gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-11-26 07:22:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2024-10-27 06:36:12 +01:00
commit 012977d606
5 changed files with 225 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
inc/inc.ClassAuthenticationMiddleware.php
View File

@ -1,4 +1,35 @@
<?php
/**
* MyDMS. Document Management System
* Copyright (C) 2002-2005 Markus Westphal
* Copyright (C) 2006-2008 Malcolm Cowe
* Copyright (C) 2010 Matteo Lucarelli
* Copyright (C) 2010-2024 Uwe Steinmann
*
* PHP version 8
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* @category SeedDMS
* @package SeedDMS
* @author Uwe Steinmann <info@seeddms.org>
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
* @link https://www.seeddms.org Main Site
*/
/* Middleware for authentication based on session */
class SeedDMS_Auth_Middleware_Session { /* {{{ */
@ -23,24 +54,25 @@ class SeedDMS_Auth_Middleware_Session { /* {{{ */
$settings = $this->container->config;
$logger = $this->container->logger;
$userobj = null;
if($this->container->has('userobj'))
$userobj = $this->container->userobj;
if($userobj) {
$response = $next($request, $response);
return $response;
if ($this->container->has('userobj')) {
$userobj = $this->container->userobj;
}
$logger->log("Invoke middleware for method ".$request->getMethod()." on '".$request->getUri()->getPath()."'", PEAR_LOG_INFO);
if ($userobj) {
$response = $next($request, $response);
return $response;
}
$logger->log("Invoke middleware for method " . $request->getMethod() . " on '" . $request->getUri()->getPath() . "'", PEAR_LOG_INFO);
require_once("inc/inc.ClassSession.php");
$session = new SeedDMS_Session($dms->getDb());
if (isset($_COOKIE["mydms_session"])) {
$dms_session = $_COOKIE["mydms_session"];
$logger->log("Session key: ".$dms_session, PEAR_LOG_DEBUG);
if(!$resArr = $session->load($dms_session)) {
$logger->log("Session key: " . $dms_session, PEAR_LOG_DEBUG);
if (!$resArr = $session->load($dms_session)) {
/* Delete Cookie */
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
$logger->log("Session for id '".$dms_session."' has gone", PEAR_LOG_ERR);
setcookie("mydms_session", $dms_session, time() - 3600, $settings->_httpRoot);
$logger->log("Session for id '" . $dms_session . "' has gone", PEAR_LOG_ERR);
return $response->withStatus(403);
}
@ -48,17 +80,20 @@ class SeedDMS_Auth_Middleware_Session { /* {{{ */
$userobj = $dms->getUser($resArr["userID"]);
if (!is_object($userobj)) {
/* Delete Cookie */
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot);
if($settings->_enableGuestLogin) {
if(!($userobj = $dms->getUser($settings->_guestID)))
setcookie("mydms_session", $dms_session, time() - 3600, $settings->_httpRoot);
if ($settings->_enableGuestLogin) {
if (!($userobj = $dms->getUser($settings->_guestID))) {
return $response->withStatus(403);
} else
}
} else {
return $response->withStatus(403);
}
}
if($userobj->isAdmin()) {
if($resArr["su"]) {
if(!($userobj = $dms->getUser($resArr["su"])))
if ($userobj->isAdmin()) {
if ($resArr["su"]) {
if (!($userobj = $dms->getUser($resArr["su"]))) {
return $response->withStatus(403);
}
}
}
$dms->setUser($userobj);

59
inc/inc.ConversionInit.php
View File

@ -1,40 +1,71 @@
<?php
/**
* MyDMS. Document Management System
* Copyright (C) 2002-2005 Markus Westphal
* Copyright (C) 2006-2008 Malcolm Cowe
* Copyright (C) 2010 Matteo Lucarelli
* Copyright (C) 2010-2024 Uwe Steinmann
*
* PHP version 8
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* @category SeedDMS
* @package SeedDMS
* @author Uwe Steinmann <info@seeddms.org>
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
* @link https://www.seeddms.org Main Site
*/
$conversionmgr = null;
require_once("inc.ClassConversionMgr.php");
require_once "inc.ClassConversionMgr.php";
$conversionmgr = new SeedDMS_ConversionMgr();
if(!empty($settings->_converters['preview'])) {
foreach($settings->_converters['preview'] as $mimetype=>$cmd) {
if (!empty($settings->_converters['preview'])) {
foreach ($settings->_converters['preview'] as $mimetype => $cmd) {
$conversionmgr->addService(new SeedDMS_ConversionServiceExec($mimetype, 'image/png', $cmd), $settings->_cmdTimeout)->setLogger($logger);
}
}
if(!empty($settings->_converters['pdf'])) {
foreach($settings->_converters['pdf'] as $mimetype=>$cmd) {
if (!empty($settings->_converters['pdf'])) {
foreach ($settings->_converters['pdf'] as $mimetype => $cmd) {
$conversionmgr->addService(new SeedDMS_ConversionServiceExec($mimetype, 'application/pdf', $cmd, $settings->_cmdTimeout))->setLogger($logger);
}
}
if(!empty($settings->_converters['fulltext'])) {
foreach($settings->_converters['fulltext'] as $mimetype=>$cmd) {
if (!empty($settings->_converters['fulltext'])) {
foreach ($settings->_converters['fulltext'] as $mimetype => $cmd) {
$conversionmgr->addService(new SeedDMS_ConversionServiceExec($mimetype, 'text/plain', $cmd, $settings->_cmdTimeout))->setLogger($logger);
}
}
if(extension_loaded('imagick')) {
if (extension_loaded('imagick')) {
$conversionmgr->addService(new SeedDMS_ConversionServicePdfToImage('application/pdf', 'image/png'))->setLogger($logger);
$conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/tiff', 'image/png'))->setLogger($logger);
$conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/svg+xml', 'image/png'))->setLogger($logger);
}
if(extension_loaded('gd') || extension_loaded('imagick')) {
if (extension_loaded('gd') || extension_loaded('imagick')) {
$conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/jpeg', 'image/png'))->setLogger($logger);
$conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/png', 'image/png'))->setLogger($logger);
$conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/jpg', 'image/png'))->setLogger($logger);
$conversionmgr->addService(new SeedDMS_ConversionServiceImageToImage('image/gif', 'image/png'))->setLogger($logger);
}
if(extension_loaded('imagick')) {
if (extension_loaded('imagick')) {
$conversionmgr->addService(new SeedDMS_ConversionServiceTextToImage('text/plain', 'image/png'))->setLogger($logger);
}
@ -47,11 +78,11 @@ $conversionmgr->addService(new SeedDMS_ConversionServiceTextToText('text/x-rst',
$conversionmgr->addService(new SeedDMS_ConversionServiceHtmlToText('text/html', 'text/plain'))->setLogger($logger);
if(isset($GLOBALS['SEEDDMS_HOOKS']['initConversion'])) {
foreach($GLOBALS['SEEDDMS_HOOKS']['initConversion'] as $hookObj) {
if (isset($GLOBALS['SEEDDMS_HOOKS']['initConversion'])) {
foreach ($GLOBALS['SEEDDMS_HOOKS']['initConversion'] as $hookObj) {
if (method_exists($hookObj, 'getConversionServices')) {
if($services = $hookObj->getConversionServices(array('dms'=>$dms, 'settings'=>$settings, 'logger'=>$logger))) {
foreach($services as $service) {
if ($services = $hookObj->getConversionServices(array('dms' => $dms, 'settings' => $settings, 'logger' => $logger))) {
foreach ($services as $service) {
$conversionmgr->addService($service)->setLogger($logger);
}
}

57
inc/inc.Init.php
View File

@ -1,28 +1,41 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
/**
* MyDMS. Document Management System
* Copyright (C) 2002-2005 Markus Westphal
* Copyright (C) 2006-2008 Malcolm Cowe
* Copyright (C) 2010 Matteo Lucarelli
* Copyright (C) 2010-2024 Uwe Steinmann
*
* PHP version 8
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* @category SeedDMS
* @package SeedDMS
* @author Uwe Steinmann <info@seeddms.org>
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
* @link https://www.seeddms.org Main Site
*/
use Symfony\Component\HttpFoundation\Request;
if(!empty($settings->_coreDir))
require_once($settings->_coreDir.'/Core.php');
else
require_once('vendor/seeddms/core/Core.php');
if (!empty($settings->_coreDir)) {
require_once $settings->_coreDir . '/Core.php';
} else {
require_once 'vendor/seeddms/core/Core.php';
}
$request = Request::createFromGlobals();

72
out/out.ReviewSummary.php
View File

@ -1,34 +1,46 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2016 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
if(!isset($settings))
require_once("../inc/inc.Settings.php");
require_once("inc/inc.Utils.php");
require_once("inc/inc.LogInit.php");
require_once("inc/inc.Language.php");
require_once("inc/inc.Init.php");
require_once("inc/inc.Extension.php");
require_once("inc/inc.DBInit.php");
require_once("inc/inc.ClassUI.php");
require_once("inc/inc.Authentication.php");
/**
* MyDMS. Document Management System
* Copyright (C) 2002-2005 Markus Westphal
* Copyright (C) 2006-2008 Malcolm Cowe
* Copyright (C) 2010 Matteo Lucarelli
* Copyright (C) 2010-2024 Uwe Steinmann
*
* PHP version 8
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* @category SeedDMS
* @package SeedDMS
* @author Uwe Steinmann <info@seeddms.org>
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
* @link https://www.seeddms.org Main Site
*/
if(!isset($settings)) {
require_once "../inc/inc.Settings.php");
}
require_once "inc/inc.Utils.php";
require_once "inc/inc.LogInit.php";
require_once "inc/inc.Language.php";
require_once "inc/inc.Init.php";
require_once "inc/inc.Extension.php";
require_once "inc/inc.DBInit.php";
require_once "inc/inc.ClassUI.php";
require_once "inc/inc.Authentication.php";
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
@ -41,7 +53,7 @@ if ($user->isGuest()) {
UI::exitError(getMLText("my_documents"), getMLText("access_denied"));
}
if($view) {
if ($view) {
$view->setParam('showtree', showtree());
$view->setParam('cachedir', $settings->_cacheDir);
$view->setParam('previewWidthList', $settings->_previewWidthList);

88
out/out.UpdateDocument.php
View File

@ -1,70 +1,82 @@
<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
// Copyright (C) 2010-2016 Uwe Steinmann
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
if(!isset($settings))
require_once("../inc/inc.Settings.php");
require_once("inc/inc.Utils.php");
require_once("inc/inc.LogInit.php");
require_once("inc/inc.Language.php");
require_once("inc/inc.Init.php");
require_once("inc/inc.Extension.php");
require_once("inc/inc.DBInit.php");
require_once("inc/inc.ClassUI.php");
require_once("inc/inc.ClassAccessOperation.php");
require_once("inc/inc.Authentication.php");
/**
* MyDMS. Document Management System
* Copyright (C) 2002-2005 Markus Westphal
* Copyright (C) 2006-2008 Malcolm Cowe
* Copyright (C) 2010 Matteo Lucarelli
* Copyright (C) 2010-2016 Uwe Steinmann
*
* PHP version 8
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* @category SeedDMS
* @package SeedDMS
* @author Uwe Steinmann <info@seeddms.org>
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License
* @link https://www.seeddms.org Main Site
*/
if (!isset($settings)) {
require_once "../inc/inc.Settings.php";
}
require_once "inc/inc.Utils.php";
require_once "inc/inc.LogInit.php";
require_once "inc/inc.Language.php";
require_once "inc/inc.Init.php";
require_once "inc/inc.Extension.php";
require_once "inc/inc.DBInit.php";
require_once "inc/inc.ClassUI.php";
require_once "inc/inc.ClassAccessOperation.php";
require_once "inc/inc.Authentication.php";
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))), getMLText("invalid_doc_id"));
}
$document = $dms->getDocument($_GET["documentid"]);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))), getMLText("invalid_doc_id"));
}
if ($document->getAccessMode($user) < M_READWRITE) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))), getMLText("access_denied"));
}
if($document->isLocked()) {
if ($document->isLocked()) {
$lockingUser = $document->getLockingUser();
if (($lockingUser->getID() != $user->getID()) && ($document->getAccessMode($user) != M_ALL)) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("lock_message", array("email" => $lockingUser->getEmail(), "username" => htmlspecialchars($lockingUser->getFullName()))));
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))), getMLText("lock_message", array("email" => $lockingUser->getEmail(), "username" => htmlspecialchars($lockingUser->getFullName()))));
}
}
if($settings->_quota > 0) {
if ($settings->_quota > 0) {
$remain = checkQuota($user);
if ($remain < 0) {
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("quota_exceeded", array('bytes'=>SeedDMS_Core_File::format_filesize(abs($remain)))));
UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))), getMLText("quota_exceeded", array('bytes'=>SeedDMS_Core_File::format_filesize(abs($remain)))));
}
}
$folder = $document->getFolder();
if($view) {
if ($view) {
$view->setParam('folder', $folder);
$view->setParam('document', $document);
$view->setParam('strictformcheck', $settings->_strictFormCheck);