gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-31 05:11:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

do not check for named formtoken in op/op.Ajax.php anymore, use new statusbox-container for last file uploads

Browse Source
This commit is contained in:
Uwe Steinmann 2019-07-12 16:45:28 +02:00
parent ee732551c6
commit 3471835d0a
3 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
op/op.Ajax.php
View File

@ -265,7 +265,7 @@ switch($command) {
case 'movefolder': /* {{{ */
if($user) {
if(!checkFormKey('movefolder', 'GET')) {
if(!checkFormKey('', 'GET')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
@ -304,7 +304,7 @@ switch($command) {
case 'movedocument': /* {{{ */
if($user) {
if(!checkFormKey('movedocument', 'GET')) {
if(!checkFormKey('', 'GET')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
@ -343,7 +343,7 @@ switch($command) {
case 'transfercontent': /* {{{ */
if($user) {
if(!checkFormKey('movedocument', 'GET')) {
if(!checkFormKey('', 'GET')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
@ -394,7 +394,7 @@ switch($command) {
case 'linkdocument': /* {{{ */
if($user) {
if(!checkFormKey('movedocument', 'GET')) {
if(!checkFormKey('', 'GET')) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
} else {
@ -607,7 +607,7 @@ switch($command) {
case 'uploaddocument': /* {{{ */
if($user) {
if(checkFormKey('adddocument')) {
if(checkFormKey('')) {
if (!isset($_POST["folderid"]) || !is_numeric($_POST["folderid"]) || intval($_POST["folderid"])<1) {
header('Content-Type: application/json');
echo json_encode(array('success'=>false, 'message'=>getMLText("invalid_folder_id")));

7
styles/bootstrap/application.js
View File

@ -661,6 +661,7 @@ function onAddClipboard(ev) { /* {{{ */
fd.append('command', 'uploaddocument');
// fd.append('path', files[i].webkitRelativePath);
statusbar.parent().show();
var status = new createStatusbar(statusbar);
status.setFileNameSize(files[i].name,files[i].size);
sendFileToServer(fd,status);
@ -725,7 +726,7 @@ $(document).ready(function() { /* {{{ */
var files = e.originalEvent.dataTransfer.files;
//We need to send dropped files to Server
SeedDMSUpload.handleFileUpload(files,obj,obj);
SeedDMSUpload.handleFileUpload(files,obj, obj);
});
$(document).on('dragenter', '.droptarget', function (e) {
@ -753,7 +754,7 @@ $(document).ready(function() { /* {{{ */
var files = e.originalEvent.dataTransfer.files;
if(files.length > 0) {
console.log('Drop '+files.length+' files on '+target_type+' '+target_id);
SeedDMSUpload.handleFileUpload(files,$(e.currentTarget),$(e.currentTarget).find("span"));
SeedDMSUpload.handleFileUpload(files,$(e.currentTarget),$('div.statusbar-container h1')/*$(e.currentTarget).find("span")*/);
} else {
var source_info = JSON.parse(e.originalEvent.dataTransfer.getData("text"));
source_type = source_info.type;
@ -848,7 +849,7 @@ $(document).ready(function() { /* {{{ */
var files = e.originalEvent.dataTransfer.files;
if(files.length > 0) {
console.log('Drop '+files.length+' files on '+target_type+' '+target_id);
SeedDMSUpload.handleFileUpload(files,$(e.currentTarget),$(e.currentTarget).find("span"));
SeedDMSUpload.handleFileUpload(files,$(e.currentTarget),$('div.statusbar-container h1')/*$(e.currentTarget).find("span")*/);
} else {
var source_info = JSON.parse(e.originalEvent.dataTransfer.getData("text"));
source_type = source_info.type;

2
views/bootstrap/class.ViewFolder.php
View File

@ -390,7 +390,7 @@ $('#loadmore').click(function(e) {
// $this->addFooterJS("SeedDMSUpload.setMaxFileSize(".SeedDMS_Core_File::parse_filesize(ini_get("upload_max_filesize")).");");
// $this->addFooterJS("SeedDMSUpload.setMaxFileSizeMsg('".getMLText("uploading_maxsize")."');");
?>
<div id="dragandrophandler" class="well alert" data-droptarget="folder_<?php echo $folder->getID(); ?>" data-target="<?php echo $folder->getID(); ?>" data-uploadformtoken="<?php echo createFormKey('adddocument'); ?>"><?php printMLText('drop_files_here'); ?></div>
<div id="dragandrophandler" class="well alert" data-droptarget="folder_<?php echo $folder->getID(); ?>" data-target="<?php echo $folder->getID(); ?>" data-uploadformtoken="<?php echo createFormKey(''); ?>"><?php printMLText('drop_files_here'); ?></div>
<?php
echo "</div>";
echo "</div>";