mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-02-06 15:14:58 +00:00
Merge branch 'seeddms-6.0.x' into seeddms-6.1.x
This commit is contained in:
Uwe Steinmann
commit
8d6485b8a5
|
|
@ -6,6 +6,7 @@ Header set X-Content-Type-Options: "nosniff"
|
|||
</IfModule>
|
||||
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
|
||||
#RewriteRule "^favicon\.ico$" "-" [L]
|
||||
#RewriteRule "^(favicon\.ico)$" %{HTTP_HOST}/views/bootstrap/images/favicon.svg [L,NC]
|
||||
RewriteRule "^(favicon\.ico)" /views/bootstrap/images/favicon.svg [L,NC]
|
||||
|
|
|
|||
|
|
@ -283,6 +283,7 @@
|
|||
--------------------------------------------------------------------------------
|
||||
Changes in version 5.1.33
|
||||
--------------------------------------------------------------------------------
|
||||
- requires php 8.x
|
||||
- use SeedDMS_Core_File::mimetype() to determine mime type when uploading a
|
||||
file with drag&drop
|
||||
- user images may be 300px height, do not scale them up
|
||||
|
|
@ -303,6 +304,7 @@
|
|||
- minor improvements in restapi
|
||||
- update layout of tab for attachments
|
||||
- remove session when calling logout of restapi
|
||||
- fix some potential security issues
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
Changes in version 5.1.32
|
||||
|
|
|
|||
|
|
@ -73,7 +73,13 @@ class SeedDMS_Controller_Common {
|
|||
if(!$this->callHook('preRun', get_class($this), $action ? $action : 'run')) {
|
||||
if($action) {
|
||||
if(method_exists($this, $action)) {
|
||||
return $this->{$action}();
|
||||
$refl = new ReflectionMethod($this, $action);
|
||||
if($refl->isPublic())
|
||||
return $this->{$action}();
|
||||
else {
|
||||
echo "Action '".$action."' not public";
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
echo "Missing action '".$action."'";
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -86,9 +86,9 @@ class SeedDMS_ConversionServiceImageToImage extends SeedDMS_ConversionServiceBas
|
|||
break;
|
||||
}
|
||||
if($im) {
|
||||
$size = getimagesize($infile);
|
||||
$width = imagesx($im);
|
||||
if(!empty($params['width']))
|
||||
$im = imagescale($im, min((int) $params['width'], $size[0]));
|
||||
$im = imagescale($im, min((int) $params['width'], $width));
|
||||
$end = microtime(true);
|
||||
if($this->logger) {
|
||||
$this->logger->log('Conversion from '.$this->from.' to '.$this->to.' with gd image service took '.($end-$start).' sec.', PEAR_LOG_INFO);
|
||||
|
|
@ -97,7 +97,7 @@ class SeedDMS_ConversionServiceImageToImage extends SeedDMS_ConversionServiceBas
|
|||
return imagepng($im, $target);
|
||||
} else {
|
||||
ob_start();
|
||||
var_dump(imagepng($im));
|
||||
echo imagepng($im);
|
||||
$image = ob_get_clean();
|
||||
return $image;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,7 +69,13 @@ class SeedDMS_View_Common {
|
|||
if(!$this->callHook('preRun', get_class($this), $action ? $action : 'show')) {
|
||||
if($action) {
|
||||
if(method_exists($this, $action)) {
|
||||
$this->{$action}();
|
||||
$refl = new ReflectionMethod($this, $action);
|
||||
if($refl->isPublic())
|
||||
$this->{$action}();
|
||||
else {
|
||||
echo "Action '".$action."' not public";
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
echo "Missing action '".htmlspecialchars($action)."'";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -975,7 +975,7 @@ function seed_pass_hash($password) { /* {{{ */
|
|||
* @return string hashed password
|
||||
*/
|
||||
function seed_pass_verify($password, $hash) { /* {{{ */
|
||||
return (md5($password) == $hash) || password_verify($password, $hash);
|
||||
return (md5($password) === $hash) || password_verify($password, $hash);
|
||||
} /* }}} */
|
||||
|
||||
function resolveTask($task) { /* {{{ */
|
||||
|
|
|
|||
|
|
@ -82,6 +82,7 @@ else if (isset($_GET["referuri"]) && strlen($_GET["referuri"])>0) {
|
|||
|
||||
add_log_line();
|
||||
|
||||
$controller->setParam('action', 'run'); // Force action run to be called, prevents overriding action with url parameter
|
||||
$controller->setParam('login', $login);
|
||||
$controller->setParam('logininfo', !empty($_POST['logininfo']) ? $_POST['logininfo'] : '');
|
||||
$controller->setParam('pwd', $pwd);
|
||||
|
|
@ -99,6 +100,12 @@ if(!$controller()) {
|
|||
}
|
||||
|
||||
$user = $controller->getUser();
|
||||
if(!$user) {
|
||||
$session = null;
|
||||
add_log_line("login failed", PEAR_LOG_ERR);
|
||||
_printMessage(getMLText('login_error_text'), getMLText('login_error_text')."\n");
|
||||
exit;
|
||||
}
|
||||
|
||||
if (isset($referuri) && strlen($referuri)>0) {
|
||||
header("Location: " . getBaseUrl() . $referuri);
|
||||
|
|
|
|||
|
|
@ -20,15 +20,15 @@
|
|||
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
include("../inc/inc.Settings.php");
|
||||
include("../inc/inc.LogInit.php");
|
||||
include("../inc/inc.Utils.php");
|
||||
include("../inc/inc.LogInit.php");
|
||||
include("../inc/inc.Language.php");
|
||||
include("../inc/inc.Init.php");
|
||||
include("../inc/inc.Extension.php");
|
||||
include("../inc/inc.DBInit.php");
|
||||
include("../inc/inc.ClassUI.php");
|
||||
include("../inc/inc.ClassController.php");
|
||||
//include("../inc/inc.BasicAuthentication.php");
|
||||
include("../inc/inc.BasicAuthentication.php");
|
||||
|
||||
if(empty($_GET['hash']))
|
||||
exit;
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@
|
|||
"grunt-contrib-clean": "^2.0.0",
|
||||
"grunt-contrib-copy": "^1.0.0",
|
||||
"jqtree": "^1.5.1",
|
||||
"jquery": "^1.12.4",
|
||||
"jquery": "^3.7.1",
|
||||
"jquery-typeahead": "^2.11.1",
|
||||
"jquery-validation": "^1.19.2",
|
||||
"moment": "^2.29.1",
|
||||
|
|
@ -35,7 +35,7 @@
|
|||
"perfect-scrollbar": "^1.5.0",
|
||||
"popper.js": "^1.16.1",
|
||||
"select2": "^4.0.13",
|
||||
"spectrum-colorpicker2": "^2.0.8",
|
||||
"spectrum-colorpicker2": "^2.0.10",
|
||||
"vis-timeline": "^7.4.7"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -117,6 +117,7 @@ $(document).ready( function() {
|
|||
<input type="hidden" name="fullname" value="<?php print htmlspecialchars($user->getFullName());?>" />
|
||||
<input type="hidden" name="email" value="<?php print htmlspecialchars($user->getEmail());?>" />
|
||||
<input type="hidden" name="comment" value="<?php print htmlspecialchars($user->getComment());?>" />
|
||||
<input type="hidden" name="language" value="<?php print htmlspecialchars($user->getLanguage());?>" />
|
||||
</form>
|
||||
|
||||
<?php
|
||||
|
|
|
|||
|
|
@ -374,6 +374,7 @@ $(document).ready( function() {
|
|||
}
|
||||
|
||||
if (count($resArr)>0) {
|
||||
if(0) {
|
||||
// Create an array to hold all of these results, and index the array by
|
||||
// document id. This makes it easier to retrieve document ID information
|
||||
// later on and saves us having to repeatedly poll the database every time
|
||||
|
|
@ -446,6 +447,45 @@ $(document).ready( function() {
|
|||
}else{
|
||||
printMLText("no_docs_to_check");
|
||||
}
|
||||
} else {
|
||||
// List the documents where a review has been requested.
|
||||
$this->contentHeading(getMLText("documents_to_process"));
|
||||
|
||||
$printheader=true;
|
||||
$iRev = array();
|
||||
$dList = array();
|
||||
foreach ($resArr as $res) {
|
||||
|
||||
if ( $res['id'] ) {
|
||||
$dList[] = $res["id"];
|
||||
$document = $dms->getDocument($res["id"]);
|
||||
$document->verifyLastestContentExpriry();
|
||||
|
||||
if ($printheader){
|
||||
print "<table class=\"table table-condensed\">";
|
||||
print "<thead>\n<tr>\n";
|
||||
print "<th></th>\n";
|
||||
print "<th>".getMLText("name")."</th>\n";
|
||||
print "<th>".getMLText("status")."</th>\n";
|
||||
print "<th>".getMLText("action")."</th>\n";
|
||||
print "</tr>\n</thead>\n<tbody>\n";
|
||||
$printheader=false;
|
||||
}
|
||||
|
||||
$txt = $this->callHook('documentListItem', $document, $previewer);
|
||||
if(is_string($txt))
|
||||
echo $txt;
|
||||
else {
|
||||
echo $this->documentListRow($document, $previewer, false, $res['version']);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$printheader){
|
||||
echo "</tbody>\n</table>";
|
||||
}else{
|
||||
printMLText("no_docs_to_check");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} /* }}} */
|
||||
|
|
|
|||
|
|
@ -173,6 +173,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
|
|||
|
||||
$controller = Controller::factory('Login', array('dms'=>$this->dms));
|
||||
$controller->setParam('authenticator', $this->authenticator);
|
||||
$controller->setParam('action', 'run');
|
||||
$controller->setParam('login', $user);
|
||||
$controller->setParam('pwd', $pass);
|
||||
$controller->setParam('lang', $this->settings->_language);
|
||||
|
|
@ -190,6 +191,13 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
|
|||
$this->logger->log('check_auth: type='.$type.', user='.$user.' authenticated', PEAR_LOG_INFO);
|
||||
|
||||
$this->user = $controller->getUser();
|
||||
if(!$this->user) {
|
||||
if($this->logger) {
|
||||
$this->logger->log($controller->getErrorMsg(), PEAR_LOG_NOTICE);
|
||||
$this->logger->log('check_auth: error authenicating user '.$user, PEAR_LOG_NOTICE);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
} /* }}} */
|
||||
|
|
@ -877,6 +885,8 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
|
|||
*/
|
||||
function MKCOL($options) /* {{{ */
|
||||
{
|
||||
global $fulltextservice;
|
||||
|
||||
$this->log_options('MKCOL', $options);
|
||||
|
||||
$path = $options["path"];
|
||||
|
|
@ -925,6 +935,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
|
|||
$controller = Controller::factory('AddSubFolder');
|
||||
$controller->setParam('dms', $this->dms);
|
||||
$controller->setParam('user', $this->user);
|
||||
$controller->setParam('fulltextservice', $fulltextservice);
|
||||
$controller->setParam('folder', $folder);
|
||||
$controller->setParam('name', $name);
|
||||
$controller->setParam('comment', '');
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user