- took over changes from stable release 2.0.2

2024-11-26 07:22:11 +00:00 · 2010-11-05 21:45:21 +00:00 · 2010-11-05 21:45:21 +00:00 · f1778edd4f
commit f1778edd4f
parent 73f4e23933
18 changed files with 118 additions and 9 deletions
--- a/out/out.AddEvent.php
+++ b/out/out.AddEvent.php
@ -29,7 +29,11 @@ include("../inc/inc.FileUtils.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
-
+
+if ($user->getID() == $settings->_guestID) {
+	UI::exitError(getMLText("edit_event"),getMLText("access_denied"));
+}
+
 UI::htmlStartPage(getMLText("calendar"));
 UI::globalNavigation();
 UI::pageNavigation(getMLText("calendar"), "calendar");
--- a/out/out.ApprovalSummary.php
+++ b/out/out.ApprovalSummary.php
@ -31,6 +31,10 @@ include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");

+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
+}
+
 if (!$db->createTemporaryTable("ttstatid")) {
 	UI::exitError(getMLText("approval_summary"),getMLText("internal_error_exit"));
 }
--- a/out/out.BackupTools.php
+++ b/out/out.BackupTools.php
@ -35,10 +35,31 @@ if (!$user->isAdmin()) {
 	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
 }

+// funcion by shalless at rubix dot net dot au (php.net)
+function dskspace($dir)
+{
+   $s = stat($dir);
+   $space = $s["blocks"]*512;
+   if (is_dir($dir))
+   {
+     $dh = opendir($dir);
+     while (($file = readdir($dh)) !== false)
+       if ($file != "." and $file != "..")
+         $space += dskspace($dir."/".$file);
+     closedir($dh);
+   }
+   return $space;
+} 
+
 UI::htmlStartPage(getMLText("backup_tools"));
 UI::globalNavigation();
 UI::pageNavigation(getMLText("admin_tools"), "admin_tools");

+UI::contentHeading(getMLText("backup_tools"));
+UI::contentContainerStart();
+print getMLText("space_used_on_data_folder")." : ".formatted_size(dskspace($settings->_contentDir));
+UI::contentContainerEnd();
+
 // versioning file creation ////////////////////////////////////////////////////

 UI::contentHeading(getMLText("versioning_file_creation"));
@ -64,7 +85,6 @@ print "<input type=\"checkbox\" name=\"human_readable\" value=\"1\">".getMLText(
 print "<input type='submit' name='' value='".getMLText("archive_creation")."'/>";
 print "</form>\n";

-
 // list backup files
 UI::contentSubHeading(getMLText("backup_list"));

--- a/out/out.Calendar.php
+++ b/out/out.Calendar.php
@ -49,7 +49,6 @@ UI::htmlStartPage(getMLText("calendar"));
 UI::globalNavigation();
 UI::pageNavigation(getMLText("calendar"), "calendar",array($day,$month,$year));

-
 if ($mode=="y"){

 	UI::contentHeading(getMLText("year_view")." : ".$year);
@ -154,6 +153,12 @@ if ($mode=="y"){
 	
 		$date = getdate($i);
 		
+		// for daylight saving time TODO: could be better
+		if ( ($i!=$starttime) && ($prev_day==$date["mday"]) ){
+			$i += 3600;
+			$date = getdate($i);
+		}
+		
 		// highlight today
 		$class = ($date["year"] == $today["year"] && $date["mon"] == $today["mon"] && $date["mday"]  == $today["mday"]) ? "todayHeader" : "header";
 		
@ -173,6 +178,8 @@ if ($mode=="y"){
 		}
 		
 		echo "</tr>\n";	
+		
+		$prev_day=$date["mday"];
 	}
 	echo "</table>\n";

--- a/out/out.EditEvent.php
+++ b/out/out.EditEvent.php
@ -31,6 +31,10 @@ include("../inc/inc.ClassUI.php");
 include("../inc/inc.Calendar.php");
 include("../inc/inc.Authentication.php");

+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("edit_event"),getMLText("access_denied"));
+}
+
 if (!isset($_GET["id"]) || !is_numeric($_GET["id"]) || intval($_GET["id"])<1) {
 	UI::exitError(getMLText("edit_event"),getMLText("error_occured"));
 }
--- a/out/out.EditUserData.php
+++ b/out/out.EditUserData.php
@ -31,6 +31,14 @@ include("../inc/inc.FileUtils.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
+
+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("edit_user_details"),getMLText("access_denied"));
+}
+
+if (($user->getID($user) != $settings->_adminID) && ($settings->_disableSelfEdit)) {
+	UI::exitError(getMLText("edit_user_details"),getMLText("access_denied"));
+}

 UI::htmlStartPage(getMLText("edit_user_details"));
 UI::globalNavigation();
--- a/out/out.GroupView.php
+++ b/out/out.GroupView.php
@ -30,6 +30,10 @@ include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");

+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
+}
+
 if (!$settings->_enableUsersView) {
 	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
 }
--- a/out/out.ManageNotify.php
+++ b/out/out.ManageNotify.php
@ -29,6 +29,10 @@ include("../inc/inc.FileUtils.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
+
+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
+}

 // Get list of subscriptions for documents or folders for user or groups
 function getNotificationList($as_group,$folders)
--- a/out/out.MyAccount.php
+++ b/out/out.MyAccount.php
@ -30,6 +30,10 @@ include("../inc/inc.DBInit.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
+
+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
+}

 UI::htmlStartPage(getMLText("my_account"));
 UI::globalNavigation();
--- a/out/out.MyDocuments.php
+++ b/out/out.MyDocuments.php
@ -30,6 +30,10 @@ include("../inc/inc.DBInit.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
+
+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
+}

 // Check to see if the user wants to see only those documents that are still
 // in the review / approve stages.
--- a/out/out.RemoveUser.php
+++ b/out/out.RemoveUser.php
@ -39,7 +39,14 @@ if (!$user->isAdmin()) {
 if (!isset($_GET["userid"]) || !is_numeric($_GET["userid"]) || intval($_GET["userid"])<1) {
 	UI::exitError(getMLText("rm_user"),getMLText("invalid_user_id"));
 }
+
 $userid = $_GET["userid"];
+
+
+if (($userid==$settings->_adminID)||($userid==$settings->_guestID)) {
+	UI::exitError(getMLText("rm_user"),getMLText("access_denied"));
+}
+
 $currUser = getUser($userid);

 if (!is_object($currUser)) {
@ -59,7 +66,27 @@ UI::contentContainerStart();
 <p>
 <?php printMLText("confirm_rm_user", array ("username" => $currUser->getFullName()));?>
 </p>
+
+<p>
+<?php printMLText("assign_user_property_to"); ?> :
+<select name="assignTo">
+<option value="<?php print $settings->_adminID; ?>"><?php echo getMLText("admin")?>
+
+<?php
+	$users = getAllUsers();
+	foreach ($users as $currUser) {
+		if (($currUser->getID() == $settings->_adminID) || ($currUser->getID() == $settings->_guestID) || ($currUser->getID() == $userid) )
+			continue;
+			
+		if (isset($_GET["userid"]) && $currUser->getID()==$_GET["userid"]) $selected=$count;
+		print "<option value=\"".$currUser->getID()."\">" . $currUser->getLogin();
+	}
+?>
+</select>
+</p>
+
 <p><input type="Submit" value="<?php printMLText("rm_user");?>"></p>
+
 </form>
 <?php
 UI::contentContainerEnd();
--- a/out/out.ReviewSummary.php
+++ b/out/out.ReviewSummary.php
@ -30,6 +30,10 @@ include("../inc/inc.DBInit.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
+
+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_documents"),getMLText("access_denied"));
+}

 if (!$db->createTemporaryTable("ttstatid")) {
 	UI::exitError(getMLText("review_summary"),getMLText("internal_error_exit"));
--- a/out/out.Statistic.php
+++ b/out/out.Statistic.php
@ -223,6 +223,7 @@ print "<li>".getMLText("folders").": ".$folder_count."</li>\n";
 print "<li>".getMLText("documents").": ".$document_count."</li>\n";
 print "<li>".getMLText("files").": ".$file_count."</li>\n";
 print "<li>".getMLText("storage_size").": ".formatted_size($storage_size)."</li>\n";
+
 print "</ul>\n";

 print "</td></tr>";
--- a/out/out.UpdateDocument.php
+++ b/out/out.UpdateDocument.php
@ -88,8 +88,6 @@ if ($document->isLocked()) {
 	
 	print "<table><tr><td class=\"warning\">";
 	
-	//print "<span class=\"warning\">";
-	
 	printMLText("update_locked_msg", array("username" => $lockingUser->getFullName(), "email" => $lockingUser->getEmail()));
 	
 	if ($lockingUser->getID() == $user->getID())
@ -99,13 +97,12 @@ if ($document->isLocked()) {
 	else
 	{
 		printMLText("no_update_cause_locked");
-		//print "</span>";
 		print "</td></tr></table>";
 		UI::contentContainerEnd();
 		UI::htmlEndPage();
 		exit;
 	}
-	//print "</span>";
+
 	print "</td></tr></table><br>";
 }

@ -114,9 +111,17 @@ if ($document->isLocked()) {
 $docAccess = $document->getApproversList();
 ?>

+<table>
+<tr>
+	<td class="warning"><?php echo getMLtext("max_upload_size")." : ".ini_get( "upload_max_filesize"); ?></td>
+</tr>
+</table><br>
+
+
 <form action="../op/op.UpdateDocument.php" enctype="multipart/form-data" method="post" name="form1" onsubmit="return checkForm();">
 	<input type="Hidden" name="documentid" value="<?php print $documentid; ?>">
 	<table>
+	
 		<tr>
 			<td><?php printMLText("local_file");?>:</td>
 			<td><input type="File" name="userfile" size="60"></td>
--- a/out/out.UserDefaultKeywords.php
+++ b/out/out.UserDefaultKeywords.php
@ -31,6 +31,10 @@ include("../inc/inc.FileUtils.php");
 include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");
+
+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("edit_default_keywords"),getMLText("access_denied"));
+}

 $categories = getAllUserKeywordCategories($user->getID());

--- a/out/out.UserImage.php
+++ b/out/out.UserImage.php
@ -33,7 +33,7 @@ $userid = sanitizeString($_GET["userid"]);
 $myUser = getUser($userid); //es soll ja auch möglich sein, die bilder von anderen anzuzeigen

 if (!$myUser->hasImage())
-	die ("Kein Bild verfügbar");
+	UI::exitError(getMLText("user_image"),getMLText("no_user_image"));

 $queryStr = "SELECT * FROM tblUserImages WHERE userID = " . $userid;
 $resArr = $db->getResultArray($queryStr);
--- a/out/out.UsrView.php
+++ b/out/out.UsrView.php
@ -30,6 +30,10 @@ include("../inc/inc.Language.php");
 include("../inc/inc.ClassUI.php");
 include("../inc/inc.Authentication.php");

+if ($user->getID($user) == $settings->_guestID) {
+	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
+}
+
 if (!$settings->_enableUsersView) {
 	UI::exitError(getMLText("my_account"),getMLText("access_denied"));
 }
--- a/out/out.ViewFolder.php
+++ b/out/out.ViewFolder.php
@ -105,7 +105,8 @@ foreach($subFolders as $subFolder) {
 	$subdoc = filterAccess($subdoc, $user, M_READ);
 	
 	print "<tr class=\"folder\">";
-	print "<td><img src=\"images/folder_closed.gif\" width=18 height=18 border=0></td>";
+//	print "<td><img src=\"images/folder_closed.gif\" width=18 height=18 border=0></td>";
+	print "<td><a href=\"out.ViewFolder.php?folderid=".$subFolder->getID()."&showtree=".$showtree."\"><img src=\"images/folder_closed.gif\" width=18 height=18 border=0></a></td>\n";
 	print "<td><a href=\"out.ViewFolder.php?folderid=".$subFolder->getID()."&showtree=".$showtree."\">" . $subFolder->getName() . "</a></td>\n";
 	print "<td>".$owner->getFullName()."</td>";
 	print "<td colspan=\"2\"><small>".count($subsub)." ".getMLText("folders").", ".count($subdoc)." ".getMLText("documents")."</small></td>";