mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-02-06 07:04:57 +00:00
set dms and user in controller
was previously taken from global variables
This commit is contained in:
Uwe Steinmann
parent
5cfc52f1fc
commit
b223344af9
|
|
@ -30,7 +30,7 @@ class Controller {
|
|||
* @return object an object of a class implementing the view
|
||||
*/
|
||||
static function factory($class, $params=array()) { /* {{{ */
|
||||
global $settings, $session, $dms, $user, $EXT_CONF;
|
||||
global $settings, $session, $EXT_CONF;
|
||||
if(!$class) {
|
||||
return null;
|
||||
}
|
||||
|
|
@ -52,8 +52,6 @@ class Controller {
|
|||
require($filename);
|
||||
$controller = new $classname($params);
|
||||
/* Set some configuration parameters */
|
||||
$controller->setParam('dms', $dms);
|
||||
$controller->setParam('user', $user);
|
||||
$controller->setParam('postVars', $_POST);
|
||||
$controller->setParam('getVars', $_GET);
|
||||
$controller->setParam('requestVars', $_REQUEST);
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ include("../inc/inc.ClassUI.php");
|
|||
include("../inc/inc.ClassController.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
/* Check if the form data comes from a trusted request */
|
||||
if(!checkFormKey('adddocument')) {
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
/* Check if the form data comes from a trusted request */
|
||||
if(!checkFormKey('addsubfolder')) {
|
||||
|
|
|
|||
|
|
@ -638,7 +638,7 @@ switch($command) {
|
|||
$indexconf = null;
|
||||
}
|
||||
|
||||
$controller = Controller::factory('AddDocument');
|
||||
$controller = Controller::factory('AddDocument', array('dms'=>$dms, 'user'=>$user));
|
||||
$controller->setParam('documentsource', 'upload');
|
||||
$controller->setParam('folder', $folder);
|
||||
$controller->setParam('index', $index);
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
if (!$user->isAdmin()) {
|
||||
UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
|
||||
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
if (isset($_GET["version"])) { /* {{{ */
|
||||
|
||||
|
|
@ -114,7 +114,8 @@ elseif (isset($_GET["file"])) { /* {{{ */
|
|||
|
||||
sendFile($dms->contentDir . $file->getPath());
|
||||
|
||||
} elseif (isset($_GET["arkname"])) {
|
||||
} /* }}} */
|
||||
elseif (isset($_GET["arkname"])) { /* {{{ */
|
||||
$filename = basename($_GET["arkname"]);
|
||||
|
||||
// backup download
|
||||
|
|
@ -141,7 +142,8 @@ elseif (isset($_GET["file"])) { /* {{{ */
|
|||
|
||||
sendFile($settings->_contentDir .$filename );
|
||||
|
||||
} elseif (isset($_GET["logname"])) {
|
||||
} /* }}} */
|
||||
elseif (isset($_GET["logname"])) { /* {{{ */
|
||||
$filename = basename($_GET["logname"]);
|
||||
|
||||
// log download
|
||||
|
|
@ -167,7 +169,8 @@ elseif (isset($_GET["file"])) { /* {{{ */
|
|||
|
||||
sendFile($settings->_contentDir .$filename );
|
||||
|
||||
} elseif (isset($_GET["vfile"])) {
|
||||
} /* }}} */
|
||||
elseif (isset($_GET["vfile"])) { /* {{{ */
|
||||
|
||||
// versioning info download
|
||||
|
||||
|
|
@ -191,7 +194,8 @@ elseif (isset($_GET["file"])) { /* {{{ */
|
|||
|
||||
sendFile($dms->contentDir . $document->getDir() .$settings->_versioningFileName);
|
||||
|
||||
} elseif (isset($_GET["dumpname"])) {
|
||||
} /* }}} */
|
||||
elseif (isset($_GET["dumpname"])) { /* {{{ */
|
||||
$filename = basename($_GET["dumpname"]);
|
||||
|
||||
// dump file download
|
||||
|
|
@ -251,7 +255,8 @@ elseif (isset($_GET["file"])) { /* {{{ */
|
|||
|
||||
sendFile($filename);
|
||||
|
||||
} elseif (isset($_GET["approvelogid"])) {
|
||||
} /* }}} */
|
||||
elseif (isset($_GET["approvelogid"])) { /* {{{ */
|
||||
if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
|
||||
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
|
||||
}
|
||||
|
|
@ -285,7 +290,7 @@ elseif (isset($_GET["file"])) { /* {{{ */
|
|||
header("Cache-Control: must-revalidate");
|
||||
|
||||
sendFile($filename);
|
||||
}
|
||||
} /* }}} */
|
||||
|
||||
add_log_line();
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
|
||||
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
/* Check if the form data comes from a trusted request */
|
||||
if(!checkFormKey('editdocumentfile')) {
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
if (!isset($_POST["folderid"]) || !is_numeric($_POST["folderid"]) || intval($_POST["folderid"])<1) {
|
||||
UI::exitError(getMLText("folder_title", array("foldername" => getMLText("invalid_folder_id"))),getMLText("invalid_folder_id"));
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ function _printMessage($heading, $message) { /* {{{ */
|
|||
} /* }}} */
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
if (isset($_REQUEST["sesstheme"]) && strlen($_REQUEST["sesstheme"])>0 && is_numeric(array_search($_REQUEST["sesstheme"],UI::getStyles())) ) {
|
||||
$theme = $_REQUEST["sesstheme"];
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ include("../inc/inc.DBInit.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
// Delete session from database
|
||||
if(isset($_COOKIE['mydms_session'])) {
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
/* Check if the form data comes from a trusted request */
|
||||
if(!checkFormKey('removedocument')) {
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
/* Check if the form data comes from a trusted request */
|
||||
if(!checkFormKey('removefolder')) {
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
if (!$user->isAdmin()) {
|
||||
UI::exitError(getMLText("document"),getMLText("access_denied"));
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ include("../inc/inc.ClassUI.php");
|
|||
include("../inc/inc.ClassController.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
/* Check if the form data comes from a trusted request */
|
||||
if(!checkFormKey('updatedocument')) {
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ include("../inc/inc.ClassController.php");
|
|||
include("../inc/inc.Authentication.php");
|
||||
|
||||
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
|
||||
$controller = Controller::factory($tmp[1]);
|
||||
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
|
||||
|
||||
$documentid = $_GET["documentid"];
|
||||
if (!isset($documentid) || !is_numeric($documentid) || intval($documentid)<1) {
|
||||
|
|
|
|||
|
|
@ -37,6 +37,8 @@ $v = new SeedDMS_Version;
|
|||
if($view) {
|
||||
$view->setParam('httproot', $settings->_httpRoot);
|
||||
$view->setParam('version', $v);
|
||||
$view->setParam('partitionsize', 200000);
|
||||
$view->setParam('maxuploadsize', 2000000);
|
||||
$view($_GET);
|
||||
exit;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -282,7 +282,7 @@ if($settings->_enableFullSearch) {
|
|||
$indexconf = null;
|
||||
}
|
||||
|
||||
$controller = Controller::factory('AddDocument');
|
||||
$controller = Controller::factory('AddDocument', array('dms'=>$dms, 'user'=>$user));
|
||||
$controller->setParam('documentsource', 'script');
|
||||
$controller->setParam('folder', $folder);
|
||||
$controller->setParam('index', $index);
|
||||
|
|
|
|||
|
|
@ -955,6 +955,8 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
|
|||
}
|
||||
|
||||
$controller = Controller::factory('AddDocument');
|
||||
$controller->setParam('dms', $this->dms);
|
||||
$controller->setParam('user', $this->user);
|
||||
$controller->setParam('documentsource', 'webdav');
|
||||
$controller->setParam('folder', $objdest);
|
||||
$controller->setParam('index', $index);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user