From 1f89b476a27f69fbddba1fedd124df2032bac5ec Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 9 Nov 2015 09:16:13 +0100 Subject: [PATCH 1/6] tell user to protect the conf directory otherwise settings.xml will be visible to the world. --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index db56109ab..aad302f08 100644 --- a/README.md +++ b/README.md @@ -231,7 +231,15 @@ full text search engine support, you will also need to unpack but not accessible through the web. For security reason the data folder should not be inside the public folders -or should be protected by a .htaccess file. +or should be protected by a .htaccess file. The folder containing the +configuration (settings.xml) must be protected by an .htaccess file like the +following. + + > + > Order allow,deny + > Deny from all + > + If you install SeedDMS for the first time continue with the database setup. From 0cb6d2df5a3fe6ccdd340e8b1bff9b8d919987fd Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 9 Nov 2015 18:49:58 +0100 Subject: [PATCH 2/6] send appropriate mail to reviewer/approver not just the 'new document' mail --- op/op.AddDocument.php | 60 ++++++++++++++++++++++++++++++++----------- 1 file changed, 45 insertions(+), 15 deletions(-) diff --git a/op/op.AddDocument.php b/op/op.AddDocument.php index cf365dc22..e24a40781 100644 --- a/op/op.AddDocument.php +++ b/op/op.AddDocument.php @@ -327,21 +327,6 @@ for ($file_num=0;$file_numgetNotifyList(); - if($settings->_enableNotificationAppRev) { - /* Reviewers and approvers will be informed about the new document */ - foreach($reviewers['i'] as $reviewerid) { - $notifyList['users'][] = $dms->getUser($reviewerid); - } - foreach($approvers['i'] as $approverid) { - $notifyList['users'][] = $dms->getUser($approverid); - } - foreach($reviewers['g'] as $reviewergrpid) { - $notifyList['groups'][] = $dms->getGroup($reviewergrpid); - } - foreach($approvers['g'] as $approvergrpid) { - $notifyList['groups'][] = $dms->getGroup($approvergrpid); - } - } $subject = "new_document_email_subject"; $message = "new_document_email_body"; @@ -383,6 +368,51 @@ for ($file_num=0;$file_num_enableNotificationAppRev) { + /* Reviewers and approvers will be informed about the new document */ + if($reviewers['i'] || $reviewers['g']) { + $subject = "review_request_email_subject"; + $message = "review_request_email_body"; + $params = array(); + $params['name'] = $document->getName(); + $params['folder_path'] = $folder->getFolderPathPlain(); + $params['version'] = $reqversion; + $params['comment'] = $comment; + $params['username'] = $user->getFullName(); + $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); + $params['sitename'] = $settings->_siteName; + $params['http_root'] = $settings->_httpRoot; + + foreach($reviewers['i'] as $reviewerid) { + $notifier->toIndividual($user, $dms->getUser($reviewerid), $subject, $message, $params); + } + foreach($reviewers['g'] as $reviewergrpid) { + $notifier->toGroup($user, $dms->getGroup($reviewergrpid), $subject, $message, $params); + } + } + + if($approvers['i'] || $approvers['g']) { + $subject = "approval_request_email_subject"; + $message = "approval_request_email_body"; + $params = array(); + $params['name'] = $document->getName(); + $params['folder_path'] = $folder->getFolderPathPlain(); + $params['version'] = $reqversion; + $params['comment'] = $comment; + $params['username'] = $user->getFullName(); + $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); + $params['sitename'] = $settings->_siteName; + $params['http_root'] = $settings->_httpRoot; + + foreach($approvers['i'] as $approverid) { + $notifier->toIndividual($user, $dms->getUser($approverid), $subject, $message, $params); + } + foreach($approvers['g'] as $approvergrpid) { + $notifier->toGroup($user, $dms->getGroup($approvergrpid), $subject, $message, $params); + } + } + } } } From 1dae3f3218dc0304b282d82811fc69ca9df2743a Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 9 Nov 2015 18:50:44 +0100 Subject: [PATCH 3/6] use $content->getVersion() instead of ->_version --- op/op.SetReviewersApprovers.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/op/op.SetReviewersApprovers.php b/op/op.SetReviewersApprovers.php index 81f498d48..ac6b0a656 100644 --- a/op/op.SetReviewersApprovers.php +++ b/op/op.SetReviewersApprovers.php @@ -125,7 +125,7 @@ foreach ($pIndRev as $p) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -184,7 +184,7 @@ if (count($reviewIndex["i"]) > 0) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -231,7 +231,7 @@ foreach ($pGrpRev as $p) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -287,7 +287,7 @@ if (count($reviewIndex["g"]) > 0) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -339,7 +339,7 @@ foreach ($pIndApp as $p) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -396,7 +396,7 @@ if (count($approvalIndex["i"]) > 0) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -443,7 +443,7 @@ foreach ($pGrpApp as $p) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); @@ -500,7 +500,7 @@ if (count($approvalIndex["g"]) > 0) { $params = array(); $params['name'] = $document->getName(); $params['folder_path'] = $folder->getFolderPathPlain(); - $params['version'] = $content->_version; + $params['version'] = $content->getVersion(); $params['comment'] = $content->getComment(); $params['username'] = $user->getFullName(); $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); From 541d07f5d7c451e9b25dd5b4bbc836e5297bc7d1 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 9 Nov 2015 18:51:09 +0100 Subject: [PATCH 4/6] inform reviewer/approver about new version --- op/op.UpdateDocument.php | 45 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/op/op.UpdateDocument.php b/op/op.UpdateDocument.php index f8701beef..fcecc9a26 100644 --- a/op/op.UpdateDocument.php +++ b/op/op.UpdateDocument.php @@ -270,6 +270,51 @@ if ($_FILES['userfile']['error'] == 0) { } } } + + if($settings->_enableNotificationAppRev) { + /* Reviewers and approvers will be informed about the new document */ + if($reviewers['i'] || $reviewers['g']) { + $subject = "review_request_email_subject"; + $message = "review_request_email_body"; + $params = array(); + $params['name'] = $document->getName(); + $params['folder_path'] = $folder->getFolderPathPlain(); + $params['version'] = $contentResult->getContent()->getVersion(); + $params['comment'] = $contentResult->getContent()->getComment(); + $params['username'] = $user->getFullName(); + $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); + $params['sitename'] = $settings->_siteName; + $params['http_root'] = $settings->_httpRoot; + + foreach($reviewers['i'] as $reviewerid) { + $notifier->toIndividual($user, $dms->getUser($reviewerid), $subject, $message, $params); + } + foreach($reviewers['g'] as $reviewergrpid) { + $notifier->toGroup($user, $dms->getGroup($reviewergrpid), $subject, $message, $params); + } + } + + if($approvers['i'] || $approvers['g']) { + $subject = "approval_request_email_subject"; + $message = "approval_request_email_body"; + $params = array(); + $params['name'] = $document->getName(); + $params['folder_path'] = $folder->getFolderPathPlain(); + $params['version'] = $contentResult->getContent()->getVersion(); + $params['comment'] = $contentResult->getContent()->getComment(); + $params['username'] = $user->getFullName(); + $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID(); + $params['sitename'] = $settings->_siteName; + $params['http_root'] = $settings->_httpRoot; + + foreach($approvers['i'] as $approverid) { + $notifier->toIndividual($user, $dms->getUser($approverid), $subject, $message, $params); + } + foreach($approvers['g'] as $approvergrpid) { + $notifier->toGroup($user, $dms->getGroup($approvergrpid), $subject, $message, $params); + } + } + } } $expires = false; From c137dc6dde9f25e52fb1d1844c4427e8493b86c0 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 9 Nov 2015 18:53:04 +0100 Subject: [PATCH 5/6] add entries for 4.3.22 --- CHANGELOG | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG b/CHANGELOG index 1c686f633..d11bffb63 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -6,6 +6,8 @@ will output some document information - new attribute type 'date' - all dates are now in format 'yyyy-mm-dd' +- fix fatal error when requesting new password +- send emails to reviewers/approvers if new document or version was uploaded -------------------------------------------------------------------------------- Changes in version 4.3.21 From 4dd2dc87af226e37267fb4f4fe6b90c2728f9bf9 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 9 Nov 2015 20:00:02 +0100 Subject: [PATCH 6/6] new version 4.3.22 --- Makefile | 2 +- SeedDMS_Core/package.xml | 31 ++++++++++++++++++++++++------- inc/inc.Version.php | 2 +- install/install.php | 2 +- 4 files changed, 27 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index c32b9fc2a..15b632e01 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -VERSION=4.3.21 +VERSION=4.3.22 SRC=CHANGELOG inc conf utils index.php languages views op out README.md README.Notification README.Ubuntu drop-tables-innodb.sql styles js TODO LICENSE Makefile webdav install restapi # webapp diff --git a/SeedDMS_Core/package.xml b/SeedDMS_Core/package.xml index 44da79f5a..42792819f 100644 --- a/SeedDMS_Core/package.xml +++ b/SeedDMS_Core/package.xml @@ -12,11 +12,11 @@ uwe@steinmann.cx yes - 2015-09-28 - + 2015-11-09 + - 4.3.21 - 4.3.21 + 4.3.22 + 4.3.22 stable @@ -24,9 +24,8 @@ GPL License -- add method SeedDMS_Core_Database::getCurrentTimestamp() -- add method SeedDMS_Core_Database::getCurrentDatetime() -- user getCurrentTimestamp() and getCurrentDatetime() whenever possible +- fix sql statement to reset password +- pass some more information for timeline @@ -892,5 +891,23 @@ clean workflow log when a document version was deleted by a group or user right + + 2015-09-28 + + + 4.3.21 + 4.3.21 + + + stable + stable + + GPL License + +- add method SeedDMS_Core_Database::getCurrentTimestamp() +- add method SeedDMS_Core_Database::getCurrentDatetime() +- user getCurrentTimestamp() and getCurrentDatetime() whenever possible + + diff --git a/inc/inc.Version.php b/inc/inc.Version.php index 148b2a810..b187bcce0 100644 --- a/inc/inc.Version.php +++ b/inc/inc.Version.php @@ -20,7 +20,7 @@ class SeedDMS_Version { - public $_number = "4.3.21"; + public $_number = "4.3.22"; private $_string = "SeedDMS"; function SeedDMS_Version() { diff --git a/install/install.php b/install/install.php index c1370e799..23d24e9c0 100644 --- a/install/install.php +++ b/install/install.php @@ -119,7 +119,7 @@ function fileExistsInIncludePath($file) { /* {{{ */ * Load default settings + set */ define("SEEDDMS_INSTALL", "on"); -define("SEEDDMS_VERSION", "4.3.21"); +define("SEEDDMS_VERSION", "4.3.22"); require_once('../inc/inc.ClassSettings.php');