Commit Graph

74 Commits

Author SHA1 Message Date
steinm
452221fe2b - lots of fixes to prevent CSRF attacks 2012-08-29 20:37:22 +00:00
steinm
75c2adcfc6 - prevent XSS attacs 2012-08-28 07:18:00 +00:00
steinm
f3b2cbe950 - run mimetype through htmlspecialchars() 2012-01-12 17:00:31 +00:00
steinm
73f4c8d90d - use htmlspecialchars() whenever data from the database is output
(this does currently break the output, because data was already
	encoded when saved)
2011-12-02 16:23:36 +00:00
steinm
662b657e9d ?? 2011-10-16 20:00:26 +00:00
steinm
44850571e8 - fixed error in html tagging 2011-07-22 20:46:32 +00:00
steinm
545043cd94 - show submit review link only for logged in user 2011-07-20 17:12:03 +00:00
steinm
1c296ea582 - output list of categories 2011-03-10 14:50:40 +00:00
steinm
a60b24de15 - do not use LetoDMS_Core_DocumentContent::viewOnline() anymore 2011-02-01 07:13:26 +00:00
steinm
38760a712d - use $dms->contentDir 2011-01-28 07:42:10 +00:00
steinm
3e1d956fba - do not include LetoDMS_Core.php anymore it is now include bei inc.DBInit.php 2011-01-20 12:39:25 +00:00
steinm
8a84bc3b51 - rename all classes belonging to the core of LetoDMS into LetoDMS_Core_xxx
- move them all into LetoDMS_Core
2011-01-20 08:18:37 +00:00
steinm
5e70f949f7 - do not include inc.DBAccess.php, because it is included by inc.ClassDMS.php 2011-01-14 19:45:29 +00:00
steinm
955be450f3 - getFolderPathHTML() is now a function in inc/inc.Utils.php because
it uses links only known by the calling application
2010-12-22 08:50:57 +00:00
steinm
1e6f63237e - get rid of those missing phrases with key 'empty_notify_list' and
replaced them with appropriate phrases
2010-12-14 14:17:02 +00:00
steinm
4087d7f953 - do not user _adminID anymore 2010-12-10 13:41:00 +00:00
steinm
a32a2e7237 - do not use global variable settings->_guestID anymore. Use
LetoDMS_User::isGuest() instead
2010-12-03 07:22:56 +00:00
steinm
72defaaacf - no need to include inc.FileUtils.php anymore. It is included
by LetoDMS_DMS
2010-11-25 21:28:59 +00:00
steinm
35b663eb74 - inc.ClassAccess is now included by inc.ClassDMS.php 2010-11-23 08:13:17 +00:00
steinm
a029cd22c2 - filterAccess() and filterUsersByAccess() are now static functions in
LetoDMS_DMS and inc.AccessUtils.php is included in inc.ClassDMS.php
2010-11-22 20:42:19 +00:00
steinm
d619bc8dc8 - do not include inc.ClassEmail.php, it is already included in inc.ClassDMS.php 2010-11-17 07:30:11 +00:00
steinm
4678218f1a - moved function to admin users and groups in LetoDMS_DMS 2010-11-15 12:01:21 +00:00
steinm
cfd3eaae06 - first step to get rid of global variables from all files in inc/
- added new Class LetoDMS_DMS which represents the DMS, contains
  all settings for the DMS and the database connection. A document
	and a folder have a reference to the DMS
2010-11-12 22:47:41 +00:00
steinm
b5bc621318 - move all sources into trunk 2010-10-29 13:19:51 +00:00