gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-09 13:06:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2021-01-11 09:07:06 +01:00
commit e847ff2647
9 changed files with 41 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -190,6 +190,7 @@
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
- remove document/folder from index before adding a new one after editing the - remove document/folder from index before adding a new one after editing the
meta data meta data
- fix potential clickjacking attack with manipulated email address of a user
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Changes in version 5.1.21 Changes in version 5.1.21

22
inc/inc.ClassExtensionMgr.php
View File

@ -301,6 +301,28 @@ class SeedDMS_Extension_Mgr {
return $tmpfile; return $tmpfile;
} /* }}} */ } /* }}} */
/**
* Migrate database tables of extension if one exists
*
* @param string $extname name of extension
* @param SeedDMS_Core_DMS $dms
* @return boolean true on success, false on error
*/
public function migrate($extname, $dms) { /* {{{ */
if(!isset($this->extconf[$extname]))
return false;
$extconf = $this->extconf[$extname];
if(isset($extconf['class']) && isset($extconf['class']['file']) && isset($extconf['class']['name'])) {
$classfile = $settings->_rootDir."/ext/".$extname."/".$extconf['class']['file'];
if(file_exists($classfile)) {
include($classfile);
$obj = new $extconf['class']['name']($settings);
if(method_exists($obj, 'migrate'))
$obj->migrate(isset($settings->_extensions[$extname]) ? $settings->_extensions[$extname] : null);
}
}
} /* }}} */
/** /**
* Check content of extension directory or configuration of extension * Check content of extension directory or configuration of extension
* *

7
op/op.ExtensionMgr.php
View File

@ -43,8 +43,8 @@ else $action=NULL;
if (isset($_POST["currenttab"])) $currenttab=$_POST["currenttab"]; if (isset($_POST["currenttab"])) $currenttab=$_POST["currenttab"];
else $currenttab=NULL; else $currenttab=NULL;
// add new attribute definition --------------------------------------------- // Download extension -------------------------------------------------------
if ($action == "download") { if ($action == "download") { /* {{{ */
if (!isset($_POST["extname"])) { if (!isset($_POST["extname"])) {
UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); UI::exitError(getMLText("admin_tools"),getMLText("unknown_id"));
} }
@ -128,7 +128,8 @@ elseif ($action == "getlist") { /* {{{ */
} }
add_log_line(); add_log_line();
header("Location:../out/out.ExtensionMgr.php?currenttab=".$currenttab); header("Location:../out/out.ExtensionMgr.php?currenttab=".$currenttab);
} elseif ($action == "toggle") { /* {{{ */ } /* }}} */
elseif ($action == "toggle") { /* {{{ */
if (!isset($_POST["extname"])) { if (!isset($_POST["extname"])) {
echo json_encode(array('success'=>false, 'msg'=>'Could not toggle extension')); echo json_encode(array('success'=>false, 'msg'=>'Could not toggle extension'));
} }

4
out/out.ImportUsers.php
View File

@ -34,7 +34,11 @@ if (!$user->isAdmin()) {
UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
} }
/* Also have a look at op/op.ImportUsers.php which calls the view as well. */
if($view) { if($view) {
$view->setParam('log', array());
$view->setParam('newusers', array());
$view->setParam('colmap', array());
$view($_GET); $view($_GET);
exit; exit;
} }

6
views/bootstrap/class.DocumentVersionDetail.php
View File

@ -170,7 +170,7 @@ class SeedDMS_View_DocumentVersionDetail extends SeedDMS_Bootstrap_Style {
<td> <td>
<?php <?php
$owner = $document->getOwner(); $owner = $document->getOwner();
print "<a class=\"infos\" href=\"mailto:".$owner->getEmail()."\">".htmlspecialchars($owner->getFullName())."</a>"; print "<a class=\"infos\" href=\"mailto:".htmlspecialchars($owner->getEmail())."\">".htmlspecialchars($owner->getFullName())."</a>";
?> ?>
</td> </td>
</tr> </tr>
@ -278,7 +278,7 @@ class SeedDMS_View_DocumentVersionDetail extends SeedDMS_Bootstrap_Style {
else print "<li><span class=\"warning\">".getMLText("document_deleted")."</span></li>"; else print "<li><span class=\"warning\">".getMLText("document_deleted")."</span></li>";
$updatingUser = $version->getUser(); $updatingUser = $version->getUser();
print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".$updatingUser->getEmail()."\">".htmlspecialchars($updatingUser->getFullName())."</a></li>"; print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".htmlspecialchars($updatingUser->getEmail())."\">".htmlspecialchars($updatingUser->getFullName())."</a></li>";
print "<li>".getLongReadableDate($version->getDate())."</li>"; print "<li>".getLongReadableDate($version->getDate())."</li>";
print "</ul>\n"; print "</ul>\n";
@ -514,7 +514,7 @@ class SeedDMS_View_DocumentVersionDetail extends SeedDMS_Bootstrap_Style {
print "<li>".SeedDMS_Core_File::format_filesize(filesize($dms->contentDir . $file->getPath())) ." bytes, ".htmlspecialchars($file->getMimeType())."</li>"; print "<li>".SeedDMS_Core_File::format_filesize(filesize($dms->contentDir . $file->getPath())) ." bytes, ".htmlspecialchars($file->getMimeType())."</li>";
else print "<li>".htmlspecialchars($file->getMimeType())." - <span class=\"warning\">".getMLText("document_deleted")."</span></li>"; else print "<li>".htmlspecialchars($file->getMimeType())." - <span class=\"warning\">".getMLText("document_deleted")."</span></li>";
print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".$responsibleUser->getEmail()."\">".htmlspecialchars($responsibleUser->getFullName())."</a></li>"; print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".htmlspecialchars($responsibleUser->getEmail())."\">".htmlspecialchars($responsibleUser->getFullName())."</a></li>";
print "<li>".getLongReadableDate($file->getDate())."</li>"; print "<li>".getLongReadableDate($file->getDate())."</li>";
if($file->getVersion()) if($file->getVersion())
print "<li>".getMLText('linked_to_this_version')."</li>"; print "<li>".getMLText('linked_to_this_version')."</li>";

2
views/bootstrap/class.ExtensionMgr.php
View File

@ -212,7 +212,7 @@ class SeedDMS_View_ExtensionMgr extends SeedDMS_Bootstrap_Style {
echo "<td nowrap>".$extconf['version']; echo "<td nowrap>".$extconf['version'];
echo "<br /><small>".$extconf['releasedate']."</small>"; echo "<br /><small>".$extconf['releasedate']."</small>";
echo "</td>"; echo "</td>";
echo "<td nowrap><a href=\"mailto:".$extconf['author']['email']."\">".$extconf['author']['name']."</a><br /><small>".$extconf['author']['company']."</small></td>"; echo "<td nowrap><a href=\"mailto:".htmlspecialchars($extconf['author']['email'])."\">".$extconf['author']['name']."</a><br /><small>".$extconf['author']['company']."</small></td>";
echo "<td nowrap>"; echo "<td nowrap>";
echo "<div class=\"list-action\">"; echo "<div class=\"list-action\">";
if(!empty($extconf['changelog']) && file_exists($extdir."/".$extname."/".$extconf['changelog'])) { if(!empty($extconf['changelog']) && file_exists($extdir."/".$extname."/".$extconf['changelog'])) {

2
views/bootstrap/class.UserList.php
View File

@ -75,7 +75,7 @@ class SeedDMS_View_UserList extends SeedDMS_Bootstrap_Style {
echo "</td>"; echo "</td>";
echo "<td>"; echo "<td>";
echo htmlspecialchars($currUser->getFullName())." (".htmlspecialchars($currUser->getLogin()).")<br />"; echo htmlspecialchars($currUser->getFullName())." (".htmlspecialchars($currUser->getLogin()).")<br />";
echo "<a href=\"mailto:".$currUser->getEmail()."\">".htmlspecialchars($currUser->getEmail())."</a><br />"; echo "<a href=\"mailto:".htmlspecialchars($currUser->getEmail())."\">".htmlspecialchars($currUser->getEmail())."</a><br />";
echo "<small>".htmlspecialchars($currUser->getComment())."</small>"; echo "<small>".htmlspecialchars($currUser->getComment())."</small>";
echo "</td>"; echo "</td>";
echo "<td>"; echo "<td>";

2
views/bootstrap/class.UsrView.php
View File

@ -68,7 +68,7 @@ class SeedDMS_View_UsrView extends SeedDMS_Bootstrap_Style {
} }
echo "<td>"; echo "<td>";
echo htmlspecialchars($currUser->getFullName())." (".htmlspecialchars($currUser->getLogin()).")<br />"; echo htmlspecialchars($currUser->getFullName())." (".htmlspecialchars($currUser->getLogin()).")<br />";
echo "<a href=\"mailto:".$currUser->getEmail()."\">".htmlspecialchars($currUser->getEmail())."</a><br />"; echo "<a href=\"mailto:".htmlspecialchars($currUser->getEmail())."\">".htmlspecialchars($currUser->getEmail())."</a><br />";
echo "<small>".htmlspecialchars($currUser->getComment())."</small>"; echo "<small>".htmlspecialchars($currUser->getComment())."</small>";
echo "</td>"; echo "</td>";
echo "</tr>"; echo "</tr>";

8
views/bootstrap/class.ViewDocument.php
View File

@ -232,7 +232,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
<td> <td>
<?php <?php
$owner = $document->getOwner(); $owner = $document->getOwner();
print "<a class=\"infos\" href=\"mailto:".$owner->getEmail()."\">".htmlspecialchars($owner->getFullName())."</a>"; print "<a class=\"infos\" href=\"mailto:".htmlspecialchars($owner->getEmail())."\">".htmlspecialchars($owner->getFullName())."</a>";
?> ?>
</td> </td>
</tr> </tr>
@ -673,7 +673,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
else print "<li><span class=\"warning\">".getMLText("document_deleted")."</span></li>"; else print "<li><span class=\"warning\">".getMLText("document_deleted")."</span></li>";
$updatingUser = $latestContent->getUser(); $updatingUser = $latestContent->getUser();
print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".$updatingUser->getEmail()."\">".htmlspecialchars($updatingUser->getFullName())."</a></li>"; print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".htmlspecialchars($updatingUser->getEmail())."\">".htmlspecialchars($updatingUser->getFullName())."</a></li>";
print "<li>".getLongReadableDate($latestContent->getDate())."</li>"; print "<li>".getLongReadableDate($latestContent->getDate())."</li>";
print "</ul>\n"; print "</ul>\n";
@ -1600,7 +1600,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
if ($file_exists) print "<li>". SeedDMS_Core_File::format_filesize($version->getFileSize()) .", ".htmlspecialchars($version->getMimeType())."</li>"; if ($file_exists) print "<li>". SeedDMS_Core_File::format_filesize($version->getFileSize()) .", ".htmlspecialchars($version->getMimeType())."</li>";
else print "<li><span class=\"warning\">".getMLText("document_deleted")."</span></li>"; else print "<li><span class=\"warning\">".getMLText("document_deleted")."</span></li>";
$updatingUser = $version->getUser(); $updatingUser = $version->getUser();
print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".$updatingUser->getEmail()."\">".htmlspecialchars($updatingUser->getFullName())."</a></li>"; print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".htmlspecialchars($updatingUser->getEmail())."\">".htmlspecialchars($updatingUser->getFullName())."</a></li>";
print "<li>".getLongReadableDate($version->getDate())."</li>"; print "<li>".getLongReadableDate($version->getDate())."</li>";
print "</ul>\n"; print "</ul>\n";
$txt = $this->callHook('showVersionComment', $version); $txt = $this->callHook('showVersionComment', $version);
@ -1723,7 +1723,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
print "<li>".SeedDMS_Core_File::format_filesize(filesize($dms->contentDir . $file->getPath())) ." bytes, ".htmlspecialchars($file->getMimeType())."</li>"; print "<li>".SeedDMS_Core_File::format_filesize(filesize($dms->contentDir . $file->getPath())) ." bytes, ".htmlspecialchars($file->getMimeType())."</li>";
else print "<li>".htmlspecialchars($file->getMimeType())." - <span class=\"warning\">".getMLText("document_deleted")."</span></li>"; else print "<li>".htmlspecialchars($file->getMimeType())." - <span class=\"warning\">".getMLText("document_deleted")."</span></li>";
print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".$responsibleUser->getEmail()."\">".htmlspecialchars($responsibleUser->getFullName())."</a></li>"; print "<li>".getMLText("uploaded_by")." <a href=\"mailto:".htmlspecialchars($responsibleUser->getEmail())."\">".htmlspecialchars($responsibleUser->getFullName())."</a></li>";
print "<li>".getLongReadableDate($file->getDate())."</li>"; print "<li>".getLongReadableDate($file->getDate())."</li>";
if($file->getVersion()) if($file->getVersion())
print "<li>".getMLText('linked_to_current_version')."</li>"; print "<li>".getMLText('linked_to_current_version')."</li>";