gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-13 21:21:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-4.3.4' into develop

Browse Source 
Conflicts:
	Makefile
	op/op.RemoveFolder.php
This commit is contained in:
Uwe Steinmann 2014-02-26 23:12:40 +01:00
commit 50d939cd8e
9 changed files with 56 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG
View File

@ -8,7 +8,9 @@
- add missing file views/bootstrap/class.RemoveFolderFileѕ.php (Bug #101) - add missing file views/bootstrap/class.RemoveFolderFileѕ.php (Bug #101)
- unlinked documents/folders can be moved into root folder - unlinked documents/folders can be moved into root folder
- take out debug echo statement (Bug #125) - take out debug echo statement (Bug #125)
- fix some errors in notification mails
- fix some security holes
- add initial version of REST api
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 4.3.3 Changes in version 4.3.3

4
Makefile
View File

@ -1,6 +1,6 @@
VERSION=4.3.4 VERSION=4.3.4
SRC=CHANGELOG inc conf utils index.php languages views op out controllers README.md README.Notification README.Ubuntu drop-tables-innodb.sql styles js TODO LICENSE Makefile webdav install SRC=CHANGELOG inc conf utils index.php languages views op out controllers README.md README.Notification README.Ubuntu drop-tables-innodb.sql styles js TODO LICENSE Makefile webdav install restapi
#restapi webapp # webapp
EXTENSIONS := \ EXTENSIONS := \
dynamic_content.tar.gz\ dynamic_content.tar.gz\

14
op/op.AddFile2.php
View File

@ -28,14 +28,16 @@ include("../inc/inc.Authentication.php");
$file_param_name = 'file'; $file_param_name = 'file';
$file_name = $_FILES[ $file_param_name ][ 'name' ]; $file_name = $_FILES[ $file_param_name ][ 'name' ];
$source_file_path = $_FILES[ $file_param_name ][ 'tmp_name' ]; $source_file_path = $_FILES[ $file_param_name ][ 'tmp_name' ];
$target_file_path =$settings->_stagingDir.$_POST['fileId']."-".$_POST['partitionIndex']; $fileId = basename($_POST['fileId']);
$partitionIndex = (int) $_POST['partitionIndex'];
$target_file_path =$settings->_stagingDir.$fileId."-".$partitionIndex;
if( move_uploaded_file( $source_file_path, $target_file_path ) ) { if( move_uploaded_file( $source_file_path, $target_file_path ) ) {
if($_POST['partitionIndex']+1 == $_POST['partitionCount']) { if($partitionIndex+1 == $_POST['partitionCount']) {
$fpnew = fopen($settings->_stagingDir.$_POST['fileId'], 'w+'); $fpnew = fopen($settings->_stagingDir.$fileId, 'w+');
for($i=0; $i<$_POST['partitionCount']; $i++) { for($i=0; $i<$_POST['partitionCount']; $i++) {
$content = file_get_contents($settings->_stagingDir.$_POST['fileId']."-".$i, 'r'); $content = file_get_contents($settings->_stagingDir.$fileId."-".$i, 'r');
fwrite($fpnew, $content); fwrite($fpnew, $content);
unlink($settings->_stagingDir.$_POST['fileId']."-".$i); unlink($settings->_stagingDir.$fileId."-".$i);
} }
fclose($fpnew); fclose($fpnew);
@ -56,7 +58,7 @@ if( move_uploaded_file( $source_file_path, $target_file_path ) ) {
echo getMLText("access_denied"); echo getMLText("access_denied");
} }
$userfiletmp = $settings->_stagingDir.$_POST['fileId'];; $userfiletmp = $settings->_stagingDir.$fileId;
$userfiletype = $_FILES[ $file_param_name ]["type"]; $userfiletype = $_FILES[ $file_param_name ]["type"];
$userfilename = $_FILES[ $file_param_name ]["name"]; $userfilename = $_FILES[ $file_param_name ]["name"];

1
op/op.AddSubFolder.php
View File

@ -98,6 +98,7 @@ if (is_object($subFolder)) {
$message = "new_subfolder_email_body"; $message = "new_subfolder_email_body";
$params = array(); $params = array();
$params['name'] = $subFolder->getName(); $params['name'] = $subFolder->getName();
$params['folder_name'] = $folder->getName();
$params['folder_path'] = $folder->getFolderPathPlain(); $params['folder_path'] = $folder->getFolderPathPlain();
$params['username'] = $user->getFullName(); $params['username'] = $user->getFullName();
$params['comment'] = $comment; $params['comment'] = $comment;

4
op/op.Login.php
View File

@ -278,7 +278,7 @@ if (isset($_COOKIE["mydms_session"])) {
/* Load session */ /* Load session */
$dms_session = $_COOKIE["mydms_session"]; $dms_session = $_COOKIE["mydms_session"];
if(!$resArr = $session->load($dms_session)) { if(!$resArr = $session->load($dms_session)) {
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot, null, null, true); //delete cookie
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit; exit;
} else { } else {
@ -296,7 +296,7 @@ if (isset($_COOKIE["mydms_session"])) {
$lifetime = time() + intval($settings->_cookieLifetime); $lifetime = time() + intval($settings->_cookieLifetime);
else else
$lifetime = 0; $lifetime = 0;
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot); setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, null, true);
} }
// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded. // TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.

35
op/op.RemoveFolder.php
View File

@ -64,6 +64,7 @@ if(!$controller->run()) {
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id")); UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id"));
} }
<<<<<<< HEAD
if ($notifier) { if ($notifier) {
$subject = "folder_deleted_email_subject"; $subject = "folder_deleted_email_subject";
$message = "folder_deleted_email_body"; $message = "folder_deleted_email_body";
@ -76,6 +77,40 @@ if ($notifier) {
$notifier->toList($user, $nl["users"], $subject, $message, $params); $notifier->toList($user, $nl["users"], $subject, $message, $params);
foreach ($nl["groups"] as $grp) { foreach ($nl["groups"] as $grp) {
$notifier->toGroup($user, $grp, $subject, $message, $params); $notifier->toGroup($user, $grp, $subject, $message, $params);
=======
$nl = $folder->getNotifyList();
$foldername = $folder->getName();
if ($folder->remove()) {
// Send notification to subscribers.
if ($notifier) {
/*
$subject = "###SITENAME###: ".$folder->getName()." - ".getMLText("folder_deleted_email");
$message = getMLText("folder_deleted_email")."\r\n";
$message .=
getMLText("name").": ".$folder->getName()."\r\n".
getMLText("folder").": ".$folder->getFolderPathPlain()."\r\n".
getMLText("comment").": ".$folder->getComment()."\r\n".
"URL: ###URL_PREFIX###out/out.ViewFolder.php?folderid=".$folder->getID()."\r\n";
$notifier->toList($user, $folder->_notifyList["users"], $subject, $message);
foreach ($folder->_notifyList["groups"] as $grp) {
$notifier->toGroup($user, $grp, $subject, $message);
}
*/
$subject = "folder_deleted_email_subject";
$message = "folder_deleted_email_body";
$params = array();
$params['name'] = $foldername;
$params['folder_path'] = $parent->getFolderPathPlain();
$params['username'] = $user->getFullName();
$params['sitename'] = $settings->_siteName;
$params['http_root'] = $settings->_httpRoot;
$params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewFolder.php?folderid=".$parent->getID();
$notifier->toList($user, $nl["users"], $subject, $message, $params);
foreach ($nl["groups"] as $grp) {
$notifier->toGroup($user, $grp, $subject, $message, $params);
}
>>>>>>> seeddms-4.3.4
} }
} }

2
out/out.LogManagement.php
View File

@ -27,7 +27,7 @@ if (!$user->isAdmin()) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
} }
if (isset($_GET["logname"])) $logname=$_GET["logname"]; if (isset($_GET["logname"])) $logname=basename($_GET["logname"]);
else $logname=NULL; else $logname=NULL;
if (isset($_GET["mode"])) $mode=$_GET["mode"]; if (isset($_GET["mode"])) $mode=$_GET["mode"];

8
views/bootstrap/class.LogManagement.php
View File

@ -137,15 +137,11 @@ class SeedDMS_View_LogManagement extends SeedDMS_Bootstrap_Style {
<?php <?php
$this->htmlEndPage(); $this->htmlEndPage();
} elseif(file_exists($this->contentdir.$logname)){ } elseif(file_exists($this->contentdir.$logname)){
// $this->htmlStartPage(getMLText("backup_tools"));
// $this->contentSubHeading(sanitizeString($logname));
echo $logname."<pre>\n"; echo $logname."<pre>\n";
readfile($this->contentdir.$logname); readfile($this->contentdir.$logname);
echo "</pre>\n"; echo "</pre>\n";
} else {
// echo "</body>\n</html>\n"; UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
} }
} /* }}} */ } /* }}} */

4
views/bootstrap/class.Search.php
View File

@ -110,7 +110,7 @@ class SeedDMS_View_Search extends SeedDMS_Bootstrap_Style {
<tr> <tr>
<td><?php printMLText("search_query");?>:</td> <td><?php printMLText("search_query");?>:</td>
<td> <td>
<input type="text" name="query" value="<?php echo $this->query; ?>" /> <input type="text" name="query" value="<?php echo htmlspecialchars($this->query); ?>" />
<select name="mode"> <select name="mode">
<option value="1" <?php echo ($mode=='AND') ? "selected" : ""; ?>><?php printMLText("search_mode_and");?> <option value="1" <?php echo ($mode=='AND') ? "selected" : ""; ?>><?php printMLText("search_mode_and");?>
<option value="0"<?php echo ($mode=='OR') ? "selected" : ""; ?>><?php printMLText("search_mode_or");?> <option value="0"<?php echo ($mode=='OR') ? "selected" : ""; ?>><?php printMLText("search_mode_or");?>
@ -246,7 +246,7 @@ class SeedDMS_View_Search extends SeedDMS_Bootstrap_Style {
<tr> <tr>
<td><?php printMLText("search_query");?>:</td> <td><?php printMLText("search_query");?>:</td>
<td> <td>
<input type="text" name="query" value="<?php echo $this->query; ?>" /> <input type="text" name="query" value="<?php echo htmlspecialchars($this->query); ?>" />
<!-- <!--
<select name="mode"> <select name="mode">
<option value="1" selected><?php printMLText("search_mode_and");?> <option value="1" selected><?php printMLText("search_mode_and");?>