From 974ff603e1bf1bbfa9bd66bd312ce0620fd182f2 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Tue, 7 Jan 2020 21:20:16 +0100 Subject: [PATCH 1/5] check if hooks return a user object because true also indicates a failed login --- controllers/class.Login.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/controllers/class.Login.php b/controllers/class.Login.php index 01cd4f21a..3a66568e1 100644 --- a/controllers/class.Login.php +++ b/controllers/class.Login.php @@ -85,30 +85,35 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common { } /* Deprecated: Run any additional authentication implemented in a hook */ - if(!$user && isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) { + if(!is_object($user) && isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) { foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authObj) { if(!$user && method_exists($authObj, 'authenticate')) { $user = $authObj->authenticate($dms, $settings, $login, $pwd); + if(false === $user) { + if(empty($this->errormsg)) + $this->setErrorMsg("authentication_failed"); + return false; + } } } } /* Authenticate against LDAP server {{{ */ - if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) { + if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) { require_once("../inc/inc.ClassLdapAuthentication.php"); $authobj = new SeedDMS_LdapAuthentication($dms, $settings); $user = $authobj->authenticate($login, $pwd); } /* }}} */ /* Authenticate against SeedDMS database {{{ */ - if(!$user) { + if(!is_object($user)) { require_once("../inc/inc.ClassDbAuthentication.php"); $authobj = new SeedDMS_DbAuthentication($dms, $settings); $user = $authobj->authenticate($login, $pwd); } /* }}} */ /* If the user is still not authenticated, then exit with an error */ - if(!$user) { + if(!is_object($user)) { $this->callHook('loginFailed'); $this->setErrorMsg("login_error_text"); return false; From 9b6949a00a6b092200a3d65d6384456859a7f5a2 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Tue, 7 Jan 2020 21:21:17 +0100 Subject: [PATCH 2/5] check if document content exists in hits of fulltext search --- views/bootstrap/class.Search.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/views/bootstrap/class.Search.php b/views/bootstrap/class.Search.php index f4d49f049..27ae82db7 100644 --- a/views/bootstrap/class.Search.php +++ b/views/bootstrap/class.Search.php @@ -489,9 +489,8 @@ class SeedDMS_View_Search extends SeedDMS_Bootstrap_Style { else { $document = $entry; $owner = $document->getOwner(); - $lc = $document->getLatestContent(); - $version = $lc->getVersion(); - $previewer->createPreview($lc); + if($lc = $document->getLatestContent()) + $previewer->createPreview($lc); if (in_array(3, $searchin)) $comment = $this->markQuery(htmlspecialchars($document->getComment())); @@ -506,7 +505,7 @@ class SeedDMS_View_Search extends SeedDMS_Bootstrap_Style { $belowtitle .= htmlspecialchars($path[$i]->getName())."/"; } $belowtitle .= ""; - $lcattributes = $lc->getAttributes(); + $lcattributes = $lc ? $lc->getAttributes() : null; $attrstr = ''; if($lcattributes) { $attrstr .= "\n"; From 699152d95b7f7b6a996f1b46383608dd99761bc5 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Fri, 10 Jan 2020 14:48:14 +0100 Subject: [PATCH 3/5] use getDMS() instead of accessing _dms --- SeedDMS_Core/Core/inc.ClassDocument.php | 117 ++++++++++++------------ 1 file changed, 59 insertions(+), 58 deletions(-) diff --git a/SeedDMS_Core/Core/inc.ClassDocument.php b/SeedDMS_Core/Core/inc.ClassDocument.php index 43056e7a0..e932e0ada 100644 --- a/SeedDMS_Core/Core/inc.ClassDocument.php +++ b/SeedDMS_Core/Core/inc.ClassDocument.php @@ -2896,7 +2896,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ function getUser() { /* {{{ */ if (!isset($this->_user)) - $this->_user = $this->_document->_dms->getUser($this->_userID); + $this->_user = $this->_document->getDMS()->getUser($this->_userID); return $this->_user; } /* }}} */ @@ -2912,7 +2912,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ function getPath() { return $this->_document->getDir() . $this->_version . ($this->_fileType != '.' ? $this->_fileType : ''); } function setDate($date = false) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!$date) $date = time(); @@ -2942,7 +2942,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ if($filesize === false) return false; - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr = "UPDATE `tblDocumentContent` SET `fileSize` = ".$filesize." where `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version; if (!$db->getResult($queryStr)) return false; @@ -2963,7 +2963,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ if($checksum === false) return false; - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr = "UPDATE `tblDocumentContent` SET `checksum` = ".$db->qstr($checksum)." where `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version; if (!$db->getResult($queryStr)) return false; @@ -2973,7 +2973,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function setComment($newComment) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr = "UPDATE `tblDocumentContent` SET `comment` = ".$db->qstr($newComment)." WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version; if (!$db->getResult($queryStr)) @@ -3007,7 +3007,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return array latest record from tblDocumentStatusLog */ function getStatus($limit=1) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if (!is_numeric($limit)) return false; @@ -3041,7 +3041,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return array list of status changes */ function getStatusLog($limit=0) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if (!is_numeric($limit)) return false; @@ -3076,7 +3076,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return boolean true on success, otherwise false */ function setStatus($status, $comment, $updateUser, $date='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if (!is_numeric($status)) return false; @@ -3123,7 +3123,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return boolean true on success, otherwise false */ function rewriteStatusLog($statuslog) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr= "SELECT `tblDocumentStatus`.* FROM `tblDocumentStatus` WHERE `tblDocumentStatus`.`documentID` = '". $this->_document->getID() ."' AND `tblDocumentStatus`.`version` = '". $this->_version ."' "; $res = $db->getResultArray($queryStr); @@ -3182,7 +3182,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return integer either M_NONE or M_READ */ function getAccessMode($u) { /* {{{ */ - $dms = $this->_document->_dms; + $dms = $this->_document->getDMS(); /* Check if 'onCheckAccessDocumentContent' callback is set */ if(isset($this->_dms->callbacks['onCheckAccessDocumentContent'])) { @@ -3292,7 +3292,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return array list of review status */ function getReviewStatus($limit=1) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if (!is_numeric($limit)) return false; @@ -3352,7 +3352,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return boolean true on success, otherwise false */ function rewriteReviewLog($reviewers) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr= "SELECT `tblDocumentReviewers`.* FROM `tblDocumentReviewers` WHERE `tblDocumentReviewers`.`documentID` = '". $this->_document->getID() ."' AND `tblDocumentReviewers`.`version` = '". $this->_version ."' "; $res = $db->getResultArray($queryStr); @@ -3420,7 +3420,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return array list of approval status */ function getApprovalStatus($limit=1) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if (!is_numeric($limit)) return false; @@ -3480,7 +3480,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return boolean true on success, otherwise false */ function rewriteApprovalLog($reviewers) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr= "SELECT `tblDocumentApprovers`.* FROM `tblDocumentApprovers` WHERE `tblDocumentApprovers`.`documentID` = '". $this->_document->getID() ."' AND `tblDocumentApprovers`.`version` = '". $this->_version ."' "; $res = $db->getResultArray($queryStr); @@ -3541,7 +3541,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function addIndReviewer($user, $requestUser) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $userID = $user->getID(); @@ -3592,7 +3592,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function addGrpReviewer($group, $requestUser) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $groupID = $group->getID(); @@ -3670,7 +3670,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return integer new review log id */ function setReviewByInd($user, $requestUser, $status, $comment, $file='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); // Check to see if the user can be removed from the review list. $reviewStatus = $user->getReviewStatus($this->_document->getID(), $this->_version); @@ -3722,7 +3722,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return integer new review log id */ function setReviewByGrp($group, $requestUser, $status, $comment, $file='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); // Check to see if the user can be removed from the review list. $reviewStatus = $group->getReviewStatus($this->_document->getID(), $this->_version); @@ -3761,7 +3761,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function addIndApprover($user, $requestUser) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $userID = $user->getID(); @@ -3810,7 +3810,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function addGrpApprover($group, $requestUser) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $groupID = $group->getID(); @@ -3892,7 +3892,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return integer 0 on success, < 0 in case of an error */ function setApprovalByInd($user, $requestUser, $status, $comment, $file='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); // Check to see if the user can be removed from the approval list. $approvalStatus = $user->getApprovalStatus($this->_document->getID(), $this->_version); @@ -3936,7 +3936,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * group instead of a user */ function setApprovalByGrp($group, $requestUser, $status, $comment, $file='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); // Check to see if the user can be removed from the approval list. $approvalStatus = $group->getApprovalStatus($this->_document->getID(), $this->_version); @@ -3974,7 +3974,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function delIndReviewer($user, $requestUser, $msg='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); // Check to see if the user can be removed from the review list. $reviewStatus = $user->getReviewStatus($this->_document->getID(), $this->_version); @@ -4004,7 +4004,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function delGrpReviewer($group, $requestUser, $msg='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $groupID = $group->getID(); @@ -4035,7 +4035,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function delIndApprover($user, $requestUser, $msg='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $userID = $user->getID(); @@ -4067,7 +4067,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ } /* }}} */ function delGrpApprover($group, $requestUser, $msg='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $groupID = $group->getID(); @@ -4103,7 +4103,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @param object $state */ function setWorkflowState($state) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if($this->_workflow) { $queryStr = "UPDATE `tblWorkflowDocumentContent` set `state`=". $state->getID() ." WHERE `workflow`=". intval($this->_workflow->getID()). " AND `document`=". intval($this->_document->getID()) ." AND version=". intval($this->_version) .""; @@ -4123,7 +4123,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * or false in case of error, e.g. the version has not a workflow */ function getWorkflowState() { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!$this->_workflow) $this->getWorkflow(); @@ -4140,7 +4140,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ if (is_bool($recs) && !$recs) return false; $this->_workflowState = new SeedDMS_Core_Workflow_State($recs[0]['id'], $recs[0]['name'], $recs[0]['maxtime'], $recs[0]['precondfunc'], $recs[0]['documentstatus']); - $this->_workflowState->setDMS($this->_document->_dms); + $this->_workflowState->setDMS($this->_document->getDMS()); } return $this->_workflowState; } /* }}} */ @@ -4151,7 +4151,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @param object $workflow */ function setWorkflow($workflow, $user) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $this->getWorkflow(); if($workflow && is_object($workflow)) { @@ -4184,7 +4184,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * or false in case of error, e.g. the version has not a workflow */ function getWorkflow() { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if (!isset($this->_workflow)) { $queryStr= @@ -4196,8 +4196,8 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ return false; if(!$recs) return false; - $this->_workflow = new SeedDMS_Core_Workflow($recs[0]['id'], $recs[0]['name'], $this->_document->_dms->getWorkflowState($recs[0]['initstate'])); - $this->_workflow->setDMS($this->_document->_dms); + $this->_workflow = new SeedDMS_Core_Workflow($recs[0]['id'], $recs[0]['name'], $this->_document->getDMS()->getWorkflowState($recs[0]['initstate'])); + $this->_workflow->setDMS($this->_document->getDMS()); } return $this->_workflow; } /* }}} */ @@ -4213,7 +4213,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return boolean true on success, otherwise false */ function rewriteWorkflowLog($workflowlog) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $db->startTransaction(); @@ -4250,7 +4250,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * or false in case of error */ function rewindWorkflow() { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $this->getWorkflow(); @@ -4291,7 +4291,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * or false in case of error */ function removeWorkflow($user, $unlink=false) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $this->getWorkflow(); @@ -4336,7 +4336,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @param object $subworkflow */ function getParentWorkflow() { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); /* document content must be in a workflow */ $this->getWorkflow(); @@ -4355,7 +4355,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ return false; if($recs[0]['parentworkflow']) - return $this->_document->_dms->getWorkflow($recs[0]['parentworkflow']); + return $this->_document->getDMS()->getWorkflow($recs[0]['parentworkflow']); return false; } /* }}} */ @@ -4366,7 +4366,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @param object $subworkflow */ function runSubWorkflow($subworkflow) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); /* document content must be in a workflow */ $this->getWorkflow(); @@ -4400,7 +4400,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @param string comment for the transition trigger */ function returnFromSubWorkflow($user, $transition=null, $comment='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); /* document content must be in a workflow */ $this->getWorkflow(); @@ -4430,8 +4430,8 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ return false; } - $this->_workflow = $this->_document->_dms->getWorkflow($recs[0]['parentworkflow']); - $this->_workflow->setDMS($this->_document->_dms); + $this->_workflow = $this->_document->getDMS()->getWorkflow($recs[0]['parentworkflow']); + $this->_workflow->setDMS($this->_document->getDMS()); if($transition) { if(false === $this->triggerWorkflowTransition($user, $transition, $comment)) { @@ -4456,7 +4456,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return boolean true if user may trigger transaction */ function triggerWorkflowTransitionIsAllowed($user, $transition) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!$this->_workflow) $this->getWorkflow(); @@ -4598,7 +4598,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * false in case of an error */ function triggerWorkflowTransition($user, $transition, $comment='') { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!$this->_workflow) $this->getWorkflow(); @@ -4739,7 +4739,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return array list of operations */ function getWorkflowLog($transition = null) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); /* if(!$this->_workflow) @@ -4759,8 +4759,8 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ $workflowlogs = array(); for ($i = 0; $i < count($resArr); $i++) { - $workflow = $this->_document->_dms->getWorkflow($resArr[$i]["workflow"]); - $workflowlog = new SeedDMS_Core_Workflow_Log($resArr[$i]["id"], $this->_document->_dms->getDocument($resArr[$i]["document"]), $resArr[$i]["version"], $workflow, $this->_document->_dms->getUser($resArr[$i]["userid"]), $workflow->getTransition($resArr[$i]["transition"]), $resArr[$i]["date"], $resArr[$i]["comment"]); + $workflow = $this->_document->getDMS()->getWorkflow($resArr[$i]["workflow"]); + $workflowlog = new SeedDMS_Core_Workflow_Log($resArr[$i]["id"], $this->_document->getDMS()->getDocument($resArr[$i]["document"]), $resArr[$i]["version"], $workflow, $this->_document->getDMS()->getUser($resArr[$i]["userid"]), $workflow->getTransition($resArr[$i]["transition"]), $resArr[$i]["date"], $resArr[$i]["comment"]); $workflowlog->setDMS($this); $workflowlogs[$i] = $workflowlog; } @@ -4775,7 +4775,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ * @return array list of operations */ function getLastWorkflowTransition() { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!$this->_workflow) $this->getWorkflow(); @@ -4792,7 +4792,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */ $workflowlogs = array(); $i = 0; - $workflowlog = new SeedDMS_Core_Workflow_Log($resArr[$i]["id"], $this->_document->_dms->getDocument($resArr[$i]["document"]), $resArr[$i]["version"], $this->_workflow, $this->_document->_dms->getUser($resArr[$i]["userid"]), $this->_workflow->getTransition($resArr[$i]["transition"]), $resArr[$i]["date"], $resArr[$i]["comment"]); + $workflowlog = new SeedDMS_Core_Workflow_Log($resArr[$i]["id"], $this->_document->getDMS()->getDocument($resArr[$i]["document"]), $resArr[$i]["version"], $this->_workflow, $this->_document->getDMS()->getUser($resArr[$i]["userid"]), $this->_workflow->getTransition($resArr[$i]["transition"]), $resArr[$i]["date"], $resArr[$i]["comment"]); $workflowlog->setDMS($this); return $workflowlog; @@ -4910,8 +4910,9 @@ class SeedDMS_Core_DocumentLink { /* {{{ */ * @return bool|SeedDMS_Core_User */ function getUser() { - if (!isset($this->_user)) - $this->_user = $this->_document->_dms->getUser($this->_userID); + if (!isset($this->_user)) { + $this->_user = $this->_document->getDMS()->getUser($this->_userID); + } return $this->_user; } @@ -5087,7 +5088,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ * @param string $newComment string new comment of document */ function setComment($newComment) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr = "UPDATE `tblDocumentFiles` SET `comment` = ".$db->qstr($newComment)." WHERE `document` = ".$this->_document->getId()." AND `id` = ". $this->_id; if (!$db->getResult($queryStr)) @@ -5110,7 +5111,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ * @return boolean true on success */ function setDate($date) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!$date) $date = time(); @@ -5157,7 +5158,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ * @param $newComment string new name of document */ function setName($newName) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr = "UPDATE `tblDocumentFiles` SET `name` = ".$db->qstr($newName)." WHERE `document` = ".$this->_document->getId()." AND `id` = ". $this->_id; if (!$db->getResult($queryStr)) @@ -5172,7 +5173,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ */ function getUser() { if (!isset($this->_user)) - $this->_user = $this->_document->_dms->getUser($this->_userID); + $this->_user = $this->_document->getDMS()->getUser($this->_userID); return $this->_user; } @@ -5194,7 +5195,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ * @param $newComment string new version of document */ function setVersion($newVersion) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); if(!is_numeric($newVersion) && $newVersion != '') return false; @@ -5218,7 +5219,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ * @param $newComment string new comment of document */ function setPublic($newPublic) { /* {{{ */ - $db = $this->_document->_dms->getDB(); + $db = $this->_document->getDMS()->getDB(); $queryStr = "UPDATE `tblDocumentFiles` SET `public` = ".($newPublic ? 1 : 0)." WHERE `document` = ".$this->_document->getId()." AND `id` = ". $this->_id; if (!$db->getResult($queryStr)) @@ -5240,7 +5241,7 @@ class SeedDMS_Core_DocumentFile { /* {{{ */ * @return integer either M_NONE or M_READ */ function getAccessMode($u) { /* {{{ */ - $dms = $this->_document->_dms; + $dms = $this->_document->getDMS(); /* Check if 'onCheckAccessDocumentLink' callback is set */ if(isset($this->_dms->callbacks['onCheckAccessDocumentFile'])) { From bb38dc7b22352f32171175b1c31079ab602809d3 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 13 Jan 2020 09:32:22 +0100 Subject: [PATCH 4/5] properly handle duplicate names when moving a document/folder --- webdav/webdav.php | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/webdav/webdav.php b/webdav/webdav.php index ff08f71ee..00c4e0d4f 100644 --- a/webdav/webdav.php +++ b/webdav/webdav.php @@ -1062,6 +1062,11 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server $objdest = $this->reverseLookup($options["dest"]); $newdocname = ''; + /* if the destіnation could not be found, then a folder/document shall + * be renamed. In that case the source object is moved into the ѕame + * or different folder under a new name. + * $objdest will store the new destination folder afterwards + */ if(!$objdest) { /* check if at least the dest directory exists */ $dirname = dirname($options['dest']); @@ -1112,13 +1117,17 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server /* Set the new Folder of the source object */ if(get_class($objsource) == $this->dms->getClassname('document')) { /* Check if name already exists in the folder */ - /* if(!$settings->_enableDuplicateDocNames) { - if($objdest->hasDocumentByName($objsource->getName())) { - return "403 Forbidden"; + if($newdocname) { + if($objdest->hasDocumentByName($newdocname)) { + return "403 Forbidden"; + } + } else { + if($objdest->hasDocumentByName($objsource->getName())) { + return "403 Forbidden"; + } } } - */ $oldFolder = $objsource->getFolder(); if($objsource->setFolder($objdest)) { @@ -1153,8 +1162,14 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server } elseif(get_class($objsource) == $this->dms->getClassname('folder')) { /* Check if name already exists in the folder */ if(!$settings->_enableDuplicateSubFolderNames) { - if($objdest->hasSubFolderByName($objsource->getName())) { - return "403 Forbidden"; + if($newdocname) { + if($objdest->hasSubFolderByName($newdocname)) { + return "403 Forbidden"; + } + } else { + if($objdest->hasSubFolderByName($objsource->getName())) { + return "403 Forbidden"; + } } } $oldFolder = $objsource->getParent(); @@ -1176,7 +1191,7 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server $params['old_folder_path'] = $oldFolder->getFolderPathPlain(); $params['new_folder_path'] = $objdest->getFolderPathPlain(); $params['username'] = $this->user->getFullName(); - $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewFolder.php?folderid=".$folder->getID(); + $params['url'] = "http".((isset($_SERVER['HTTPS']) && (strcmp($_SERVER['HTTPS'],'off')!=0)) ? "s" : "")."://".$_SERVER['HTTP_HOST'].$settings->_httpRoot."out/out.ViewFolder.php?folderid=".$objsource->getID(); $params['sitename'] = $settings->_siteName; $params['http_root'] = $settings->_httpRoot; $this->notifier->toList($this->user, $nl["users"], $subject, $message, $params); From 61ce13d681d33bff94004bb74a0ebadd09169604 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Mon, 13 Jan 2020 09:32:48 +0100 Subject: [PATCH 5/5] add entry for 5.1.14 --- CHANGELOG | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG b/CHANGELOG index 12166e154..15e10fdb6 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -14,6 +14,7 @@ used method by setting a parameter in the extension's config file will no longer work. - clean up code for managing extensions +- fix renaming of folders via webdav -------------------------------------------------------------------------------- Changes in version 5.1.13