gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-15 06:01:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add access check for download of approval/review files

Browse Source
This commit is contained in:
Uwe Steinmann 2016-08-12 14:59:46 +02:00
parent b90c9a379a
commit 9a20306399
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
views/bootstrap/class.Bootstrap.php
View File

@ -2496,16 +2496,18 @@ mayscript>
echo "<br />".htmlspecialchars($rec['comment']); echo "<br />".htmlspecialchars($rec['comment']);
switch($type) { switch($type) {
case "review": case "review":
if($rec['file']) { if($accessop->check_controller_access('Download', array('action'=>'review')))
echo "<br />"; if($rec['file']) {
echo "<a href=\"../op/op.Download.php?documentid=".$document->getID()."&reviewlogid=".$rec['reviewLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>"; echo "<br />";
} echo "<a href=\"../op/op.Download.php?documentid=".$document->getID()."&reviewlogid=".$rec['reviewLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>";
}
break; break;
case "approval": case "approval":
if($rec['file']) { if($accessop->check_controller_access('Download', array('action'=>'approval')))
echo "<br />"; if($rec['file']) {
echo "<a href=\"../op/op.Download.php?documentid=".$document->getID()."&approvelogid=".$rec['approveLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>"; echo "<br />";
} echo "<a href=\"../op/op.Download.php?documentid=".$document->getID()."&approvelogid=".$rec['approveLogID']."\" class=\"btn btn-mini\"><i class=\"icon-download\"></i> ".getMLText('download')."</a>";
}
break; break;
} }
echo "</td>"; echo "</td>";