mirror of
				https://git.code.sf.net/p/seeddms/code
				synced 2025-10-26 02:31:18 +00:00 
			
		
		
		
	move some code at beginning of file
This commit is contained in:
		
							parent
							
								
									16e70a0cdd
								
							
						
					
					
						commit
						2ad6a04965
					
				|  | @ -33,6 +33,7 @@ include("../inc/inc.ClassController.php"); | |||
| 
 | ||||
| $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | ||||
| $controller = Controller::factory($tmp[1]); | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| /* Check if the form data comes from a trusted request */ | ||||
| if(!checkFormKey('approvedocument')) { | ||||
|  | @ -50,12 +51,13 @@ if (!is_object($document)) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if ($document->getAccessMode($user) < M_READ) { | ||||
| // verify if document may be approved
 | ||||
| if (!$accessop->mayApprove($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
|  | @ -73,14 +75,7 @@ if ($latestContent->getVersion()!=$version) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
| 
 | ||||
| /* Create object for checking access to certain operations */ | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| $olddocstatus = $content->getStatus(); | ||||
| // verify if document may be approved
 | ||||
| if (!$accessop->mayApprove($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| if (!isset($_POST["approvalStatus"]) || !is_numeric($_POST["approvalStatus"]) || | ||||
| 		(intval($_POST["approvalStatus"])!=1 && intval($_POST["approvalStatus"])!=-1)) { | ||||
|  |  | |||
|  | @ -32,6 +32,7 @@ include("../inc/inc.ClassController.php"); | |||
| 
 | ||||
| $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | ||||
| $controller = Controller::factory($tmp[1]); | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| /* Check if the form data comes for a trusted request */ | ||||
| if(!checkFormKey('receiptdocument')) { | ||||
|  | @ -49,12 +50,13 @@ if (!is_object($document)) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if ($document->getAccessMode($user) < M_READ) { | ||||
| // verify if document may be receіpted
 | ||||
| if (!$accessop->mayReceipt($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
|  | @ -72,14 +74,6 @@ if ($latestContent->getVersion()!=$version) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
| 
 | ||||
| /* Create object for checking access to certain operations */ | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| // verify if document may be receіpted
 | ||||
| if (!$accessop->mayReceipt($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| if (!isset($_POST["receiptStatus"]) || !is_numeric($_POST["receiptStatus"]) || | ||||
| 		(intval($_POST["receiptStatus"])!=1 && intval($_POST["receiptStatus"])!=-1)) { | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_receipt_status")); | ||||
|  |  | |||
|  | @ -33,6 +33,7 @@ include("../inc/inc.ClassController.php"); | |||
| 
 | ||||
| $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | ||||
| $controller = Controller::factory($tmp[1]); | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| /* Check if the form data comes from a trusted request */ | ||||
| if(!checkFormKey('reviewdocument')) { | ||||
|  | @ -50,12 +51,13 @@ if (!is_object($document)) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if ($document->getAccessMode($user) < M_READ) { | ||||
| // verify if document may be reviewed
 | ||||
| if (!$accessop->mayReview($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
|  | @ -73,14 +75,7 @@ if ($latestContent->getVersion()!=$version) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
| 
 | ||||
| /* Create object for checking access to certain operations */ | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| $olddocstatus = $content->getStatus(); | ||||
| // verify if document may be reviewed
 | ||||
| if (!$accessop->mayReview($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| if (!isset($_POST["reviewStatus"]) || !is_numeric($_POST["reviewStatus"]) || | ||||
| 		(intval($_POST["reviewStatus"])!=1 && intval($_POST["reviewStatus"])!=-1)) { | ||||
|  |  | |||
|  | @ -32,6 +32,7 @@ include("../inc/inc.ClassController.php"); | |||
| 
 | ||||
| $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); | ||||
| $controller = Controller::factory($tmp[1]); | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| /* Check if the form data comes for a trusted request */ | ||||
| if(!checkFormKey('revisedocument')) { | ||||
|  | @ -49,12 +50,13 @@ if (!is_object($document)) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if ($document->getAccessMode($user) < M_READ) { | ||||
| // verify if document maybe revised
 | ||||
| if (!$accessop->mayRevise($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| $folder = $document->getFolder(); | ||||
| 
 | ||||
| if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
|  | @ -72,14 +74,7 @@ if ($latestContent->getVersion()!=$version) { | |||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); | ||||
| } | ||||
| 
 | ||||
| /* Create object for checking access to certain operations */ | ||||
| $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); | ||||
| 
 | ||||
| $olddocstatus = $content->getStatus(); | ||||
| // verify if document maybe revised
 | ||||
| if (!$accessop->mayRevise($document)){ | ||||
| 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); | ||||
| } | ||||
| 
 | ||||
| if (!isset($_POST["revisionStatus"]) || !is_numeric($_POST["revisionStatus"]) || | ||||
| 		(!in_array(intval($_POST["revisionStatus"]), array(1, -1, 6)))) { | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Uwe Steinmann
						Uwe Steinmann