- took over changeѕ from stable release 2.0.2

2025-06-18 02:59:27 +00:00 · 2010-11-05 21:44:05 +00:00 · 2010-11-05 21:44:05 +00:00 · 73f4e23933
commit 73f4e23933
parent 01648e3d7a
10 changed files with 37 additions and 8 deletions
--- a/op/op.AddEvent.php
+++ b/op/op.AddEvent.php
@ -35,6 +35,10 @@ include("../inc/inc.ClassUI.php");
 include("../inc/inc.Calendar.php");
 include("../inc/inc.Authentication.php");
 if ($user->getID($user) == $settings->_guestID) {
 	UI::exitError(getMLText("edit_event"),getMLText("access_denied"));
 }
 if (!isset($_POST["frommonth"]) || !isset($_POST["fromday"]) || !isset($_POST["fromyear"]) ) {
 	UI::exitError(getMLText("add_event"),getMLText("error_occured"));
 }
--- a/op/op.CreateFolderArchive.php
+++ b/op/op.CreateFolderArchive.php
@ -135,7 +135,6 @@ function createFolderTar($folder,$ark)
 				// create an archive containing the files with original names and DMS path 
 				// thanks to Doudoux 
 				$latestContent = $document->getLatestContent();
 				if (is_object($latestContent))
 				{
@ -146,11 +145,9 @@ function createFolderTar($folder,$ark)
 				        TarWriteContents($ark, $settings->_contentDir.$latestContent->getDir().$latestContent->getVersion().$latestContent->getFileType());			        
 				}
 			}else{
 				// create a server backup archive
 				$handle = opendir($settings->_contentDir.$document->getDir());
 				while ($entry = readdir($handle) )
 				{
@ -159,7 +156,6 @@ function createFolderTar($folder,$ark)
 						TarAddHeader($ark,$settings->_contentDir.$document->getDir().$entry,$document->getDir().$entry);
 						TarWriteContents($ark,$settings->_contentDir.$document->getDir().$entry);
 					}
 				}
 				closedir($handle);
 			}
--- a/op/op.EditEvent.php
+++ b/op/op.EditEvent.php
@ -35,6 +35,10 @@ include("../inc/inc.ClassUI.php");
 include("../inc/inc.Calendar.php");
 include("../inc/inc.Authentication.php");
 if ($user->getID($user) == $settings->_guestID) {
 	UI::exitError(getMLText("edit_event"),getMLText("access_denied"));
 }
 if (!isset($_POST["frommonth"]) || !isset($_POST["fromday"]) || !isset($_POST["fromyear"]) ) {
 	UI::exitError(getMLText("edit_event"),getMLText("error_occured"));
 }
--- a/op/op.EditUserData.php
+++ b/op/op.EditUserData.php
@ -31,6 +31,14 @@ include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
 if ($user->getID($user) == $settings->_guestID) {
 	UI::exitError(getMLText("edit_user_details"),getMLText("access_denied"));
 }
 if (($user->getID($user) != $settings->_adminID) && ($settings->_disableSelfEdit)) {
 	UI::exitError(getMLText("edit_user_details"),getMLText("access_denied"));
 }
 $fullname = sanitizeString($_POST["fullname"]);
 $email    = sanitizeString($_POST["email"]);
 $comment  = sanitizeString($_POST["comment"]);
--- a/op/op.Login.php
+++ b/op/op.Login.php
@ -199,6 +199,15 @@ if (is_bool($user)) {
 									"</p>\n<p><a href='".$settings->_httpRoot."op/op.Logout.php'>".getMLText("back")."</a></p>\n");
 		exit;
 	}
 	// control admin IP address if required
 	// TODO: extend control to LDAP autentication
 	if (($resArr["id"] == $settings->_adminID) && ($_SERVER['REMOTE_ADDR'] != $settings->_adminIP ) && ( $settings->_adminIP != "") ){
 		_printMessage(getMLText("login_error_title"),	"<p>".getMLText("invalid_user_id").
 									"</p>\n<p><a href='".$settings->_httpRoot."op/op.Logout.php'>".getMLText("back")."</a></p>\n");
 		exit;
 	}
 	$userid = $resArr["id"];
 	$user = getUser($userid);
 }
--- a/op/op.Logout.php
+++ b/op/op.Logout.php
@ -39,7 +39,7 @@ $dms_session = sanitizeString($dms_session);
 $queryStr = "DELETE FROM tblSessions WHERE id = '$dms_session'";
 if (!$db->getResult($queryStr))
-	die ("Error while removing session from tblSessions: " . $db->getErrorMsg());
+	UI::exitError(getMLText("logout"),$db->getErrorMsg());
 //Delete Cookie
 setcookie("mydms_session", $_COOKIE["mydms_session"], time()-3600, $settings->_httpRoot);
--- a/op/op.ManageNotify.php
+++ b/op/op.ManageNotify.php
@ -31,6 +31,10 @@ include("../inc/inc.ClassUI.php");
 include("../inc/inc.ClassEmail.php");
 include("../inc/inc.Authentication.php");
 if ($user->getID($user) == $settings->_guestID) {
 	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
 }
 function add_folder_notify($folder,$userid,$recursefolder,$recursedoc)
 {
 	$folder->addNotify($userid, true);
--- a/op/op.RemoveVersion.php
+++ b/op/op.RemoveVersion.php
@ -68,7 +68,7 @@ else {
 	}
 }
-add_log_line("?documentid=".$documentid."&version".$version);
+add_log_line("?documentid=".$documentid."&version".$version_num);
 header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
--- a/op/op.UserDefaultKeywords.php
+++ b/op/op.UserDefaultKeywords.php
@ -32,6 +32,10 @@ include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
 if ($user->getID($user) == $settings->_guestID) {
 	UI::exitError(getMLText("edit_default_keywords"),getMLText("access_denied"));
 }
 if (isset($_POST["action"])) {
 	$action = sanitizeString($_POST["action"]);
 }
--- a/op/op.UsrMgr.php
+++ b/op/op.UsrMgr.php
@ -112,7 +112,7 @@ else if ($action == "removeuser") {
 		$userid = $_GET["userid"];
 	}
-	if ($userid==$settings->_adminID) {
+	if (($userid==$settings->_adminID)||($userid==$settings->_guestID)) {
 		UI::exitError(getMLText("admin_tools"),getMLText("cannot_delete_admin"));
 	}
 	if (!isset($userid) || !is_numeric($userid) || intval($userid)<1) {
@ -124,7 +124,7 @@ else if ($action == "removeuser") {
 		UI::exitError(getMLText("admin_tools"),getMLText("invalid_user_id"));
 	}
-	if (!$userToRemove->remove()) {
+	if (!$userToRemove->remove($_POST["assignTo"])) {
 		UI::exitError(getMLText("admin_tools"),getMLText("error_occured"));
 	}