; } $this->recipients = $recipients; @@ -151,5 +150,4 @@ public function sendEmail() } return true; } - } diff --git a/FileData_class.php b/FileData_class.php index 48488e9d..7c7463b2 100644 --- a/FileData_class.php +++ b/FileData_class.php @@ -18,48 +18,47 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('FileData_class') ) -{ +if (!defined('FileData_class')) { define('FileData_class', 'true', false); /* - mysql> describe data; - +-------------------+----------------------+------+-----+---------------------+----------------+ - | id | smallint(5) unsigned | | PRI | NULL | auto_increment | - | category | tinyint(4) unsigned | | | 0 | | - | owner | tinyint(4) unsigned | | | 0 | | - | realname | varchar(255) | | | | | - | created | datetime | | | 0000-00-00 00:00:00 | | - | description | varchar(255) | YES | | NULL | | - | comment | varchar(255) | | | | | - | status | tinyint(4) unsigned | | | 0 | | - | department | tinyint(4) | | | 0 | | - | default_rights | int(4) | YES | | NULL | | - | publishable | int(4) | YES | | NULL | | - | reviewer | int(4) | YES | | NULL | | - | reviewer_comments | varchar(255) | YES | | NULL | | - +-------------------+----------------------+------+-----+---------------------+----------------+ + mysql> describe data; + +-------------------+----------------------+------+-----+---------------------+----------------+ + | id | smallint(5) unsigned | | PRI | NULL | auto_increment | + | category | tinyint(4) unsigned | | | 0 | | + | owner | tinyint(4) unsigned | | | 0 | | + | realname | varchar(255) | | | | | + | created | datetime | | | 0000-00-00 00:00:00 | | + | description | varchar(255) | YES | | NULL | | + | comment | varchar(255) | | | | | + | status | tinyint(4) unsigned | | | 0 | | + | department | tinyint(4) | | | 0 | | + | default_rights | int(4) | YES | | NULL | | + | publishable | int(4) | YES | | NULL | | + | reviewer | int(4) | YES | | NULL | | + | reviewer_comments | varchar(255) | YES | | NULL | | + +-------------------+----------------------+------+-----+---------------------+----------------+ */ class FileData extends databaseData { - var $category; - var $owner; - var $created_date; - var $description; - var $comment; - var $status; - var $department; - var $default_rights; - var $view_users; - var $read_users; - var $write_users; - var $admin_users; - var $filesize; - var $isLocked; + public $category; + public $owner; + public $created_date; + public $description; + public $comment; + public $status; + public $department; + public $default_rights; + public $view_users; + public $read_users; + public $write_users; + public $admin_users; + public $filesize; + public $isLocked; protected $connection; - function FileData($id, $connection) + public function FileData($id, $connection) { $this->field_name = 'realname'; $this->field_id = 'id'; @@ -75,7 +74,7 @@ function FileData($id, $connection) * Return a boolean whether this file exists * @return bool|string */ - function exists() + public function exists() { $query = " SELECT @@ -88,8 +87,7 @@ function exists() $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $this->id)); - switch($stmt->rowCount()) - { + switch ($stmt->rowCount()) { case 1: return true; break; case 0: return false; @@ -104,9 +102,8 @@ function exists() * This is a more complex version of base class's loadData. * This function loads up all the fields in data table */ - function loadData() + public function loadData() { - $query = " SELECT category, @@ -127,8 +124,8 @@ function loadData() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchAll(); - if( $stmt->rowCount() == $this->result_limit ) { - foreach($result as $row) { + if ($stmt->rowCount() == $this->result_limit) { + foreach ($result as $row) { $this->category = $row['category']; $this->owner = $row['owner']; $this->created_date = $row['created']; @@ -147,7 +144,7 @@ function loadData() /** * Update the dynamic values of the file */ - function updateData() + public function updateData() { $query = " UPDATE @@ -181,7 +178,7 @@ function updateData() * return filesize * @return mixed */ - function getFileSize() + public function getFileSize() { return $this->filesize; } @@ -190,7 +187,7 @@ function getFileSize() * return this file's category id * @return int */ - function getCategory() + public function getCategory() { return $this->category; } @@ -198,7 +195,7 @@ function getCategory() /** * @param int $value */ - function setCategory($value) + public function setCategory($value) { $this->category = $value; } @@ -207,9 +204,8 @@ function setCategory($value) * return this file's category name * @return string */ - function getCategoryName() + public function getCategoryName() { - $query = " SELECT name @@ -232,7 +228,7 @@ function getCategoryName() * @param int $uid * @return bool */ - function isOwner($uid) + public function isOwner($uid) { return ($this->getOwner() == $uid); } @@ -241,7 +237,7 @@ function isOwner($uid) * return the ID of the owner of this file * @return int */ - function getOwner() + public function getOwner() { return $this->owner; } @@ -250,7 +246,7 @@ function getOwner() * set the user_id of the file * @param int $value */ - function setOwner($value) + public function setOwner($value) { $this->owner = $value; } @@ -259,7 +255,7 @@ function setOwner($value) * return the username of the owner * @return mixed */ - function getOwnerName() + public function getOwnerName() { $user_obj = new User($this->owner, $this->connection); return $user_obj->getName(); @@ -270,7 +266,7 @@ function getOwnerName() * and index=1 corresponds to the first name * @return mixed */ - function getOwnerFullName() + public function getOwnerFullName() { $user_obj = new User($this->owner, $this->connection); return $user_obj->getFullName(); @@ -282,7 +278,7 @@ function getOwnerFullName() * the file's department will not be the same as it's owner's. * @return string */ - function getOwnerDeptId() + public function getOwnerDeptId() { $user_obj = new User($this->getOwner(), $this->connection); return $user_obj->getDeptId(); @@ -293,7 +289,7 @@ function getOwnerDeptId() * the department name instead of department id * @return string */ - function getOwnerDeptName() + public function getOwnerDeptName() { $user_obj = new User($this->getOwner(), $this->connection); return $user_obj->getDeptName(); @@ -303,7 +299,7 @@ function getOwnerDeptName() * return file description * @return string */ - function getDescription() + public function getDescription() { return $this->description; } @@ -311,7 +307,7 @@ function getDescription() /** * @param string $value */ - function setDescription($value) + public function setDescription($value) { $this->description = $value; } @@ -319,7 +315,7 @@ function setDescription($value) /** * @return int */ - function getDefaultRights() + public function getDefaultRights() { return $this->default_rights; } @@ -327,7 +323,7 @@ function getDefaultRights() /** * @param int $value */ - function setDefaultRights($value) + public function setDefaultRights($value) { $this->default_rights = $value; } @@ -336,7 +332,7 @@ function setDefaultRights($value) * return file commnents * @return mixed */ - function getComment() + public function getComment() { return $this->comment; } @@ -344,7 +340,7 @@ function getComment() /** * @param string $value */ - function setComment($value) + public function setComment($value) { $this->comment = $value; } @@ -353,7 +349,7 @@ function setComment($value) * return the status of the file * @return int */ - function getStatus() + public function getStatus() { return $this->status; } @@ -361,7 +357,7 @@ function getStatus() /** * @param int $status Status of file */ - function setStatus($status) + public function setStatus($status) { $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA set status = :status where id = :id"; $stmt = $this->connection->prepare($query); @@ -375,7 +371,7 @@ function setStatus($status) * return a User OBJ of the person who checked out this file * @return User */ - function getCheckerOBJ() + public function getCheckerOBJ() { $user = new User($this->status, $this->connection); return $user; @@ -385,7 +381,7 @@ function getCheckerOBJ() * return the department ID of the file * @return int */ - function getDepartment() + public function getDepartment() { return $this->department; } @@ -393,7 +389,7 @@ function getDepartment() /** * @param int $value */ - function setDepartment($value) + public function setDepartment($value) { $this->department = $value; } @@ -402,15 +398,14 @@ function setDepartment($value) * return the name of the department of the file * @return string */ - function getDeptName() + public function getDeptName() { $query = "SELECT name FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPARTMENT WHERE id = :department_id"; $stmt = $this->connection->prepare($query); $stmt->execute(array(':department_id' => $this->getDepartment())); $result = $stmt->fetchColumn(); - if ($stmt->rowCount() == 0) - { + if ($stmt->rowCount() == 0) { echo('ERROR: No database entry exists in department table for ID = '.$this->getDepartment().'.'); return "ERROR"; //exit; @@ -423,7 +418,7 @@ function getDeptName() * return the date that the file was created * @return string */ - function getCreatedDate() + public function getCreatedDate() { return $this->created_date; } @@ -432,9 +427,8 @@ function getCreatedDate() * return the latest modifying date on the file * @return string */ - function getModifiedDate() + public function getModifiedDate() { - $query = "SELECT modified_on FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_LOG WHERE id = :id ORDER BY modified_on DESC limit 1"; $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $this->id)); @@ -448,7 +442,7 @@ function getModifiedDate() * return the realname of the file * @return string */ - function getRealName() + public function getRealName() { return databaseData::getName(); } @@ -458,7 +452,7 @@ function getRealName() * @param int $dept_id * @return int */ - function getDeptRights($dept_id) + public function getDeptRights($dept_id) { $query = " SELECT @@ -485,11 +479,10 @@ function getDeptRights($dept_id) * @param array $uid_array * @return array */ - function toUserOBJs($uid_array) + public function toUserOBJs($uid_array) { $UserOBJ_array = array(); - for($i = 0; $iconnection); } return $UserOBJ_array; @@ -499,7 +492,7 @@ function toUserOBJs($uid_array) * Return a boolean on whether or not this file is publishable * @return string */ - function isPublishable() + public function isPublishable() { $query = " SELECT @@ -513,8 +506,7 @@ function isPublishable() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); - if($stmt->rowCount() != 1) - { + if ($stmt->rowCount() != 1) { echo('DB error. Unable to locate file id ' . $this->id . ' in table '.$GLOBALS['CONFIG']['db_prefix'].'data. Please contact ' . $GLOBALS['CONFIG']['site_mail'] . 'for help'); exit; } @@ -525,7 +517,7 @@ function isPublishable() /** * @return bool */ - function isArchived() + public function isArchived() { $query = " SELECT @@ -539,8 +531,7 @@ function isArchived() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); - if($stmt->rowCount() != 1) - { + if ($stmt->rowCount() != 1) { echo('DB error. Unable to locate file id ' . $this->id . ' in table '.$GLOBALS['CONFIG']['db_prefix'].'data. Please contact ' . $GLOBALS['CONFIG']['site_mail'] . 'for help'); exit; } @@ -552,7 +543,7 @@ function isArchived() * This function sets the publishable field in the data table to $boolean * @param bool $boolean */ - function Publishable($boolean = true) + public function Publishable($boolean = true) { $query = " UPDATE @@ -569,14 +560,13 @@ function Publishable($boolean = true) ':uid' => $_SESSION['uid'], ':id' => $this->id )); - } /** * return the user id of the reviewer * @return int */ - function getReviewerID() + public function getReviewerID() { $query = " SELECT @@ -597,11 +587,10 @@ function getReviewerID() * return the username of the reviewer * @return bool */ - function getReviewerName() + public function getReviewerName() { $reviewer_id = $this->getReviewerID(); - if(isset($reviewer_id)) - { + if (isset($reviewer_id)) { $user_obj = new User($reviewer_id, $this->connection); return $user_obj->getName(); } @@ -612,7 +601,7 @@ function getReviewerName() * Set $comments into the reviewer comment field in the DB * @param $comments */ - function setReviewerComments($comments) + public function setReviewerComments($comments) { $query = " UPDATE @@ -627,7 +616,6 @@ function setReviewerComments($comments) ':comments' => $comments, ':id' => $this->id )); - } @@ -635,9 +623,8 @@ function setReviewerComments($comments) * Return the reviewers' comment toward this file * @return string */ - function getReviewerComments() + public function getReviewerComments() { - $query = " SELECT reviewer_comments @@ -656,7 +643,7 @@ function getReviewerComments() /** * */ - function temp_delete() + public function temp_delete() { $query = " UPDATE @@ -673,7 +660,7 @@ function temp_delete() /** * */ - function undelete() + public function undelete() { $query = " UPDATE @@ -690,9 +677,9 @@ function undelete() /** * @return bool */ - function isLocked() + public function isLocked() { return $this->isLocked; } } -} \ No newline at end of file +} diff --git a/FileTypes_class.php b/FileTypes_class.php index 08f25a4c..d2192780 100644 --- a/FileTypes_class.php +++ b/FileTypes_class.php @@ -18,8 +18,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('FileTypes_class') ) -{ +if (!defined('FileTypes_class')) { define('FileTypes_class', 'true', false); /** @@ -27,10 +26,10 @@ */ class FileTypes_class { - protected $connection; - public function FileTypes_class(PDO $pdo) { + public function FileTypes_class(PDO $pdo) + { $this->connection = $pdo; } @@ -38,9 +37,8 @@ public function FileTypes_class(PDO $pdo) { * Get value for a specific file type based on the key * @param string $data */ - function get($data) + public function get($data) { - } /** @@ -48,7 +46,7 @@ function get($data) * @param string $data * @return bool */ - function add($data) + public function add($data) { $query = " INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}filetypes @@ -59,7 +57,7 @@ function add($data) $stmt = $this->connection->prepare($query); $stmt->execute(array(':data' => $data['filetype'])); - return TRUE; + return true; } /** @@ -67,7 +65,7 @@ function add($data) * @param array $data Array of values to be saved ($key,$value) * @return bool */ - function save($data) + public function save($data) { // First, uncheck all status values $query = " @@ -91,9 +89,8 @@ function save($data) "; $stmt = $this->connection->prepare($query2); $stmt->execute(array(':value' => $value)); - } - return TRUE; + return true; } return false; } @@ -101,7 +98,7 @@ function save($data) /** * Load active file types into a global array */ - function load() + public function load() { $GLOBALS['CONFIG']['allowedFileTypes'] = array(); $query = " @@ -116,7 +113,7 @@ function load() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { array_push($GLOBALS['CONFIG']['allowedFileTypes'], $row['type']); } } @@ -124,7 +121,7 @@ function load() /* * Show the file types edit form */ - function edit() + public function edit() { $filetypes_arr = array(); $query = " @@ -137,18 +134,18 @@ function edit() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $filetypes_arr[] = $row; } - $GLOBALS['smarty']->assign('filetypes_array',$filetypes_arr); + $GLOBALS['smarty']->assign('filetypes_array', $filetypes_arr); display_smarty_template('filetypes.tpl'); } /* * Show the form in order to Delete a filetype */ - function deleteSelect() + public function deleteSelect() { $filetypes_arr = array(); $query = " @@ -161,18 +158,17 @@ function deleteSelect() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $filetypes_arr[] = $row; } - $GLOBALS['smarty']->assign('filetypes_array',$filetypes_arr); + $GLOBALS['smarty']->assign('filetypes_array', $filetypes_arr); display_smarty_template('filetypes_deleteshow.tpl'); } - function delete($data) + public function delete($data) { - foreach($data['types'] as $id) - { + foreach ($data['types'] as $id) { $query = " DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}filetypes @@ -182,7 +178,7 @@ function delete($data) $stmt = $this->connection->prepare($query); $stmt->execute(array(':id' => $id)); } - return TRUE; + return true; } } } diff --git a/Plugin_class.php b/Plugin_class.php index f6188c50..88356b3f 100644 --- a/Plugin_class.php +++ b/Plugin_class.php @@ -21,17 +21,16 @@ * * @author Stephen J. Lawrence Jr. */ -class Plugin +class Plugin { - - var $name = ''; - var $version = ''; - var $author = ''; - var $homepage = ''; - var $description = ''; - var $pluginslist = ''; + public $name = ''; + public $version = ''; + public $author = ''; + public $homepage = ''; + public $description = ''; + public $pluginslist = ''; - function Plugin() + public function Plugin() { $name = $this->name; $version = $this->version; @@ -46,16 +45,13 @@ function Plugin() * INCLUDE ALL PLUGINS * @return array $pluginslist An array of plugin names currently in the plug-ins folder */ - function getPluginsList() + public function getPluginsList() { $pluginslist = array(); $curdir = dirname(__FILE__); - if ($handle = opendir($curdir . '/plug-ins')) - { - while (false !== ($file = readdir($handle))) - { - if ($file != 'index.html' && $file != '.htaccess' && $file != "." && $file != ".." && $file != '.svn' && $file != '.git' && is_file('plug-ins/' . $file . '/' . $file . '_class.php')) - { + if ($handle = opendir($curdir . '/plug-ins')) { + while (false !== ($file = readdir($handle))) { + if ($file != 'index.html' && $file != '.htaccess' && $file != "." && $file != ".." && $file != '.svn' && is_file('plug-ins/' . $file . '/' . $file . '_class.php')) { array_push($pluginslist, $file); } } @@ -67,7 +63,7 @@ function getPluginsList() /* * Set the value for the pluginslist variable */ - function setPluginsList($var) + public function setPluginsList($var) { $this->pluginslist = $var; } @@ -76,10 +72,9 @@ function setPluginsList($var) * Include all the plugin class files * @return true */ - function loadPlugins() + public function loadPlugins() { - foreach($this->getPluginsList() as $file) - { + foreach ($this->getPluginsList() as $file) { include_once('plug-ins/' . $file . '/' . $file . '_class.php'); } return true; @@ -88,150 +83,206 @@ function loadPlugins() /* * This function allows for new admin menu items to display for your plugin */ - function onAdminMenu() {} + public function onAdminMenu() + { + } /* * This function is run on the Add File page */ - function onBeforeAdd() {} + public function onBeforeAdd() + { + } /* * This function is run on while the file is being added to the database */ - function onDuringAdd($fileid) {} + public function onDuringAdd($fileid) + { + } /* * This function is run after a new file is added */ - function onAfterAdd($fileid) {} + public function onAfterAdd($fileid) + { + } /* * This function is run before the edit file form is finished being rendered */ - function onBeforeEditFile($fileid) {} + public function onBeforeEditFile($fileid) + { + } /* * This function is run after the user saves and change to a file */ - function onAfterEditFile($fileid) {} + public function onAfterEditFile($fileid) + { + } /* * This function is run after the user deletes a file (aka archive) */ - function onAfterArchiveFile() {} + public function onAfterArchiveFile() + { + } /* * This function is run after the admin permanently deletes a file */ - function onAfterDeleteFile() {} + public function onAfterDeleteFile() + { + } /* * This function is run before a user is logged in */ - function onBeforeLogin() {} + public function onBeforeLogin() + { + } /* * This function is run after a user is logged in */ - function onAfterLogin() {} + public function onAfterLogin() + { + } /* * This function is run after the user session is cleared */ - function onAfterLogout(){} + public function onAfterLogout() + { + } /* * This function is called after a failed login */ - function onFailedLogin(){} + public function onFailedLogin() + { + } /* * This function is called after the user views a file */ - function onViewFile() {} + public function onViewFile() + { + } /* * This function is performed after a search has been initiated */ - function onSearch() {} + public function onSearch() + { + } /* * This function is run at the top of the add user form */ - function onBeforeAddUser() {} + public function onBeforeAddUser() + { + } /* * This function is run after the add user form is saved */ - function onAfterAddUser() {} + public function onAfterAddUser() + { + } /* * This function allows for setting of class settings */ - function setProperties(){} + public function setProperties() + { + } /* * This function allows for getting of class settings */ - function getProperties(){} + public function getProperties() + { + } /* * This function is run during the details view */ - function onDuringDetails($fileid){} + public function onDuringDetails($fileid) + { + } /* * This function is run after the details view */ - function onAfterDetails($fileid){} + public function onAfterDetails($fileid) + { + } /* * This function is run before the file list view */ - function onBeforeListFiles($fileList){} + public function onBeforeListFiles($fileList) + { + } /* * This function is run after the file list view is drawn */ - function onAfterListFiles() {} + public function onAfterListFiles() + { + } /* * This function is run before the edited file object is saved to the db */ - function onBeforeEditFileSaved() {} + public function onBeforeEditFileSaved() + { + } /* * This function is run while the add department form is being drawn */ - function onDepartmentAddForm() {} + public function onDepartmentAddForm() + { + } /* * This function is run while the edit department form is being drawn * @param int $deptId The ID for the department being edited */ - function onDepartmentEditForm($deptId) {} + public function onDepartmentEditForm($deptId) + { + } /* * This function is run while the edit department form is being drawn * @param array $formData The _REQUEST passed in */ - function onDepartmentModifySave($formData) {} + public function onDepartmentModifySave($formData) + { + } /* * This function is run while the add department form is being submitted * @param int $deptId The new department ID */ - function onDepartmentAddSave($deptId) {} + public function onDepartmentAddSave($deptId) + { + } /* * This function is run after the file history page is displayed * @param int $file_id The new file id */ - function onAfterHistory($file_id) {} + public function onAfterHistory($file_id) + { + } } diff --git a/Reviewer_class.php b/Reviewer_class.php index 5d79da96..05d5b6cf 100644 --- a/Reviewer_class.php +++ b/Reviewer_class.php @@ -20,12 +20,12 @@ class Reviewer extends databaseData { protected $connection; - function Reviewer ($id, PDO $pdo) + public function Reviewer($id, PDO $pdo) { $this->id = $id; $this->connection = $pdo; } - function getReviewersForDepartment($dept_id) + public function getReviewersForDepartment($dept_id) { $reviewers = array(); $query = " @@ -49,12 +49,11 @@ function getReviewersForDepartment($dept_id) } $count = 0; - foreach($result as $row) { + foreach ($result as $row) { $reviewers[$count] = $row['user_id']; $count++; } return $reviewers; } - } diff --git a/Settings_class.php b/Settings_class.php index 0e08a912..88c59629 100644 --- a/Settings_class.php +++ b/Settings_class.php @@ -18,8 +18,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('Settings_class') ) -{ +if (!defined('Settings_class')) { define('Settings_class', 'true', false); /** @@ -31,7 +30,8 @@ class Settings { protected $connection; - public function Settings(PDO $pdo){ + public function Settings(PDO $pdo) + { $this->connection = $pdo; } @@ -39,9 +39,8 @@ public function Settings(PDO $pdo){ * Get value for a specific setting based on the key * @param string $key */ - function get($key) + public function get($key) { - } /** @@ -49,10 +48,9 @@ function get($key) * @param array $data Array of values to be saved ($key,$value) * @return bool */ - function save($data) + public function save($data) { - foreach ($data as $key=>$value) - { + foreach ($data as $key=>$value) { $query = " UPDATE {$GLOBALS['CONFIG']['db_prefix']}settings @@ -65,7 +63,6 @@ function save($data) ':value' => $value, ':key' => $key )); - } return true; } @@ -73,7 +70,7 @@ function save($data) * Load settings to an array * return array */ - function load() + public function load() { $query = " SELECT @@ -89,13 +86,12 @@ function load() foreach ($result as $row) { $GLOBALS['CONFIG'][$row['name']] = $row['value']; } - } /** * Show the settings edit form */ - function edit() + public function edit() { $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}settings"; $stmt = $this->connection->prepare($query); @@ -114,7 +110,7 @@ function edit() * @param string $key The name of the setting to be tested * @param string $value The value of the setting to be tested */ - function validate($key, $value) + public function validate($key, $value) { // NOT IMPLEMENTED } @@ -123,35 +119,32 @@ function validate($key, $value) * This function will return an array of the possible theme names found in the /templates folder * for use in the settings form */ - function getThemes() + public function getThemes() { - $themes = $this->getFolders( ABSPATH . 'templates'); + $themes = $this->getFolders(ABSPATH . 'templates'); return $themes; } /** * @return mixed */ - function getLanguages() + public function getLanguages() { - $languages = $this->getFolders( ABSPATH . 'includes/language'); - return str_replace('.php','',$languages); + $languages = $this->getFolders(ABSPATH . 'includes/language'); + return str_replace('.php', '', $languages); } /** * @param string $path * @return array */ - function getFolders($path = '.') + public function getFolders($path = '.') { $file_list=array(); - if ($handle = opendir($path)) - { - while (false !== ($file = readdir($handle))) - { + if ($handle = opendir($path)) { + while (false !== ($file = readdir($handle))) { // Filter out any other types of folders that might be in here - if ($file != "." && $file != ".." && $file != ".svn" && $file != 'README' && $file != 'sync.sh' && $file != 'common' && $file != 'DataTables') - { + if ($file != "." && $file != ".." && $file != ".svn" && $file != 'README' && $file != 'sync.sh' && $file != 'common' && $file != 'DataTables') { array_push($file_list, $file); } } @@ -164,7 +157,7 @@ function getFolders($path = '.') * Return an array of user names * @return array */ - function getUserIdNums() + public function getUserIdNums() { $query = " SELECT @@ -180,5 +173,25 @@ function getUserIdNums() return $result; } + public static function get_db_version($prefix = '') + { + global $pdo; + if(empty($prefix)) { + $prefix = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix']; + } + $query1 = "SHOW TABLES LIKE :table"; + $stmt = $pdo->prepare($query1); + $stmt->execute(array(':table' => $prefix . 'odmsys')); + + if ($stmt->rowCount() > 0) { + $query2 = "SELECT sys_value from {$prefix}odmsys WHERE sys_name='version'"; + $stmt = $pdo->prepare($query2); + $stmt->execute(); + $result_array = $stmt->fetch(); + } + + $db_version = (!empty($result_array['sys_value']) ? $result_array['sys_value'] : 'Unknown'); + return $db_version; + } } } diff --git a/UserPermission_class.php b/UserPermission_class.php index 98a1f8f5..24e312a2 100644 --- a/UserPermission_class.php +++ b/UserPermission_class.php @@ -18,29 +18,28 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('UserPermission_class') ) -{ +if (!defined('UserPermission_class')) { define('UserPermission_class', 'true', false); class UserPermission extends databaseData { - var $connection; - var $uid; - var $user_obj; - var $user_perms_obj; - var $dept_perms_obj; - var $FORBIDDEN_RIGHT; - var $NONE_RIGHT; - var $VIEW_RIGHT; - var $READ_RIGHT; - var $WRITE_RIGHT; - var $ADMIN_RIGHT; + public $connection; + public $uid; + public $user_obj; + public $user_perms_obj; + public $dept_perms_obj; + public $FORBIDDEN_RIGHT; + public $NONE_RIGHT; + public $VIEW_RIGHT; + public $READ_RIGHT; + public $WRITE_RIGHT; + public $ADMIN_RIGHT; /** * @param int $uid * @param PDO $connection */ - function UserPermission($uid, PDO $connection) + public function UserPermission($uid, PDO $connection) { $this->uid = $uid; $this->connection = $connection; @@ -60,13 +59,13 @@ function UserPermission($uid, PDO $connection) * @param bool $limit * @return array */ - function getAllowedFileIds($limit) + public function getAllowedFileIds($limit) { $viewable_array = $this->getViewableFileIds($limit); $readable_array = $this->getReadableFileIds($limit); $writeable_array = $this->getWriteableFileIds($limit); $adminable_array = $this->getAdminableFileIds($limit); - $result_array = array_values( array_unique( array_merge($viewable_array, $readable_array, $writeable_array, $adminable_array) ) ); + $result_array = array_values(array_unique(array_merge($viewable_array, $readable_array, $writeable_array, $adminable_array))); return $result_array; } @@ -75,16 +74,16 @@ function getAllowedFileIds($limit) * @param bool $limit * @return array */ - function getAllowedFileOBJs($limit = true) + public function getAllowedFileOBJs($limit = true) { - return $this->convertToFileDataOBJ( $this->getAllowedFileIds($limit) ); + return $this->convertToFileDataOBJ($this->getAllowedFileIds($limit)); } /** * @param bool $limit * @return array */ - function getViewableFileIds($limit = true) + public function getViewableFileIds($limit = true) { //These 2 below takes half of the execution time for this function $user_perms_file_array = ($this->user_perms_obj->getCurrentViewOnly($limit)); @@ -113,7 +112,7 @@ function getViewableFileIds($limit = true) $dept_perms_file_array = array_diff($dept_perms_file_array, $array); $dept_perms_file_array = array_diff($dept_perms_file_array, $user_perms_file_array); - $total_listing = array_merge($user_perms_file_array , $dept_perms_file_array); + $total_listing = array_merge($user_perms_file_array, $dept_perms_file_array); //$total_listing = array_unique( $total_listing); //$result_array = array_values($total_listing); return $total_listing; @@ -124,7 +123,7 @@ function getViewableFileIds($limit = true) * @param bool $limit * @return array */ - function getViewableFileOBJs($limit = true) + public function getViewableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getViewableFileIds($limit)); } @@ -134,12 +133,12 @@ function getViewableFileOBJs($limit = true) * @param bool $limit * @return array */ - function getReadableFileIds($limit = true) + public function getReadableFileIds($limit = true) { $user_perms_file_array = $this->user_perms_obj->getCurrentReadRight($limit); $dept_perms_file_array = $this->dept_perms_obj->getCurrentReadRight($limit); $published_file_array = $this->user_obj->getPublishedData(1); - $result_array = array_values( array_unique( array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array) ) ); + $result_array = array_values(array_unique(array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array))); return $result_array; } @@ -148,7 +147,7 @@ function getReadableFileIds($limit = true) * @param bool $limit * @return array */ - function getReadableFileOBJs($limit = true) + public function getReadableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getReadableFileIds($limit)); } @@ -158,12 +157,12 @@ function getReadableFileOBJs($limit = true) * @param bool $limit * @return array */ - function getWriteableFileIds($limit = true) + public function getWriteableFileIds($limit = true) { $user_perms_file_array = $this->user_perms_obj->getCurrentWriteRight($limit); $dept_perms_file_array = $this->dept_perms_obj->getCurrentWriteRight($limit); $published_file_array = $this->user_obj->getPublishedData(1); - $result_array = array_values( array_unique( array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array) ) ); + $result_array = array_values(array_unique(array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array))); return $result_array; } @@ -172,7 +171,7 @@ function getWriteableFileIds($limit = true) * @param bool $limit * @return array */ - function getWriteableFileOBJs($limit = true) + public function getWriteableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getWriteableFileIds($limit)); } @@ -182,12 +181,12 @@ function getWriteableFileOBJs($limit = true) * @param bool $limit * @return array */ - function getAdminableFileIds($limit = true) + public function getAdminableFileIds($limit = true) { $user_perms_file_array = $this->user_perms_obj->getCurrentAdminRight($limit); $dept_perms_file_array = $this->dept_perms_obj->getCurrentAdminRight($limit); $published_file_array = $this->user_obj->getPublishedData(1); - $result_array = array_values( array_unique( array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array) ) ); + $result_array = array_values(array_unique(array_merge($published_file_array, $user_perms_file_array, $dept_perms_file_array))); return $result_array; } @@ -196,7 +195,7 @@ function getAdminableFileIds($limit = true) * @param bool $limit * @return array */ - function getAdminableFileOBJs($limit = true) + public function getAdminableFileOBJs($limit = true) { return $this->convertToFileDataOBJ($this->getAdminableFileIds($limit)); } @@ -207,7 +206,7 @@ function getAdminableFileOBJs($limit = true) * @param array $low_priority_array * @return array */ - function combineArrays($high_priority_array, $low_priority_array) + public function combineArrays($high_priority_array, $low_priority_array) { return databaseData::combineArrays($high_priority_array, $low_priority_array); } @@ -219,7 +218,7 @@ function combineArrays($high_priority_array, $low_priority_array) * @param int $data_id * @return int */ - function getAuthority($data_id) + public function getAuthority($data_id) { $data_id = (int) $data_id; $fileData = new FileData($data_id, $this->connection); @@ -241,7 +240,5 @@ function getAuthority($data_id) return $department_permissions; } } - } - -} \ No newline at end of file +} diff --git a/User_Perms_class.php b/User_Perms_class.php index bbcc3502..3eef3203 100644 --- a/User_Perms_class.php +++ b/User_Perms_class.php @@ -18,36 +18,35 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if ( !defined('User_Perms_class') ) -{ +if (!defined('User_Perms_class')) { define('User_Perms_class', 'true', false); class User_Perms extends databaseData { - var $fid; - var $id; - var $rights; - var $user_obj; - var $dept_perms_obj; - var $file_obj; - var $error; - var $chosen_mode; - var $connection; - - var $NONE_RIGHT = 0; - var $VIEW_RIGHT = 1; - var $READ_RIGHT = 2; - var $WRITE_RIGHT = 3; - var $ADMIN_RIGHT = 4; - var $FORBIDDEN_RIGHT = -1; - var $USER_MODE = 0; - var $FILE_MODE = 1; + public $fid; + public $id; + public $rights; + public $user_obj; + public $dept_perms_obj; + public $file_obj; + public $error; + public $chosen_mode; + public $connection; + + public $NONE_RIGHT = 0; + public $VIEW_RIGHT = 1; + public $READ_RIGHT = 2; + public $WRITE_RIGHT = 3; + public $ADMIN_RIGHT = 4; + public $FORBIDDEN_RIGHT = -1; + public $USER_MODE = 0; + public $FILE_MODE = 1; /** * @param int $id * @param PDO $connection */ - function User_Perms($id, PDO $connection) + public function User_Perms($id, PDO $connection) { $this->id = $id; // this can be fid or uid $this->user_obj = new User($id, $connection); @@ -60,7 +59,7 @@ function User_Perms($id, PDO $connection) * @param bool $limit * @return array */ - function getCurrentViewOnly($limit = true) + public function getCurrentViewOnly($limit = true) { return $this->loadData_UserPerm($this->VIEW_RIGHT, $limit); } @@ -70,7 +69,7 @@ function getCurrentViewOnly($limit = true) * @param bool $limit * @return array */ - function getCurrentNoneRight($limit = true) + public function getCurrentNoneRight($limit = true) { return $this->loadData_UserPerm($this->NONE_RIGHT, $limit); } @@ -80,7 +79,7 @@ function getCurrentNoneRight($limit = true) * @param bool $limit * @return array */ - function getCurrentReadRight($limit = true) + public function getCurrentReadRight($limit = true) { return $this->loadData_UserPerm($this->READ_RIGHT, $limit); } @@ -90,7 +89,7 @@ function getCurrentReadRight($limit = true) * @param bool $limit * @return array */ - function getCurrentWriteRight($limit = true) + public function getCurrentWriteRight($limit = true) { return $this->loadData_UserPerm($this->WRITE_RIGHT, $limit); } @@ -100,7 +99,7 @@ function getCurrentWriteRight($limit = true) * @param bool $limit * @return array */ - function getCurrentAdminRight($limit = true) + public function getCurrentAdminRight($limit = true) { return $this->loadData_UserPerm($this->ADMIN_RIGHT, $limit); } @@ -108,7 +107,7 @@ function getCurrentAdminRight($limit = true) /** * @return int */ - function getId() + public function getId() { return $this->id; } @@ -122,12 +121,11 @@ function getId() * @param boolean $limit boolean Should we limit the query to max_query size? * @return array */ - function loadData_UserPerm($right, $limit) + public function loadData_UserPerm($right, $limit) { $limit_query = ($limit) ? "LIMIT {$GLOBALS['CONFIG']['max_query']}" : ''; - if($this->user_obj->isAdmin()) - { + if ($this->user_obj->isAdmin()) { $query = "SELECT d.id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA as d @@ -137,9 +135,7 @@ function loadData_UserPerm($right, $limit) $stmt = $this->connection->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); - } - elseif ($this->user_obj->isReviewer()) - { + } elseif ($this->user_obj->isReviewer()) { // If they are a reviewer, let them see files in all departments they are a reviewer for $query = "SELECT d.id FROM @@ -157,9 +153,7 @@ function loadData_UserPerm($right, $limit) ':id' => $this->id )); $result = $stmt->fetchAll(); - } - else - { + } else { //Select fid, owner_id, owner_name of the file that user-->$id has rights >= $right $query = " SELECT @@ -190,9 +184,8 @@ function loadData_UserPerm($right, $limit) //$fileid_array[$index][1] ==> owner //$fileid_array[$index][2] ==> username $llen = $stmt->rowCount(); - while($index < $llen ) - { - list($fileid_array[$index] ) = $result[$index]; + while ($index < $llen) { + list($fileid_array[$index]) = $result[$index]; $index++; } return $fileid_array; @@ -203,17 +196,13 @@ function loadData_UserPerm($right, $limit) * @param int $data_id * @return bool */ - function canView($data_id) + public function canView($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { - if($this->canUser($data_id, $this->VIEW_RIGHT) or $this->dept_perms_obj->canView($data_id)or $this->canAdmin($data_id)) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { + if ($this->canUser($data_id, $this->VIEW_RIGHT) or $this->dept_perms_obj->canView($data_id)or $this->canAdmin($data_id)) { return true; - } - else - { + } else { false; } } @@ -224,21 +213,16 @@ function canView($data_id) * @param $data_id * @return bool */ - function canRead($data_id) + public function canRead($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->i->isPublishable() ) - { - if($this->canUser($data_id, $this->READ_RIGHT) or $this->dept_perms_obj->canRead($data_id) or $this->canAdmin($data_id) ) - { + if (!$this->isForbidden($data_id) or !$filedata->i->isPublishable()) { + if ($this->canUser($data_id, $this->READ_RIGHT) or $this->dept_perms_obj->canRead($data_id) or $this->canAdmin($data_id)) { return true; - } - else - { + } else { false; } } - } /** @@ -246,21 +230,16 @@ function canRead($data_id) * @param $data_id * @return bool */ - function canWrite($data_id) + public function canWrite($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { - if($this->canUser($data_id, $this->WRITE_RIGHT) or $this->dept_perms_obj->canWrite($data_id) or $this->canAdmin($data_id) ) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { + if ($this->canUser($data_id, $this->WRITE_RIGHT) or $this->dept_perms_obj->canWrite($data_id) or $this->canAdmin($data_id)) { return true; - } - else - { + } else { false; } } - } /** @@ -268,17 +247,13 @@ function canWrite($data_id) * @param $data_id * @return bool */ - function canAdmin($data_id) + public function canAdmin($data_id) { $filedata = new FileData($data_id, $this->connection); - if(!$this->isForbidden($data_id) or !$filedata->isPublishable() ) - { - if($this->canUser($data_id, $this->ADMIN_RIGHT) or $this->dept_perms_obj->canAdmin($data_id) or $filedata->isOwner($this->id)) - { + if (!$this->isForbidden($data_id) or !$filedata->isPublishable()) { + if ($this->canUser($data_id, $this->ADMIN_RIGHT) or $this->dept_perms_obj->canAdmin($data_id) or $filedata->isOwner($this->id)) { return true; - } - else - { + } else { false; } } @@ -289,7 +264,7 @@ function canAdmin($data_id) * @param $data_id * @return bool */ - function isForbidden($data_id) + public function isForbidden($data_id) { $query = " SELECT @@ -305,15 +280,11 @@ function isForbidden($data_id) )); $result = $stmt->fetch(); - if($stmt->rowCount() == 1) - { - list ($right) = $result[0]; - if($right == $this->FORBIDDEN_RIGHT) - { + if ($stmt->rowCount() == 1) { + list($right) = $result[0]; + if ($right == $this->FORBIDDEN_RIGHT) { return true; - } - else - { + } else { return false; } } @@ -327,10 +298,9 @@ function isForbidden($data_id) * @param integer $right The number of the "right" ID that is being checked * @return true They CAN perform the right */ - function canUser($data_id, $right) + public function canUser($data_id, $right) { - if($this->user_obj->isAdmin() || $this->user_obj->isReviewerForFile($data_id)) - { + if ($this->user_obj->isAdmin() || $this->user_obj->isReviewerForFile($data_id)) { return true; } $query = " @@ -353,8 +323,7 @@ function canUser($data_id, $right) )); - switch($stmt->rowCount() ) - { + switch ($stmt->rowCount()) { case 1: return true; break; case 0: return false; @@ -369,10 +338,9 @@ function canUser($data_id, $right) * @param int $data_id * @return int|string */ - function getPermission($data_id) + public function getPermission($data_id) { - if($GLOBALS['CONFIG']['root_id'] == $this->user_obj->getId()) - { + if ($GLOBALS['CONFIG']['root_id'] == $this->user_obj->getId()) { return 4; } @@ -393,12 +361,9 @@ function getPermission($data_id) )); $result = $stmt->fetchColumn(); - if($stmt->rowCount() == 1) - { + if ($stmt->rowCount() == 1) { return $result; - } - elseif ($stmt->rowCount() == 0) - { + } elseif ($stmt->rowCount() == 0) { return -999; } } @@ -429,6 +394,5 @@ public function getPermissionForUser($user_id, $data_id) return $result; } - } -} \ No newline at end of file +} diff --git a/User_class.php b/User_class.php index 423526bc..cf2b19d6 100644 --- a/User_class.php +++ b/User_class.php @@ -19,29 +19,28 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('User_class') ) -{ +if (!defined('User_class')) { define('User_class', 'true', false); class User extends databaseData { - var $root_id; - var $id; - var $username; - var $first_name; - var $last_name; - var $email; - var $phone; - var $department; - var $pw_reset_code; - var $can_add; - var $can_checkin; + public $root_id; + public $id; + public $username; + public $first_name; + public $last_name; + public $email; + public $phone; + public $department; + public $pw_reset_code; + public $can_add; + public $can_checkin; /** * @param int $id * @param PDO $connection */ - function User($id, PDO $connection) + public function User($id, PDO $connection) { $this->root_id = $GLOBALS['CONFIG']['root_id']; $this->field_name = 'username'; @@ -73,8 +72,8 @@ function User($id, PDO $connection) $result = $stmt->fetch(); list( - $this->id, - $this->username, + $this->id, + $this->username, $this->department, $this->phone, $this->email, @@ -90,7 +89,7 @@ function User($id, PDO $connection) * Return department name for current user * @return string */ - function getDeptName() + public function getDeptName() { $query = " SELECT @@ -115,10 +114,9 @@ function getDeptName() * Return department ID for current user * @return string */ - function getDeptId() + public function getDeptId() { return $this->department; - } /** @@ -126,7 +124,7 @@ function getDeptId() * @return array * @param object $publishable */ - function getPublishedData($publishable) + public function getPublishedData($publishable) { $data_published = array(); $index = 0; @@ -149,7 +147,7 @@ function getPublishedData($publishable) )); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $data_published[$index] = $row; $index++; } @@ -160,10 +158,9 @@ function getPublishedData($publishable) * Check whether user from object has Admin rights * @return Boolean */ - function isAdmin() + public function isAdmin() { - if ($this->isRoot()) - { + if ($this->isRoot()) { return true; } $query = " @@ -180,8 +177,7 @@ function isAdmin() )); $result = $stmt->fetchColumn(); - if($stmt->rowCount() !=1 ) - { + if ($stmt->rowCount() !=1) { return false; } @@ -192,7 +188,7 @@ function isAdmin() * Check whether user from object is root * @return bool */ - function isRoot() + public function isRoot() { return ($this->root_id == $this->getId()); } @@ -200,12 +196,12 @@ function isRoot() /** * @return boolean */ - function canAdd() + public function canAdd() { - if($this->isAdmin()) { + if ($this->isAdmin()) { return true; } - if($this->can_add) { + if ($this->can_add) { return true; } return false; @@ -214,12 +210,12 @@ function canAdd() /** * @return boolean */ - function canCheckIn() + public function canCheckIn() { - if($this->isAdmin()) { + if ($this->isAdmin()) { return true; } - if($this->can_checkin) { + if ($this->can_checkin) { return true; } return false; @@ -228,7 +224,7 @@ function canCheckIn() /** * @return string */ - function getPassword() + public function getPassword() { $query = " SELECT @@ -242,21 +238,19 @@ function getPassword() $stmt->execute(array(':id' => $this->id)); $result = $stmt->fetchColumn(); - if($stmt->rowCount() !=1 ) - { + if ($stmt->rowCount() !=1) { header('Location:' . $GLOBALS['CONFIG']['base_url'] . 'error.php?ec=14'); exit; } return $result; - } /** * @param string $non_encrypted_password * @return bool */ - function changePassword($non_encrypted_password) + public function changePassword($non_encrypted_password) { $query = " UPDATE @@ -278,7 +272,7 @@ function changePassword($non_encrypted_password) * @param string $non_encrypted_password * @return bool */ - function validatePassword($non_encrypted_password) + public function validatePassword($non_encrypted_password) { $query = " SELECT @@ -295,7 +289,7 @@ function validatePassword($non_encrypted_password) ':non_encrypted_password' => $non_encrypted_password, ':id' => $this->id )); - if($stmt->rowCount() == 1) { + if ($stmt->rowCount() == 1) { return true; } else { // Check the old password() style user password @@ -314,7 +308,7 @@ function validatePassword($non_encrypted_password) ':non_encrypted_password' => $non_encrypted_password, ':id' => $this->id )); - if($stmt->rowCount() == 1) { + if ($stmt->rowCount() == 1) { return true; } } @@ -325,7 +319,7 @@ function validatePassword($non_encrypted_password) * @param string $new_name * @return bool */ - function changeName($new_name) + public function changeName($new_name) { $query = " UPDATE @@ -347,10 +341,10 @@ function changeName($new_name) * Determine if the current user is a reviewer or not * @return boolean */ - function isReviewer() + public function isReviewer() { // If they are an admin, they can review - if($this->isAdmin()) { + if ($this->isAdmin()) { return true; } @@ -367,7 +361,7 @@ function isReviewer() $stmt->execute(array( ':id' => $this->id )); - if($stmt->rowCount() > 0) { + if ($stmt->rowCount() > 0) { return true; } else { return false; @@ -379,9 +373,9 @@ function isReviewer() * @param int $file_id * @return boolean */ - function isReviewerForFile($file_id) + public function isReviewerForFile($file_id) { - $query = "SELECT + $query = "SELECT d.id FROM {$GLOBALS['CONFIG']['db_prefix']}data as d, @@ -400,8 +394,7 @@ function isReviewerForFile($file_id) )); $num_rows = $stmt->rowCount(); - if($num_rows < 1) - { + if ($num_rows < 1) { return false; } return true; @@ -411,10 +404,9 @@ function isReviewerForFile($file_id) * this functions assume that you are an admin thus allowing you to review all departments * @return array */ - function getAllRevieweeIds() + public function getAllRevieweeIds() { - if($this->isAdmin()) - { + if ($this->isAdmin()) { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA WHERE publishable = 0"; $stmt = $this->connection->prepare($query); $stmt->execute(array()); @@ -422,7 +414,7 @@ function getAllRevieweeIds() $file_data = array(); $index = 0; - foreach($result as $row) { + foreach ($result as $row) { $file_data[$index] = $row[0]; $index++; } @@ -435,10 +427,9 @@ function getAllRevieweeIds() * getRevieweeIds - Return an array of files that need reviewing under this person * @return array */ - function getRevieweeIds() + public function getRevieweeIds() { - if($this->isReviewer()) - { + if ($this->isReviewer()) { // Which departments can this user review? $query = "SELECT dept_id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_REVIEWER WHERE user_id = :id"; $stmt = $this->connection->prepare($query); @@ -451,14 +442,11 @@ function getRevieweeIds() $index = 0; // Build the query $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE ("; - foreach($result as $row) { + foreach ($result as $row) { $dept = $row['dept_id']; - if($index != $num_depts -1) - { + if ($index != $num_depts -1) { $query = $query . " department = :dept OR "; - } - else - { + } else { $query = $query . " department = :dept )"; } $index++; @@ -472,8 +460,7 @@ function getRevieweeIds() $file_data = array(); $num_files = $stmt->rowCount(); - for($index = 0; $index< $num_files; $index++) - { + for ($index = 0; $index< $num_files; $index++) { $fid = $result[$index]['id']; $file_data[$index] = $fid; } @@ -484,7 +471,7 @@ function getRevieweeIds() /** * @return array */ - function getAllRejectedFileIds() + public function getAllRejectedFileIds() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA WHERE publishable = '-1'"; $stmt = $this->connection->prepare($query); @@ -494,8 +481,7 @@ function getAllRejectedFileIds() $file_data = array(); $num_files = $stmt->rowCount(); - for($index = 0; $index< $num_files; $index++) - { + for ($index = 0; $index< $num_files; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -505,7 +491,7 @@ function getAllRejectedFileIds() /** * @return array */ - function getRejectedFileIds() + public function getRejectedFileIds() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE publishable = '-1' and owner = :id"; $stmt = $this->connection->prepare($query); @@ -517,8 +503,7 @@ function getRejectedFileIds() $file_data = array(); $num_files = $stmt->rowCount(); - for($index = 0; $index< $num_files; $index++) - { + for ($index = 0; $index< $num_files; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -528,7 +513,7 @@ function getRejectedFileIds() /** * @return array */ - function getExpiredFileIds() + public function getExpiredFileIds() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status = -1 AND owner = :id"; $stmt = $this->connection->prepare($query); @@ -540,8 +525,7 @@ function getExpiredFileIds() $len = $stmt->rowCount(); $file_data = array(); - for($index = 0; $index< $len; $index++) - { + for ($index = 0; $index< $len; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -551,7 +535,7 @@ function getExpiredFileIds() /** * @return int */ - function getNumExpiredFiles() + public function getNumExpiredFiles() { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status =- 1 AND owner = :id"; $stmt = $this->connection->prepare($query); @@ -564,7 +548,7 @@ function getNumExpiredFiles() /** * @return mixed */ - function getEmailAddress() + public function getEmailAddress() { return $this->email; } @@ -572,7 +556,7 @@ function getEmailAddress() /** * @return mixed */ - function getPhoneNumber() + public function getPhoneNumber() { return $this->phone; } @@ -581,7 +565,7 @@ function getPhoneNumber() * /Return full name array where array[0]=firstname and array[1]=lastname * @return mixed */ - function getFullName() + public function getFullName() { $full_name[0] = $this->first_name; $full_name[1] = $this->last_name; @@ -593,7 +577,7 @@ function getFullName() * Return username of current user * @return mixed */ - function getUserName() + public function getUserName() { return $this->username; } @@ -602,10 +586,9 @@ function getUserName() * Return list of checked out files to root * @return array */ - function getCheckedOutFiles() + public function getCheckedOutFiles() { - if ($this->isRoot()) - { + if ($this->isRoot()) { $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status > 0"; $stmt = $this->connection->prepare($query); $stmt->execute(); @@ -613,8 +596,7 @@ function getCheckedOutFiles() $len = $stmt->rowCount(); $file_data = array(); - for ($index = 0; $index < $len; $index++) - { + for ($index = 0; $index < $len; $index++) { list($fid) = $result[$index]; $file_data[$index] = $fid; } @@ -633,11 +615,10 @@ public static function getAllUsers($pdo) $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { $userListArray[] = $row; } return $userListArray; } - } -} \ No newline at end of file +} diff --git a/access_log.php b/access_log.php index 19e2e99e..69e9df62 100644 --- a/access_log.php +++ b/access_log.php @@ -22,8 +22,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -32,8 +31,7 @@ // open a connection to the database $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } @@ -61,18 +59,18 @@ "A" => msg('accesslogpage_file_added'), "B" => msg('accesslogpage_reserved'), "C" => msg('accesslogpage_reserved'), - "V" => msg('accesslogpage_file_viewed'), - "D" => msg('accesslogpage_file_downloaded'), - "M" => msg('accesslogpage_file_modified'), - "I" => msg('accesslogpage_file_checked_in'), - "O" => msg('accesslogpage_file_checked_out'), - "X" => msg('accesslogpage_file_deleted'), - "Y" => msg('accesslogpage_file_authorized'), + "V" => msg('accesslogpage_file_viewed'), + "D" => msg('accesslogpage_file_downloaded'), + "M" => msg('accesslogpage_file_modified'), + "I" => msg('accesslogpage_file_checked_in'), + "O" => msg('accesslogpage_file_checked_out'), + "X" => msg('accesslogpage_file_deleted'), + "Y" => msg('accesslogpage_file_authorized'), "R" => msg('accesslogpage_file_rejected') ); $accesslog_array = array(); -foreach($result as $row) { +foreach ($result as $row) { $details_link = 'details.php?id=' . $row['file_id'] . '&state=' . ($_REQUEST['state'] + 1); $accesslog_array[] = array( diff --git a/add.php b/add.php index 1d766fc1..78fd6d7d 100644 --- a/add.php +++ b/add.php @@ -19,7 +19,7 @@ */ /* - ADD.PHP DOCUMENTATION + ADD.PHP DOCUMENTATION This page will allow user to set rights to every department. It uses javascript to handle client-side data-storing and data-swapping. Each time the data is stored, it is stored onto an array of objects of class Departments. It is also stored onto @@ -42,8 +42,7 @@ function is invoked. After the data is loaded for the chosen department, if the include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -55,12 +54,11 @@ function is invoked. After the data is loaded for the chosen department, if the $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->canAdd()){ +if (!$user_obj->canAdd()) { redirect_visitor('out.php'); } -if(!isset($_POST['submit'])) -{ +if (!isset($_POST['submit'])) { $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); draw_header(msg('area_add_new_file'), $last_message); $current_user_dept = $user_obj->getDeptId(); @@ -87,18 +85,18 @@ function is invoked. After the data is loaded for the chosen department, if the // We need to set a form value for the current user so that // they can be pre-selected on the form - + $avail_users = $user_obj->getAllUsers($pdo); $users_array = array(); - foreach($avail_users as $avail_user) { + foreach ($avail_users as $avail_user) { if ($avail_user['id'] == $_SESSION['uid']) { $avail_user['selected'] = 'selected'; } else { $avail_user['selected'] = ''; } - array_push($users_array, $avail_user); + array_push($users_array, $avail_user); } // We need to set a form value for the current department so that @@ -106,7 +104,7 @@ function is invoked. After the data is loaded for the chosen department, if the $avail_departments = Department::getAllDepartments($pdo); $departments_array = array(); - foreach($avail_departments as $avail_department) { + foreach ($avail_departments as $avail_department) { if ($avail_department['id'] == $current_user_dept) { $avail_department['selected'] = 'selected'; } else { @@ -118,13 +116,13 @@ function is invoked. After the data is loaded for the chosen department, if the $avail_categories = Category::getAllCategories($pdo); $cats_array = array(); - foreach($avail_categories as $avail_category) { + foreach ($avail_categories as $avail_category) { array_push($cats_array, $avail_category); } //////Populate department perm list///////////////// $dept_perms_array = array(); - foreach($departments_array as $dept) { + foreach ($departments_array as $dept) { $avail_dept_perms['name'] = $dept['name']; $avail_dept_perms['id'] = $dept['id']; array_push($dept_perms_array, $avail_dept_perms); @@ -150,13 +148,9 @@ function is invoked. After the data is loaded for the chosen department, if the callPluginMethod('onBeforeAdd'); display_smarty_template('_add_footer.tpl'); - -} -else -{ +} else { //invalid file - if (empty($_FILES)) - { + if (empty($_FILES)) { header('Location:error.php?ec=11'); exit; } @@ -166,8 +160,7 @@ function is invoked. After the data is loaded for the chosen department, if the // First we need to make sure all files are allowed types for ($count = 0; $count < $numberOfFiles; $count++) { - - if(empty($_FILES['file']['name'][$count])) { + if (empty($_FILES['file']['name'][$count])) { $last_message = $GLOBALS['lang']['addpage_file_missing']; header('Location: error.php?last_message=' . urlencode($last_message)); exit; @@ -188,16 +181,14 @@ function is invoked. After the data is loaded for the chosen department, if the // check file type foreach ($GLOBALS['CONFIG']['allowedFileTypes'] as $allowed_type) { - if ($file_mime == $allowed_type) { $allowedFile = 1; break; } - } + } // illegal file type! - if (!isset($allowedFile) || $allowedFile != 1) - { + if (!isset($allowedFile) || $allowedFile != 1) { $last_message = 'MIMETYPE: ' . $file_mime . ' Failed'; header('Location:error.php?ec=13&last_message=' . urlencode($last_message)); exit; @@ -205,55 +196,41 @@ function is invoked. After the data is loaded for the chosen department, if the } //submited form - for ($count = 0; $count<$numberOfFiles; $count++) - { - - if ($GLOBALS['CONFIG']['authorization'] == 'True') - { + for ($count = 0; $count<$numberOfFiles; $count++) { + if ($GLOBALS['CONFIG']['authorization'] == 'True') { $publishable = '0'; - } - else - { + } else { $publishable= '1'; } $result_array = array(); // If the admin has chosen to assign the department // Set it here. Otherwise just use the session UID's department - if($user_obj->isAdmin() && isset($_REQUEST['file_department'])) - { + if ($user_obj->isAdmin() && isset($_REQUEST['file_department'])) { $current_user_dept = $_REQUEST['file_department']; - } - else - { + } else { $current_user_dept = $user_obj->getDeptId(); } // File is bigger than what php.ini post/upload/memory limits allow. - if($_FILES['file']['error'][$count] == '1') - { - header('Location:error.php?ec=26'); + if ($_FILES['file']['error'][$count] == '1') { + header('Location:error.php?ec=26'); exit; } // File too big? - if($_FILES['file']['size'][$count] > $GLOBALS['CONFIG']['max_filesize'] ) - { + if ($_FILES['file']['size'][$count] > $GLOBALS['CONFIG']['max_filesize']) { header('Location:error.php?ec=25'); exit; } // Check to make sure the dir is available and writeable - if (!is_dir($GLOBALS['CONFIG']['dataDir'])) - { + if (!is_dir($GLOBALS['CONFIG']['dataDir'])) { $last_message=$GLOBALS['CONFIG']['dataDir'] . ' missing!'; header('Location:error.php?ec=23&last_message=' .$last_message); exit; - } - else - { - if (!is_writeable($GLOBALS['CONFIG']['dataDir'])) - { + } else { + if (!is_writeable($GLOBALS['CONFIG']['dataDir'])) { $last_message=msg('message_folder_perms_error'). ': ' . $GLOBALS['CONFIG']['dataDir'] . ' ' . msg('message_not_writeable'); header('Location:error.php?ec=23&last_message=' .$last_message); exit; @@ -261,8 +238,7 @@ function is invoked. After the data is loaded for the chosen department, if the } // We need to verify that the temporary upload is there before we continue - if (!is_uploaded_file($tmp_name[$count])) - { + if (!is_uploaded_file($tmp_name[$count])) { header('Location: error.php?ec=18'); exit; } @@ -274,12 +250,9 @@ function is invoked. After the data is loaded for the chosen department, if the // If the admin has chosen to assign the owner // Set it here. Otherwise just use the session UID - if($user_obj->isAdmin() && isset($_REQUEST['file_owner'])) - { + if ($user_obj->isAdmin() && isset($_REQUEST['file_owner'])) { $owner_id = $_REQUEST['file_owner']; - } - else - { + } else { $owner_id = $_SESSION['uid']; } @@ -368,21 +341,18 @@ function is invoked. After the data is loaded for the chosen department, if the $dept_perms_stmt->bindParam(':dept_perm', $dept_perm); $dept_perms_stmt->bindParam(':dept_id', $dept_id); $dept_perms_stmt->execute(); - } // Search for similar names in the two array (merge the array. repetitions are deleted) // In case of repetitions, higher priority ones stay. // Priority is in this order (admin, modify, read, view) - - foreach ($_REQUEST['user_permission'] as $user_id => $permission) { + foreach ($_REQUEST['user_permission'] as $user_id => $permission) { $user_perms_query = "INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}user_perms (fid, uid, rights) VALUES($fileId, :user_id, :permission)"; $user_perms_stmt = $pdo->prepare($user_perms_query); $user_perms_stmt->bindParam(':user_id', $user_id); $user_perms_stmt->bindParam(':permission', $permission); $user_perms_stmt->execute(); - } // use id to generate a file name @@ -391,7 +361,7 @@ function is invoked. After the data is loaded for the chosen department, if the move_uploaded_file($tmp_name[$count], $GLOBALS['CONFIG']['dataDir'] . '/' . $newFileName); //copy($GLOBALS['CONFIG']['dataDir'] . '/' . ($fileId-1) . '.dat', $GLOBALS['CONFIG']['dataDir'] . '/' . $newFileName); - + AccessLog::addLogEntry($fileId, 'A', $pdo); // back to main page @@ -428,7 +398,7 @@ function is invoked. After the data is loaded for the chosen department, if the $email_obj->setSubject($mail_subject); $email_obj->setFrom($from); $email_obj->setRecipients($reviewer_list); - $email_obj->setBody($mail_body2); + $email_obj->setBody($mail_body2); $email_obj->sendEmail(); //email_users_id($mail_from, $reviewer_list, $mail_subject, $mail_body2, $mail_headers); diff --git a/admin.php b/admin.php index d2b7bb28..07a5fc02 100644 --- a/admin.php +++ b/admin.php @@ -25,8 +25,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -36,8 +35,7 @@ $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } @@ -46,10 +44,13 @@ draw_header(msg('label_admin'), $last_message); ?> - isRoot()) echo ''; ?> + isRoot()) { + echo ''; +} ?> isRoot()) + if ($user_obj->isRoot()) { udf_admin_header(); + } ?>
' . msg('file') . '' . msg('file') . '
@@ -103,28 +104,35 @@
-isRoot() ) { ?> +isRoot()) { + ?> - + - + - + - + - +
- + @@ -134,33 +142,47 @@ - + - + - + - + - +
- + + + + - + @@ -169,13 +191,13 @@ - +
 
getPluginsList()) && $user_obj->isRoot()) -{ +if (is_array($GLOBALS['plugin']->getPluginsList()) && $user_obj->isRoot()) { ?> @@ -184,12 +206,13 @@ + ?>
@@ -45,8 +45,8 @@ $stmt->execute(); $udf_tables_names_result = $stmt->fetchAll(); -if($q != "" && $add_value != "add" && $add_value != "edit"){ -?> +if ($q != "" && $add_value != "add" && $add_value != "edit") { + ?> prepare("SELECT * FROM $add_value"); $stmt->execute(); $result = $stmt->fetchAll(); @@ -96,7 +94,7 @@ ' . msg('value') . ' '; - if (( ( (int) $q == $q && (int) $q > 0 ) || $q == 'primary')) { + if ((((int) $q == $q && (int) $q > 0) || $q == 'primary')) { // Find out if the passed argument matches an actual tablename $full_table_name = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $field_name . $table_name; @@ -130,10 +128,10 @@ ' . msg('new') . ': '; - echo ''; - echo '
+ echo ''; + echo '
'; -?> + ?>
@@ -145,7 +143,6 @@ } if ($add_value == "add") { - $add_table_name = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary'; $white_listed = false; @@ -168,7 +165,6 @@ } if ($add_value == "edit") { - $edit_tablename = $GLOBALS['CONFIG']['db_prefix'] . 'udftbl_' . $table_name . '_secondary'; $white_listed = false; foreach ($udf_tables_names_result as $white_list) { @@ -177,7 +173,6 @@ } } if ($white_list) { - $stmt = $pdo->prepare("Select * FROM $edit_tablename WHERE pr_id = :q"); $stmt->execute(array(':q' => $q)); $result = $stmt->fetchAll(); diff --git a/category.php b/category.php index a02b9733..3bd4b01b 100644 --- a/category.php +++ b/category.php @@ -24,26 +24,24 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if(isset($_GET['submit']) && $_GET['submit'] == 'add') -{ +if (isset($_GET['submit']) && $_GET['submit'] == 'add') { draw_header(msg('area_add_new_category'), $last_message); ?> -
+ @@ -68,12 +66,9 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } @@ -85,12 +80,9 @@ // back to main page $last_message = urlencode(msg('message_category_successfully_added')); header('Location:admin.php?last_message=' . $last_message); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'delete') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'delete') { // If demo mode, don't allow them to update the demo account - if ($GLOBALS['CONFIG']['demo'] == 'True') - { + if ($GLOBALS['CONFIG']['demo'] == 'True') { draw_header(msg('area_delete_category'), $last_message); echo msg('message_sorry_demo_mode'); draw_footer(); @@ -112,23 +104,25 @@ echo ''; ?> - + @@ -147,9 +141,7 @@
'.msg('label_name').' :' . $result['name'] . '
- : + :
- - + + @@ -213,9 +205,7 @@
fetchAll(); echo(''); - foreach($result as $row) { + foreach ($result as $row) { echo ''; echo ''; echo ''; @@ -237,7 +227,8 @@ echo ''; } ?> - + @@ -253,32 +244,33 @@ )); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { echo 'ID: ' . $row['id'] . ',' . $row['realname'] . '
'; } draw_footer(); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'showpick') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'showpick') { draw_header(msg('area_view_category') . ' : ' . msg('choose'), $last_message); ?>
' . msg('label_name') . '' . msg('label_id') . '
' . $row['name'] . '
- - + + @@ -295,12 +287,11 @@ - +
- - + +
@@ -356,14 +347,14 @@ prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - foreach($result as $row) { - echo ''; - } - ?> + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + foreach ($result as $row) { + echo ''; + } + ?>
: @@ -382,12 +373,9 @@
isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } @@ -403,9 +391,7 @@ // back to main page $last_message = urlencode(msg('message_category_successfully_updated') .' : ' . $_REQUEST['name']); header('Location: admin.php?last_message=' . $last_message); -} -elseif (isset($_REQUEST['cancel']) && $_REQUEST['cancel'] == 'Cancel') -{ +} elseif (isset($_REQUEST['cancel']) && $_REQUEST['cancel'] == 'Cancel') { $last_message=urlencode(msg('message_action_cancelled')); - header ('Location: admin.php?last_message=' . $last_message); -} \ No newline at end of file + header('Location: admin.php?last_message=' . $last_message); +} diff --git a/check-in.php b/check-in.php index 877958e7..53fe56c1 100644 --- a/check-in.php +++ b/check-in.php @@ -24,8 +24,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -36,14 +35,13 @@ $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->canCheckIn()){ +if (!$user_obj->canCheckIn()) { redirect_visitor('out.php'); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') -{ +if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { $last_message='Failed'; header('Location:error.php?ec=2&last_message=' . urlencode($last_message)); exit; @@ -52,8 +50,7 @@ // includes // open connection -if (!isset($_POST['submit'])) -{ +if (!isset($_POST['submit'])) { $id = (int) $_REQUEST['id']; // form not yet submitted, display initial form @@ -68,45 +65,49 @@ $result = $stmt->fetch(); // in case script is directly accessed, query above will return 0 rows - if ($stmt->rowCount() <= 0) - { + if ($stmt->rowCount() <= 0) { $last_message='Failed'; header('Location:error.php?ec=2&last_message=' . urlencode($last_message)); exit; - } - else - { - draw_header(msg('button_check_in'),$last_message); + } else { + draw_header(msg('button_check_in'), $last_message); $description = $result['description']; $real_name = $result['realname']; - if($description == '') - { + if ($description == '') { $description = msg('message_no_description_available'); } // start displaying form ?> - - + + - - + + - - + + - + - + @@ -133,16 +134,13 @@ function check(select, send_dept, send_all) } getError() == '' && $file_data_obj->getStatus() == $_SESSION['uid']) - { + if ($file_data_obj->getError() == '' && $file_data_obj->getStatus() == $_SESSION['uid']) { //look to see how many revision are there $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}log WHERE id = :id"; $stmt = $pdo->prepare($query); @@ -203,34 +197,29 @@ function check(select, send_dept, send_all) $revision_number = $stmt->rowCount(); // if dir not available, create it - if( !is_dir($GLOBALS['CONFIG']['revisionDir']) ) - { - if (!mkdir($GLOBALS['CONFIG']['revisionDir'], 0775)) - { + if (!is_dir($GLOBALS['CONFIG']['revisionDir'])) { + if (!mkdir($GLOBALS['CONFIG']['revisionDir'], 0775)) { $last_message=msg('message_directory_creation_failed'). ': ' . $GLOBALS['CONFIG']['revisionDir'] ; header('Location:error.php?ec=23&last_message=' . urlencode($last_message)); exit; } } - if( !is_dir($GLOBALS['CONFIG']['revisionDir'] . $id) ) - { - if (!mkdir($GLOBALS['CONFIG']['revisionDir'] . $id, 0775)) - { + if (!is_dir($GLOBALS['CONFIG']['revisionDir'] . $id)) { + if (!mkdir($GLOBALS['CONFIG']['revisionDir'] . $id, 0775)) { $last_message=msg('message_directory_creation_failed') . ': ' . $GLOBALS['CONFIG']['revisionDir'] . $id; header('Location:error.php?ec=23&last_message=' . urlencode($last_message)); exit; } - } $file_name = $GLOBALS['CONFIG']['dataDir'] . $id .'.dat'; //read and close - $file_handler = fopen ($file_name, "r"); - $file_content = fread($file_handler, filesize ($file_name)); - fclose ($file_handler); + $file_handler = fopen($file_name, "r"); + $file_content = fread($file_handler, filesize($file_name)); + fclose($file_handler); //write and close - $file_handler = fopen ($GLOBALS['CONFIG']['revisionDir'] . $id . '/' . $id . '_' . ($revision_number - 1) . '.dat', "w"); + $file_handler = fopen($GLOBALS['CONFIG']['revisionDir'] . $id . '/' . $id . '_' . ($revision_number - 1) . '.dat', "w"); fwrite($file_handler, $file_content); - fclose ($file_handler); + fclose($file_handler); // all OK, proceed! $query = "SELECT username FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id = :uid"; @@ -300,11 +289,11 @@ function check(select, send_dept, send_all) $email_obj->setSubject($mail_subject); $email_obj->setFrom($full_name . ' <' . $user_obj->getEmailAddress() . '>'); $email_obj->setRecipients($reviewer_list); - $email_obj->setBody($mail_body2); + $email_obj->setBody($mail_body2); $email_obj->sendEmail(); // clean up and back to main page - $last_message = msg('message_document_checked_in'); + $last_message = msg('message_document_checked_in'); header('Location: out.php?last_message=' . urlencode($last_message)); } } diff --git a/check-out.php b/check-out.php index 54de288c..6d9d3210 100644 --- a/check-out.php +++ b/check-out.php @@ -24,8 +24,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -33,12 +32,10 @@ $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if(strchr($_REQUEST['id'], '_') ) -{ +if (strchr($_REQUEST['id'], '_')) { header('Location:error.php?ec=20'); } -if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') -{ +if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { header('Location:error.php?ec=2'); exit; } @@ -48,13 +45,11 @@ */ $file_data_obj = new FileData($_GET['id'], $pdo); $file_data_obj->setId($_GET['id']); -if ($file_data_obj->getError() != NULL || $file_data_obj->getStatus() > 0 || $file_data_obj->isArchived()) -{ +if ($file_data_obj->getError() != null || $file_data_obj->getStatus() > 0 || $file_data_obj->isArchived()) { header('Location:error.php?ec=2'); exit; } -if (!isset($_GET['submit'])) -{ +if (!isset($_GET['submit'])) { draw_header(msg('area_check_out_file'), $last_message); // form not yet submitted // display information on how to initiate download @@ -64,9 +59,12 @@

- - - + + +

 
 . @@ -74,14 +72,12 @@ draw_footer(); } // form submitted - download -else -{ +else { $id = (int) $_REQUEST['id']; checkUserPermission($id, $file_data_obj->WRITE_RIGHT, $file_data_obj); $real_name = $file_data_obj->getName(); - if($_GET['access_right'] == 'modify') - { + if ($_GET['access_right'] == 'modify') { // since this user has checked it out and will modify it // update db to reflect new status $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}data SET status = :uid WHERE id = :id"; @@ -94,20 +90,17 @@ // calculate filename $filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat'; - if (file_exists($filename)) - { + if (file_exists($filename)) { // send headers to browser to initiate file download - header ('Content-Type: application/octet-stream'); - header ('Content-Disposition: attachment; filename="' . $real_name . '"'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename="' . $real_name . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); readfile($filename); AccessLog::addLogEntry($id, 'O', $pdo); AccessLog::addLogEntry($id, 'D', $pdo); - } - else - { + } else { echo 'File does not exist...'; } -} \ No newline at end of file +} diff --git a/check_exp.php b/check_exp.php index c47efb8a..d9f5360b 100644 --- a/check_exp.php +++ b/check_exp.php @@ -43,16 +43,13 @@ )); $user_result = $stmt->fetch(); -if($stmt->rowCount() != 1) -{ +if ($stmt->rowCount() != 1) { header('location:error.php?ec=22'); -} -else -{ +} else { $root_id = $user_result['id']; } // calculate current date -$current_date = date ('Y-m-d'); +$current_date = date('Y-m-d'); $current_year = intval(date('Y)')); $current_month = intval(date('m')); $current_day = intval(date('d')); @@ -64,14 +61,12 @@ $exp_days = $remainder - $exp_months*30; // calculate oldest non-expired date -if($current_day < $exp_days) -{ +if ($current_day < $exp_days) { --$current_month; $current_day += 30; } $ok_day = $current_day - $exp_days; -if($current_month < $exp_months) -{ +if ($current_month < $exp_months) { --$current_year; $current_month += 12; } @@ -109,12 +104,12 @@ echo msg('message_rejecting_files'). ' ' . $expired_revision . '
'; echo msg('message_rejected') . ' ' . $stmt->rowCount() . ' file(s)
'; $count = 0; -foreach($data_result as $row) { +foreach ($data_result as $row) { echo '  ' . $count . ' File ID: ' . $row['id'] . '
'; $count++; } // Notify owner -if($GLOBALS['CONFIG']['file_expired_action'] != 4) { +if ($GLOBALS['CONFIG']['file_expired_action'] != 4) { $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because'). ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' ' .msg('days') . ';'; $user_obj = new user($root_id, $pdo); $date = date("D F d Y"); @@ -126,7 +121,7 @@ $mail_subject=msg('email_subject_review_status'); $mail_greeting=msg('email_greeting') . ":". PHP_EOL . "\t" . msg('email_i_would_like_to_inform'); $mail_body = msg('email_was_declined_for_publishing_at') . ' ' .$time.' on '.$date.' ' . msg('email_because_you_did_not_revise') . ' ' . $GLOBALS['CONFIG']['revision_expiration'] . ' '. msg('days'); - $mail_salute=PHP_EOL . PHP_EOL . msg('email_salute') . ",". PHP_EOL . $full_name"; + $mail_salute=PHP_EOL . PHP_EOL . msg('email_salute') . ",". PHP_EOL . $full_name; foreach($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); @@ -138,9 +133,9 @@ } //do not show file -if($GLOBALS['CONFIG']['file_expired_action'] == 1 ) { +if ($GLOBALS['CONFIG']['file_expired_action'] == 1) { $reviewer_comments = 'To=' . msg('author') . ';Subject=' . msg('message_file_expired') . ';Comments=' . msg('email_file_was_rejected_because'). ' ' .$GLOBALS['CONFIG']['revision_expiration'] . ' ' . msg('days'); - foreach($data_result as $row) { + foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $file_obj->Publishable(-1); $file_obj->setReviewerComments($reviewer_comments); @@ -148,11 +143,11 @@ } //lock file, not check-outable -if( $GLOBALS['CONFIG']['file_expired_action'] == 2 ) { - foreach($data_result as $row) { +if ($GLOBALS['CONFIG']['file_expired_action'] == 2) { + foreach ($data_result as $row) { $file_obj = new FileData($row['id'], $pdo); $file_obj->setStatus(-1); } } echo msg('message_all_actions_successfull'); -draw_footer(); \ No newline at end of file +draw_footer(); diff --git a/classHeaders.php b/classHeaders.php index 458f5d02..920402a2 100644 --- a/classHeaders.php +++ b/classHeaders.php @@ -19,8 +19,7 @@ classHeaders.php - loads common classes Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined('classHeader') ) -{ +if (!defined('classHeader')) { define('classHeader', 'true', false); include_once('databaseData_class.php'); include_once('User_class.php'); @@ -42,36 +41,28 @@ function advanceCombineArrays($hi_priority_array, $hi_postfix, $low_priority_arr //merge higher priority onto lower priority one. $user_rights = array(); $k = 0; - $foundFlag = false; + $foundFlag = false; //create a multidimension array: element of view and right of view - for($i = 0; $i $value) - { + foreach ($_POST as $key => $value) { $tstr.=$key."=".urlencode($value)."&"; } // pop off the last & - $tstr = rtrim ($tstr, "&"); + $tstr = rtrim($tstr, "&"); } @@ -67,10 +59,9 @@ function addCrumb($level, $title, $url, $post = false) * @param level int * @desc Deletes a bread crumb. */ - function delCrumb($level) + public function delCrumb($level) { - if (isset($_SESSION['crumbs'][$level])) - { + if (isset($_SESSION['crumbs'][$level])) { unset($_SESSION['crumbs'][$level]); } } //end delCrumb() @@ -81,26 +72,20 @@ function delCrumb($level) * @param cur_level int * @desc Print out the current crumb trail from $cur_level on down. */ - function printTrail($cur_level) + public function printTrail($cur_level) { $trail = ""; - for ($i=1; $i != $cur_level+1; $i++) - { - - if (isset($_SESSION['crumbs'][$i])) - { - if ($i != $cur_level) - { + for ($i=1; $i != $cur_level+1; $i++) { + if (isset($_SESSION['crumbs'][$i])) { + if ($i != $cur_level) { $trail .= "'; $trail .= $_SESSION['crumbs'][$i]['title']; $trail .= ""; - }else - { + } else { $trail .= '' . $_SESSION['crumbs'][$i]['title'] . ''; $trail .= ""; } - if ($i != $cur_level) - { + if ($i != $cur_level) { $trail .= " > "; } } @@ -109,7 +94,6 @@ function printTrail($cur_level) return $trail; } // end printTrail() - } //end class crumb // ################# Example ############################# @@ -132,4 +116,4 @@ function printTrail($cur_level) //Page4 // $crumb = new crumb(); // $crumb->addCrumb(4, "Review", $_SERVER['REQUEST_URI']); -// $crumb->printTrail(4); \ No newline at end of file +// $crumb->printTrail(4); diff --git a/databaseData_class.php b/databaseData_class.php index f4576bcd..9c3539f1 100644 --- a/databaseData_class.php +++ b/databaseData_class.php @@ -19,44 +19,44 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -if( !defined("databaseData_class") ); +if (!defined("databaseData_class")); { define("databaseData_class", "true", false); //DO NOT INSTANTIATE THIS ABSTRACT CLASS class databaseData { - var $DB_PREFIX; - var $TABLE_ADMIN = 'admin'; - var $TABLE_CATEGORY = 'category'; - var $TABLE_DATA = 'data'; - var $TABLE_DEPARTMENT = 'department'; - var $TABLE_DEPT_PERMS = 'dept_perms'; - var $TABLE_DEPT_REVIEWER = 'dept_reviewer'; - var $TABLE_LOG = 'log'; - var $TABLE_RIGHTS = 'rights'; - var $TABLE_USER = 'user'; - var $TABLE_USER_PERMS = 'user_perms'; - var $FORBIDDEN_RIGHT = -1; - var $NONE_RIGHT = 0; - var $VIEW_RIGHT = 1; - var $READ_RIGHT = 2; - var $WRITE_RIGHT = 3; - var $ADMIN_RIGHT = 4; - var $name; - var $id; + public $DB_PREFIX; + public $TABLE_ADMIN = 'admin'; + public $TABLE_CATEGORY = 'category'; + public $TABLE_DATA = 'data'; + public $TABLE_DEPARTMENT = 'department'; + public $TABLE_DEPT_PERMS = 'dept_perms'; + public $TABLE_DEPT_REVIEWER = 'dept_reviewer'; + public $TABLE_LOG = 'log'; + public $TABLE_RIGHTS = 'rights'; + public $TABLE_USER = 'user'; + public $TABLE_USER_PERMS = 'user_perms'; + public $FORBIDDEN_RIGHT = -1; + public $NONE_RIGHT = 0; + public $VIEW_RIGHT = 1; + public $READ_RIGHT = 2; + public $WRITE_RIGHT = 3; + public $ADMIN_RIGHT = 4; + public $name; + public $id; protected $connection; - var $tablename; - var $error; - var $field_name; - var $field_id; - var $result_limit; + public $tablename; + public $error; + public $field_name; + public $field_id; + public $result_limit; /** * @param int $id * @param PDO $connection */ - function databaseData($id, PDO $connection) + public function databaseData($id, PDO $connection) { $this->connection = $connection; $this->setId($id); //setId not only set the $id data member but also find and set name @@ -66,7 +66,7 @@ function databaseData($id, PDO $connection) /** * @param string $table_name */ - function setTableName($table_name) + public function setTableName($table_name) { $this->tablename = "$table_name"; } @@ -77,7 +77,7 @@ function setTableName($table_name) * the data member field $name * @param int $id */ - function setId($id) + public function setId($id) { $this->id = (int) $id; $this->name = $this->findName(); @@ -88,7 +88,7 @@ function setId($id) * the name field in the DB is unique, e.g. username * @param string $name */ - function setName($name) + public function setName($name) { $this->name = $name; $this->id = findId(); @@ -97,7 +97,7 @@ function setName($name) /** * @return string */ - function getName() + public function getName() { return $this->name; } @@ -105,7 +105,7 @@ function getName() /** * @return int */ - function getId() + public function getId() { return $this->id; } @@ -113,7 +113,7 @@ function getId() /** * @return int */ - function findId() + public function findId() { $query = " SELECT @@ -130,7 +130,7 @@ function findId() $result = $stmt->fetchAll(); $row_count = $stmt->rowCount(); - if( $row_count > $this->result_limit AND result_limit != 'UNLIMITED') { + if ($row_count > $this->result_limit and result_limit != 'UNLIMITED') { /*if the result is more than expected error var is set*/ $this->error='Error: non-unique'; } elseif ($row_count == 0) { @@ -147,9 +147,8 @@ function findId() * comments if you need help with this function * @return string */ - function findName() + public function findName() { - $name = ''; $query = "SELECT $this->field_name @@ -164,7 +163,7 @@ function findName() $result = $stmt->fetchAll(); $row_count = $stmt->rowCount(); - if($row_count > $this->result_limit AND result_limit != 'UNLIMITED') { + if ($row_count > $this->result_limit and result_limit != 'UNLIMITED') { $this->error='Error: non-unique'; } elseif ($row_count == 0) { $this->error = 'Error: unable to find id in database'; @@ -177,7 +176,7 @@ function findName() /** * assuming that userid will never change */ - function reloadData() + public function reloadData() { //Since all the data are set at the time when $id or $name //is set. If another program access the DB and changes any @@ -189,7 +188,7 @@ function reloadData() /** * @return mixed */ - function getError() + public function getError() { /* Get error will return the last thrown error */ return $this->error; @@ -207,32 +206,28 @@ function getError() * @param array $low_priority_array * @return array */ - function combineArrays($high_priority_array, $low_priority_array) + public function combineArrays($high_priority_array, $low_priority_array) { $found = false; $result_array = array(); $result_array = $high_priority_array; //$high is being kept $result_array_index = sizeof($high_priority_array); //iterate through $low - for($l = 0 ; $lconnection); } return $file_data_array; } - } -} \ No newline at end of file +} diff --git a/delete.php b/delete.php index 27be2390..5d560cd9 100644 --- a/delete.php +++ b/delete.php @@ -21,8 +21,7 @@ // check session session_start(); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { header('Location:error.php?ec=1'); exit; } @@ -36,35 +35,27 @@ $userperm_obj = new User_Perms($_SESSION['uid'], $pdo); // User has requested a deletion from the file detail page -if( isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'tmpdel' ) -{ - if(!isset($_REQUEST['num_checkboxes'] )) - { +if (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'tmpdel') { + if (!isset($_REQUEST['num_checkboxes'])) { $_REQUEST['num_checkboxes'] =1; } // all ok, proceed! - if( !is_dir($GLOBALS['CONFIG']['archiveDir']) ) - { + if (!is_dir($GLOBALS['CONFIG']['archiveDir'])) { // Make sure directory is writeable - if(!mkdir($GLOBALS['CONFIG']['archiveDir'], 0775)) - { + if (!mkdir($GLOBALS['CONFIG']['archiveDir'], 0775)) { $last_message='Could not create ' . $GLOBALS['CONFIG']['archiveDir']; header('Location:error.php?ec=23&last_message=' .$last_message); exit; } } - for($i = 0; $i<$_REQUEST['num_checkboxes']; $i++) - { - if(isset($_REQUEST['id' . $i])) - { + for ($i = 0; $i<$_REQUEST['num_checkboxes']; $i++) { + if (isset($_REQUEST['id' . $i])) { $id = $_REQUEST['id' . $i]; - if(strchr($id, '_') ) - { + if (strchr($id, '_')) { header('Location:error.php?ec=20'); } - if($userperm_obj->canAdmin($id)) - { + if ($userperm_obj->canAdmin($id)) { $file_obj = new FileData($id, $pdo); $file_obj->temp_delete(); fmove($GLOBALS['CONFIG']['dataDir'] . $id . '.dat', $GLOBALS['CONFIG']['archiveDir'] . $id . '.dat'); @@ -80,9 +71,7 @@ callPluginMethod('onAfterArchiveFile'); header('Location: out.php?last_message=' . $last_message); -} -elseif( isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive' ) -{ +} elseif (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'view_del_archive') { isset($_REQUEST['mode']) ? $_REQUEST['mode'] : ''; //publishable=2 for archive deletion @@ -93,7 +82,7 @@ $array_id = array(); $i = 0; - foreach($result as $row) { + foreach ($result as $row) { $array_id[$i] = $row['id']; $i++; } @@ -108,32 +97,23 @@ $list_status = list_files($array_id, $userperms, $GLOBALS['CONFIG']['archiveDir'], true); - if( $list_status != -1 ) - { + if ($list_status != -1) { $GLOBALS['smarty']->assign('lmode', ''); display_smarty_template('deleteview.tpl'); } -} -elseif(isset($_POST['submit']) && $_POST['submit']=='Delete file(s)') -{ +} elseif (isset($_POST['submit']) && $_POST['submit']=='Delete file(s)') { isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : ''; - foreach($_REQUEST['checkbox'] as $value) - { - if(!pmt_delete($value)) - { + foreach ($_REQUEST['checkbox'] as $value) { + if (!pmt_delete($value)) { header('Location: error.php?ec=21'); exit; } } header('Location:' . $redirect . '?last_message=' . urlencode(msg('undeletepage_file_permanently_deleted'))); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Undelete') -{ - if(isset($_REQUEST['checkbox'])) - { - foreach ($_REQUEST['checkbox'] as $fileId) - { +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Undelete') { + if (isset($_REQUEST['checkbox'])) { + foreach ($_REQUEST['checkbox'] as $fileId) { $file_obj = new FileData($fileId, $pdo); $file_obj->undelete(); fmove($GLOBALS['CONFIG']['archiveDir'] . $fileId . '.dat', $GLOBALS['CONFIG']['dataDir'] . $fileId . '.dat'); @@ -154,20 +134,16 @@ function pmt_delete($id) $userperm_obj = new User_Perms($_SESSION['uid'], $pdo); - if( !$userperm_obj->user_obj->isRoot() ) - { + if (!$userperm_obj->user_obj->isRoot()) { header('Location: error.php?ec=4'); exit; } // all ok, proceed! - if(isset($id)) - { - if(strchr($id, '_') ) - { + if (isset($id)) { + if (strchr($id, '_')) { header('Location:error.php?ec=20'); } - if($userperm_obj->canAdmin($id)) - { + if ($userperm_obj->canAdmin($id)) { // delete from db $query = "DELETE FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE id = :id"; $stmt = $pdo->prepare($query); @@ -187,17 +163,13 @@ function pmt_delete($id) $stmt->execute(array(':id' => $id)); $filename = $id . ".dat"; - unlink($GLOBALS['CONFIG']['archiveDir'] . $filename); - if( is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/') ) - { + unlink($GLOBALS['CONFIG']['archiveDir'] . $filename); + if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) { $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/'); - if( is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/') ) - { + if (is_dir($GLOBALS['CONFIG']['revisionDir'] . $id . '/')) { $dir = opendir($GLOBALS['CONFIG']['revisionDir'] . $id . '/'); - while($lreadfile = readdir($dir)) - { - if(is_file($GLOBALS['CONFIG']['revisionDir'] . "$id/$lreadfile")) - { + while ($lreadfile = readdir($dir)) { + if (is_file($GLOBALS['CONFIG']['revisionDir'] . "$id/$lreadfile")) { unlink($GLOBALS['CONFIG']['revisionDir'] . "$id/$lreadfile"); } } @@ -208,4 +180,4 @@ function pmt_delete($id) } } return false; -} \ No newline at end of file +} diff --git a/department.php b/department.php index a2816d06..9c6da6bf 100644 --- a/department.php +++ b/department.php @@ -24,8 +24,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -36,8 +35,7 @@ //If the user is not an admin and he/she is trying to access other account that // is not his, error out. -if(!$user_obj->isAdmin() == true) -{ +if (!$user_obj->isAdmin() == true) { header('Location:error.php?ec=4'); exit; } @@ -45,8 +43,7 @@ /* Add A New Department */ -if(isset($_GET['submit']) && $_GET['submit']=='add') -{ +if (isset($_GET['submit']) && $_GET['submit']=='add') { draw_header(msg('area_add_new_department'), $last_message); ?> @@ -61,7 +58,7 @@ + ?> '; echo ''; echo ''; -?> + ?> @@ -220,8 +210,9 @@ foreach ($result as $row) { echo ''; } -?> - + ?> + @@ -229,16 +220,17 @@ + ?>
@@ -84,20 +81,17 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location:error.php?ec=4'); exit; } $department = (isset($_POST['department']) ? $_POST['department'] : ''); - if($department == '') { + if ($department == '') { $last_message=msg('departmentpage_department_name_required'); header('Location: admin.php?last_message=' . $last_message); @@ -109,8 +103,7 @@ $stmt->execute(array(':department' => $department)); $result = $stmt->fetchAll(); - if($stmt->rowCount() != 0) - { + if ($stmt->rowCount() != 0) { header('Location: error.php?ec=3&message=' . htmlentities($department) . ' already exist in the database'); exit; } @@ -131,7 +124,7 @@ $data_array = array(); $index = 0; - foreach($result as $row) { + foreach ($result as $row) { $data_array[$index][0] = $row[0]; $data_array[$index][1] = $row[1]; $index++; @@ -144,8 +137,7 @@ $result = $stmt->fetchAll(); $num_rows = $stmt->rowCount(); - if( $num_rows != 1 ) - { + if ($num_rows != 1) { header('Location: error.php?ec=14&message=unable to identify ' . $department); exit; } @@ -154,8 +146,7 @@ ////Set default rights into department////// $num_rows = sizeof($data_array); - for($index = 0; $index < $num_rows; $index++) - { + for ($index = 0; $index < $num_rows; $index++) { $query = " INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}dept_perms ( @@ -179,14 +170,13 @@ callPluginMethod('onDepartmentAddSave', $result['id']); header('Location: admin.php?last_message=' . $last_message); -} -elseif(isset($_POST['submit']) && $_POST['submit'] == 'Show Department') -{ +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Show Department') { // query to show item draw_header(msg('area_department_information'), $last_message); //select name $query = "SELECT name,id FROM {$GLOBALS['CONFIG']['db_prefix']}department where id = :item"; - $stmt = $pdo->prepare($query);; + $stmt = $pdo->prepare($query); + ; $stmt->execute(array(':item' => $_POST['item'])); $result = $stmt->fetch(); @@ -194,7 +184,7 @@ echo 'ID' . msg('department') . '
' . $result['id'] . '' . $result['name'] . '
' . $row['first_name'] . ' ' . $row['last_name'] . '
- + - + '; - ?> - + ?> + @@ -333,32 +324,33 @@
'.msg('label_name').' :' . $row['name'] . '
- : + :
- - + + @@ -377,12 +369,9 @@
isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } @@ -429,11 +418,9 @@ // back to main page $last_message = urlencode(msg('message_all_actions_successfull') . ' id:' . (int) $_REQUEST['id']); header('Location: admin.php?last_message=' . $last_message); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'modify') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'modify') { $dept_obj = new Department($_REQUEST['item'], $pdo); - draw_header(msg('area_update_department') .': ' . $dept_obj->getName(),$last_message); + draw_header(msg('area_update_department') .': ' . $dept_obj->getName(), $last_message); ?> @@ -441,26 +428,29 @@ prepare($query); - $stmt->execute(array(':item' => $_REQUEST['item'])); - $result = $stmt->fetchAll(); + $stmt = $pdo->prepare($query); + $stmt->execute(array(':item' => $_REQUEST['item'])); + $result = $stmt->fetchAll(); - foreach ($result as $row) { - ?> + foreach ($result as $row) { + ?> + + } + ?> '; } } @@ -149,7 +140,7 @@ function udf_add_file_insert($fileId) $result = $stmt->fetchAll(); $i = 0; //CHM - foreach($result as $row) { + foreach ($result as $row) { if ($row[1] == 1 || $row[1] == 2 || $row[1] == 3 || $row[1] == 4) { //CHM if (isset($_REQUEST[$row[0]]) && $_REQUEST[$row[0]] != "") { $explode_row = explode('_', $row[0]); @@ -211,12 +202,10 @@ function udf_edit_file_form() $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { echo ''; - } - elseif ($row[1] == 3) - { + } elseif ($row[1] == 3) { echo ''; - - //secondary dropdown + + //secondary dropdown echo ''; + echo ''; + echo ''; } - //CHM + //CHM } } @@ -399,7 +379,7 @@ function udf_edit_file_update() $result = $stmt->fetchAll(); $i = 0; //CHM - foreach($result as $row) { + foreach ($result as $row) { if ($row[1] == 1 || $row[1] == 2 || $row[1] == 3 || $row[1] == 4) { //CHM sub select option 4 added if (isset($_REQUEST[$row[2]]) && $_REQUEST[$row[2]] != "") { $query = " @@ -458,47 +438,38 @@ function udf_details_display($fileId) $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { $query = "SELECT value FROM {$GLOBALS['CONFIG']['db_prefix']}data, {$row['2']} WHERE {$GLOBALS['CONFIG']['db_prefix']}data.id = :file_id AND {$GLOBALS['CONFIG']['db_prefix']}data.{$row['2']}={$row['2']}.id"; $stmt = $pdo->prepare($query); $stmt->execute(array(':file_id' => $fileId)); $sub_row = $stmt->fetch(); - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { $return_string .= ''; } - } - elseif ($row[1] == 3) - { + } elseif ($row[1] == 3) { $query = "SELECT {$row[2]} FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE {$GLOBALS['CONFIG']['db_prefix']}data.id = :file_id "; $stmt = $pdo->prepare($query); $stmt->execute(array(':file_id' => $fileId)); $sub_row = $stmt->fetch(); - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { $return_string .= ''; } - } - //CHM - elseif ($row[1] == 4) - { + //CHM + elseif ($row[1] == 4) { $query = "SELECT value FROM {$GLOBALS['CONFIG']['db_prefix']}data, {$row['2']} WHERE {$GLOBALS['CONFIG']['db_prefix']}data.id = :file_id AND {$GLOBALS['CONFIG']['db_prefix']}data.{$row['2']}={$row['2']}.id"; $stmt = $pdo->prepare($query); $stmt->execute(array(':file_id' => $fileId)); $sub_row = $stmt->fetch(); - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { $return_string .= ''; } - } - //CHM + //CHM } return $return_string; } @@ -521,7 +492,7 @@ function udf_admin_menu() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { echo ''; } echo '
- - + + + ?>
@@ -483,13 +473,13 @@ - - + + @@ -497,14 +487,14 @@ prepare($query); - $stmt->execute(); - $result = $stmt->fetchAll(); - - foreach ($result as $row) { - echo ''; - } - ?> + $stmt = $pdo->prepare($query); + $stmt->execute(); + $result = $stmt->fetchAll(); + + foreach ($result as $row) { + echo ''; + } + ?> + if ($list_status != -1) { + ?>
:
@@ -521,21 +511,18 @@ isAdmin()) - { + if (!$user_obj->isAdmin()) { header('Location: error.php?ec=4'); exit; } $name = (isset($_POST['name']) ? $_POST['name'] : ''); - if($name == '') { + if ($name == '') { $last_message=msg('departmentpage_department_name_required'); header('Location: admin.php?last_message=' . $last_message); @@ -551,14 +538,14 @@ )); $result = $stmt->fetchAll(); - if($stmt->rowCount() != 0) - { + if ($stmt->rowCount() != 0) { header('Location: error.php?ec=3&last_message=' . $_POST['name'] . ' already exist in the database'); exit; } $query = "UPDATE {$GLOBALS['CONFIG']['db_prefix']}department SET name = :name WHERE id = :id"; - $stmt = $pdo->prepare($query);; + $stmt = $pdo->prepare($query); + ; $stmt->execute(array( ':id' => $_POST['id'], ':name' => $_POST['name'] @@ -571,14 +558,8 @@ callPluginMethod('onDepartmentModifySave', $_REQUEST); header('Location: admin.php?last_message=' . $last_message); -} -elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') { header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled'))); -} -else -{ +} else { header('Location: admin.php?last_message="' . urlencode(msg('message_nothing_to_do'))); } - - diff --git a/details.php b/details.php index 7a086986..f2af4a8e 100644 --- a/details.php +++ b/details.php @@ -175,10 +175,10 @@ $revision = "$rows"; } -$file_under_review = ( ($file_data_obj->isPublishable() == -1) ? true : false); +$file_under_review = (($file_data_obj->isPublishable() == -1) ? true : false); $to_value = (isset($reviewer_comments_fields[0]) ? (substr($reviewer_comments_fields[0], 3)) : ''); -$subject_value = (isset($reviewer_comments_fields[1]) ? (substr($reviewer_comments_fields[1],8)) : ''); +$subject_value = (isset($reviewer_comments_fields[1]) ? (substr($reviewer_comments_fields[1], 8)) : ''); $comments_value = (isset($reviewer_comments_fields[2]) ? (substr($reviewer_comments_fields[2], 9)) : ''); $file_detail = array( @@ -219,7 +219,7 @@ } // Lets figure out which buttons to show -if ($status == 0 || ($status == -1 && $file_data_obj->isOwner($_SESSION['uid']) )) { +if ($status == 0 || ($status == -1 && $file_data_obj->isOwner($_SESSION['uid']))) { // check if user has modify rights $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['pdo']); diff --git a/edit.php b/edit.php index 8bef3ece..2abc6144 100644 --- a/edit.php +++ b/edit.php @@ -23,9 +23,8 @@ session_start(); include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ - redirect_visitor(); +if (!isset($_SESSION['uid'])) { + redirect_visitor(); } include('udf_functions.php'); @@ -61,7 +60,7 @@ $data_id = $_REQUEST['id']; // includes $department_query = "SELECT department FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id=:user_id"; - $department_stmt = $pdo->prepare($department_query); + $department_stmt = $pdo->prepare($department_query); $department_stmt->bindParam(':user_id', $_SESSION['uid']); $department_stmt->execute(); $result = $department_stmt->fetchAll(); @@ -95,7 +94,7 @@ $t_name = array(); $i = 0; - foreach($result as $data) { + foreach ($result as $data) { $explode_v = explode('_', $data['table_name']); $t_name = $explode_v[2]; $i++; @@ -119,7 +118,7 @@ //////Populate department perm list///////////////// $dept_perms_array = array(); - foreach ($avail_departments as $dept) { + foreach ($avail_departments as $dept) { $avail_dept_perms['name'] = $dept['name']; $avail_dept_perms['id'] = $dept['id']; $avail_dept_perms['rights'] = $filedata->getDeptRights($dept['id']); @@ -128,12 +127,12 @@ //////Populate users perm list///////////////// $user_perms_array = array(); - foreach ($avail_users as $user) { + foreach ($avail_users as $user) { $avail_user_perms['fid'] = $data_id; $avail_user_perms['first_name'] = $user['first_name']; $avail_user_perms['last_name'] = $user['last_name']; $avail_user_perms['id'] = $user['id']; - $avail_user_perms['rights'] = $user_perms_obj->getPermissionForUser($user['id'], $data_id); + $avail_user_perms['rights'] = $user_perms_obj->getPermissionForUser($user['id'], $data_id); array_push($user_perms_array, $avail_user_perms); } @@ -162,7 +161,7 @@ display_smarty_template('_edit_footer.tpl'); }//end else -} else { +} else { // form submitted, process data $fileId = $_REQUEST['id']; $filedata = new FileData($fileId, $pdo); @@ -174,14 +173,13 @@ $perms_error = false; // check submitted data // at least one user must have "view" and "modify" rights - foreach( $_REQUEST['user_permission'] as $permission ) { - + foreach ($_REQUEST['user_permission'] as $permission) { if ($permission > 2) { $perms_error = true; } } - if(!$perms_error) { + if (!$perms_error) { header("Location:error.php?ec=12"); exit; } @@ -222,9 +220,8 @@ $del_dept_perms_stmt->execute(); $result_array = array(); // init; - - foreach($_REQUEST['user_permission'] as $user_id=>$permission) { - + + foreach ($_REQUEST['user_permission'] as $user_id=>$permission) { $insert_user_perms_query = " INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}user_perms ( diff --git a/error.php b/error.php index 58385130..e063f8c5 100644 --- a/error.php +++ b/error.php @@ -27,10 +27,8 @@ draw_header(msg('error'), $last_message); -if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) -{ - switch ($_REQUEST['ec']) - { +if (isset($_REQUEST['ec']) && intval($_REQUEST['ec']) >= 0) { + switch ($_REQUEST['ec']) { // login failure case 0: $message = msg('message_there_was_an_error_loggin_you_in'); @@ -79,11 +77,10 @@ // illegal file type case 13: - $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '' ); + $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); $message = msg('message_that_filetype_not_supported') . ' Admin->Settings->allowedFileTypes:

Current allowed filetypes:
    '; //echo "_File array is " . array_values($_FILES['file']); - foreach($GLOBALS['CONFIG']['allowedFileTypes'] as $thistype) - { + foreach ($GLOBALS['CONFIG']['allowedFileTypes'] as $thistype) { $message .= '
  • '.$thistype; } $message .= '
'; diff --git a/file_ops.php b/file_ops.php index 4b6b4433..9f8d7ff3 100644 --- a/file_ops.php +++ b/file_ops.php @@ -21,9 +21,8 @@ session_start(); include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ - redirect_visitor(); +if (!isset($_SESSION['uid'])) { + redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); @@ -31,44 +30,34 @@ // get a list of documents the user has "view" permission for // get current user's information-->department $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->isRoot()) -{ - header('Location:error.php?ec=24'); +if (!$user_obj->isRoot()) { + header('Location:error.php?ec=24'); } $flag = 0; -if(isset($_GET['submit']) && $_GET['submit'] == 'view_checkedout') -{ - echo PHP_EOL . '
'; - echo PHP_EOL . ''; - draw_header(msg('label_checked_out_files'), $last_message); - - $file_id_array = $user_obj->getCheckedOutFiles(); - - $page_url = $_SERVER['PHP_SELF'] . '?'; - $user_perm_obj = new UserPermission($_SESSION['uid'], $pdo); - $list_status = list_files($file_id_array, $user_perm_obj, $GLOBALS['CONFIG']['dataDir'], true, true); - if($list_status != -1 ) - { - echo PHP_EOL . '

'; - echo PHP_EOL . '
'; - } - draw_footer(); -} -elseif (isset($_POST['submit']) && $_POST['submit'] == 'Clear Status') -{ - if(isset($_POST["checkbox"])) - { - foreach($_POST['checkbox'] as $cbox) - { +if (isset($_GET['submit']) && $_GET['submit'] == 'view_checkedout') { + echo PHP_EOL . '
'; + echo PHP_EOL . ''; + draw_header(msg('label_checked_out_files'), $last_message); + + $file_id_array = $user_obj->getCheckedOutFiles(); + + $page_url = $_SERVER['PHP_SELF'] . '?'; + $user_perm_obj = new UserPermission($_SESSION['uid'], $pdo); + $list_status = list_files($file_id_array, $user_perm_obj, $GLOBALS['CONFIG']['dataDir'], true, true); + if ($list_status != -1) { + echo PHP_EOL . '

'; + echo PHP_EOL . '
'; + } + draw_footer(); +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Clear Status') { + if (isset($_POST["checkbox"])) { + foreach ($_POST['checkbox'] as $cbox) { $file_id = $cbox; $file_obj = new FileData($file_id, $pdo); $file_obj->setStatus(0); } - } header('Location:' . $_SERVER['PHP_SELF'] . '?state=2&submit=view_checkedout'); -} -else -{ +} else { echo 'Nothing to do'; } diff --git a/filetypes.php b/filetypes.php index 81670414..41efd125 100644 --- a/filetypes.php +++ b/filetypes.php @@ -24,8 +24,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -35,52 +34,36 @@ $filetypes = new FileTypes_class($pdo); //If the user is not an admin error out. -if(!$user_obj->isRoot() == true) -{ +if (!$user_obj->isRoot() == true) { header('Location: error.php?ec=24'); exit; } -if(isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') -{ +if (isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') { draw_header(msg('label_filetypes'), $last_message); $filetypes->edit(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') { draw_header(msg('label_filetypes'), $last_message); - if($filetypes->save($_POST)) - { + if ($filetypes->save($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } $GLOBALS['smarty']->assign('last_message', $_POST['last_message']); $filetypes->edit(); draw_footer(); -} -elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') { header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled'))); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNew') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNew') { draw_header(msg('label_filetypes'), $last_message); display_smarty_template('filetype_add.tpl'); draw_footer(); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNewSave') -{ - if($filetypes->add($_POST)) - { +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'AddNewSave') { + if ($filetypes->add($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } $GLOBALS['smarty']->assign('last_message', $_POST['last_message']); @@ -89,31 +72,21 @@ $filetypes->edit(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'DeleteSelect') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'DeleteSelect') { draw_header(msg('label_filetypes'), $last_message); $filetypes->deleteSelect(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Delete') -{ - if($filetypes->delete($_POST)) - { +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Delete') { + if ($filetypes->delete($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } $GLOBALS['smarty']->assign('last_message', $_POST['last_message']); draw_header(msg('label_filetypes'), $last_message); $filetypes->edit(); draw_footer(); -} -else -{ +} else { header('Location: admin.php?last_message=' . urlencode(msg('message_nothing_to_do'))); } - diff --git a/forgot_password.php b/forgot_password.php index f523c34d..3f7d40c7 100644 --- a/forgot_password.php +++ b/forgot_password.php @@ -22,14 +22,12 @@ include_once('odm-load.php'); -if(isset($GLOBALS['CONFIG']['allow_password_reset']) && $GLOBALS['CONFIG']['allow_password_reset'] != 'True') -{ +if (isset($GLOBALS['CONFIG']['allow_password_reset']) && $GLOBALS['CONFIG']['allow_password_reset'] != 'True') { echo msg('message_sorry_not_allowed'); exit; } -if (!isset($_REQUEST['last_message'])) -{ +if (!isset($_REQUEST['last_message'])) { $_REQUEST['last_message']=''; } @@ -101,14 +99,11 @@ ':code' => $code )); - if ($stmt->rowCount() < 1) - { + if ($stmt->rowCount() < 1) { $redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_the_code_you_are_using')); header("Location: $redirect"); exit; - } - else - { + } else { $userInfo = $stmt->fetch(); $user_id = $userInfo['id']; // build the header and navigation @@ -124,17 +119,21 @@ */ - if (strlen($_REQUEST['last_message'])) + if (strlen($_REQUEST['last_message'])) { draw_error($_REQUEST['last_message']); + } ?>

- - - + + + @@ -162,9 +161,7 @@ */ } -} -else if (isset($_POST['username']) && strlen($_POST['username']) > 0) -{ +} elseif (isset($_POST['username']) && strlen($_POST['username']) > 0) { // they have sent an username $username = trim($_POST['username']); @@ -182,14 +179,11 @@ $stmt->execute(array(':username' => $username)); // send them back if we didn't find the username - if ($stmt->rowCount() == 0) - { + if ($stmt->rowCount() == 0) { $redirect = 'forgot_password.php?last_message=' . urlencode(msg('message_the_username_you_entered')); header("Location: $redirect"); exit; - } - else - { + } else { $user_info = $stmt->fetch(); $user_id = $user_info['id']; $email = $user_info['Email']; @@ -198,8 +192,7 @@ $salt = "abcdefghjkmnpqrstuvwxyz23456789ABCDEFGHJKLMNPQRSTUVWXYZ23456789"; $i = 0; $randstring = ''; - while ($i <= 7) - { + while ($i <= 7) { $num = rand() % 63; $tmp = substr($salt, $num, 1); $randstring .= $tmp; @@ -232,8 +225,7 @@ $mail_body .= msg('area_admin') . PHP_EOL . PHP_EOL; // send the email - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($email, msg('area_reset_password'), $mail_body, $mail_headers); } @@ -244,10 +236,10 @@ } // default form -else -{ - if (strlen($_REQUEST['last_message'])) +else { + if (strlen($_REQUEST['last_message'])) { draw_error($_REQUEST['last_message']); + } ?>

@@ -267,4 +259,5 @@ template_dir = dirname(__FILE__) . '/templates/' . $GLOBALS['CONFIG']['theme'] .'/'; +$GLOBALS['smarty']->template_dir = dirname(__FILE__) . '/templates/' . $GLOBALS['CONFIG']['theme'] . '/'; $GLOBALS['smarty']->compile_dir = dirname(__FILE__) . '/templates_c/'; /**** SET g_ vars from Global Config arr ***/ -foreach($GLOBALS['CONFIG'] as $key => $value) -{ - $GLOBALS['smarty']->assign('g_' . $key,$value); +foreach ($GLOBALS['CONFIG'] as $key => $value) { + $GLOBALS['smarty']->assign('g_' . $key, $value); } include_once('classHeaders.php'); @@ -45,18 +44,14 @@ functions.php - various utility functions require_once("File_class.php"); /* Set language vars */ -foreach($GLOBALS['lang'] as $key=>$value) -{ +foreach ($GLOBALS['lang'] as $key => $value) { $GLOBALS['smarty']->assign('g_lang_' . $key, msg($key)); } // Check if dataDir is working -if(!is_dir($GLOBALS['CONFIG']['dataDir'])) -{ +if (!is_dir($GLOBALS['CONFIG']['dataDir'])) { echo $GLOBALS['lang']['message_datadir_problem_exists'] . ' ' . $GLOBALS['lang']['label_settings'] . '
'; -} -elseif(!is_writable($GLOBALS['CONFIG']['dataDir'])) -{ +} elseif (!is_writable($GLOBALS['CONFIG']['dataDir'])) { echo $GLOBALS['lang']['message_datadir_problem_writable'] . ' ' . $GLOBALS['lang']['label_settings'] . '
'; } @@ -66,16 +61,13 @@ functions.php - various utility functions function fix_date($val) { //split it up into components - if( $val != 0 ) - { + if ($val != 0) { $arr = explode(' ', $val); $timearr = explode(':', $arr[1]); $datearr = explode('-', $arr[0]); // create a timestamp with mktime(), format it with date() return date('d M Y (H:i)', mktime($timearr[0], $timearr[1], $timearr[2], $datearr[1], $datearr[2], $datearr[0])); - } - else - { + } else { return 0; } } @@ -85,16 +77,15 @@ function space_to_underscore($string) { $string_len = strlen($string); $index = 0; - while( $index< $string_len ) - { - if($string[$index] == ' ') - { - $string[$index]= '_'; + while ($index < $string_len) { + if ($string[$index] == ' ') { + $string[$index] = '_'; } $index++; } return $string; } + // Draw the status bar for each page function draw_status_bar() { @@ -106,55 +97,48 @@ function draw_menu() { return; } + /* * draw_header - Draw the header area from the template file * @param string $pageTitle The title from the settings. * @param string $lastmessage Any error or feedback message to be sent to screen */ -function draw_header($pageTitle, $lastmessage='') +function draw_header($pageTitle, $lastmessage = '') { global $pdo; $uid = (isset($_SESSION['uid']) ? $_SESSION['uid'] : ''); - + // Is the uid set? - if ($uid != NULL) - { + if ($uid != null) { $current_user_obj = new User($uid, $pdo); $GLOBALS['smarty']->assign('userName', $current_user_obj->getName()); $GLOBALS['smarty']->assign('can_add', $current_user_obj->can_add); $GLOBALS['smarty']->assign('can_checkin', $current_user_obj->can_checkin); } - + // Are they an Admin? - if ($uid != NULL && $current_user_obj->isAdmin()) - { + if ($uid != null && $current_user_obj->isAdmin()) { $GLOBALS['smarty']->assign('isadmin', 'yes'); } - - if(!isset($_REQUEST['state'])) - { - $_REQUEST['state']=1; - } - + + if (!isset($_REQUEST['state'])) { + $_REQUEST['state'] = 1; + } + $lastmessage = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : $lastmessage); // Set up the breadcrumbs $crumb = new crumb(); $crumb->addCrumb($_REQUEST['state'], $pageTitle, $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING']); $breadCrumb = $crumb->printTrail($_REQUEST['state']); - + $GLOBALS['smarty']->assign('breadCrumb', $breadCrumb); $GLOBALS['smarty']->assign('site_title', $GLOBALS['CONFIG']['title']); $GLOBALS['smarty']->assign('base_url', $GLOBALS['CONFIG']['base_url']); $GLOBALS['smarty']->assign('page_title', $pageTitle); $GLOBALS['smarty']->assign('lastmessage', htmlspecialchars($lastmessage)); display_smarty_template('header.tpl'); - - if (is_dir('install')) - { - echo '' . msg('install_folder') . ''; - } } @@ -187,9 +171,8 @@ function email_all($mail_subject, $mail_body, $mail_header) $stmt->execute(); $result = $stmt->fetchColumn(); - foreach($result as $row) { - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + foreach ($result as $row) { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($row['Email'], $mail_subject, $mail_body, $mail_header); } } @@ -219,7 +202,7 @@ function email_dept($dept_id, $mail_subject, $mail_body, $mail_header) )); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($row['Email'], $mail_subject, $mail_body, $mail_header); } @@ -234,10 +217,8 @@ function email_dept($dept_id, $mail_subject, $mail_body, $mail_header) */ function email_users_obj($user_OBJ_array, $mail_subject, $mail_body, $mail_header) { - for($i = 0; $i< sizeof($user_OBJ_array); $i++) - { - if ($GLOBALS['CONFIG']['demo'] == 'False') - { + for ($i = 0; $i < sizeof($user_OBJ_array); $i++) { + if ($GLOBALS['CONFIG']['demo'] == 'False') { mail($user_OBJ_array[$i]->getEmailAddress(), $mail_subject, $mail_body, $mail_header); } } @@ -253,21 +234,20 @@ function email_users_id($user_ID_array, $mail_subject, $mail_body, $mail_header) { global $pdo; - for($i = 0; $i 0)) { + for ($i = 0; $i < sizeof($user_ID_array); $i++) { + if (($user_ID_array[$i] > 0)) { $OBJ_array[$i] = new User($user_ID_array[$i], $pdo); } - } - - if(count($OBJ_array) > 0) { + } + + if (count($OBJ_array) > 0) { email_users_obj($OBJ_array, $mail_subject, $mail_body, $mail_header); } } function getmicrotime() { - list($usec, $sec) = explode(" ",microtime()); + list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec); } @@ -284,35 +264,27 @@ function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = fal { global $pdo; - // print_r($fileid_array);exit; - if(sizeof($fileid_array)==0 || !isset($fileid_array[0])) - { - echo'' . msg('message_no_files_found') . PHP_EOL; + if (sizeof($fileid_array) == 0 || !isset($fileid_array[0])) { + echo '' . msg('message_no_files_found') . PHP_EOL; return -1; } - foreach($fileid_array as $fileid) - { + foreach ($fileid_array as $fileid) { $file_obj = new FileData($fileid, $pdo); - $userAccessLevel = $userperms_obj->getAuthority($fileid,$file_obj); + $userAccessLevel = $userperms_obj->getAuthority($fileid, $file_obj); $description = $file_obj->getDescription(); - - if ($file_obj->getStatus() == 0 and $userAccessLevel >= $userperms_obj->VIEW_RIGHT) - { + + if ($file_obj->getStatus() == 0 and $userAccessLevel >= $userperms_obj->VIEW_RIGHT) { $lock = false; - } - else - { + } else { $lock = true; } - if ($description == '') - { + if ($description == '') { $description = msg('message_no_description_available'); } $created_date = fix_date($file_obj->getCreatedDate()); - if ($file_obj->getModifiedDate()) - { + if ($file_obj->getModifiedDate()) { $modified_date = fix_date($file_obj->getModifiedDate()); } else { $modified_date = $created_date; @@ -326,18 +298,15 @@ function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = fal //Get the file size in bytes. $filesize = display_filesize($dataDir . $fileid . '.dat'); - if ($userAccessLevel >= $userperms_obj->READ_RIGHT) - { - $suffix = strtolower((substr($realname,((strrpos($realname,".")+1))))); + if ($userAccessLevel >= $userperms_obj->READ_RIGHT) { + $suffix = strtolower((substr($realname, ((strrpos($realname, ".") + 1))))); $mimetype = File::mime_by_ext($suffix); - $view_link = 'view_file.php?submit=view&id=' . urlencode($fileid).'&mimetype='.urlencode("$mimetype"); - } - else - { + $view_link = 'view_file.php?submit=view&id=' . urlencode($fileid) . '&mimetype=' . urlencode("$mimetype"); + } else { $view_link = 'none'; } - $details_link = 'details.php?id=' . $fileid . '&state=' . ($_REQUEST['state']+1); + $details_link = 'details.php?id=' . $fileid . '&state=' . ($_REQUEST['state'] + 1); $read = array($userperms_obj->READ_RIGHT, 'r'); $write = array($userperms_obj->WRITE_RIGHT, 'w'); @@ -347,49 +316,45 @@ function list_files($fileid_array, $userperms_obj, $dataDir, $showCheckBox = fal //$rights[max][0] = admin, $rights[max-1][0]=write, ..., $right[min][0]=view //if $userright matches with $rights[max][0], then this user has all the rights of $rights[max][0] //and everything below it. - for($i = sizeof($rights)-1; $i>=0; $i--) - { - if($userAccessLevel==$rights[$i][0]) - { + for ($i = sizeof($rights) - 1; $i >= 0; $i--) { + if ($userAccessLevel == $rights[$i][0]) { $index_found = $i; $i = 0; } } //Found the user right, now bold every below it. For those that matches, make them different. - for($i = $index_found; $i>=0; $i--) - { - $rights[$i][1]=''. $rights[$i][1] . ''; + for ($i = $index_found; $i >= 0; $i--) { + $rights[$i][1] = '' . $rights[$i][1] . ''; } //For everything above it, blank out - for($i = $index_found+1; $i$fileid, - 'view_link'=>$view_link, - 'details_link'=>$details_link, - 'filename'=>$realname, - 'description'=>$description, - 'rights'=>$rights, - 'created_date'=>$created_date, - 'modified_date'=>$modified_date, - 'owner_name'=>$owner_name, - 'dept_name'=>$dept_name, - 'filesize'=>$filesize, - 'lock'=>$lock, - 'showCheckbox'=>$showCheckBox, - 'rejectpage'=>$rejectpage + 'id' => $fileid, + 'view_link' => $view_link, + 'details_link' => $details_link, + 'filename' => $realname, + 'description' => $description, + 'rights' => $rights, + 'created_date' => $created_date, + 'modified_date' => $modified_date, + 'owner_name' => $owner_name, + 'dept_name' => $dept_name, + 'filesize' => $filesize, + 'lock' => $lock, + 'showCheckbox' => $showCheckBox, + 'rejectpage' => $rejectpage ); //print_r($file_list_arr);exit; } - + $limit_reached = false; - if(count($file_list_arr) >= $GLOBALS['CONFIG']['max_query']) { + if (count($file_list_arr) >= $GLOBALS['CONFIG']['max_query']) { $limit_reached = true; } - + $GLOBALS['smarty']->assign('limit_reached', $limit_reached); $GLOBALS['smarty']->assign('showCheckBox', $showCheckBox); //print_r($file_list_arr);exit; @@ -409,102 +374,96 @@ function sort_browser() global $pdo; ?> -'.PHP_EOL; ?> -
-
:
- - - - - -
- - - - - -
- + < / select > + < / td > + < td > + < select + name = 'category_item' + onChange = 'loadOrder(this)' > + < option + id = '0' + selected > < / option > + < / select > + < / td > + < td > + < select + name = 'category_item_order' + onChange = 'load(this)' > + < option + id = '0' + selected > < / option > + < / select > + < / td > + < / tr > + < / table > + < / form > "); + for ($i = 0; $i < sizeof($array); $i++) { + echo($i . ":" . $array[$i] . "
"); } } + function display_array2D($array) { - for($i=0; $i"); + for ($i = 0; $i < sizeof($array); $i++) { + for ($j = 0; $j < sizeof($array[$i]); $j++) { + echo($i . ":" . "$j" . ":" . $array[$i][$j] . "
"); } } } + function makeRandomPassword() { - $pass=''; + $pass = ''; $salt = 'abchefghjkmnpqrstuvw3456789'; - srand((double)microtime()*1000000); + srand((double)microtime() * 1000000); $i = 0; - while ($i <= 7) - { + while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; @@ -643,6 +635,7 @@ function makeRandomPassword() } return $pass; } + /* * @param $file_id int * @param $permittable_right int the right value requested @@ -653,23 +646,23 @@ function checkUserPermission($file_id, $permittable_right, $obj) global $pdo; $userperm_obj = new UserPermission($_SESSION['uid'], $pdo); - if(!$userperm_obj->user_obj->isAdmin() && $userperm_obj->getAuthority($file_id, $obj) < $permittable_right) - { - echo msg('error').': '.msg('message_unable_to_find_file') . PHP_EOL; + if (!$userperm_obj->user_obj->isAdmin() && $userperm_obj->getAuthority($file_id, $obj) < $permittable_right) { + echo msg('error') . ': ' . msg('message_unable_to_find_file') . PHP_EOL; echo ' ' . msg('message_please_email') . ' ' . msg('area_admin') . ''; exit(); } } + function fmove($source_file, $destination_file) { //read and close - $fhandler = fopen ($source_file, "r"); - $fcontent = fread($fhandler, filesize ($source_file)); - fclose ($fhandler); + $fhandler = fopen($source_file, "r"); + $fcontent = fread($fhandler, filesize($source_file)); + fclose($fhandler); //write and close - $fhandler = fopen ($destination_file, "w"); + $fhandler = fopen($destination_file, "w"); fwrite($fhandler, $fcontent); - fclose ($fhandler); + fclose($fhandler); //delete source file unlink($source_file); } @@ -677,52 +670,42 @@ function fmove($source_file, $destination_file) function display_filesize($file) { // Does the file exist? - if(is_file($file)) - { + if (is_file($file)) { //Setup some common file size measurements. - $kb=1024; - $mb=1048576; - $gb=1073741824; - $tb=1099511627776; + $kb = 1024; + $mb = 1048576; + $gb = 1073741824; + $tb = 1099511627776; //Get the file size in bytes. $size = filesize($file); //Format file size - if($size < $kb) - { - return $size." B"; - } - elseif($size < $mb) - { - return round($size/$kb,2)." KB"; - } - elseif($size < $gb) - { - return round($size/$mb,2)." MB"; - } - elseif($size < $tb) - { - return round($size/$gb,2)." GB"; - } - else - { - return round($size/$tb,2)." TB"; + if ($size < $kb) { + return $size . " B"; + } elseif ($size < $mb) { + return round($size / $kb, 2) . " KB"; + } elseif ($size < $gb) { + return round($size / $mb, 2) . " MB"; + } elseif ($size < $tb) { + return round($size / $gb, 2) . " GB"; + } else { + return round($size / $tb, 2) . " TB"; } - } - else - { + } else { return "X"; } } + function valid_username($username) { - if(preg_match('/^\w+$/',$username)) + if (preg_match('/^\w+$/', $username)) { return true; - else + } else { return false; + } } @@ -744,32 +727,23 @@ function cleanInput($input) function sanitizeme($input) { - if (is_array($input)) - { - foreach($input as $var=>$val) - { + if (is_array($input)) { + foreach ($input as $var => $val) { $output[$var] = sanitizeme($val); } - } - else - { - if (get_magic_quotes_gpc()) - { + } else { + if (get_magic_quotes_gpc()) { $input = stripslashes($input); } //echo "Raw Input:" . $input . "
"; - $input = cleanInput($input); + $input = cleanInput($input); //echo "Clean Input:" . $input . "
"; $output = $input; //echo "mysql_escape output" . $output . "
"; - } - if(isset($output) && $output != '') - { + if (isset($output) && $output != '') { return $output; - } - else - { + } else { return false; } } @@ -781,15 +755,12 @@ function sanitizeme($input) */ function msg($s) { - if (isset($GLOBALS['lang'][$s])) - { - return $GLOBALS['lang'][$s]; - } - else - { - return $s; - } + if (isset($GLOBALS['lang'][$s])) { + return $GLOBALS['lang'][$s]; + } else { + return $s; } +} /* * This function will check for the existence of a template file @@ -800,12 +771,9 @@ function msg($s) function display_smarty_template($template_file) { /* @var $template_file string */ - if(file_exists(ABSPATH . '/templates/' . $GLOBALS['CONFIG']['theme'] . '/' . $template_file)) - { + if (file_exists(ABSPATH . '/templates/' . $GLOBALS['CONFIG']['theme'] . '/' . $template_file)) { $GLOBALS['smarty']->display($template_file); - } - else - { + } else { $GLOBALS['smarty']->display(ABSPATH . '/templates/common/' . $template_file); } } @@ -868,7 +836,7 @@ function xss_clean($str) // * Made some quantifiers possessive // * Handle arrays recursively - if (is_array($str) OR is_object($str)) { + if (is_array($str) or is_object($str)) { foreach ($str as $k => $s) { $str[$k] = xss_clean($s); } @@ -917,14 +885,14 @@ function xss_clean($str) * Custom redirection handler * @param string $url the internal page to redirect them to */ -function redirect_visitor($url='') +function redirect_visitor($url = '') { - if($url=='') { + if ($url == '') { header('Location:index.php?redirection=' . urlencode($_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'])); exit; } else { // Lets make sure its not an outside URL - if(!preg_match('#^(http|https|ftp)://#', $url)) { + if (!preg_match('#^(http|https|ftp)://#', $url)) { header('Location:' . $url); exit; } else { @@ -932,5 +900,4 @@ function redirect_visitor($url='') exit; } } - } diff --git a/history.php b/history.php index d2675a00..1fa9a55d 100644 --- a/history.php +++ b/history.php @@ -25,125 +25,118 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') -{ +if (!isset($_REQUEST['id']) || $_REQUEST['id'] == '') { header('Location:error.php?ec=2'); exit; } draw_header(msg('area_view_history'), $last_message); //revision parsing -if(strchr($_REQUEST['id'], '_') ) -{ - list($_REQUEST['id'], $revision_id) = explode('_' , $_REQUEST['id']); +if (strchr($_REQUEST['id'], '_')) { + list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']); } $datafile = new FileData($_REQUEST['id'], $pdo); // verify -if ($datafile->getError() != NULL) -{ +if ($datafile->getError() != null) { header('Location:error.php?ec=2'); exit; -} -else -{ -// obtain data from resultset +} else { + // obtain data from resultset $owner_full_name = $datafile->getOwnerFullName(); -$owner = $owner_full_name[1].', '.$owner_full_name[0]; -$real_name = $datafile->getRealName(); -$category = $datafile->getCategoryName(); -$created = $datafile->getCreatedDate(); -$description = $datafile->getDescription(); -$comments = $datafile->getComment(); -$status = $datafile->getStatus(); + $owner = $owner_full_name[1].', '.$owner_full_name[0]; + $real_name = $datafile->getRealName(); + $category = $datafile->getCategoryName(); + $created = $datafile->getCreatedDate(); + $description = $datafile->getDescription(); + $comments = $datafile->getComment(); + $status = $datafile->getStatus(); // corrections -if ($description == '') -{ +if ($description == '') { $description = msg('message_no_description_available'); } -if ($comments == '') -{ - $comments = msg('message_no_author_comments_available'); -} -if($datafile->isArchived()) -{ - $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . '.dat'; -} -else -{ - $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . '.dat'; -} -?> + if ($comments == '') { + $comments = msg('message_no_author_comments_available'); + } + if ($datafile->isArchived()) { + $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . '.dat'; + } else { + $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . '.dat'; + } + ?> '; -echo ''; -?> + echo ''; + echo ''; + ?> - + - + - + - + - + - + - @@ -153,7 +146,8 @@ - + @@ -161,17 +155,20 @@ @@ -264,7 +263,6 @@
'; -} -else -{ +} else { echo ''; } -echo ''.$real_name.''.$real_name.'
+
+ ?>
- - - - + + + + $revision_id )); $result = $stmt->fetchAll(); - } - else - { - $query = " + } else { + $query = " SELECT u.last_name, u.first_name, @@ -221,41 +216,45 @@ ':id' => $_REQUEST['id'] )); $result = $stmt->fetchAll(); - } + } $current_revision = $stmt->rowCount(); - // iterate through resultset - foreach($result as $row) { + // iterate through resultset + foreach ($result as $row) { $last_name = $row['last_name']; $first_name = $row['first_name']; $modified_on = $row['modified_on']; $note = $row['note']; $revision = $row['revision']; - if (isset($bgcolor) && $bgcolor == "#FCFCFC") { - $bgcolor = "#E3E7F9"; - } else { - $bgcolor = "#FCFCFC"; - } + if (isset($bgcolor) && $bgcolor == "#FCFCFC") { + $bgcolor = "#E3E7F9"; + } else { + $bgcolor = "#FCFCFC"; + } - echo ''; + echo ''; - $extra_message = ''; - if (is_file($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . "_$revision.dat")) { - echo ' - - - + + +
' . ($revision + 1) . '
' . $extra_message; - } else { - echo '
' . $revision . $extra_message; - } - ?> + $extra_message = ''; + if (is_file($GLOBALS['CONFIG']['revisionDir'] . $_REQUEST['id'] . '/' . $_REQUEST['id'] . "_$revision.dat")) { + echo '
' . ($revision + 1) . '
' . $extra_message; + } else { + echo '
' . $revision . $extra_message; + } + ?>
getId()); -draw_footer(); +callPluginMethod('onAfterHistory', $datafile->getId()); + draw_footer(); } - diff --git a/in.php b/in.php index 4f945943..595f93b1 100644 --- a/in.php +++ b/in.php @@ -25,14 +25,13 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $user_obj = new User($_SESSION['uid'], $pdo); -if(!$user_obj->canCheckIn()){ +if (!$user_obj->canCheckIn()) { redirect_visitor('out.php'); } @@ -66,12 +65,9 @@ // how many records? $count = $stmt->rowCount(); -if ($count == 0) -{ +if ($count == 0) { echo ' ' . msg('message_no_documents_checked_out'); -} -else -{ +} else { echo ''; echo ''; echo ''; @@ -85,7 +81,7 @@ $row_color = "#FCFCFC"; // iterate through resultset - foreach($result as $row) { + foreach ($result as $row) { $id = $row['id']; $last_name = $row['last_name']; $first_name = $row['first_name']; @@ -95,8 +91,7 @@ $status = $row['status']; // correction - if ($description == '') - { + if ($description == '') { $description = msg('message_no_information_available'); } $filename = $GLOBALS['CONFIG']['dataDir'] . $id . '.dat'; @@ -113,12 +108,9 @@ echo ' '; echo ''; - if ( $row_color == "#FCFCFC" ) - { + if ($row_color == "#FCFCFC") { $row_color = "#E3E7F9"; - } - else - { + } else { $row_color = "#FCFCFC"; } } @@ -128,4 +120,4 @@ echo '
' . msg('message_document_checked_out_to_you'). ' : ' . $count . '
' . display_filesize($filename) . '
'; } -draw_footer(); \ No newline at end of file +draw_footer(); diff --git a/includes/language/DataTables/datatables.french.txt b/includes/language/DataTables/datatables.french.txt index 5eba1259..c09cf09c 100644 --- a/includes/language/DataTables/datatables.french.txt +++ b/includes/language/DataTables/datatables.french.txt @@ -2,7 +2,7 @@ "sProcessing": "Traitement en cours...", "sLengthMenu": "Afficher _MENU_ éléments", "sZeroRecords": "Auncun enregistrement pour cette requête", - "sInfo": "Afficher de _START_ à _END_ éléments sur un total de _TOTAL_ entries", + "sInfo": "Afficher de _START_ à _END_ éléments sur un total de _TOTAL_ entrées", "sInfoEmpty": "Afficher de 0 à 0 éléments sur un total de 0 ", "sInfoFiltered": "(Filtré sur _MAX_ éléments au total)", "sInfoPostFix": "", @@ -11,7 +11,7 @@ "oPaginate": { "sFirst": "Premier", "sPrevious": "Précédent", - "sNext": SuivantNext", + "sNext": "Suivant", "sLast": "Dernier" } } \ No newline at end of file diff --git a/includes/language/arabic.php b/includes/language/arabic.php index fb82ff6e..ff9cbb9d 100644 --- a/includes/language/arabic.php +++ b/includes/language/arabic.php @@ -24,7 +24,6 @@ //Login $lang['anonymous_link'] = 'انقر هنالعرض الملفات العامة'; $lang['forgotpassword'] = 'تغيير كلمة المرور'; -$lang['install_folder'] = 'Security Notice: If you already installed/updated then you should remove the \'install\' folder before proceeding'; $lang['signup'] = 'إنشاء حساب جديد'; $lang['welcome'] = 'نظام التوثيق الآلي'; $lang['welcome2'] = 'الدخول للنظام'; @@ -294,7 +293,7 @@ $lang['message_no_description_available'] = 'لايوجد وصف متاح'; $lang['message_no_documents_checked_out'] = 'لايوجد اي وثيقة للتفحص حاليا'; $lang['message_no_files_found'] = 'لا توجد ملفات'; -$lang['message_no_information_available'] = 'لاتوجد معلومات متاحة '; +$lang['message_no_information_available'] = 'لاتوجد معلومات متاحة '; $lang['message_non_unique_account'] = 'حساب غير وحيد'; //Abduh says :this value must be changed $lang['message_non_unique_key'] = 'مفتاح غير وحيد في قاعدة البيانات'; //Abduh says :this value must be changed $lang['message_nothing_to_do'] = 'لا توجد علاقة'; //Abduh says :this value must be changed @@ -374,6 +373,10 @@ $lang['editpage_write'] = 'كتابة'; $lang['editpage_admin'] = 'مسئول'; +// File Permissions Page +$lang['filepermissionspage_edit_department_permissions'] = 'Edit Department Permissions'; +$lang['filepermissionspage_edit_user_permissions'] = 'Edit User Permissions'; + // Delete/Undeleta Admin Page $lang['undeletepage_file_permanently_deleted'] = 'تم حذف الملف بشكل نهائي'; $lang['undeletepage_file_undeleted'] = 'تم إلغاء حذف الملف'; @@ -458,6 +461,9 @@ $lang['userpage_yes'] = 'نعم'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'تحرير نوعية الملف'; $lang['adminpage_edit_settings'] = 'تحرير الاعدادات'; $lang['adminpage_reports'] = 'تقارير'; @@ -486,3 +492,7 @@ //Search Page $lang['searchpage_all_meta'] = 'بحث في الحقول الرئيسية'; +// Footer +$lang['footer_support'] = 'Support'; +$lang['footer_feedback'] = 'Feedback'; +$lang['footer_bugs'] = 'Bugs'; diff --git a/includes/language/bangla.php b/includes/language/bangla.php index 8a743006..14967342 100644 --- a/includes/language/bangla.php +++ b/includes/language/bangla.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'অজ্ঞাতপরিচয় হিসাবে সার্বজনীন ফাইল দেখতে এখানে ক্লিক করুন'; $lang['forgotpassword'] = 'কূটশব্দ ভুলেছেন?'; -$lang['install_folder'] = 'নিরাপত্তা বিজ্ঞপ্তিঃ ইতিমধ্যেই যদা সংস্থাপন/কিংবা পরিবর্ধন করে থাকেন তাহলে অগ্রসর হওয়ার পূ্র্বেই অবশ্যই \'install\' ফোল্ডারটি মুছে ফেলুন '; $lang['signup'] = 'একাউন্টের জন্য যোগ দিন'; $lang['welcome'] = 'OpenDocMan এ সুস্বাগতম'; $lang['welcome2'] = 'সিস্টেমের শক্তিশালী সংরক্ষণাগার, প্রকাশনা এবং রিভিসন নিয়ন্ত্রণ বৈশিষ্ট্য ব্যবহার করার জন্য প্রবেশ করুন।'; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'হ্যাঁ'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'ফাইলের ধরণ সম্পাদনা'; $lang['adminpage_edit_settings'] = 'নিয়ামক সম্পাদনা'; $lang['adminpage_reports'] = 'প্রতিবেদনসমূহ'; @@ -491,4 +493,4 @@ // Footer $lang['footer_support'] = 'সাপোর্ট'; $lang['footer_feedback'] = 'ফিডব্যাক'; -$lang['footer_bugs'] = 'বাগ'; \ No newline at end of file +$lang['footer_bugs'] = 'বাগ'; diff --git a/includes/language/chinese.php b/includes/language/chinese.php index 2f9f77e7..64d7d09c 100644 --- a/includes/language/chinese.php +++ b/includes/language/chinese.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = '匿名查看公共文件点这里'; $lang['forgotpassword'] = '忘记密码?'; -$lang['install_folder'] = '安全注意:如果你已完成安装或升级请移除install目录'; $lang['signup'] = '申请账号'; $lang['welcome'] = '欢迎进入OpenDocMan'; $lang['welcome2'] = '登录进来开始使用本系统强大的文档存储,发布和版本控制功能'; @@ -461,6 +460,9 @@ $lang['userpage_yes'] = 'Yes'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Edit file types'; $lang['adminpage_edit_settings'] = 'Edit settings'; $lang['adminpage_reports'] = 'Reports'; diff --git a/includes/language/croatian.php b/includes/language/croatian.php index 2233f353..f907bb11 100644 --- a/includes/language/croatian.php +++ b/includes/language/croatian.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Kliknite ovdje kako biste anonimno gledali javne datoteke'; $lang['forgotpassword'] = 'Zaboravili ste lozinku?'; -$lang['install_folder'] = 'Sigurnosno upozorenje: Ako ste već instalirali/nadogradili program, trebali biste izbrisati \'install\' direktorij prije nego nastavite dalje'; $lang['signup'] = 'Registrirajte račun'; $lang['welcome'] = 'Dobro došli u OpenDocMan.'; $lang['welcome2'] = 'Prijavite se kako biste počeli koristiti moćnu sistemsku pohranu podataka, objavljivanje i kontrolu promjena nad datotekama.'; @@ -461,6 +460,9 @@ $lang['userpage_yes'] = 'Da'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_settings'] = 'Uredi postavke'; $lang['adminpage_edit_filetypes'] = 'Uredi tipove datoteka'; $lang['adminpage_reports'] = 'Izvještaji'; diff --git a/includes/language/czech.php b/includes/language/czech.php index 44c50145..909ff795 100644 --- a/includes/language/czech.php +++ b/includes/language/czech.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Klikněte zde pro prohlížení veřejných souborů'; $lang['forgotpassword'] = 'Zapoměli jste heslo?'; -$lang['install_folder'] = 'Varování: Pokud jste instalovali/updatovali OpenDocMan měli by jste odebrat adresář \'install\' před další prací'; $lang['signup'] = 'Vytvořit účet'; $lang['welcome'] = 'Vítejte ve správě dokumentů'; $lang['welcome2'] = 'Přihlaste se pro použití systému.'; @@ -461,6 +460,9 @@ $lang['userpage_yes'] = 'Ano'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Upravit typy souborů'; $lang['adminpage_edit_settings'] = 'Upravit nastavení'; $lang['adminpage_reports'] = 'Záznamy'; diff --git a/includes/language/danish.php b/includes/language/danish.php index 3225209c..5e3299fe 100644 --- a/includes/language/danish.php +++ b/includes/language/danish.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Klik her for at se offentlige filer anonymt'; $lang['forgotpassword'] = 'Glemt dit password?'; -$lang['install_folder'] = 'Sikkerhedsbesked: Hvis du allerede har installeret/opdateret, så bør du slette folderen \'install\' før du fortsætter'; $lang['signup'] = 'Log ind til en konto'; $lang['welcome'] = 'Velkommen til OpenDocMan'; $lang['welcome2'] = 'Log ind for at begynde med at bruge systemet\'s kraftige lagrings-, publiserings- og revisionskontrolegenskaber.'; @@ -461,6 +460,9 @@ $lang['userpage_yes'] = 'Ja'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Editer filtyper'; $lang['adminpage_edit_settings'] = 'Editer indstillinger'; $lang['adminpage_reports'] = 'Rapporter'; diff --git a/includes/language/dutch.php b/includes/language/dutch.php index f1951511..74587386 100644 --- a/includes/language/dutch.php +++ b/includes/language/dutch.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Klik hier om de bestanden te bekijken waarvoor u niet hoeft in te loggen'; $lang['forgotpassword'] = 'Wachtwoord vergeten?'; -$lang['install_folder'] = 'LET OP: Als u al geïnstalleerd/ge-updated hebt, verwijder dan de map \'install\' voordat u verder gaat'; $lang['signup'] = 'Meld u aan voor een account'; $lang['welcome'] = 'Welkom bij OpenDocMan'; $lang['welcome2'] = 'Log in met uw gebruikersnaam om de krachtige opslag-, versiecontrole- en redactiemogelijkheden van OpenDocMan te benutten.'; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'Yes'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Edit file types'; $lang['adminpage_edit_settings'] = 'Edit settings'; $lang['adminpage_reports'] = 'Reports'; diff --git a/includes/language/english.php b/includes/language/english.php index e1547daa..ecd7ffdb 100644 --- a/includes/language/english.php +++ b/includes/language/english.php @@ -23,12 +23,11 @@ //Login $lang['anonymous_link'] = 'Click here to view public files anonymously'; $lang['forgotpassword'] = 'Forgot your password?'; -$lang['install_folder'] = 'Security Notice: If you already installed/updated then you should remove the \'install\' folder before proceeding'; $lang['signup'] = 'Sign-up for an account'; -$lang['welcome'] = 'Welcome to OpenDocMan'; -$lang['welcome2'] = 'Log in to begin using the system\'s powerful storage, publishing and revision control features.'; -$lang['welcome_anonymous_title'] = 'OpenDocMan Anonymous Page: List All'; -$lang['welcome_anonymous_h1'] = 'OpenDocMan Anonymous Page'; +$lang['welcome'] = 'Welcome.'; +$lang['welcome2'] = 'Log in to begin.'; +$lang['welcome_anonymous_title'] = 'Anonymous Page: List All'; +$lang['welcome_anonymous_h1'] = 'Anonymous Page'; //GLOBAL TERMS $lang['action'] = 'Action'; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'Yes'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Edit file types'; $lang['adminpage_edit_settings'] = 'Edit settings'; $lang['adminpage_reports'] = 'Reports'; @@ -491,4 +493,4 @@ // Footer $lang['footer_support'] = 'Support'; $lang['footer_feedback'] = 'Feedback'; -$lang['footer_bugs'] = 'Bugs'; +$lang['footer_bugs'] = 'Bugs'; \ No newline at end of file diff --git a/includes/language/french.php b/includes/language/french.php index ccfa7225..02f4237e 100644 --- a/includes/language/french.php +++ b/includes/language/french.php @@ -1,6 +1,6 @@ Search page to narrow your results.'; -$lang['message_need_one_department'] = 'Il doit y avoir à minima Un département'; +$lang['message_max_number_of_results'] = 'Il y a trop de réponses merci d\'utiliser la page Rechercher pour affiner vos résultats.'; +$lang['message_need_one_department'] = 'Il doit y avoir à minima un département'; $lang['message_no_author_comments_available'] = 'Pas de commentaires de l\'auteur pour l\'instant'; $lang['message_no_description_available'] = 'Pas de Description disponible'; $lang['message_no_documents_checked_out'] = 'Vous n\'avez actuellement verrouillé aucun document.'; -$lang['message_no_files_found'] = 'Aucun Fichier Trouvé'; +$lang['message_no_files_found'] = 'Aucun Fichier Disponible Actuellement.'; $lang['message_no_information_available'] = 'Pas d\'information disponible'; $lang['message_non_unique_account'] = 'Compte Non-Unique'; $lang['message_non_unique_key'] = 'Clé Non-Unique dans la base de données.'; @@ -316,13 +315,13 @@ $lang['message_the_file_is_too_large_php_ini'] = 'Ce fichier est trop volumineux pour votre serveur php. Vérifiez le fichier de configuration php.ini et modifiez la valeur max upload/post/memory. La taille maximale autorisée est actuellement de: '; $lang['message_there_was_an_error_loggin_you_in'] = 'Une erreur est survenue lors de votre identification. Merci de ré-essayer.'; $lang['message_there_was_an_error_performing_the_action'] = 'Une erreur est survenue lors de l\'exécution de votre requête.'; -$lang['message_the_username_you_entered'] = 'Le nom d\'utilisateur que vous avez fourni n\'est pas enregistré dans notre base. Contactez nous si vous avez oublié votre nom d\'utilisateur.'; +$lang['message_the_username_you_entered'] = "Le nom utilisateur que vous avez fourni est absent de notre base de données.
Contactez nous si vous avez oublié votre nom utilisateur."; $lang['message_this_file_cannot_be_checked_in'] = 'Ce fichier ne peut être déverrouillé'; $lang['message_this_file_cannot_be_uploaded'] = 'Impossible d\'importer correctement ce fichier'; $lang['message_this_operation_cannot_be_done_file'] = 'Cette opération ne peut pas être effectuée sur ce fichier'; $lang['message_this_operation_cannot_be_done_rev'] = 'Cette opération ne peut pas être effectuée sur une révision d\'un fichier'; $lang['message_this_page_requires_root'] = 'Cette page n\'est accessible qu\'au compte administrateur'; -$lang['message_this_site_has_high_security'] = 'Ce site possède un haut niveau de sécurité et nous ne pouvons pas retrouver votre mot de passe pour vous (nous ne les stockons pas). Vous pouvez utiliser le formulaire suivant afin de ré-initialiser votre mot de passe. Saisissez votre nom d\'utilisateur, puis un email vous sera envoyé à l\'adresse enregistrée pour ce compte dans notre base, avec un lien à cliquer afin de réinitialiser votre mot de passe. Ensuite, vous pourrez choisir le mot de passe que vous souhaitez.'; +$lang['message_this_site_has_high_security'] = 'Ce site possède un haut niveau de sécurité et nous ne pouvons pas retrouver votre mot de passe pour vous (nous ne les stockons pas).
Vous pouvez utiliser le formulaire suivant afin de ré-initialiser votre mot de passe.
Saisissez votre nom d\'utilisateur, puis un email vous sera envoyé à l\'adresse enregistrée pour ce compte dans notre base, avec un lien à cliquer afin de réinitialiser votre mot de passe.
Ensuite, vous pourrez choisir le mot de passe que vous souhaitez.'; $lang['message_to_view_your_file'] = 'Afficher le fichier dans une nouvelle fenêtre'; $lang['message_udf_cannot_be_blank'] = 'Le nom CDU (Champ Défini par l\'Utilisateur) ne peut pas être vide'; $lang['message_udf_successfully_added'] = 'Champ Défini par l\'Utilisateur CDU() ajouté avec succès.'; @@ -331,8 +330,8 @@ $lang['message_unable_to_find_file'] = 'Impossible de trouver le fichier demandé'; $lang['message_user_exists'] = 'Ce nom d\'utilisateur existe déjà. Merci de bien vouloir réessayer'; $lang['message_user_successfully_added'] = 'Utilisateur ajouté avec succès'; -$lang['message_user_successfully_deleted'] = 'Ustilisateur supprimé avec succès'; -$lang['message_user_successfully_updated'] = 'Utilisateur mis ç jour avec succès'; +$lang['message_user_successfully_deleted'] = 'Utilisateur supprimé avec succès'; +$lang['message_user_successfully_updated'] = 'Utilisateur mis à jour avec succès'; $lang['message_wrong_file_checkin'] = 'Mauvais Fichier! Merci de déverrouiller le bon fichier.'; $lang['message_you_are_not_administrator'] = 'Vous n\'avez pas les droits Administrateur'; $lang['message_you_did_not_enter_value'] = 'Vous n\'avez saisi aucune valeur!'; @@ -343,16 +342,16 @@ $lang['view'] = $lang['label_view']; // Add File Page -$lang['addpage_forbidden'] = 'Forbidden'; +$lang['addpage_forbidden'] = 'Interdit'; $lang['addpage_none'] = 'Aucun'; -$lang['addpage_view'] = 'View'; -$lang['addpage_read'] = 'Read'; -$lang['addpage_write'] = 'Write'; -$lang['addpage_admin'] = 'Admin'; -$lang['addpage_new_file_added'] = 'A new file has been added'; -$lang['addpage_new'] = 'New'; +$lang['addpage_view'] = 'Visible'; +$lang['addpage_read'] = 'Lecture'; +$lang['addpage_write'] = 'Ecriture'; +$lang['addpage_admin'] = 'Administrer'; +$lang['addpage_new_file_added'] = 'Un nouveau fichier à été ajouté.'; +$lang['addpage_new'] = 'Nouveau'; $lang['addpage_uploader'] = 'Uploader'; -$lang['addpage_file_missing'] = 'Please select a file to upload'; +$lang['addpage_file_missing'] = 'Merci de choisir un fichier à uploader.'; $lang['addpage_permissions'] = 'Permissions'; // Edit File Page @@ -361,20 +360,20 @@ $lang['editpage_of'] = 'sur'; $lang['editpage_selected'] = 'sélectionné'; $lang['editpage_none_selected'] = 'Sélectionner les options'; -$lang['editpage_assign_owner'] = 'Assigné au propriétaire'; -$lang['editpage_assign_department'] = 'Assign au département'; +$lang['editpage_assign_owner'] = 'Propriétaire'; +$lang['editpage_assign_department'] = 'Département'; $lang['editpage_filter'] = 'Filtre:'; $lang['editpage_keyword'] = 'Saisissez les Mots Clés'; -$lang['editpage_forbidden'] = 'Forbidden'; +$lang['editpage_forbidden'] = 'Interdit'; $lang['editpage_none'] = 'Aucun'; -$lang['editpage_view'] = 'View'; -$lang['editpage_read'] = 'Read'; -$lang['editpage_write'] = 'Write'; -$lang['editpage_admin'] = 'Admin'; +$lang['editpage_view'] = 'Visible'; +$lang['editpage_read'] = 'Lecture'; +$lang['editpage_write'] = 'Ecriture'; +$lang['editpage_admin'] = 'Administrer'; // File Permissions Page -$lang['filepermissionspage_edit_department_permissions'] = 'Edit Department Permissions'; -$lang['filepermissionspage_edit_user_permissions'] = 'Edit User Permissions'; +$lang['filepermissionspage_edit_department_permissions'] = 'Editer les Permissions Département'; +$lang['filepermissionspage_edit_user_permissions'] = 'Editer les Permissions Utilisateur'; // Delete/Undeleta Admin Page $lang['undeletepage_file_permanently_deleted'] = 'Ce fichier a été supprimé définitivement'; @@ -394,17 +393,17 @@ // Out Page $lang['outpage_view'] = 'Afficher'; -$lang['outpage_ascending'] = 'Ascending'; -$lang['outpage_descending'] = 'descending'; -$lang['outpage_choose_an_order'] = 'Choose an order'; -$lang['outpage_choose'] = 'Choose'; -$lang['category_option_author'] = 'Author'; -$lang['category_option_department'] = 'Department'; -$lang['category_option_category'] = 'File Category'; -$lang['category_option_default'] = 'Empty'; +$lang['outpage_ascending'] = 'Montant'; +$lang['outpage_descending'] = 'Descendant'; +$lang['outpage_choose_an_order'] = 'Choix du Classement'; +$lang['outpage_choose'] = 'Choix '; +$lang['category_option_author'] = 'Auteur'; +$lang['category_option_department'] = 'Département'; +$lang['category_option_category'] = 'Catégorie de Fichier'; +$lang['category_option_default'] = 'Vide'; // History Page -$lang['historypage_category'] = 'Categorie:'; +$lang['historypage_category'] = 'Catégorie:'; $lang['historypage_file_size'] = 'Taille du fichier:'; $lang['historypage_creation_date'] = 'Date de création:'; $lang['historypage_owner'] = 'Propriétaire:'; @@ -432,9 +431,9 @@ $lang['userpage_button_modify'] = 'Modifier Utilisateur'; $lang['userpage_button_show'] = 'Afficher Utilisateur'; $lang['userpage_button_update'] = 'Mettre à Jour Utilisateur'; -$lang['userpage_can_add'] = 'Can Add Documents'; -$lang['userpage_can_checkin'] = 'Can Check-In Documents'; -$lang['userpage_choose_departments'] = 'Choisir le(s) départment(s)'; +$lang['userpage_can_add'] = 'Peut Ajouter des Documents '; +$lang['userpage_can_checkin'] = 'Peut Valider des Documents '; +$lang['userpage_choose_departments'] = 'Choisir le(s) Département(s)'; $lang['userpage_choose_user'] = 'Sélectionnez Profil Utilisateur à Afficher'; $lang['userpage_confirm_password'] = 'Confirmer le Mot de Passe'; $lang['userpage_department'] = 'Département'; @@ -456,39 +455,43 @@ $lang['userpage_user'] = 'Utilisateur'; $lang['userpage_user_delete'] = 'Choisissez un profil utilisateur à Supprimer'; $lang['userpage_user_info'] = 'Informations sur l\'Utilisateur'; -$lang['userpage_username'] = 'Nom d\'Utilisateur'; +$lang['userpage_username'] = 'Nom d\'utilisateur'; $lang['userpage_yes'] = 'Oui'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Modifier les Types de Fichiers'; $lang['adminpage_edit_settings'] = 'Modifier les Paramètres'; -$lang['adminpage_reports'] = 'Reports'; -$lang['adminpage_access_log'] = 'Access Log'; -$lang['adminpage_reports_file_list'] = 'File List Export'; +$lang['adminpage_reports'] = 'Rapports'; +$lang['adminpage_access_log'] = 'Journal d\'accés'; +$lang['adminpage_reports_file_list'] = 'Exporter la liste des Fichiers'; // Access Log page -$lang['accesslogpage_access_log'] = 'Access Log'; -$lang['accesslogpage_file_added'] = 'File Added'; -$lang['accesslogpage_file_viewed'] = 'File Viewed'; -$lang['accesslogpage_file_downloaded'] = 'File Downloaded'; -$lang['accesslogpage_file_modified'] = 'File Modified'; -$lang['accesslogpage_file_checked_in'] = 'File Checked-in'; -$lang['accesslogpage_file_checked_out'] = 'File Checked-out'; -$lang['accesslogpage_file_deleted'] = 'File Deleted'; -$lang['accesslogpage_file_authorized'] = 'File Authorized'; -$lang['accesslogpage_file_rejected'] = 'File Rejected'; -$lang['accesslogpage_reserved'] = 'Reserved'; +$lang['accesslogpage_access_log'] = 'Journal d\'accés.'; +$lang['accesslogpage_file_added'] = 'Fichier Ajouté'; +$lang['accesslogpage_file_viewed'] = 'Fichier Lu.'; +$lang['accesslogpage_file_downloaded'] = 'Fichier Téléchargé.'; +$lang['accesslogpage_file_modified'] = 'Fichier Modifié.'; +$lang['accesslogpage_file_checked_in'] = 'Fichier Enregistré'; +$lang['accesslogpage_file_checked_out'] = 'Fichier Vérifié'; +$lang['accesslogpage_file_deleted'] = 'Fichier Effacé.'; +$lang['accesslogpage_file_authorized'] = 'Fichier Autorisé.'; +$lang['accesslogpage_file_rejected'] = 'Fichier Rejeté.'; +$lang['accesslogpage_reserved'] = 'Réservé.'; // Check-in Page -$lang['checkinpage_file_was_checked_in'] = 'A file has been checked in.'; +$lang['checkinpage_file_was_checked_in'] = 'Un fichier a été enregistré.'; //Category View Page -$lang['categoryviewpage_list_of_files_title'] = 'Files assigned to this category:'; +$lang['categoryviewpage_list_of_files_title'] = 'Fichiers assignée à cette catégorie:'; //Search Page -$lang['searchpage_all_meta'] = 'All non-udf metadata'; +$lang['searchpage_all_meta'] = 'Toutes les Méta-donnés'; // Footer $lang['footer_support'] = 'Support'; -$lang['footer_feedback'] = 'Feedback'; +$lang['footer_feedback'] = 'Rapport'; $lang['footer_bugs'] = 'Bugs'; + diff --git a/includes/language/german.php b/includes/language/german.php index 57f8028a..18fdb88f 100644 --- a/includes/language/german.php +++ b/includes/language/german.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Freie Vorschau der öffentlichen Dokumente'; $lang['forgotpassword'] = 'Kennwort vergessen?'; -$lang['install_folder'] = 'Sicherheitswarnung: Nach dem Abschluß der Installation / Aktualisierung bitte vor der weiteren Benutzung den Ordner \'install\' entfernen.'; $lang['signup'] = 'Konto registrieren'; $lang['welcome'] = 'Willkommen bei OpenDocMan'; $lang['welcome2'] = ''; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'Ja'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Einstellungen der Dateitypen anpassen'; $lang['adminpage_edit_settings'] = 'Einstellungen anpassen'; $lang['adminpage_reports'] = 'Auswertungen'; diff --git a/includes/language/italian.php b/includes/language/italian.php index 1fefbcdb..a1f080e0 100644 --- a/includes/language/italian.php +++ b/includes/language/italian.php @@ -23,7 +23,6 @@ // Login $lang['anonymous_link'] = 'Clicca qui per visualizzare i file pubblici in modo anonimo'; $lang['forgotpassword'] = 'Password dimenticata?'; -$lang['install_folder'] = 'Avviso di sicurezza: se hai già installato/aggiornato dovresti rimuovere la cartella \'install\' prima di procedere'; $lang['signup'] = 'Registrati per un nuovo account'; $lang['welcome'] = 'Benvenuto in OpenDocMan'; $lang['welcome2'] = 'Accedi per iniziare ad usare i potenti strumenti di archiviazione, revisione e pubblicazione del sistema'; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'Sì'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Modifica i tipi di file'; $lang['adminpage_edit_settings'] = 'Modifica le impostazioni'; $lang['adminpage_reports'] = 'Report'; diff --git a/includes/language/portuguese.php b/includes/language/portuguese.php index 322bf641..2aa45f92 100644 --- a/includes/language/portuguese.php +++ b/includes/language/portuguese.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Clique aqui para ler arquivos públicos anonimamente'; $lang['forgotpassword'] = 'Esqueceu-se da palavra-passe?'; -$lang['install_folder'] = 'Nota de segurança: Se você já instalou / atualizou então você deve remover a pasta \'install\' antes de prosseguir'; $lang['signup'] = 'Entre com uma conta'; $lang['welcome'] = 'Bem vindo ao opendocman'; $lang['welcome2'] = 'Entre para começar a usar o sistema com recursos poderosos de armazenamento, edição e controle de revisão.'; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'Sim'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Editar tipos de arquivo'; $lang['adminpage_edit_settings'] = 'Editar configurações'; $lang['adminpage_reports'] = 'Relatórios'; diff --git a/includes/language/romanian.php b/includes/language/romanian.php index bc84566d..3821181d 100644 --- a/includes/language/romanian.php +++ b/includes/language/romanian.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Apasati aici pentru a vizualiza fisierele publice in mod anonim'; $lang['forgotpassword'] = 'Ati uitat parola?'; -$lang['install_folder'] = 'Atentionare de securitate: Daca ati instalat/actualizat deja atunci trebuie sa eliminati folderul \'install\' innainte de a continua'; $lang['signup'] = 'Creati un cont'; $lang['welcome'] = 'Bun venit la Sistemul de Management al Documentelor OpenDocMan'; $lang['welcome2'] = 'Conectati-va pentru a incepe utilizarea sistemului.'; @@ -460,6 +459,9 @@ $lang['userpage_yes'] = 'Da'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Modificare tipuri fisiere'; $lang['adminpage_edit_settings'] = 'Modificare setari sistem'; $lang['adminpage_reports'] = 'Rapoarte'; diff --git a/includes/language/spanish.php b/includes/language/spanish.php index 84339a61..3c5dae24 100644 --- a/includes/language/spanish.php +++ b/includes/language/spanish.php @@ -23,7 +23,6 @@ //Login $lang['anonymous_link'] = 'Click para ver Documentos Públicos'; $lang['forgotpassword'] = 'Olvidó su Contraseńa?'; -$lang['install_folder'] = 'Advertencia: Si usted ha instalando/actualizando debería eliminar el directorio \'install\' antes de continuar'; $lang['signup'] = 'Registrarse como usuario'; $lang['welcome'] = 'Bienvenido a OpenDocMan'; $lang['welcome2'] = 'Debe autenticarse para comenzar a utilizar esta herramienta de almacenamiento, publicación y control de versiones'; @@ -351,7 +350,7 @@ $lang['addpage_new_file_added'] = 'Un nuevo archivo ha sido añadido'; $lang['addpage_new'] = 'Nuevo'; $lang['addpage_uploader'] = 'Subió'; -$lang['addpage_file_missing'] = 'Please select a file to upload'; +$lang['addpage_file_missing'] = 'Please select a file to upload'; $lang['addpage_permissions'] = 'Permissions'; // Edit File Page @@ -459,6 +458,9 @@ $lang['userpage_yes'] = 'Sí'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Editar Tipo de Documentos'; $lang['adminpage_edit_settings'] = 'Editar Configuración'; $lang['adminpage_reports'] = 'Reportes'; diff --git a/includes/language/turkish.php b/includes/language/turkish.php index 68d480c6..cbda4b57 100644 --- a/includes/language/turkish.php +++ b/includes/language/turkish.php @@ -41,7 +41,6 @@ //Login $lang['anonymous_link'] = 'Anonim dosyaları görmek için buraya tıklayınız.'; $lang['forgotpassword'] = 'Forgot your password?'; -$lang['install_folder'] = 'Security Notice: If you already installed/updated then you should remove the \'install\' folder before proceeding'; $lang['signup'] = 'Sign-up for an account'; $lang['welcome'] = "OpenDocMan'a hoşgeldiniz"; $lang['welcome2'] = "Güçlü depolama, yayınlama ve uyarlama kontrol özellikli sistemi kullanmak için oturum açınız."; @@ -483,6 +482,9 @@ $lang['userpage_yes'] = 'Yes'; // Admin Page +$lang['adminpage_about_section_title'] = 'About'; +$lang['adminpage_about_section_app_version'] = 'App Version'; +$lang['adminpage_about_section_db_version'] = 'Database Version'; $lang['adminpage_edit_filetypes'] = 'Edit file types'; $lang['adminpage_edit_settings'] = 'Edit settings'; $lang['adminpage_reports'] = 'Reports'; diff --git a/index.php b/index.php index 1cc67e48..dce96fd9 100644 --- a/index.php +++ b/index.php @@ -26,8 +26,7 @@ * Test to see if we have the config.php file. If not, must not be installed yet. */ -if(!file_exists('config.php')) -{ +if (!file_exists('config.php')) { if ( !extension_loaded('pdo') || !extension_loaded('pdo_mysql') @@ -37,41 +36,39 @@ } // A config file doesn't exist ?> - - Looks like this is a new installation because we did not find a config.php file. We need to create a config.php file now:

Create a Configuration File

+ + + + + Looks like this is a new installation because we did not find a config.php file or we cannot locate the + database. We need to create a config.php file now:

Create a + Configuration File

" . msg('message_datadir_problem'). ""; +if (isset($_POST['login'])) { + if (!is_dir($GLOBALS['CONFIG']['dataDir']) || !is_writeable($GLOBALS['CONFIG']['dataDir'])) { + echo "" . msg('message_datadir_problem') . ""; exit; } @@ -99,8 +96,7 @@ )); $result = $stmt->fetchAll(); - if(count($result) != 1) - { + if (count($result) != 1) { // Check old password() method $query = " SELECT @@ -120,12 +116,11 @@ ':frmuser' => $frmuser, ':frmpass' => $frmpass )); - $result = $stmt->fetchAll(); + $result = $stmt->fetchAll(); } // if row exists - login/pass is correct - if (count($result) == 1) - { + if (count($result) == 1) { // register the user's ID $id = $result[0]['id']; @@ -134,38 +129,29 @@ // Run the plugin API callPluginMethod('onAfterLogin'); - + // redirect to main page - if(isset($_REQUEST['redirection'])) - { + if (isset($_REQUEST['redirection'])) { redirect_visitor($_REQUEST['redirection']); - } - else - { - redirect_visitor('out.php'); + } else { + redirect_visitor('out.php'); } // close connection - } - else - { + } else { // Login Failed // redirect to error page - + // Call the plugin API callPluginMethod('onFailedLogin'); - + header('Location: error.php?ec=0'); } -} -elseif(!isset($_POST['login']) && $GLOBALS['CONFIG']['authen'] =='mysql') -{ +} elseif (!isset($_POST['login']) && $GLOBALS['CONFIG']['authen'] == 'mysql') { $redirection = (isset($_REQUEST['redirection']) ? $_REQUEST['redirection'] : ''); - + $GLOBALS['smarty']->assign('redirection', $redirection); display_smarty_template('login.tpl'); +} else { + echo 'Check your config'; } -else -{ - echo 'Check your config'; -} - draw_footer(); +draw_footer(); diff --git a/install/index.php b/install/index.php index 3957f602..c3d05215 100644 --- a/install/index.php +++ b/install/index.php @@ -18,39 +18,46 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ // Sanity check. -if ( false ) { -?> - - - - - Error: PHP is not running - - -

OpenDocMan

-

Error: PHP is not running

-

OpenDocMan requires that your web server is running PHP. Your server does not have PHP installed, or PHP is turned off.

- - - + + + + + Error: PHP is not running + + +

OpenDocMan

+ +

Error: PHP is not running

+ +

OpenDocMan requires that your web server is running PHP. Your server does not have PHP installed, or PHP is + turned off.

+ + + Looks like the file 'config.php' already exists. If you need to re-install, please delete it or rename it first. You may then try again.

"; - exit; +if (file_exists('../config.php') && (!isset($_SESSION['datadir']))) { + include('../odm-load.php'); + include_once('../version.php'); + $db_version = Settings::get_db_version($GLOBALS['CONFIG']['db_prefix']); + if ($db_version == REQUIRED_VERSION) { + echo "

Looks like you don't need to update anything. If you need to re-install, please delete your config.php file first. You may then try again.

"; + exit; + } } // Search for the config file in parent folder // If not found, redirect to index for install routine -if(file_exists('../config.php')) -{ +if (file_exists('../config.php')) { include('../config.php'); -} -else -{ +} else { Header('Location: ../index.php'); } @@ -65,501 +72,531 @@ } $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); +$_SESSION['db_prefix'] = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix']; + ?> - - OpenDocMan Installer - - + + OpenDocMan Installer + + - -
-
- '; - if(!is_writeable('../templates_c')) - { - echo 'templates_c folder is Not writeable - Fix and go Back
'; - exit; - } - else - { - echo 'OK
'; - } - echo '
installing...
'; - // Create database - $query = "CREATE DATABASE IF NOT EXISTS `" . DB_NAME . "`"; - $stmt = $pdo->prepare($query); - $stmt->execute(); - echo 'Database Created
'; - - include('../config.php'); - include_once("odm.php"); - echo 'All Done with installation!

Username: admin

Password (WRITE IT DOWN): ' . $_SESSION['adminpass'] . '


Click HERE to edit your site settings'; - } // End Install - - /** - * Call each version, starting with the oldest. Upgrade from one to the next until done - */ - - function do_update_10() - { - echo 'Updating DB version 1.0...
'; - include("../config.php"); - include("upgrade_10.php"); - echo 'All Done with update! Click HERE to login
'; - } - function do_update_11rc1() - { - echo 'Updating DB version 1.1rc1...
'; - include("../config.php"); - include("upgrade_11rc1.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_11rc2() - { - echo 'Updating DB version 1.1rc2...
'; - include("../config.php"); - include("upgrade_11rc2.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_11() - { - echo 'Updating DB version 1.1...
'; - include("../config.php"); - include("upgrade_11.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_12rc1() - { - echo 'Updating DB version 1.2rc1...
'; - include("../config.php"); - include("upgrade_12rc1.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_12p1() - { - echo 'Updating from DB version 1.2p1...
'; - include("../config.php"); - include("upgrade_12p1.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_12p3() - { - echo 'Updating from DB version 1.2p3...
'; - include("../config.php"); - include("upgrade_12p3.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_124() - { - echo 'Updating from DB version 1.2.4...
'; - include("../config.php"); - include("upgrade_124.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_1252() - { - echo 'Updating from DB version 1.2.5.2...
'; - include("../config.php"); - include("upgrade_1252.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_1256() - { - echo 'Updating from DB version 1.2.5.6...
'; - include("../config.php"); - include("upgrade_1256.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_1257() - { - echo 'Updating from DB version 1.2.5.7...
'; - include("../config.php"); - include("upgrade_1257.php"); - echo 'All Done with update! Click HERE to login
'; - } - function do_update_1261() - { - echo 'Updating from DB version 1.2.6.1...
'; - include("../config.php"); - include("upgrade_1261.php"); - echo 'All Done with update! Click HERE to login
'; - } - function do_update_1262() - { - echo 'Updating from DB version 1.2.6.2...
'; - include("../config.php"); - include("upgrade_1262.php"); - echo 'All Done with update! Click HERE to login
'; - } - function do_update_1263() - { - echo 'Updating from DB version 1.2.6.3...
'; - include("../config.php"); - include("upgrade_1263.php"); - echo 'All Done with update! Click HERE to login
'; - } - function do_update_128() - { - echo 'Updating from DB versions 1.2.8...
'; - include("../config.php"); - include("upgrade_128.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function do_update_129() - { - echo 'Updating from DB versions 1.2.9...
'; - include("../config.php"); - include("upgrade_129.php"); - echo 'All Done with update! Click HERE to login
'; - } - - function print_intro() - { - global $pdo; - include_once('../version.php'); - - $query = "SHOW TABLES LIKE :table"; - $stmt = $pdo->prepare($query); - $stmt->execute(array( - ":table" => $_SESSION['db_prefix'] . 'odmsys' - )); - $result = $stmt->fetchAll(); - - if (count($result) == 0) { - $db_version = 'Unknown'; - } else { - // Ok, db is there. Lets check the db version now - $query2 = "SELECT sys_value from {$_SESSION['db_prefix']}odmsys WHERE sys_name='version'"; - $stmt = $pdo->prepare($query2); - $stmt->execute(); - $result_array = $stmt->fetch(); - $db_version = (!empty($result_array['sys_value']) ? $result_array['sys_value'] : 'Unknown'); - } - ?> -

Welcome to the OpenDocMan Database Installer/Updater Tool

-
-
- - - - -
Installation Instructions (text)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please BACKUP all data and files before proceeding!

- Please choose one from the following based on your current version.

- Note: If you are updating and your current version # is lower than the newest upgrade listed below then you have
- database updates to perform.

-
Your current DB version:

1) New Installation

New installation of the v release of OpenDocMan (Will wipe any current data!)

Upgrade from version version 1.2.9

or

2) Upgrade your current from a previous version

Upgrade from DB version 1.2.8

Upgrade from DB version 1.2.6.3

Upgrade from DB version 1.2.6.2

Upgrade from DB version 1.2.6.1

Upgrade from DB version 1.2.5.7

Upgrade from DB version 1.2.5.6

Upgrade from DB version 1.2.5.2

Upgrade from DB version 1.2.4

Upgrade from DB version 1.2p3

Upgrade from DB version 1.2p1

Upgrade from DB version 1.2rc(x)

Upgrade from DB version 1.1

Upgrade from DB version 1.1rc2

Upgrade from DB version 1.1rc1

Upgrade from DB version 1.0

- +
+
+ '; + if (!is_writeable('../templates_c')) { + echo 'templates_c folder is Not writeable - Fix and go Back
'; + exit; + } else { + echo 'OK
'; + } + echo '
installing...
'; + // Create database + $query = "CREATE DATABASE IF NOT EXISTS `" . DB_NAME . "`"; + $stmt = $pdo->prepare($query); + $stmt->execute(); + echo 'Database Created
'; + + include('../config.php'); + include_once("odm.php"); + echo 'All Done with installation!

Username: admin

Password (WRITE IT DOWN): ' . $_SESSION['adminpass'] . '


Click HERE to edit your site settings'; + unset($_SESSION['datadir']); + } // End Install + + /** + * Call each version, starting with the oldest. Upgrade from one to the next until done + */ + + function do_update_10() + { + echo 'Updating DB version 1.0...
'; + include("../config.php"); + include("upgrade_10.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_11rc1() + { + echo 'Updating DB version 1.1rc1...
'; + include("../config.php"); + include("upgrade_11rc1.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_11rc2() + { + echo 'Updating DB version 1.1rc2...
'; + include("../config.php"); + include("upgrade_11rc2.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_11() + { + echo 'Updating DB version 1.1...
'; + include("../config.php"); + include("upgrade_11.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_12rc1() + { + echo 'Updating DB version 1.2rc1...
'; + include("../config.php"); + include("upgrade_12rc1.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_12p1() + { + echo 'Updating from DB version 1.2p1...
'; + include("../config.php"); + include("upgrade_12p1.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_12p3() + { + echo 'Updating from DB version 1.2p3...
'; + include("../config.php"); + include("upgrade_12p3.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_124() + { + echo 'Updating from DB version 1.2.4...
'; + include("../config.php"); + include("upgrade_124.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_1252() + { + echo 'Updating from DB version 1.2.5.2...
'; + include("../config.php"); + include("upgrade_1252.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_1256() + { + echo 'Updating from DB version 1.2.5.6...
'; + include("../config.php"); + include("upgrade_1256.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_1257() + { + echo 'Updating from DB version 1.2.5.7...
'; + include("../config.php"); + include("upgrade_1257.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_1261() + { + echo 'Updating from DB version 1.2.6.1...
'; + include("../config.php"); + include("upgrade_1261.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_1262() + { + echo 'Updating from DB version 1.2.6.2...
'; + include("../config.php"); + include("upgrade_1262.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_1263() + { + echo 'Updating from DB version 1.2.6.3...
'; + include("../config.php"); + include("upgrade_1263.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_128() + { + echo 'Updating from DB versions 1.2.8...
'; + include("../config.php"); + include("upgrade_128.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function do_update_129() + { + echo 'Updating from DB versions 1.2.9...
'; + include("../config.php"); + include("upgrade_129.php"); + echo 'All Done with update! Click HERE to login
'; + } + + function get_db_version($db_prefix) + { + return Settings::get_db_version(); + + global $pdo; + $prefix = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix']; + $query1 = "SHOW TABLES LIKE :table"; + $stmt = $pdo->prepare($query1); + $stmt->execute(array(':table' => $prefix . 'odmsys')); + + if ($stmt->rowCount() > 0) { + $query2 = "SELECT sys_value from {$prefix}odmsys WHERE sys_name='version'"; + $stmt = $pdo->prepare($query2); + $stmt->execute(); + $result_array = $stmt->fetch(); } + $db_version = (!empty($result_array['sys_value']) ? $result_array['sys_value'] : 'Unknown'); + return $db_version; + } + + function print_intro() + { + include_once('../version.php'); + include_once('../Settings_class.php'); + + $prefix = !empty($_SESSION['db_prefix']) ? $_SESSION['db_prefix'] : $GLOBALS['CONFIG']['db_prefix']; + $db_version = Settings::get_db_version($prefix); + $is_upgrade = ($db_version != REQUIRED_VERSION); + + ?> +

Welcome to the OpenDocMan Database Installer/Updater Tool

+
+
+ + + + +
Installation Instructions (text)

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Please BACKUP all data and files before proceeding!

+ Please choose one from the following based on your current version.

+ Note: If you are updating and your current version # is lower than the newest upgrade listed below then you + have database updates to perform.

+
New Installation (Will wipe any current data!)

+ Click HERE To set up database for v release of OpenDocMan

Your current Database schema version:

+ Required Database schema version:

+
Upgrade your current database from a previous version

Upgrade from DB schema version 1.2.9

Upgrade from DB schema version 1.2.8

Upgrade from DB schema version 1.2.6.3

Upgrade from DB schema version 1.2.6.2

Upgrade from DB schema version 1.2.6.1

Upgrade from DB schema version 1.2.5.7

Upgrade from DB schema version 1.2.5.6

Upgrade from DB schema version 1.2.5.2

Upgrade from DB schema version 1.2.4

Upgrade from DB schema version 1.2p3

Upgrade from DB schema version 1.2p1

Upgrade from DB schema version 1.2rc(x)

Upgrade from DB schema version 1.1

Upgrade from DB schema version 1.1rc2

Upgrade from DB schema version 1.1rc1

Upgrade from DB schema version 1.0

+ Nothing to update

+ Click HERE to login
+
+ - + diff --git a/install/odm.php b/install/odm.php index 693304ce..ad8ef8d5 100644 --- a/install/odm.php +++ b/install/odm.php @@ -23,8 +23,7 @@ // Added for automated script installers $dbprefix = isset($GLOBALS['CONFIG']['db_prefix']) ? $GLOBALS['CONFIG']['db_prefix'] : $_SESSION['db_prefix']; -if(!isset($_SESSION['adminpass'])) -{ +if (!isset($_SESSION['adminpass'])) { echo 'No Admin Pass!'; exit; } @@ -342,8 +341,7 @@ "INSERT INTO `{$dbprefix}settings` VALUES(NULL, 'max_query', '500', 'Set this to the maximum number of rows you want to be returned in a file listing. If your file list is slow decrease this value.', 'num');" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } @@ -410,8 +408,7 @@ "INSERT INTO `{$dbprefix}filetypes` VALUES(NULL, 'drawing/x-dwf', 1);", "INSERT INTO `{$dbprefix}filetypes` VALUES(NULL, 'image/svg', 1);" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } diff --git a/install/setup-config.php b/install/setup-config.php index 8bea0ac8..7ec66e5c 100644 --- a/install/setup-config.php +++ b/install/setup-config.php @@ -28,38 +28,37 @@ */ error_reporting(0); -define( 'ABSPATH', dirname(dirname(__FILE__)) . '/' ); +define('ABSPATH', dirname(dirname(__FILE__)) . '/'); /**#@-*/ -if (!file_exists(ABSPATH . 'config-sample.php')) -{ - echo ('Sorry, I need a config-sample.php file to work from. Please re-upload this file from your OpenDocMan installation.'); - exit; +if (!file_exists(ABSPATH . 'config-sample.php')) { + echo('Sorry, I need a config-sample.php file to work from. Please re-upload this file from your OpenDocMan installation.'); + exit; } $configFile = file(ABSPATH . 'config-sample.php'); // Check if config.php has been created -if (file_exists(ABSPATH . 'config.php')) -{ - echo ("

The file 'config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try installing now.

"); - exit; - +if (file_exists(ABSPATH . 'config.php')) { + echo("

The file 'config.php' already exists. If you need to reset any of the configuration items in this file, please delete it first. You may try installing now.

"); + exit; } -if (isset($_GET['step'])) - $step = $_GET['step']; -else - $step = 0; +if (isset($_GET['step'])) { + $step = $_GET['step']; +} else { + $step = 0; +} /** * Display setup config.php file header. * */ -function display_header() { - header( 'Content-Type: text/html; charset=utf-8' ); -?> +function display_header() +{ + header('Content-Type: text/html; charset=utf-8'); + ?> @@ -73,11 +72,12 @@ function display_header() {

OpenDocMan

Welcome to OpenDocMan. Before getting started, we need some information on the database. You will need to know the following items before proceeding.

@@ -125,11 +125,11 @@ function display_header() {

Let’s go!

+ case 1: + display_header(); + ?>

Below you should enter your database connection details. If you're not sure about these, contact your host.

@@ -188,131 +188,127 @@ function display_header() { $("#configform").validate(); getMessage() . "
"; - die(); - } - $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - - $dbname = sanitizeme(trim($_POST['dbname'])); - $uname = sanitizeme(trim($_POST['uname'])); - $passwrd = sanitizeme(trim($_POST['pwd'])); - $dbhost = sanitizeme(trim($_POST['dbhost'])); - $prefix = sanitizeme(trim($_POST['prefix'])); + /**#@+ + * @ignore + */ + define('DB_NAME', trim($_POST['dbname'])); + define('DB_USER', trim($_POST['uname'])); + define('DB_PASS', trim($_POST['pwd'])); + define('DB_HOST', trim($_POST['dbhost'])); + + // We'll fail here if the values are no good. + $dsn = "mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=utf8"; + try { + $pdo = new PDO($dsn, DB_USER, DB_PASS); + } catch (PDOException $e) { + print "Error!: " . $e->getMessage() . "
"; + die(); + } + $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + + $dbname = sanitizeme(trim($_POST['dbname'])); + $uname = sanitizeme(trim($_POST['uname'])); + $passwrd = sanitizeme(trim($_POST['pwd'])); + $dbhost = sanitizeme(trim($_POST['dbhost'])); + $prefix = sanitizeme(trim($_POST['prefix'])); $adminpass = sanitizeme(trim($_POST['adminpass'])); $datadir = sanitizeme(trim($_POST['datadir'])); $baseurl = sanitizeme(trim($_POST['baseurl'])); // Clean up the datadir a bit to make sure it ends with slash - if(substr($datadir,-1) != '/') - { + if (substr($datadir, -1) != '/') { $datadir .= '/'; } // If no prefix is set, use default - if ( empty($prefix) ) - $prefix = 'odm_'; + if (empty($prefix)) { + $prefix = 'odm_'; + } // Require values from form fields - // Validate $prefix: it can only contain letters, numbers and underscores - if ( preg_match( '|[^a-z0-9_]|i', $prefix ) ) - die('ERROR: "Table Prefix" can only contain numbers, letters, and underscores.' ); + // Validate $prefix: it can only contain letters, numbers and underscores + if (preg_match('|[^a-z0-9_]|i', $prefix)) { + die('ERROR: "Table Prefix" can only contain numbers, letters, and underscores.'); + } $_SESSION['db_prefix'] = $prefix; $_SESSION['datadir'] = $datadir; $_SESSION['baseurl'] = $baseurl; $_SESSION['adminpass'] = $adminpass; // Here we check their datadir value and try to create the folder. If we cannot, we will warn them. - if(!is_dir($datadir)) - { - if(!mkdir($datadir)) - { + if (!is_dir($datadir)) { + if (!mkdir($datadir)) { echo 'Sorry, we were unable to create the data directory folder. You will need to create it manually at ' . $datadir; } - } - elseif(!is_writable($datadir)) - { + } elseif (!is_writable($datadir)) { echo 'The data directory exists, but your web server cannot write to it. Please verify the folder permissions are correct on ' . $datadir; } // Verify the templates_c is writeable - if(!is_writable(ABSPATH . '/templates_c')) - { + if (!is_writable(ABSPATH . '/templates_c')) { echo 'Sorry, we were unable to write to the templates_c folder. You will need to make sure that ' . ABSPATH . '/templates_c is writeable by the web server'; } // We also need to guess at their base_url value // Now replace the default config values with the real ones - foreach ($configFile as $line_num => $line) { - switch (substr($line,0,16)) { - case "define('DB_NAME'": - $configFile[$line_num] = str_replace("database_name_here", $dbname, $line); - break; - case "define('DB_USER'": - $configFile[$line_num] = str_replace("'username_here'", "'$uname'", $line); - break; - case "define('DB_PASS'": - $configFile[$line_num] = str_replace("'password_here'", "'$passwrd'", $line); - break; - case "define('DB_HOST'": - $configFile[$line_num] = str_replace("localhost", $dbhost, $line); - break; - case '$GLOBALS[\'CONFIG': - $configFile[$line_num] = str_replace('odm_', $prefix, $line); - break; - } - } - if ( ! is_writable(ABSPATH) ) { - display_header(); -?> + foreach ($configFile as $line_num => $line) { + switch (substr($line, 0, 16)) { + case "define('DB_NAME'": + $configFile[$line_num] = str_replace("database_name_here", $dbname, $line); + break; + case "define('DB_USER'": + $configFile[$line_num] = str_replace("'username_here'", "'$uname'", $line); + break; + case "define('DB_PASS'": + $configFile[$line_num] = str_replace("'password_here'", "'$passwrd'", $line); + break; + case "define('DB_HOST'": + $configFile[$line_num] = str_replace("localhost", $dbhost, $line); + break; + case '$GLOBALS[\'CONFIG': + $configFile[$line_num] = str_replace('odm_', $prefix, $line); + break; + } + } + if (! is_writable(ABSPATH)) { + display_header(); + ?>

Sorry, but I can't write the config.php file.

You can create the config.php manually and paste the following text into it.

+ foreach ($configFile as $line) { + echo htmlentities($line, ENT_COMPAT, 'UTF-8'); + } + ?>

After you've done that, click "Proceed to the installer."

Proceed to the installer

+ + } else { + $handle = fopen(ABSPATH . 'config.php', 'w'); + foreach ($configFile as $line) { + fwrite($handle, $line); + } + fclose($handle); + chmod(ABSPATH . 'config.php', 0666); + display_header(); + ?>

Great! You've made it through this part of the installation. OpenDocMan can now communicate with your database. If you are ready, time now to…

Run the install

]*?>.*?@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags @@ -325,17 +321,12 @@ function cleanInput($input) function sanitizeme($input) { - if (is_array($input)) - { - foreach($input as $var=>$val) - { + if (is_array($input)) { + foreach ($input as $var=>$val) { $output[$var] = sanitizeme($val); } - } - else - { - if (get_magic_quotes_gpc()) - { + } else { + if (get_magic_quotes_gpc()) { $input = stripslashes($input); } //echo "Raw Input:" . $input . "
"; @@ -346,12 +337,9 @@ function sanitizeme($input) $input = $input; // Prevent SQL Injection $output=$input; } - if(isset($output) && $output != '') - { + if (isset($output) && $output != '') { return $output; - } - else - { + } else { return false; } } diff --git a/install/upgrade_10.php b/install/upgrade_10.php index d9b99998..cf57f362 100644 --- a/install/upgrade_10.php +++ b/install/upgrade_10.php @@ -129,4 +129,4 @@ $query = "ALTER TABLE user_perms ADD INDEX user_perms_idx (fid,uid,rights)"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_11.php b/install/upgrade_11.php index a4f3bc7c..307c34af 100644 --- a/install/upgrade_11.php +++ b/install/upgrade_11.php @@ -56,4 +56,4 @@ ADD INDEX uid (uid), ADD INDEX rights (rights)"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_11rc1.php b/install/upgrade_11rc1.php index 483c0c20..18712b94 100644 --- a/install/upgrade_11rc1.php +++ b/install/upgrade_11rc1.php @@ -20,4 +20,4 @@ */ // No Database changes -echo 'No database changes for this version'; \ No newline at end of file +echo 'No database changes for this version'; diff --git a/install/upgrade_11rc2.php b/install/upgrade_11rc2.php index d38b93eb..2f7c3145 100644 --- a/install/upgrade_11rc2.php +++ b/install/upgrade_11rc2.php @@ -24,4 +24,4 @@ $query = " ALTER TABLE data CHANGE COLUMN category category smallint(5) unsigned NOT NULL default '0'"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_124.php b/install/upgrade_124.php index bbf31def..c89d0bc6 100644 --- a/install/upgrade_124.php +++ b/install/upgrade_124.php @@ -29,4 +29,4 @@ field_type int ) ENGINE = MYISAM"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_1252.php b/install/upgrade_1252.php index 051e931b..86a8c9c5 100644 --- a/install/upgrade_1252.php +++ b/install/upgrade_1252.php @@ -81,4 +81,4 @@ // Create version number in db $query = "INSERT INTO {$GLOBALS['CONFIG']['db_prefix']}odmsys VALUES (NULL,'version','1.2.6')"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_1256.php b/install/upgrade_1256.php index 75e77021..ef5fc38a 100644 --- a/install/upgrade_1256.php +++ b/install/upgrade_1256.php @@ -25,7 +25,7 @@ $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); -foreach($result as $row) { +foreach ($result as $row) { $rev_array = explode("-", $row['revision']); $rev_left = ltrim($rev_array[0], "("); $rev_right = rtrim($rev_array[1], ")"); @@ -49,7 +49,7 @@ $stmt->execute(); $result = $stmt->fetchAll(); -foreach($result as $row) { +foreach ($result as $row) { $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data CHANGE {$row['table_name']} {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$row['table_name']} int(11)"; $stmt = $pdo->prepare($query); $stmt->execute(); @@ -61,4 +61,4 @@ $query = "ALTER TABLE $table_name RENAME {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$row['table_name']}"; $stmt = $pdo->prepare($query); $stmt->execute(); -} \ No newline at end of file +} diff --git a/install/upgrade_1257.php b/install/upgrade_1257.php index 282466be..01d04706 100644 --- a/install/upgrade_1257.php +++ b/install/upgrade_1257.php @@ -60,8 +60,7 @@ "INSERT INTO `{$_SESSION['db_prefix']}settings` VALUES(NULL,'base_url', '{$_SESSION['baseurl']}', 'Set this to the url of the site. No need for trailing \"/\" here', 'url');" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } @@ -121,10 +120,9 @@ "INSERT INTO `{$_SESSION['db_prefix']}filetypes` VALUES(NULL, 'drawing/x-dwf', 1);" ); -foreach($sql_operations as $query) -{ +foreach ($sql_operations as $query) { $stmt = $pdo->prepare($query); $stmt->execute(); } -echo 'Update to 1.2.6 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; \ No newline at end of file +echo 'Update to 1.2.6 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; diff --git a/install/upgrade_1261.php b/install/upgrade_1261.php index ed91c1c9..164ffb20 100644 --- a/install/upgrade_1261.php +++ b/install/upgrade_1261.php @@ -37,4 +37,4 @@ $stmt = $pdo->prepare($query); $stmt->execute(); -echo 'Update to 1.2.6.2 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; \ No newline at end of file +echo 'Update to 1.2.6.2 complete. Please edit your admin->settings and verify your dataDir and base_url values...
'; diff --git a/install/upgrade_12p1.php b/install/upgrade_12p1.php index 5b138990..92450e01 100644 --- a/install/upgrade_12p1.php +++ b/install/upgrade_12p1.php @@ -107,4 +107,4 @@ $query = "ALTER TABLE user_perms MODIFY uid int(11) unsigned NOT NULL"; $stmt = $pdo->prepare($query); $stmt->execute(); -// Fieldformat of 'user_perms.uid' changed from 'smallint(5) unsigned NOT NULL DEFAULT '0' COMMENT '' to int(11) unsigned NOT NULL DEFAULT '0' COMMENT ''. Possibly data modifications needed! \ No newline at end of file +// Fieldformat of 'user_perms.uid' changed from 'smallint(5) unsigned NOT NULL DEFAULT '0' COMMENT '' to int(11) unsigned NOT NULL DEFAULT '0' COMMENT ''. Possibly data modifications needed! diff --git a/install/upgrade_12p3.php b/install/upgrade_12p3.php index b59e7c96..5cfaf6cd 100644 --- a/install/upgrade_12p3.php +++ b/install/upgrade_12p3.php @@ -23,4 +23,4 @@ echo 'Updating user table
'; $query = "ALTER TABLE user ADD pw_reset_code CHAR(32) default NULL"; $stmt = $pdo->prepare($query); -$stmt->execute(); \ No newline at end of file +$stmt->execute(); diff --git a/install/upgrade_12rc1.php b/install/upgrade_12rc1.php index 5b94d44b..509909d0 100644 --- a/install/upgrade_12rc1.php +++ b/install/upgrade_12rc1.php @@ -23,4 +23,4 @@ //$query = "ALTER IGNORE TABLE data // DROP filesize"; //$stmt = $pdo->prepare($query); -//$stmt->execute(); \ No newline at end of file +//$stmt->execute(); diff --git a/logout.php b/logout.php index 808b5ad9..b5e56fd9 100644 --- a/logout.php +++ b/logout.php @@ -18,7 +18,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -include ('odm-load.php'); +include('odm-load.php'); // If kerbauth, then display warning about shutting down browser session_start(); @@ -26,9 +26,7 @@ $_SESSION = array(); // Finally, destroy the session. session_destroy(); -if($GLOBALS["CONFIG"]["authen"] =='kerbauth') -{ - +if ($GLOBALS["CONFIG"]["authen"] =='kerbauth') { ?> @@ -68,16 +66,12 @@ \ No newline at end of file diff --git a/odm-init.php b/odm-init.php index 60260ac7..5c2172b6 100644 --- a/odm-init.php +++ b/odm-init.php @@ -48,19 +48,19 @@ /* * Load the Settings class */ -require_once ( 'Settings_class.php'); +require_once('Settings_class.php'); $settings = new Settings($pdo); $settings->load(); /* * Common functions */ -require_once( 'functions.php' ); +require_once('functions.php'); /* * Load the allowed file types list */ -require_once ( 'FileTypes_class.php' ); +require_once('FileTypes_class.php'); $filetypes = new FileTypes_class($pdo); $filetypes->load(); diff --git a/odm-load.php b/odm-load.php index 8a993318..3f5c83d8 100644 --- a/odm-load.php +++ b/odm-load.php @@ -32,24 +32,17 @@ * untouched. * */ -if (file_exists('config.php')) -{ +if (file_exists('config.php')) { // In the case of root folder calls - require_once( 'config.php' ); -} -elseif (file_exists('../config.php')) -{ + require_once('config.php'); +} elseif (file_exists('../config.php')) { // In the case of subfolders - require_once( '../config.php' ); -} -elseif (file_exists('../../config.php')) -{ + require_once('../config.php'); +} elseif (file_exists('../../config.php')) { // In the case of plugins - require_once( '../../config.php' ); -} -else -{ + require_once('../../config.php'); +} else { header('Location: index.php'); } -require_once(ABSPATH . 'odm-init.php'); \ No newline at end of file +require_once(ABSPATH . 'odm-init.php'); diff --git a/out.php b/out.php index 29236359..42c8d149 100644 --- a/out.php +++ b/out.php @@ -28,8 +28,7 @@ $GLOBALS['state'] = 1; require_once 'odm-load.php'; -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -40,33 +39,26 @@ $user_obj = new User($_SESSION['uid'], $pdo); -if ($user_obj->isAdmin()) -{ - $reviewIdCount = sizeof($user_obj->getAllRevieweeIds()); -} -elseif( $user_obj->isReviewer()) -{ +if ($user_obj->isAdmin()) { + $reviewIdCount = sizeof($user_obj->getAllRevieweeIds()); +} elseif ($user_obj->isReviewer()) { $reviewIdCount = sizeof($user_obj->getRevieweeIds()); -}else { +} else { $reviewIdCount = 0; -} +} -if($reviewIdCount > 0) -{ +if ($reviewIdCount > 0) { echo ''.msg('message_documents_waiting'). ': ' . $reviewIdCount . '
'; - } $rejected_files_obj = $user_obj->getRejectedFileIds(); -if(isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) -{ +if (isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) { echo ''. msg('message_documents_rejected') . ': ' .sizeof($rejected_files_obj) . '
'; } $llen = $user_obj->getNumExpiredFiles(); -if($llen > 0) -{ +if ($llen > 0) { echo '' .msg('message_documents_expired'). ': ' . $llen . '
'; } // get a list of documents the user has "view" permission for @@ -81,10 +73,10 @@ //$end_P = getmicrotime(); -list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'],false); +list_files($file_id_array, $user_perms, $GLOBALS['CONFIG']['dataDir'], false); -draw_footer(); +draw_footer(); //Fb::log('
Load Page Time: ' . (getmicrotime() - $start_time) . ' '); //echo '
Load Permission Time: ' . ($end_P - $start_P) . ' '; //echo '
Load Sort Time: ' . ($lsort_e - $lsort_b) . ' '; -//echo '
Load Table Time: ' . ($llist_e - $llist_b) . ' '; \ No newline at end of file +//echo '
Load Table Time: ' . ($llist_e - $llist_b) . ' '; diff --git a/profile.php b/profile.php index 78d6ddb5..22f25a16 100644 --- a/profile.php +++ b/profile.php @@ -23,8 +23,7 @@ include('odm-load.php'); -if (!isset ($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -40,4 +39,4 @@
isAdmin() && @$_REQUEST['mode'] == 'root') - { + if ($user_obj->isAdmin() && @$_REQUEST['mode'] == 'root') { $fileid_array = $user_obj->getAllRejectedFileIds(); - } - else - { + } else { $fileid_array = $user_obj->getRejectedFileIds(); } - if(@$_REQUEST['mode']=='root') - { + if (@$_REQUEST['mode']=='root') { echo '
'; - } - else - { + } else { echo ''; } ?> @@ -67,62 +59,54 @@ $list_status = list_files($fileid_array, $user_perms_obj, $GLOBALS['CONFIG']['dataDir'], true, true); -?> + ?>
- - + +
+ ?>
Publishable(0); } } header('Location:' . $_SERVER['PHP_SELF'] . '?mode=' . @$_REQUEST['mode'] . '&last_message='. msg('message_file_authorized')); -} -elseif($_POST['submit'] == 'delete') -{ - if(!isset($_REQUEST['checkbox'])) - { +} elseif ($_POST['submit'] == 'delete') { + if (!isset($_REQUEST['checkbox'])) { header('Location: ' .$_SERVER['PHP_SELF'] . '?last_message=' . urlencode(msg('message_you_did_not_enter_value'))); exit; } $url = 'delete.php?mode=tmpdel&'; $id = 0; - if(isset($_POST["checkbox"])) - { + if (isset($_POST["checkbox"])) { $loop = 0; - foreach($_POST['checkbox'] as $num=>$cbox) - { + foreach ($_POST['checkbox'] as $num=>$cbox) { $fileid = $cbox; $url .= 'id'. $num . '='.$fileid.'&'; $id ++; diff --git a/reports/file_list.php b/reports/file_list.php index 4dc9bea9..79f02750 100644 --- a/reports/file_list.php +++ b/reports/file_list.php @@ -27,22 +27,20 @@ include('../odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor('../index.php?redirection=reports/file_list.php'); } // open a connection to the database $user_obj = new User($_SESSION['uid'], $pdo); // Check to see if user is admin -if(!$user_obj->isAdmin()) -{ +if (!$user_obj->isAdmin()) { header('Location:../error.php?ec=4'); exit; } function cleanExcelData(&$str) -{ +{ if (strstr($str, '"')) { $str = '"' . str_replace('"', '""', $str) . '"'; } @@ -81,15 +79,14 @@ function cleanExcelData(&$str) LEFT JOIN {$GLOBALS['CONFIG']['db_prefix']}log ON {$GLOBALS['CONFIG']['db_prefix']}log.id = {$GLOBALS['CONFIG']['db_prefix']}data.id ORDER BY id - "; + "; $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(PDO::FETCH_ASSOC); -foreach($result as $row) { -// display field/column names as first row +foreach ($result as $row) { + // display field/column names as first row if (!$flag) { - fputcsv($out, array_keys($row), ',', '"'); $flag = true; } diff --git a/search.php b/search.php index d04e426a..3c3e23fd 100644 --- a/search.php +++ b/search.php @@ -23,8 +23,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -44,42 +43,55 @@ draw_header(msg('search'), $last_message); echo ''; -if(!isset($_GET['submit'])) -{ +if (!isset($_GET['submit'])) { ?>

- method="get"> + method="get"> - + - + - - + + @@ -88,25 +100,18 @@ Load Time: ' . time() - $start_time; draw_footer(); - -} -else -{ +} else { function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_array) { global $pdo; $remain =''; - if( $exact_phrase != 'on' ) - { + if ($exact_phrase != 'on') { $keyword = '%' . $keyword . '%'; } - if($case_sensitivity != 'on') - { + if ($case_sensitivity != 'on') { $equate = ' LIKE '; - } - else - { + } else { $equate = ' LIKE BINARY '; } @@ -131,8 +136,7 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra $author_first_name = ''; $author_last_name = ''; $use_uid = false; - switch($where) - { + switch ($where) { // Put all the category for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the category array are synchronized. case 'author_locked_files': @@ -148,8 +152,8 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra // Put all the author name for each of the OBJ in the OBJ array into an array // Notice, the index of the OBJ_array and the author name array are synchronized. case 'author': - if( $exact_phrase=='on' ) { - $author_first_name = substr($keyword, strpos($keyword, ' ') +1 ); + if ($exact_phrase=='on') { + $author_first_name = substr($keyword, strpos($keyword, ' ') +1); $author_last_name = substr($keyword, 0, strpos($keyword, ' ')); $query .= " u.first_name $equate :author_first_name AND u.last_name $equate :author_last_name "; } else { @@ -200,7 +204,7 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra $stmt = $pdo->prepare($final_query); - if(!empty($use_uid)) { + if (!empty($use_uid)) { $stmt->bindParam(':uid', $_SESSION['uid']); $stmt->bindParam(':keyword', $keyword); } elseif (!empty($author_last_name) && $exact_phrase == 'on') { @@ -216,26 +220,22 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra $index = 0; $id_array = array(); - foreach($result as $row) { + foreach ($result as $row) { $id_array[$index++] = $row['id']; $index++; } - if(@$remain != '' && $exact_phrase != "on") - { - return array_values( array_unique( array_merge($id_array, search($where, substr($remain, 1), $exact_phrase, $case_sensitivity, $search_array) ) ) ); + if (@$remain != '' && $exact_phrase != "on") { + return array_values(array_unique(array_merge($id_array, search($where, substr($remain, 1), $exact_phrase, $case_sensitivity, $search_array)))); } - return array_values( array_intersect($id_array, $search_array) ); + return array_values(array_intersect($id_array, $search_array)); } $current_user = new User($_SESSION['uid'], $pdo); $user_perms = new User_Perms($_SESSION['uid'], $pdo); $current_user_permission = new UserPermission($_SESSION['uid'], $pdo); //$s_getFTime = getmicrotime(); - if($_GET['where'] == 'author_locked_files') - { + if ($_GET['where'] == 'author_locked_files') { $view_able_files_id = $current_user->getExpiredFileIds(); - } - else - { + } else { $view_able_files_id = $current_user_permission->getViewableFileIds(false); } //$e_getFTime = getmicrotime(); @@ -246,9 +246,9 @@ function search($where, $keyword, $exact_phrase, $case_sensitivity, $search_arra // Call the plugin API callPluginMethod('onSearch'); - list_files($search_result, $current_user_permission, $GLOBALS['CONFIG']['dataDir'], false,false); + list_files($search_result, $current_user_permission, $GLOBALS['CONFIG']['dataDir'], false, false); echo '
'; draw_footer(); //echo '
Load Page Time: ' . (getmicrotime() - $start_time) . ' '; //echo '
Load Permission Time: ' . ($e_getFTime - $s_getFTime) . ' '; -} \ No newline at end of file +} diff --git a/settings.php b/settings.php index db2830d2..2a1494e1 100644 --- a/settings.php +++ b/settings.php @@ -23,8 +23,7 @@ // includes include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -35,23 +34,18 @@ //If the user is not an admin and he/she is trying to access other account that // is not his, error out. -if(!$user_obj->isRoot() == true) -{ +if (!$user_obj->isRoot() == true) { header('Location: error.php?ec=24'); exit; } -if(isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') -{ - +if (isset($_REQUEST['submit']) && $_REQUEST['submit']=='update') { draw_header(msg('label_settings'), $last_message); $settings->edit(); draw_footer(); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Save') { draw_header(msg('label_settings'), $last_message); // Clean up the datadir a bit to make sure it ends with slash @@ -62,29 +56,19 @@ } // Perform Input Validation - if(!is_dir($_POST['dataDir'])) - { + if (!is_dir($_POST['dataDir'])) { $_POST['last_message'] = $GLOBALS['lang']['message_datadir_problem_exists']; - } - elseif(!is_writable($_POST['dataDir'])) - { + } elseif (!is_writable($_POST['dataDir'])) { $_POST['last_message'] = $GLOBALS['lang']['message_datadir_problem_writable']; - } - elseif((!is_numeric($_POST['max_filesize'])) || (!is_numeric($_POST['revision_expiration']) || (!is_numeric($_POST['max_query'])) ) ) - { + } elseif ((!is_numeric($_POST['max_filesize'])) || (!is_numeric($_POST['revision_expiration']) || (!is_numeric($_POST['max_query'])))) { $_POST['last_message'] = $GLOBALS['lang']['message_config_value_problem']; - } - elseif($settings->save($_POST)) - { + } elseif ($settings->save($_POST)) { $_POST['last_message'] = $GLOBALS['lang']['message_all_actions_successfull']; - } - else - { + } else { $_POST['last_message'] = $GLOBALS['lang']['message_error_performing_action']; } - if (!isset($_POST['last_message'])) - { + if (!isset($_POST['last_message'])) { $_POST['last_message']=''; } @@ -94,13 +78,8 @@ // Clear the tpl templates_c files after update in case they updated theme $GLOBALS['smarty']->clear_compiled_tpl(); -} -elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Cancel') { header('Location: admin.php?last_message=' . urlencode(msg('message_action_cancelled'))); -} -else -{ +} else { header('Location: admin.php?last_message=' . urlencode(msg('message_nothing_to_do'))); } - diff --git a/signup.php b/signup.php index fe60eb4c..39683a75 100644 --- a/signup.php +++ b/signup.php @@ -23,12 +23,10 @@ // You can add signup_header.html and signup_footer.html files to display on this page automatically include('odm-load.php'); -if($GLOBALS['CONFIG']['allow_signup'] == 'True') -{ +if ($GLOBALS['CONFIG']['allow_signup'] == 'True') { // Submitted so insert data now - if(isset($_REQUEST['adduser'])) - { + if (isset($_REQUEST['adduser'])) { // Check to make sure user does not already exist $query = " SELECT @@ -43,13 +41,10 @@ $stmt->execute(); // If the above statement returns more than 0 rows, the user exists, so display error - if($stmt->rowCount() > 0) - { + if ($stmt->rowCount() > 0) { echo msg('message_user_exists'); exit; - } - else - { + } else { $phonenumber = (!empty($_REQUEST['phonenumber']) ? $_REQUEST['phonenumber'] : ''); // INSERT into user $query = " @@ -102,11 +97,10 @@ Sign Up + ?> Sign Up
@@ -114,9 +108,12 @@
: :
-
+
- - - + + + '; } ?> @@ -147,7 +143,7 @@ -
Phone Number @@ -136,9 +133,8 @@
Department
+
+ ?> isReviewer()) -{ +if (!$user_obj->isReviewer()) { header('Location:out.php?last_message=Access+denied'); } $comments = isset($_REQUEST['comments']) ? stripslashes($_REQUEST['comments']) : ''; -if(!isset($_REQUEST['submit'])) -{ +if (!isset($_REQUEST['submit'])) { draw_header(msg('message_documents_waiting'), $last_message); $userpermission = new UserPermission($_SESSION['uid'], $pdo); - if($user_obj->isAdmin()) - { + if ($user_obj->isAdmin()) { $id_array = $user_obj->getAllRevieweeIds(); - } - else - { + } else { $id_array = $user_obj->getRevieweeIds(); } $list_status = list_files($id_array, $userpermission, $GLOBALS['CONFIG']['dataDir'], true); - if( $list_status != -1 ) - { + if ($list_status != -1) { display_smarty_template('toBePublished.tpl'); } -} -elseif(isset($_REQUEST['submit']) && ($_REQUEST['submit'] =='commentAuthorize' || $_REQUEST['submit'] == 'commentReject')) -{ - if(!isset($_REQUEST['checkbox'])) - { +} elseif (isset($_REQUEST['submit']) && ($_REQUEST['submit'] =='commentAuthorize' || $_REQUEST['submit'] == 'commentReject')) { + if (!isset($_REQUEST['checkbox'])) { header('Location: ' .$_SERVER['PHP_SELF'] . '?last_message=' . urlencode(msg('message_you_did_not_enter_value'))); } @@ -80,16 +70,11 @@ } */ - if($_REQUEST['submit'] == 'commentReject') - { + if ($_REQUEST['submit'] == 'commentReject') { $submit_value='Reject'; - } - elseif ($_REQUEST['submit'] == 'commentAuthorize') - { + } elseif ($_REQUEST['submit'] == 'commentAuthorize') { $submit_value='Authorize'; - } - else - { + } else { $submit_value='None'; } @@ -109,10 +94,7 @@ $GLOBALS['smarty']->assign('submit_value', $submit_value); $GLOBALS['smarty']->assign('checkbox', $checkbox); display_smarty_template('commentform.tpl'); - -} -elseif (isset($_POST['submit']) && $_POST['submit'] == 'Reject') -{ +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Reject') { $to = isset($_POST['to']) ? $_POST['to'] : ''; $subject = isset($_POST['subject']) ? $_POST['subject'] : ''; $checkbox = isset($_POST['checkbox']) ? $_POST['checkbox'] : ''; @@ -130,31 +112,25 @@ $mail_greeting=msg('email_greeting'). ":" . PHP_EOL . "\t" . msg('email_i_would_like_to_inform'); $mail_body = $comments . PHP_EOL . PHP_EOL; $mail_body .= msg('email_was_declined_for_publishing_at') . ' ' .$date. ' ' . msg('email_for_the_following_reasons') . ':'. PHP_EOL . PHP_EOL .$mail_break.$_REQUEST['comments']. PHP_EOL .$mail_break; - $mail_salute=PHP_EOL . PHP_EOL . msg('email_salute') . ",". PHP_EOL .$full_name"; + $mail_salute=PHP_EOL . PHP_EOL . msg('email_salute') . ",". PHP_EOL . $full_name; - if($user_obj->isAdmin()) - { + if ($user_obj->isAdmin()) { $id_array = $user_obj->getAllRevieweeIds(); - } - else - { + } else { $id_array = $user_obj->getRevieweeIds(); } $id_field = explode(' ', trim($checkbox)); - foreach($id_field as $key=>$value) - { + foreach ($id_field as $key=>$value) { // Check to make sure the current file_id is in their list of rejectable ID's - if(in_array($value, $id_array)) - { + if (in_array($value, $id_array)) { $fileid = $value; $file_obj = new FileData($fileid, $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); $mail_to = $user_obj->getEmailAddress(); $dept_id = $file_obj->getDepartment(); // Build email for author notification - if(isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) - { + if (isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) { // Lets unset this now so the new array will just be user_id's $_POST['send_to_users'] = array_slice($_POST['send_to_users'], 1); $mail_body1 = $comments . PHP_EOL . PHP_EOL; @@ -187,30 +163,24 @@ $mail_body.=msg('email_automated_document_messenger'). PHP_EOL . PHP_EOL; $mail_body.=$GLOBALS['CONFIG']['base_url'] . PHP_EOL . PHP_EOL; - if(isset($_POST['send_to_all'])) - { - email_all($mail_subject,$mail_body,$mail_headers); + if (isset($_POST['send_to_all'])) { + email_all($mail_subject, $mail_body, $mail_headers); } - if (isset($_POST['send_to_dept'])) { + if (isset($_POST['send_to_dept'])) { email_dept($dept_id, $mail_subject, $mail_body, $mail_headers); } - if(isset($_POST['send_to_users']) && is_array($_POST['send_to_users']) && isset($_POST['send_to_users'][0])) - { - email_users_id($_POST['send_to_users'], $mail_subject,$mail_body,$mail_headers); + if (isset($_POST['send_to_users']) && is_array($_POST['send_to_users']) && isset($_POST['send_to_users'][0])) { + email_users_id($_POST['send_to_users'], $mail_subject, $mail_body, $mail_headers); } - } - else - { + } else { // If their user cannot reject this file_id, display error header("Location:$_SERVER[PHP_SELF]?last_message=" .urlencode(msg('message_error_performing_action'))); } } header("Location: out.php?last_message=" .urlencode(msg('message_file_rejected'))); -} -elseif (isset($_POST['submit']) && $_POST['submit'] == 'Authorize') -{ +} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Authorize') { $checkbox = isset($_REQUEST['checkbox']) ? $_REQUEST['checkbox'] : ''; $reviewer_comments = "To=$_POST[to];Subject=$_POST[subject];Comments=$_POST[comments];"; $user_obj = new User($_SESSION['uid'], $pdo); @@ -222,22 +192,17 @@ $mail_headers = "From: ".$mail_from.PHP_EOL.PHP_EOL; $mail_headers .="Content-Type: text/plain; charset=UTF-8".PHP_EOL . PHP_EOL; - if($user_obj->isAdmin()) - { + if ($user_obj->isAdmin()) { $id_array = $user_obj->getAllRevieweeIds(); - } - else - { + } else { $id_array = $user_obj->getRevieweeIds(); } $id_field=explode(' ', trim($checkbox)); - foreach($id_field as $key=>$value) - { + foreach ($id_field as $key=>$value) { // Check to make sure the current file_id is in their list of reviewable ID's - if(in_array($value, $id_array)) - { + if (in_array($value, $id_array)) { $fileid = $value; $file_obj = new FileData($fileid, $pdo); $user_obj = new User($file_obj->getOwner(), $pdo); @@ -245,10 +210,10 @@ $dept_id = $file_obj->getDepartment(); // Build email for author notification - if(isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) - { + if (isset($_POST['send_to_users'][0]) && in_array('owner', $_POST['send_to_users'])) { // Lets unset this now so the new array will just be user_id's $_POST['send_to_users'] = array_slice($_POST['send_to_users'], 1); + $mail_body1 = $comments . PHP_EOL . PHP_EOL; $mail_body1.=msg('email_your_file_has_been_authorized') . PHP_EOL . PHP_EOL; $mail_body1.=msg('label_filename') . ': ' . $file_obj->getName() . PHP_EOL . PHP_EOL; @@ -280,39 +245,31 @@ $mail_body2.=msg('email_automated_document_messenger'). PHP_EOL . PHP_EOL; $mail_body2.=$GLOBALS['CONFIG']['base_url'] . PHP_EOL . PHP_EOL; - if(isset($_POST['send_to_all'])) - { - email_all($mail_subject,$mail_body2,$mail_headers); + if (isset($_POST['send_to_all'])) { + email_all($mail_subject, $mail_body2, $mail_headers); } - if(isset($_POST['send_to_dept'])) - { - email_dept($dept_id,$mail_subject ,$mail_body2,$mail_headers); - } - if(!empty($_POST['send_to_users'][0]) && is_array($_POST['send_to_users']) && $_POST['send_to_users'][0] > 0) - { - email_users_id($_POST['send_to_users'], $mail_subject,$mail_body2,$mail_headers); - } - } - else - { + if (isset($_POST['send_to_dept'])) { + email_dept($dept_id, $mail_subject, $mail_body2, $mail_headers); + } + if (!empty($_POST['send_to_users'][0]) && is_array($_POST['send_to_users']) && $_POST['send_to_users'][0] > 0) { + email_users_id($_POST['send_to_users'], $mail_subject, $mail_body2, $mail_headers); + } + } else { // If their user cannot authorize this file_id, display error header("Location:$_SERVER[PHP_SELF]?last_message=" .urlencode(msg('message_error_performing_action'))); } } header('Location: out.php?last_message=' .urlencode(msg('message_file_authorized'))); -} -elseif(isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'comments' && isset($_REQUEST['id'])) { +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'comments' && isset($_REQUEST['id'])) { /* * Used to display the reviewer comments in a popup */ $file_id = (int) $_REQUEST['id']; $file_obj = new FileData($file_id, $pdo); echo $file_obj->getReviewerComments(); -} -elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Cancel') -{ +} elseif (isset($_REQUEST['submit']) && $_REQUEST['submit'] == 'Cancel') { $last_message=urlencode(msg('message_action_cancelled')); - header ('Location: toBePublished.php?last_message=' . $last_message); + header('Location: toBePublished.php?last_message=' . $last_message); } - draw_footer(); \ No newline at end of file + draw_footer(); diff --git a/udf.php b/udf.php index 71d38c7d..a63ade95 100644 --- a/udf.php +++ b/udf.php @@ -137,7 +137,6 @@ $field_type = $result[1]; if ($field_type == 1 || $field_type == 2) { - // Do Updates if (!empty($_REQUEST['display_name'])) { $query = " @@ -158,7 +157,6 @@ // Do Inserts if (!empty($_REQUEST['newvalue'])) { - $query = " INSERT INTO {$_REQUEST['udf']} (value) @@ -277,7 +275,6 @@ ':primary_type' => $_REQUEST['primary_type'] )); } - } // Do Deletes diff --git a/udf_functions.php b/udf_functions.php index 5f7721f8..3ff2ebcf 100644 --- a/udf_functions.php +++ b/udf_functions.php @@ -22,11 +22,10 @@ // User Defined Fields START -if ( !defined('udf_functions') ) -{ +if (!defined('udf_functions')) { define('udf_functions', 'true', false); - function udf_add_file_form() + function udf_add_file_form() { global $pdo; @@ -44,22 +43,18 @@ function udf_add_file_form() $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { + foreach ($result as $row) { echo '

'; - if (file_exists("udf_help.html")) - { + if (file_exists("udf_help.html")) { echo ''.$row[2].''; - } - else - { + } else { echo $row[2]; } echo ''; //Type is Select List - if ( $row[1] == 1 ) - { + if ($row[1] == 1) { echo ''; } // Type is Radio - if ( $row[1] == 2 ) - { + if ($row[1] == 2) { $query = " SELECT id, @@ -92,41 +86,38 @@ function udf_add_file_form() $stmt->execute(); $sub_result = $stmt->fetchAll(); - foreach($sub_result as $sub_row) { + foreach ($sub_result as $sub_row) { echo ''.$sub_row[1]; } } // Type is Text - if ( $row[1] == 3 ) - { + if ($row[1] == 3) { echo ''; } - - //CHM + + //CHM // Type is Sub-Select - if ( $row[1] == 4 ) - { - $explode_row = explode('_',$row[0]); - $field_name = $explode_row[2]; - + if ($row[1] == 4) { + $explode_row = explode('_', $row[0]); + $field_name = $explode_row[2]; + $query = "SELECT * FROM {$row[0]}"; $stmt = $pdo->prepare($query); $stmt->execute(); $sub_result = $stmt->fetchAll(); - echo ''; + echo ''; + foreach ($sub_result as $sub_row) { + echo ''; } - echo ''; - - echo '
Secondary items will show up here.
'; - + echo ''; + + echo '
Secondary items will show up here.
'; } - //CHM - + //CHM + echo '
' . $row[0] . ''; - if ( $row[1] == 1 ) - { + if ($row[1] == 1) { echo '' . $sub_row[1]; } } - if ($row[1] == 1) + if ($row[1] == 1) { echo ''; + } echo '
' . $row[0] . ''; $query = " SELECT @@ -283,15 +268,14 @@ function udf_edit_file_form() echo ''; } - //CHM - elseif( $row[1] == 4) - { - $explode_row = explode('_',$row[2]); - $field_name = $explode_row[2]; - + //CHM + elseif ($row[1] == 4) { + $explode_row = explode('_', $row[2]); + $field_name = $explode_row[2]; + echo '
' . $row[0] . ''; - echo ''; + echo ''; $query = " SELECT @@ -312,24 +296,22 @@ function udf_edit_file_form() $stmt->execute(); $sub_result = $stmt->fetchAll(); - foreach($sub_result as $sub_row) { - if ( $row[1] == 4 ) - { + foreach ($sub_result as $sub_row) { + if ($row[1] == 4) { echo ''; } } - echo ''; - + echo ''; + echo '
 
'; - + $query = " SELECT {$GLOBALS['CONFIG']['db_prefix']}udftbl_{$field_name}_secondary @@ -343,10 +325,10 @@ function udf_edit_file_form() $sub_row = $stmt->fetch(); $sel = $sub_row[0]; - - if($sel ==''){ - echo 'Secondary items will show up here.'; - }else{ + + if ($sel =='') { + echo 'Secondary items will show up here.'; + } else { $query = " SELECT id, @@ -360,23 +342,21 @@ function udf_edit_file_form() $stmt->execute(array(':sel_pri' => $sel_pri)); $sub_result = $stmt->fetchAll(); - echo ''; - echo '
' . $row[0] . ':' . $sub_row[0] . '
' . $row[0] . ':' . $sub_row[0] . '
' . $row[0] . ':' . $sub_row[0] . '
'.$row[2].'
'; @@ -555,9 +526,8 @@ function udf_functions_java_array() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ($row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { $query = "SELECT id,value FROM {$row[0]}"; $stmt = $pdo->prepare($query); $stmt->execute(array()); @@ -582,9 +552,8 @@ function udf_functions_java_options($id) $stmt->execute(array()); $result = $stmt->fetchAll(); - foreach($result as $row) { - if ( $row[1] == 1 || $row[1] == 2) - { + foreach ($result as $row) { + if ($row[1] == 1 || $row[1] == 2) { echo ''; $id++; } @@ -595,15 +564,13 @@ function udf_functions_add_udf() { global $pdo; - if(empty($_REQUEST['table_name'])) - { - header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank') ); + if (empty($_REQUEST['table_name'])) { + header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank')); exit; } - if(empty($_REQUEST['display_name'])) - { - header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank') ); + if (empty($_REQUEST['display_name'])) { + header('Location: admin.php?last_message=' . msg('message_udf_cannot_be_blank')); exit; } @@ -620,10 +587,8 @@ function udf_functions_add_udf() $stmt = $pdo->prepare($query); $stmt->execute(array(':table_name' => $table_name)); - if ($stmt->rowCount() == 0) - { - if ($_REQUEST['field_type'] == 1 || $_REQUEST['field_type'] == 2) - { + if ($stmt->rowCount() == 0) { + if ($_REQUEST['field_type'] == 1 || $_REQUEST['field_type'] == 2) { // They have chosen Select list of Radio list // // First we add a new column in the data table @@ -631,8 +596,7 @@ function udf_functions_add_udf() $stmt = $pdo->prepare($query); $stmt->execute(array(':table_name' => $table_name)); - if (!$stmt) - { + if (!$stmt) { header('Location: admin.php?last_message=Error+:+Problem+With+Alter'); exit; } @@ -642,8 +606,7 @@ function udf_functions_add_udf() $stmt = $pdo->prepare($query); $stmt->execute(); - if (!$stmt) - { + if (!$stmt) { // If the CREATE fails, rollback the ALTER $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data DROP COLUMN $table_name"; $stmt = $pdo->prepare($query); @@ -780,13 +743,12 @@ function udf_functions_add_udf() header('Location: admin.php?last_message=Error+:+Duplicate+UDF+Name'); exit; } - } elseif ($_REQUEST['field_type'] == 3) { + } elseif ($_REQUEST['field_type'] == 3) { // The have chosen a text field $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data ADD COLUMN {$table_name} varchar(255) AFTER category"; $stmt = $pdo->prepare($query); $stmt->execute(); - if (!$stmt) - { + if (!$stmt) { header('Location: admin.php?last_message=Error+:+Problem+With+Alter'); exit; } @@ -808,8 +770,7 @@ function udf_functions_add_udf() ':display_name' => $_REQUEST['display_name'], ':field_type' => $_REQUEST['field_type'] )); - if (!$stmt) - { + if (!$stmt) { // If the INSERT fails, rollback the ALTER $query = "ALTER TABLE {$GLOBALS['CONFIG']['db_prefix']}data DROP COLUMN {$table_name}"; $stmt = $pdo->prepare($query); @@ -819,9 +780,7 @@ function udf_functions_add_udf() exit; } } - } - else - { + } else { header('Location: admin.php?last_message=Error+:+Duplicate+Table+Name'); exit; } @@ -886,8 +845,7 @@ function udf_functions_search_options() $stmt->execute(); $result = $stmt->fetchAll(); - foreach($result as $row) - { + foreach ($result as $row) { echo ''; } } @@ -912,14 +870,11 @@ function udf_functions_search($where, $query_pre, $query, $equate, $keyword) )); $row = $stmt->fetch(); - if ($row[1] == 1 || $row[1] == 2 || $row[1] == 4) - { + if ($row[1] == 1 || $row[1] == 2 || $row[1] == 4) { $query_pre .= ', ' . $row[0]; $query .= $row[0] . '.value' . $equate . '\'' . $keyword . '\''; $query .= ' AND d.' . $row[0] . ' = ' . $row[0] . '.id'; - } - elseif ($row[1] == 3) - { + } elseif ($row[1] == 3) { $query .= $row[0] . $equate . '\'' . $keyword . '\''; } @@ -934,4 +889,4 @@ function is_valid_udf_name($name) { return preg_match('/^\w+$/', $name); } -} \ No newline at end of file +} diff --git a/user.php b/user.php index dd2798b8..b73267a1 100644 --- a/user.php +++ b/user.php @@ -136,7 +136,8 @@ )); // INSERT into admin - $user_id = $pdo->lastInsertId();; + $user_id = $pdo->lastInsertId(); + ; if (!isset($_POST['admin'])) { $_POST['admin'] = '0'; } @@ -254,7 +255,6 @@ display_smarty_template('user_delete_pick.tpl'); draw_footer(); } elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'Show User') { - $user_obj = new User($_POST['item'], $pdo); draw_header(msg('userpage_show_user') . $user_obj->getName(), $last_message); @@ -368,7 +368,6 @@ } draw_footer(); - } elseif (isset($_POST['submit']) && 'Update User' == $_POST['submit']) { // Check to make sue they are either the user being modified or an admin @@ -480,9 +479,7 @@ $last_message = urlencode(msg('message_user_successfully_updated')); header('Location: out.php?last_message=' . $last_message); - } elseif (isset($_REQUEST['submit']) and $_REQUEST['submit'] == 'updatepick') { - draw_header(msg('userpage_modify_user'), $last_message); // Check to see if user is admin @@ -507,10 +504,9 @@ display_smarty_template('user/edit_pick.tpl'); draw_footer(); - } elseif (isset($_REQUEST['cancel']) and $_REQUEST['cancel'] == 'Cancel') { $last_message = "Action Cancelled"; header('Location: admin.php?last_message=' . $last_message); } else { header('Location: admin.php?last_message=' . urlencode('Unrecognizalbe action')); -} \ No newline at end of file +} diff --git a/view.php b/view.php index 4814ca42..7eada517 100644 --- a/view.php +++ b/view.php @@ -26,15 +26,13 @@ include_once('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); -if (!isset($id) || $id == '') -{ +if (!isset($id) || $id == '') { header('Location:error.php?ec=2'); exit; } @@ -46,58 +44,47 @@ $filedata = new FileData($id, $pdo); $filedata->setId($id); -if ($filedata->getError() != '') -{ +if ($filedata->getError() != '') { header('Location:error.php?ec=2'); - ob_end_flush(); // Flush buffer onto screens - ob_end_clean(); // Clean up buffer + ob_end_flush(); // Flush buffer onto screens + ob_end_clean(); // Clean up buffer exit; -} -else -{ +} else { // all checks completed /* to avoid problems with some browsers, - download script should not include parameters on the URL - so let's use a form and pass the parameters via POST + download script should not include parameters on the URL + so let's use a form and pass the parameters via POST */ // form not yet submitted // display information on how to initiate download - if (!isset($submit)) - { + if (!isset($submit)) { draw_header('View File', $last_message); $GLOBALS['smarty']->assign('file_id', $filedata->getId()); display_smarty_template('view.tpl'); - draw_footer(); - + draw_footer(); } // form submitted - begin download - else - { + else { $id = $filedata->getId(); $realname = $filedata->getName(); // get the filename $filename = $GLOBALS['CONFIG']['dataDir'] . $_POST['id'] . '.dat'; - if ( file_exists($filename) ) - { + if (file_exists($filename)) { // send headers to browser to initiate file download - header ('Content-Type: application/octet-stream'); - header ('Content-Disposition: attachment; filename='.rawurlencode($realname)); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename='.rawurlencode($realname)); readfile($filename); // Call the plugin API callPluginMethod('onViewFile'); - - } - else - { + } else { echo 'File not readable...'; } - } -} \ No newline at end of file +} diff --git a/view_file.php b/view_file.php index d433f021..776db67b 100644 --- a/view_file.php +++ b/view_file.php @@ -24,8 +24,7 @@ include('odm-load.php'); -if (!isset($_SESSION['uid'])) -{ +if (!isset($_SESSION['uid'])) { redirect_visitor(); } @@ -34,15 +33,13 @@ $last_message = (isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''); $request_id = $_REQUEST['id']; //save an original copy of id -if(strchr($_REQUEST['id'], '_') ) -{ - list($_REQUEST['id'], $revision_id) = explode('_' , $_REQUEST['id']); +if (strchr($_REQUEST['id'], '_')) { + list($_REQUEST['id'], $revision_id) = explode('_', $_REQUEST['id']); $revision_dir = $GLOBALS['CONFIG']['revisionDir'] . '/'. $_REQUEST['id'] . '/'; } -if(!isset($_GET['submit'])) -{ - draw_header(msg('view') . ' ' . msg('file'),$last_message); +if (!isset($_GET['submit'])) { + draw_header(msg('view') . ' ' . msg('file'), $last_message); $file_obj = new FileData($_REQUEST['id'], $pdo); $file_name = $file_obj->getName(); $file_id = $file_obj->getId(); @@ -51,11 +48,10 @@ // Get the suffix of the file so we can look it up // in the $mimetypes array $suffix = ''; - if(strchr($realname, '.')) - { + if (strchr($realname, '.')) { // Fix by blackwes - $prefix = (substr($realname,0,(strrpos($realname,".")))); - $suffix = strtolower((substr($realname,((strrpos($realname,".")+1))))); + $prefix = (substr($realname, 0, (strrpos($realname, ".")))); + $suffix = strtolower((substr($realname, ((strrpos($realname, ".")+1))))); } $mimetype = File::mime_by_ext($suffix); @@ -66,48 +62,36 @@ // drw form display_smarty_template('view_file.tpl'); draw_footer(); -} -elseif ($_GET['submit'] == 'view') -{ +} elseif ($_GET['submit'] == 'view') { $file_obj = new FileData($_REQUEST['id'], $pdo); // Added this check to keep unauthorized users from downloading - Thanks to Chad Bloomquist checkUserPermission($_REQUEST['id'], $file_obj->READ_RIGHT, $file_obj); $realname = $file_obj->getName(); - if( isset($revision_id) ) - { + if (isset($revision_id)) { $filename = $revision_dir . $request_id . ".dat"; - } - elseif( $file_obj->isArchived() ) - { + } elseif ($file_obj->isArchived()) { $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat"; - } - else - { + } else { $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat"; } - if ( file_exists($filename) ) - { + if (file_exists($filename)) { // send headers to browser to initiate file download header('Content-Length: '.filesize($filename)); // Pass the mimetype so the browser can open it - header ('Cache-control: private'); + header('Cache-control: private'); header('Content-Type: ' . $_GET['mimetype']); header('Content-Disposition: attachment; filename="' . rawurlencode($realname) . '"'); // Apache is sending Last Modified header, so we'll do it, too $modified=filemtime($filename); - header('Last-Modified: '. date('D, j M Y G:i:s T',$modified)); // something like Thu, 03 Oct 2002 18:01:08 GMT + header('Last-Modified: '. date('D, j M Y G:i:s T', $modified)); // something like Thu, 03 Oct 2002 18:01:08 GMT readfile($filename); AccessLog::addLogEntry($_REQUEST['id'], 'V', $pdo); - } - else - { + } else { echo msg('message_file_does_not_exist'); } -} -elseif ($_GET['submit'] == 'Download') -{ +} elseif ($_GET['submit'] == 'Download') { $file_obj = new FileData($_REQUEST['id'], $pdo); // Added this check to keep unauthorized users from downloading - Thanks to Chad Bloomquist @@ -115,38 +99,27 @@ $realname = $file_obj->getName(); - if( isset($revision_id) ) - { + if (isset($revision_id)) { $filename = $revision_dir . $request_id . ".dat"; - } - elseif( $file_obj->isArchived() ) - { + } elseif ($file_obj->isArchived()) { $filename = $GLOBALS['CONFIG']['archiveDir'] . $_REQUEST['id'] . ".dat"; - } - else - { + } else { $filename = $GLOBALS['CONFIG']['dataDir'] . $_REQUEST['id'] . ".dat"; } - if (file_exists($filename)) - { + if (file_exists($filename)) { // send headers to browser to initiate file download header('Cache-control: private'); - header ('Content-Type: '.$_GET['mimetype']); - header ('Content-Disposition: attachment; filename="' . $realname . '"'); + header('Content-Type: '.$_GET['mimetype']); + header('Content-Disposition: attachment; filename="' . $realname . '"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); readfile($filename); AccessLog::addLogEntry($_REQUEST['id'], 'D', $pdo); - } - else - { + } else { echo msg('message_file_does_not_exist'); } - -} -else -{ +} else { echo msg('message_nothing_to_do'); echo 'submit is ' . $_GET['submit']; -} \ No newline at end of file +}