diff --git a/CHANGELOG b/CHANGELOG
index 905a8b1d1..1324fabdc 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,8 @@
+--------------------------------------------------------------------------------
+ Changes in version 5.0.12
+--------------------------------------------------------------------------------
+- merged changes from 4.3.35
+
--------------------------------------------------------------------------------
Changes in version 5.0.11
--------------------------------------------------------------------------------
@@ -76,6 +81,12 @@
- add .xml to online file types by default
- add home folder for users
+--------------------------------------------------------------------------------
+ Changes in version 4.3.35
+--------------------------------------------------------------------------------
+- fix authentication in webdav.php (Closes #250)
+- update last access time only once a minute
+
--------------------------------------------------------------------------------
Changes in version 4.3.34
--------------------------------------------------------------------------------
diff --git a/Makefile b/Makefile
index 7e1061a85..c32156bfc 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-VERSION=5.0.11
+VERSION=5.0.12
SRC=CHANGELOG inc conf utils index.php languages views op out controllers doc styles TODO LICENSE webdav install restapi pdfviewer
# webapp
diff --git a/SeedDMS_Core/Core/inc.ClassDMS.php b/SeedDMS_Core/Core/inc.ClassDMS.php
index 204d3564d..41b750fd9 100644
--- a/SeedDMS_Core/Core/inc.ClassDMS.php
+++ b/SeedDMS_Core/Core/inc.ClassDMS.php
@@ -344,7 +344,7 @@ class SeedDMS_Core_DMS {
$this->callbacks = array();
$this->version = '@package_version@';
if($this->version[0] == '@')
- $this->version = '5.0.11';
+ $this->version = '5.0.12';
} /* }}} */
/**
diff --git a/SeedDMS_Core/Core/inc.DBAccessPDO.php b/SeedDMS_Core/Core/inc.DBAccessPDO.php
index f59355cd3..bae4128c0 100644
--- a/SeedDMS_Core/Core/inc.DBAccessPDO.php
+++ b/SeedDMS_Core/Core/inc.DBAccessPDO.php
@@ -38,7 +38,7 @@ class SeedDMS_Core_DatabaseAccess {
protected $_hostname;
/**
- * @var int port number of database
+ * @var int port number of database
*/
protected $_port;
@@ -91,7 +91,17 @@ class SeedDMS_Core_DatabaseAccess {
* @var boolean set to true if in a database transaction
*/
private $_intransaction;
-
+
+ /**
+ * @var string set a valid file name for logging all sql queries
+ */
+ private $_logfile;
+
+ /**
+ * @var resource file pointer of log file
+ */
+ private $_logfp;
+
/**
* Return list of all database tables
*
@@ -139,6 +149,13 @@ class SeedDMS_Core_DatabaseAccess {
$this->_user = $user;
$this->_passw = $passw;
$this->_connected = false;
+ $this->_logfile = '';
+ if($this->_logfile) {
+ $this->_logfp = fopen($this->_logfile, 'a+');
+ if($this->_logfp)
+ fwrite($this->_logfp, microtime()." BEGIN ------------------------------------------\n");
+ } else
+ $this->_logfp = null;
// $tt*****id is a hack to ensure that we do not try to create the
// temporary table twice during a single connection. Can be fixed by
// using Views (MySQL 5.0 onward) instead of temporary tables.
@@ -154,6 +171,24 @@ class SeedDMS_Core_DatabaseAccess {
$this->_debug = false;
} /* }}} */
+ /**
+ * Constructor of SeedDMS_Core_DatabaseAccess
+ *
+ * Sets all database parameters but does not connect.
+ *
+ * @param string $driver the database type e.g. mysql, sqlite
+ * @param string $hostname host of database server
+ * @param string $user name of user having access to database
+ * @param string $passw password of user
+ * @param string $database name of database
+ */
+ function __destruct() { /* {{{ */
+ if($this->_logfp) {
+ fwrite($this->_logfp, microtime()." END --------------------------------------------\n");
+ fclose($this->_logfp);
+ }
+ } /* }}} */
+
/**
* Connect to database
*
@@ -233,7 +268,10 @@ class SeedDMS_Core_DatabaseAccess {
*/
function getResultArray($queryStr) { /* {{{ */
$resArr = array();
-
+
+ if($this->_logfp) {
+ fwrite($this->_logfp, microtime()." ".$queryStr."\n");
+ }
$res = $this->_conn->query($queryStr);
if ($res === false) {
if($this->_debug)
@@ -256,6 +294,9 @@ class SeedDMS_Core_DatabaseAccess {
* @return boolean true if query could be executed otherwise false
*/
function getResult($queryStr, $silent=false) { /* {{{ */
+ if($this->_logfp) {
+ fwrite($this->_logfp, microtime()." ".$queryStr."\n");
+ }
$res = $this->_conn->exec($queryStr);
if($res === false) {
if($this->_debug)
@@ -263,7 +304,7 @@ class SeedDMS_Core_DatabaseAccess {
return false;
} else
return true;
-
+
return $res;
} /* }}} */
diff --git a/SeedDMS_Core/package.xml b/SeedDMS_Core/package.xml
index 8e588c5dc..3c3fa4f33 100644
--- a/SeedDMS_Core/package.xml
+++ b/SeedDMS_Core/package.xml
@@ -12,11 +12,11 @@
uwe@steinmann.cx
yes
- 2017-02-28
+ 2017-03-23
- 5.0.11
- 5.0.11
+ 5.0.12
+ 5.0.12
stable
@@ -24,7 +24,6 @@
GPL License
-SeedDMS_Core_DMS::getDuplicateDocumentContent() returns complete document
@@ -1179,6 +1178,22 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
GPL License
+SeedDMS_Core_DMS::getDuplicateDocumentContent() returns complete document
+
+
+
+ 2017-03-23
+
+
+ 4.3.35
+ 4.3.35
+
+
+ stable
+ stable
+
+ GPL License
+
@@ -1343,5 +1358,21 @@ SeedDMS_Core_DMS::getNotificationsByUser() are deprecated
- all changes from 4.3.33 merged
+
+ 2017-02-28
+
+
+ 5.0.11
+ 5.0.11
+
+
+ stable
+ stable
+
+ GPL License
+
+- all changes from 4.3.34 merged
+
+
diff --git a/inc/inc.Authentication.php b/inc/inc.Authentication.php
index 6e202b702..d5c9a3e5a 100644
--- a/inc/inc.Authentication.php
+++ b/inc/inc.Authentication.php
@@ -70,7 +70,8 @@ if (!isset($_COOKIE["mydms_session"])) {
}
/* Update last access time */
-$session->updateAccess($dms_session);
+if((int)$resArr['lastAccess']+60 < time())
+ $session->updateAccess($dms_session);
/* Load user data */
$user = $dms->getUser($resArr["userID"]);
diff --git a/inc/inc.Version.php b/inc/inc.Version.php
index 80b24a536..65b0d8020 100644
--- a/inc/inc.Version.php
+++ b/inc/inc.Version.php
@@ -20,7 +20,7 @@
class SeedDMS_Version {
- public $_number = "5.0.11";
+ public $_number = "5.0.12";
private $_string = "SeedDMS";
function __construct() {
diff --git a/install/install.php b/install/install.php
index 8a169a713..e0651e061 100644
--- a/install/install.php
+++ b/install/install.php
@@ -118,7 +118,7 @@ function fileExistsInIncludePath($file) { /* {{{ */
* Load default settings + set
*/
define("SEEDDMS_INSTALL", "on");
-define("SEEDDMS_VERSION", "5.0.11");
+define("SEEDDMS_VERSION", "5.0.12");
require_once('../inc/inc.ClassSettings.php');
diff --git a/webdav/webdav.php b/webdav/webdav.php
index dd58d7868..e2ebd9790 100644
--- a/webdav/webdav.php
+++ b/webdav/webdav.php
@@ -138,7 +138,14 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
if(!$userobj)
return false;
- if(md5($pass) != $userobj->getPwd())
+
+ if(($userobj->getID() == $settings->_guestID) && (!$settings->_enableGuestLogin))
+ return false;
+
+ if($userobj->isDisabled())
+ return false;
+
+ if($userobj->isAdmin() && ($_SERVER['REMOTE_ADDR'] != $settings->_adminIP ) && ( $settings->_adminIP != ""))
return false;
$this->user = $userobj;