Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

2025-02-11 09:35:00 +00:00 · 2017-03-23 18:48:45 +01:00 · 2017-03-23 18:48:45 +01:00 · 72c5bd237b
commit 72c5bd237b
parent c18f09d344 6a7e23375c
5 changed files with 111 additions and 22 deletions
--- a/11
+++ b/11
@ -38,6 +38,11 @@
 - added support for postgresql
 - document attachments can linked to a version and be public or hidden

+--------------------------------------------------------------------------------
+                     Changes in version 5.0.12
+--------------------------------------------------------------------------------
+- merged changes from 4.3.35
+
 --------------------------------------------------------------------------------
                     Changes in version 5.0.11
 --------------------------------------------------------------------------------
@ -116,6 +121,12 @@
 - add .xml to online file types by default
 - add home folder for users

+--------------------------------------------------------------------------------
+                     Changes in version 4.3.35
+--------------------------------------------------------------------------------
+- fix authentication in webdav.php (Closes #250)
+- update last access time only once a minute
+
 --------------------------------------------------------------------------------
                     Changes in version 4.3.34
 --------------------------------------------------------------------------------
--- a/SeedDMS_Core/Core/inc.DBAccessPDO.php
+++ b/SeedDMS_Core/Core/inc.DBAccessPDO.php
@ -38,7 +38,7 @@ class SeedDMS_Core_DatabaseAccess {
 	protected $_hostname;

 	/**
-	 * @var int port number of database 
+	 * @var int port number of database
 	 */
 	protected $_port;

@ -101,7 +101,17 @@ class SeedDMS_Core_DatabaseAccess {
 	 * @var boolean set to true if in a database transaction
 	 */
 	private $_intransaction;
-	
+
+	/**
+	 * @var string set a valid file name for logging all sql queries
+	 */
+	private $_logfile;
+
+	/**
+	 * @var resource file pointer of log file
+	 */
+	private $_logfp;
+
 	/**
 	 * Return list of all database tables
 	 *
@ -152,6 +162,13 @@ class SeedDMS_Core_DatabaseAccess {
 		$this->_user = $user;
 		$this->_passw = $passw;
 		$this->_connected = false;
+		$this->_logfile = '';
+		if($this->_logfile) {
+			$this->_logfp = fopen($this->_logfile, 'a+');
+			if($this->_logfp)
+				fwrite($this->_logfp, microtime()."	BEGIN ------------------------------------------\n");
+		} else
+			$this->_logfp = null;
 		// $tt*****id is a hack to ensure that we do not try to create the
 		// temporary table twice during a single connection. Can be fixed by
 		// using Views (MySQL 5.0 onward) instead of temporary tables.
@ -178,6 +195,16 @@ class SeedDMS_Core_DatabaseAccess {
 		return $this->_driver;
 	} /* }}} */

+	/**
+	 * Destructor of SeedDMS_Core_DatabaseAccess
+	 */
+	function __destruct() { /* {{{ */
+		if($this->_logfp) {
+			fwrite($this->_logfp, microtime()."	END --------------------------------------------\n");
+			fclose($this->_logfp);
+		}
+	} /* }}} */
+
 	/**
 	 * Connect to database
 	 *
@ -264,6 +291,10 @@ class SeedDMS_Core_DatabaseAccess {
 		if($retick && $this->_driver == 'pgsql') {
 			$queryStr = $this->rbt($queryStr);
 		}
+
+		if($this->_logfp) {
+			fwrite($this->_logfp, microtime()."	".$queryStr."\n");
+		}
 		$res = $this->_conn->query($queryStr);
 		if ($res === false) {
 			if($this->_debug) {
@ -290,6 +321,10 @@ class SeedDMS_Core_DatabaseAccess {
 		if($retick && $this->_driver == 'pgsql') {
 			$queryStr = $this->rbt($queryStr);
 		}
+
+		if($this->_logfp) {
+			fwrite($this->_logfp, microtime()."	".$queryStr."\n");
+		}
 		$res = $this->_conn->exec($queryStr);
 		if($res === false) {
 			if($this->_debug) {
@ -299,7 +334,7 @@ class SeedDMS_Core_DatabaseAccess {
 			return false;
 		} else
 			return true;
-		
+
 		return $res;
 	} /* }}} */

--- a/SeedDMS_Core/package.xml
+++ b/SeedDMS_Core/package.xml
@ -12,11 +12,11 @@
  <email>uwe@steinmann.cx</email>
  <active>yes</active>
 </lead>
- <date>2017-02-28</date>
+ <date>2017-03-23</date>
 <time>06:34:50</time>
 <version>
-  <release>6.0.0</release>
-  <api>6.0.0</api>
+  <release>6.0.1</release>
+  <api>6.0.1</api>
 </version>
 <stability>
  <release>stable</release>
@ -24,19 +24,6 @@
 </stability>
 <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
 <notes>
- all changes from 5.1.1 merged
- SeedDMS_Core_User::getReceiptStatus() and SeedDMS_Core_User::getReviewStatus()
-only return entries of the latest document version if not specific document and
-version is passed
- temp. table for revisions can be created
- new methods SeedDMS_Core_DMS::getDocumentsInReception() and
-SeedDMS_Core_DMS::getDocumentsInRevision()
- limit hits of sql statement in SeedDMЅ_Core_DMS::getDuplicateDocumentContent() to 1000
- finishRevsion() puts all revisors into state waiting, so a new revision can be started
- fix SeedDMS_Core_Group::getRevisionStatus(), which did not always return the last
-log entry first
- add roles
- use classname from SeedDMS_Core_DMS::_classnames for SeedDMS_Core_DocumentContent
 </notes>
 <contents>
  <dir baseinstalldir="SeedDMS" name="/">
@ -1194,6 +1181,22 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
   </stability>
   <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
   <notes>
+SeedDMS_Core_DMS::getDuplicateDocumentContent() returns complete document
+   </notes>
+  </release>
+  <release>
+   <date>2017-03-23</date>
+   <time>06:38:12</time>
+   <version>
+    <release>4.3.35</release>
+    <api>4.3.35</api>
+   </version>
+   <stability>
+    <release>stable</release>
+    <api>stable</api>
+   </stability>
+   <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
+   <notes>
   </notes>
  </release>
  <release>
@ -1359,7 +1362,7 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
  </release>
  <release>
   <date>2017-02-28</date>
-   <time>06:23:34</time>
+   <time>07:07:02</time>
   <version>
    <release>5.0.11</release>
    <api>5.0.11</api>
@ -1389,6 +1392,38 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
 - added postgres support
   </notes>
  </release>
+  <release>
+   <date>2017-02-20</date>
+   <time>07:07:02</time>
+   <version>
+    <release>5.1.1</release>
+    <api>5.1.1</api>
+   </version>
+   <stability>
+    <release>stable</release>
+    <api>stable</api>
+   </stability>
+   <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
+   <notes>
+- all changes from 5.0.11 merged
+	 </notes>
+  </release>
+  <release>
+   <date>2017-03-23</date>
+   <time>07:07:02</time>
+   <version>
+    <release>5.1.2</release>
+    <api>5.1.2</api>
+   </version>
+   <stability>
+    <release>stable</release>
+    <api>stable</api>
+   </stability>
+   <license uri="http://opensource.org/licenses/gpl-license">GPL License</license>
+   <notes>
+- all changes from 5.0.12 merged
+	 </notes>
+  </release>
  <release>
   <date>2017-02-28</date>
   <time>06:34:50</time>
--- a/inc/inc.Authentication.php
+++ b/inc/inc.Authentication.php
@ -80,7 +80,8 @@ if (!isset($_COOKIE["mydms_session"])) {
 }

 /* Update last access time */
-$session->updateAccess($dms_session);
+if((int)$resArr['lastAccess']+60 < time())
+	$session->updateAccess($dms_session);

 /* Load user data */
 $user = $dms->getUser($resArr["userID"]);
--- a/webdav/webdav.php
+++ b/webdav/webdav.php
@ -138,7 +138,14 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server

 		if(!$userobj)
 			return false;
-		if(md5($pass) != $userobj->getPwd())
+
+		if(($userobj->getID() == $settings->_guestID) && (!$settings->_enableGuestLogin))
+			return false;
+
+		if($userobj->isDisabled())
+			return false;
+
+		if($userobj->isAdmin() && ($_SERVER['REMOTE_ADDR'] != $settings->_adminIP ) && ( $settings->_adminIP != ""))
 			return false;

 		$this->user = $userobj;