Merge branch 'seeddms-6.0.x'

check if user is actually set, 'WorkflowByMe' now uses a single sql
statement

CHANGELOG

@@ -1,3 +1,361 @@
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.33
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.40
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.32
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.39
+- fix setting attributes (user, group, document, folder) when checking in
+  a new document version
+- validate setting revision date
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.31
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.38
+- fix various restapi endpoints which hadn't been updated to slim4
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.30
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.37
+- receipt comment can be disabled
+- send request receipt notification only when document is released
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.29
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.36
+- fix regression in FolderNotify
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.28
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.35
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.27
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.34
+- Document/folder check distinguishes between documents which cannot be
+  receiped/revised because of access rights or the recipient/revisor being
+  disabled.
+- fix creating user via rest api
+- checkout info does not depend on whether the logged in user was substituted
+- add new endpoints for managing roles by rest api
+- add transmittals in menu
+- add legacy access check for controllers
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.26
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.33
+- add task to import files from drop folder
+- add substitution of users in bootstrap4 theme
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.25
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.32
+- status log can be turned on with advanced access control
+- scheduler has more condensed layout 
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.24
+--------------------------------------------------------------------------------
+- add task to send list of recent changes by email
+- merge changes up to 5.1.31
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.23
+--------------------------------------------------------------------------------
+- fix setting recipients and revisors
+- check in of a document is allowed for the user having done the check out
+  or those users with unlimited access rights on the document
+- merge changes up to 5.1.30
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.22
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.29
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.21
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.28
+- add new check for documents with identical sequence numbers in a folder
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.20
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.27
+- fix triggering workflow (Closes: #542)
+- create original file name from new document name when uploading document
+  from the library folder. Used to be the original file name
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.19
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.26
+- fix deletion of tasks when using bootstrap4 theme
+- fix deletion of documents when clicking on icon in document list (my documents)
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.18
+--------------------------------------------------------------------------------
+- finish op/op.Cron.php, returns json
+- merge changes up to 5.1.25
+- fix sending trigger workflow notification (Closes: #522)
+- fix updating und deleting items in document lists
+- call hook 'filenameDownloadItem' in search export and transmittal download
+- fix possible xss attack in UsrMgr (CVE-2022-28479)
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.17
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.24
+- send notification when a receiption of a document was submitted
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.16
+--------------------------------------------------------------------------------
+- cancel checkout needs confirmation
+- add input field to filter list of recipients if more then 10
+- add task for creating missing preview images
+- no longer use old PHPExcel classes, use PhpOffice\PhpSpreadsheet\Spreadsheet
+  instead
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.15
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.22
+- add a new task for checking the checksum of all document versions
+- add searching for revision date
+- list of open tasks will no longer contain expired documents but MyDocuments
+  page still list them
+- fixed downloading approval file (Closes: #503)
+- regular users can no longer set owner of document while uploading
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.14
+--------------------------------------------------------------------------------
+- show debug menu only if debug mode is on
+- merge changes up to 5.1.21
+- document links can be added by regular users again
+- add list of checked out documents to tasks
+- issue a warning when removing a document which is checked out
+- checked out can be discarded if it was changed
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.13
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.20
+- create download file for transmittal in system tmp (Closes: #478)
+- sync source code of checkin with update document
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.12
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.19
+- fix various errors concerning workflows
+- show menu tasks even if not admin (Closes: #485)
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.11
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.18
+- fix access restriction for roles (content of documents was visible even if the
+  role and status didn't allow it)
+- fix missing Content-Type in UserList (Closes: #480)
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.10
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.17
+- fix list of previous document versions (Closes: #471)
+- fix uploading files with fine uploader (Closes: #472)
+- clear revision date when all revisors have been deleted
+- improve scheduler task management, tasks can be deleted, fix setting parameters
+- add op.Cron.php for running all scheduled tasks
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.9
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.16
+- fix removal of roles (Closes: #465)
+- fix password forgotten process
+- fix setting role of new user and retrieving role of existing user
+- processes of users can be deleted again, instead of only transfered to
+  another user
+- fix export of search results, headers of excel file can be translated
+- fix arcordeon for folder filters on search page
+- fix upload from dropfolder
+- fix adding new calendar event
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.8
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.15
+- fix syntax error in op/op.EditComment.php
+- fix use of private variable in op/op.SetRecipients.php and op/op.SetRevisors.php
+- fix triggering a transition in advanced workflow mode
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.7
+--------------------------------------------------------------------------------
+- fix editing of document attachments
+- make receipt summary look like approval/review summary
+- merge changes up to 5.1.14
+- do not show the updating user in a revision workflow if the status is 0
+  this is misleading because the user starting the revision workflow is the one
+  first accessing the document
+- rejection of document receipts are turned off by default, but can be turned
+  on in the settings
+- documents in DocumentChooser are sorted by name
+- instead of just removing a user from all processes it can be replaced by a new user
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.6
+--------------------------------------------------------------------------------
+- fix setting attributes when checking in a new document version
+- setting a document revision to 'needs correction' will no longer set the
+  documents status to 'needѕ correction' if this was turned off in the settings
+- a document will not leave draft status when setting the approver/reviewer
+  without setting a reviewer/approver
+- tasks to be counted in menu can be configured
+- add number of documents which need correction to menu
+- minor 2 factor auth. fixes when initially setting the secret
+- remove ѕome unneeded code from AddDocument which just caused php warnings
+- do not set the uploader of new documents to owner if the owner is different from
+  the uploader
+- add scheduler
+- add hook showVersionComment in out.ViewDocument.php
+- Various minor corrections of database tables tblWorkflowLog and
+  tblWorkflowDocumentContent
+- merge changes up to 5.1.7
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.5
+--------------------------------------------------------------------------------
+- sync form for updating document by upload and checkin
+- add list of documents which need correction on MyDocuments page
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.4
+--------------------------------------------------------------------------------
+- merge changes up to 5.1.5
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.3
+--------------------------------------------------------------------------------
+- add list of documents without a receiver on MyDocuments page
+- propperly calculate number of documents for each value of value set in attribute mgr
+- output of progress bar for reception of a document can be controlled by access list
+- recipientof a document version can be set when uploading the file
+- fix export of search and display of 2nd, 3rd, ... search page
+- speed up creation of document lists if reception progress bar is shown
+- status of rejected documents can be overriden
+- do not add users from group as recipients if they are the uploader or reviewer
+  of a document
+- add list of documents without a receiver, list of drafts, and list of absolete
+  documents on MyDocuments page
+- add callback onCheckAccessDocument to SeedDMS_Core_Document
+- add new document status 'needs correction', revised documents which do not pass
+  will no longer be in status 'rejected' but 'needs correction'
+- better error handling when indexing documents fails
+- apache xsendfile module is used for downloading documents when installed
+- add view access check for ApprovalSummary, ReviewSummary, ReceiptSummary,
+  WorkflowSummary, DocumentAccess, GroupView, UsrView, WorkflowSummary
+- filter out reviewers and uploader of a document version when setting recipients
+  by user group
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.2
+--------------------------------------------------------------------------------
+- check if user has access on document and is not disabled if set as
+  receiver, revisor
+- check if group has members if set as reviewer, approver, receiver, revisor
+- fix bug in notification of approver after successful review
+- add document check for docs in revision and missing access rights of revisor
+- add document check for docs requiring receptions but user lacks access right
+- fix Acl manager when using pgsql
+- list all open tasks of user in user info of user manager
+- owner of document may see review/approval/receipt/revision log
+- fix sending mails to reviewer/approvers after check in
+- downloading of review/approval files works again
+- optimizing retrieval of open tasks
+- do not show user which has been removed from a process except for admins
+- show scheduled revisions in calendar
+- merge changes up to 5.1.5
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.1
+--------------------------------------------------------------------------------
+- call hook 'rawcontent' when downloading transmittal list or search content
+- speed up list of locked documents on MyDocuments page
+- sql queries and execution times can be written to file in database layer
+
+--------------------------------------------------------------------------------
+                     Changes in version 6.0.0
+--------------------------------------------------------------------------------
+- merge changes up to 5.0.10
+- filter documents by status 'draft' on search page
+- list of documents to look at now contains documents in revision
+- add list of documents waiting for reception on MyDocuments page
+- group document lists on MyDocuments page into three sections
+- show progressbar and comments for reception of document in documentlist
+- restructure page for document/folder check, add check for missing access
+  on documents by recipient or revisor
+- overhaul revision workflow, add hook after revision workflow was finished
+- add two factor authentication based on google authenticator
+- set timeout for ajax call 'mytasks' from 200ms to 1000ms
+- use a similar layout for document list on the ViewDocument page
+- add RSS feed of timeline
+- put more operations under access control
+- add receipent list for documents
+- add revision of documents
+- add substitute user command for regular users
+- add access controll list for many functions
+- add document list which can be exported as an archive
+- search results can be exported
+
+--------------------------------------------------------------------------------
+                     Changes in version 5.1.40
+--------------------------------------------------------------------------------
+- fix saving user data when language selection is turned of (Closes: #568)
+- add much better support for new storage drivers
+- fix possible xss attacks
+- saver way to collect plugin configuration
+- fix update of postgres database
+- add hook displayPreviewThumb
+- add searching for mimetype in database
+- list of expired documents can be filtered by user
+- use quoted printable encoding instead of base64 for email subjects
+
+--------------------------------------------------------------------------------
+                     Changes in version 5.1.39
+--------------------------------------------------------------------------------
+- show quota on chart page when listing total document size per user
+- turn off legend for chart sizepermonth
+- do not add group manager as mandatory approver/reviewer if logged in
+  user is the manager itself
+- fixed setting group approvers from previous document version
+- very experimental support of memcached for accelerating some database
+  operations (do not use in production)
+- prevent malicious manipulation of referer when setting language
+- fix setting attributes of type user, group, document, folder when updating
+  a document
+- objects can be removed from clipboard
+- call hooks for document/folder list in attribute manager
+
+--------------------------------------------------------------------------------
+                     Changes in version 5.1.38
+--------------------------------------------------------------------------------
+- require php 8.2
+- fix php error in out/out.ReviewSummary.php
+
 --------------------------------------------------------------------------------
                      Changes in version 5.1.37
 --------------------------------------------------------------------------------

composer-dist.json

@@ -1,7 +1,7 @@
 {
     "config": {
         "platform": {
-            "php": "7.4"
+            "php": "8.2"
         }
     },
     "require": {
@@ -22,9 +22,11 @@
         "pear/db": "*",
         "dragonmantank/cron-expression": "^3.1",
         "alecrabbit/php-console-colour": "*",
+        "dragonmantank/cron-expression": "^3",
         "zf1/zend-search-lucene": "*",
         "symfony/http-foundation": "^5.4",
         "php-di/php-di": "^6.4",
+        "slim/psr7": "^1.7",
         "seeddms/core": "dev-master",
         "seeddms/lucene": "dev-master",
         "seeddms/preview": "dev-master",

conf/settings.xml.template

@@ -296,7 +296,7 @@
       updateNotifyTime = "86400"
       extraPath = ""
       maxExecutionTime = "30"
-      cmdTimeout = "1"
+      cmdTimeout = "10"
     />
     <!--
        - enableNotificationAppRev: set to true if reviewers and approvers shall be informed about a pending review/approval

controllers/class.AddDocument.php

@@ -52,6 +52,7 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
 		$sequence = $this->getParam('sequence');
 		$reviewers = $this->getParam('reviewers');
 		$approvers = $this->getParam('approvers');
+		$recipients = $this->getParam('recipients');
 		$reqversion = $this->getParam('reqversion');
 		$version_comment = $this->getParam('versioncomment');
 		$attributes = $this->getParam('attributes');
@@ -160,6 +161,7 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
 		$workflow = $this->getParam('workflow');
 		$notificationgroups = $this->getParam('notificationgroups');
 		$notificationusers = $this->getParam('notificationusers');
+		$initialdocumentstatus = $this->getParam('initialdocumentstatus');
 		$maxsizeforfulltext = $this->getParam('maxsizeforfulltext');
 		$defaultaccessdocs = $this->getParam('defaultaccessdocs');
 
@@ -170,7 +172,7 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
 															$cats, $userfiletmp, utf8_basename($userfilename),
 	                            $filetype, $userfiletype, $sequence,
 	                            $reviewers, $approvers, $reqversion,
-	                            $version_comment, $attributes, $attributes_version, $workflow);
+	                            $version_comment, $attributes, $attributes_version, $workflow, $initialdocumentstatus);
 
 			if (is_bool($res) && !$res) {
 				$this->errormsg = "error_occured";
@@ -187,6 +189,24 @@ class SeedDMS_Controller_AddDocument extends SeedDMS_Controller_Common {
 				}
 			}
 
+			$lc = $document->getLatestContent();
+			if($recipients) {
+				if($recipients['i']) {
+					foreach($recipients['i'] as $uid) {
+						if($u = $dms->getUser($uid)) {
+							$res = $lc->addIndRecipient($u, $user);
+						}
+					}
+				}
+				if($recipients['g']) {
+					foreach($recipients['g'] as $gid) {
+						if($g = $dms->getGroup($gid)) {
+							$res = $lc->addGrpRecipient($g, $user);
+						}
+					}
+				}
+			}
+
 			/* Add a default notification for the owner of the document */
 			if($settings->_enableOwnerNotification) {
 				$res = $document->addNotify($owner->getID(), true);

controllers/class.ApproveDocument.php

@@ -40,62 +40,76 @@ class SeedDMS_Controller_ApproveDocument extends SeedDMS_Controller_Common {
 		$this->oldstatus = $overallStatus['status'];
 		$this->newstatus = $this->oldstatus;
 
-		if ($approvaltype == "ind") {
+		if(!$this->callHook('preApproveDocument', $content)) {
-			$approvalLogID = $content->setApprovalByInd($user, $user, $approvalstatus, $approvalcomment, $approvalfile);
-		} elseif ($approvaltype == "grp") {
-			$approvalLogID = $content->setApprovalByGrp($approvalgroup, $user, $approvalstatus, $approvalcomment, $approvalfile);
-		} else {
-			$this->errormsg = "approval_wrong_type";
-			return false;
-		}
-		if($approvalLogID === false || 0 > $approvalLogID) {
-			$this->errormsg = "approval_update_failed";
-			return false;
 		}
 
-		if($approvalstatus == -1) {
+		$result = $this->callHook('approveDocument', $content);
-			$this->newstatus = S_REJECTED;
+		if($result === null) {
-			if($content->setStatus(S_REJECTED, $approvalcomment, $user)) {
+			if ($approvaltype == "ind") {
-				if(isset($GLOBALS['SEEDDMS_HOOKS']['approveDocument'])) {
+				$approvalLogID = $content->setApprovalByInd($user, $user, $approvalstatus, $approvalcomment, $approvalfile);
-					foreach($GLOBALS['SEEDDMS_HOOKS']['approveDocument'] as $hookObj) {
+			} elseif ($approvaltype == "grp") {
-						if (method_exists($hookObj, 'postApproveDocument')) {
+				$approvalLogID = $content->setApprovalByGrp($approvalgroup, $user, $approvalstatus, $approvalcomment, $approvalfile);
-							$hookObj->postApproveDocument(null, $content, S_REJECTED);
+			} else {
-						}
+				$this->errormsg = "approval_wrong_type";
-					}
-				}
-			}
-		} else {
-			$docApprovalStatus = $content->getApprovalStatus();
-			if (is_bool($docApprovalStatus) && !$docApprovalStatus) {
-				$this->errormsg = "cannot_retrieve_approval_snapshot";
 				return false;
 			}
-			$approvalCT = 0;
+			if($approvalLogID === false || 0 > $approvalLogID) {
-			$approvalTotal = 0;
+				$this->errormsg = "approval_update_failed";
-			foreach ($docApprovalStatus as $drstat) {
+				return false;
-				if ($drstat["status"] == 1) {
-					$approvalCT++;
-				}
-				if ($drstat["status"] != -2) {
-					$approvalTotal++;
-				}
 			}
-			// If all approvals have been received and there are no rejections, retrieve a
+		}
-			// count of the approvals required for this document.
+
-			if ($approvalCT == $approvalTotal) {
+		$result = $this->callHook('approveUpdateDocumentStatus', $content);
-				// Change the status to released.
+		if($result === null) {
-				$this->newstatus=S_RELEASED;
+			if($approvalstatus == -1) {
-				if($content->setStatus($this->newstatus, getMLText("automatic_status_update"), $user)) {
+				$this->newstatus = S_REJECTED;
+				if($content->setStatus(S_REJECTED, $approvalcomment, $user)) {
 					if(isset($GLOBALS['SEEDDMS_HOOKS']['approveDocument'])) {
 						foreach($GLOBALS['SEEDDMS_HOOKS']['approveDocument'] as $hookObj) {
 							if (method_exists($hookObj, 'postApproveDocument')) {
-								$hookObj->postApproveDocument(null, $content, S_RELEASED);
+								$hookObj->postApproveDocument(null, $content, S_REJECTED);
+							}
+						}
+					}
+				}
+			} else {
+				$docApprovalStatus = $content->getApprovalStatus();
+				if (is_bool($docApprovalStatus) && !$docApprovalStatus) {
+					$this->errormsg = "cannot_retrieve_approval_snapshot";
+					return false;
+				}
+				$approvalCT = 0;
+				$approvalTotal = 0;
+				foreach ($docApprovalStatus as $drstat) {
+					if ($drstat["status"] == 1) {
+						$approvalCT++;
+					}
+					if ($drstat["status"] != -2) {
+						$approvalTotal++;
+					}
+				}
+				// If all approvals have been received and there are no rejections, retrieve a
+				// count of the approvals required for this document.
+				if ($approvalCT == $approvalTotal) {
+					// Change the status to released.
+					$this->newstatus=S_RELEASED;
+					if($content->setStatus($this->newstatus, getMLText("automatic_status_update"), $user)) {
+						if(isset($GLOBALS['SEEDDMS_HOOKS']['approveDocument'])) {
+							foreach($GLOBALS['SEEDDMS_HOOKS']['approveDocument'] as $hookObj) {
+								if (method_exists($hookObj, 'postApproveDocument')) {
+									$hookObj->postApproveDocument(null, $content, S_RELEASED);
+								}
 							}
 						}
 					}
 				}
 			}
 		}
+
+		if(!$this->callHook('postApproveDocument', $content)) {
+		}
+
 		return true;
 	} /* }}} */
 }
+

controllers/class.CheckInDocument.php

@@ -0,0 +1,114 @@
+<?php
+/**
+ * Implementation of CheckInDocument controller
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2024 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class which does the busines logic for downloading a document
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2024 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Controller_CheckInDocument extends SeedDMS_Controller_Common {
+
+	public function run() { /* {{{ */
+		$name = $this->getParam('name');
+		$comment = $this->getParam('comment');
+
+		/* Call preCheckInDocument early, because it might need to modify some
+		 * of the parameters.
+		 */
+		if(false === $this->callHook('preCheckInDocument', $this->params['document'])) {
+			if(empty($this->errormsg))
+				$this->errormsg = 'hook_preCheckInDocument_failed';
+			return null;
+		}
+
+		$comment = $this->getParam('comment');
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$document = $this->params['document'];
+		$settings = $this->params['settings'];
+		$fulltextservice = $this->params['fulltextservice'];
+		$folder = $this->params['folder'];
+		$userfiletmp = $this->getParam('userfiletmp');
+		$userfilename = $this->getParam('userfilename');
+		$filetype = $this->getParam('filetype');
+		$userfiletype = $this->getParam('userfiletype');
+		$reviewers = $this->getParam('reviewers');
+		$approvers = $this->getParam('approvers');
+		$recipients = $this->getParam('recipients');
+		$reqversion = $this->getParam('reqversion');
+		$comment = $this->getParam('comment');
+		$attributes = $this->getParam('attributes');
+		$workflow = $this->getParam('workflow');
+		$maxsizeforfulltext = $this->getParam('maxsizeforfulltext');
+		$initialdocumentstatus = $this->getParam('initialdocumentstatus');
+
+		$content = $this->callHook('checkinDocument');
+		if($content === null) {
+			if($contentResult=$document->checkIn($comment, $user, $reviewers, $approvers, $version=0, $attributes, $workflow, $initialdocumentstatus)) {
+
+				if ($this->hasParam('expires')) {
+					if($document->setExpires($this->getParam('expires'))) {
+					} else {
+					}
+				}
+
+				if(!empty($recipients['i'])) {
+					foreach($recipients['i'] as $uid) {
+						if($u = $dms->getUser($uid)) {
+							$res = $contentResult->getContent()->addIndRecipient($u, $user);
+						}
+					}
+				}
+				if(!empty($recipients['g'])) {
+					foreach($recipients['g'] as $gid) {
+						if($g = $dms->getGroup($gid)) {
+							$res = $contentResult->getContent()->addGrpRecipient($g, $user);
+						}
+					}
+				}
+
+				$content = $contentResult->getContent();
+			} else {
+				$this->errormsg = 'error_checkin_document';
+				$result = false;
+			}
+		} elseif($result === false) {
+			if(empty($this->errormsg))
+				$this->errormsg = 'hook_checkinDocument_failed';
+			return false;
+		}
+
+		if($fulltextservice && ($index = $fulltextservice->Indexer()) && $content) {
+			$idoc = $fulltextservice->IndexedDocument($document);
+			if(false !== $this->callHook('preIndexDocument', $document, $idoc)) {
+				$lucenesearch = $fulltextservice->Search();
+				if($hit = $lucenesearch->getDocument((int) $document->getId())) {
+					$index->delete($hit->id);
+				}
+				$index->addDocument($idoc);
+				$index->commit();
+			}
+		}
+
+		if(false === $this->callHook('postCheckInDocument', $document, $content)) {
+		}
+
+		return $content;
+	} /* }}} */
+}
+
+

controllers/class.Cron.php

@@ -0,0 +1,108 @@
+<?php
+/**
+ * Implementation of Cron controller
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2020 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class which does the busines logic for the regular cron job
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2020 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Controller_Cron extends SeedDMS_Controller_Common {
+
+	public function run() { /* {{{ */
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$settings = $this->params['settings'];
+		$logger = $this->params['logger'];
+		$mode = $this->params['mode'];
+		$seltask = $this->params['task'];
+		$db = $dms->getDb();
+
+		$scheduler = new SeedDMS_Scheduler($db);
+		$tasks = $scheduler->getTasks();
+
+		$jsonarr = [];
+		foreach($tasks as $task) {
+			if($seltask && $seltask != $task->getExtension()."::".$task->getTask())
+				continue;
+			if(isset($GLOBALS['SEEDDMS_SCHEDULER']['tasks'][$task->getExtension()]) && is_object($taskobj = resolveTask($GLOBALS['SEEDDMS_SCHEDULER']['tasks'][$task->getExtension()][$task->getTask()]))) {
+				$arr = array(
+					'extension'=>$task->getExtension(),
+					'name'=>$task->getTask(),
+					'mode'=>$mode,
+					'disabled' => (bool) $task->getDisabled(),
+					'isdue' => $task->isDue(),
+				);
+				switch($mode) {
+				case "run":
+				case "dryrun":
+					if(method_exists($taskobj, 'execute')) {
+            if(!$task->getDisabled() && $task->isDue()) {
+							if($mode == 'run') {
+								/* Schedule the next run right away to prevent a second execution
+								 * of the task when the cron job of the scheduler is called before
+								 * the last run was finished. The task itself can still be scheduled
+								 * to fast, but this is up to the admin of seeddms.
+								 */
+								$task->updateLastNextRun();
+								if($taskobj->execute($task)) {
+									add_log_line("Execution of task ".$task->getExtension()."::".$task->getTask()." successful.");
+									$arr['success'] = true;
+								} else {
+									add_log_line("Execution of task ".$task->getExtension()."::".$task->getTask()." failed, task has been disabled.", PEAR_LOG_ERR);
+									$arr['success'] = false;
+									$task->setDisabled(1);
+								}
+							} elseif($mode == 'dryrun') {
+								$arr['success'] = true;
+							}
+            }
+					}
+					break;
+				case "check":
+					$arr['error'] = false;
+					if(!method_exists($taskobj, 'execute')) {
+						$arr['error'] = true;
+						$arr['messages'][] = 'Missing method execute()';
+					}
+					if(get_parent_class($taskobj) != 'SeedDMS_SchedulerTaskBase') {
+						$arr['error'] = true;
+						$arr['error'][] = "Wrong parent class";
+					}
+					break;
+				case "list":
+				default:
+					header("Content-Type: application/json");
+					$arr['nextrun']=$task->getNextRun();
+					$arr['frequency']=$task->getFrequency();
+					$arr['params']=array();
+					if($params = $task->getParameter()) {
+						foreach($params as $key=>$value) {
+							$p = $taskobj->getAdditionalParamByName($key);
+							$arr['params'][$key] = ($p['type'] == 'password') ? '*******' : $value;
+						}
+					}
+					break;
+				}
+				$jsonarr[] = $arr;
+			}
+		}
+		echo json_encode($jsonarr);
+
+		return true;
+	} /* }}} */
+}
+

controllers/class.Download.php

@@ -22,49 +22,192 @@
  */
 class SeedDMS_Controller_Download extends SeedDMS_Controller_Common {
 
-	public function run() {
+	public function version() { /* {{{ */
+		$dms = $this->params['dms'];
+		$version = $this->params['version'];
+		$document = $this->params['document'];
+		if($version < 1) {
+			$content = $this->callHook('documentLatestContent', $document);
+			if($content === null)
+				$content = $document->getLatestContent();
+		} else {
+			$content = $this->callHook('documentContent', $document, $version);
+			if($content === null)
+				$content = $document->getContentByVersion($version);
+		}
+		if (!is_object($content)) {
+			$this->errormsg = 'invalid_version';
+			return false;
+		}
+		/* set params['content'] for compatiblity with older extensions which
+		 * expect the content in the controller
+		 */
+		$this->params['content'] = $content;
+		if(null === $this->callHook('version')) {
+			if(file_exists($dms->contentDir . $content->getPath())) {
+				header("Content-Transfer-Encoding: binary");
+				$efilename = rawurlencode($content->getOriginalFileName());
+				header("Content-Disposition: attachment; filename=\"" . $efilename . "\"; filename*=UTF-8''".$efilename);
+				header("Content-Type: " . $content->getMimeType());
+				header("Cache-Control: must-revalidate");
+				header("ETag: ".$content->getChecksum());
+
+				sendFile($dms->contentDir . $content->getPath());
+			}
+		}
+		return true;
+	} /* }}} */
+
+	public function file() { /* {{{ */
+		$dms = $this->params['dms'];
+		$file = $this->params['file'];
+
+		if(null === $this->callHook('file')) {
+			if(file_exists($dms->contentDir . $file->getPath())) {
+				header("Content-Transfer-Encoding: binary");
+				header("Content-Disposition: attachment; filename=\"" . $file->getOriginalFileName() . "\"");
+				header("Content-Type: " . $file->getMimeType());
+				header("Cache-Control: must-revalidate");
+
+				sendFile($dms->contentDir . $file->getPath());
+			}
+		}
+		return true;
+	} /* }}} */
+
+	public function archive() { /* {{{ */
+		$dms = $this->params['dms'];
+		$filename = $this->params['file'];
+		$basedir = $this->params['basedir'];
+
+		if(null === $this->callHook('archive')) {
+			if(file_exists($basedir . $filename)) {
+				header('Content-Description: File Transfer');
+				header("Content-Type: application/zip");
+				header("Content-Transfer-Encoding: binary");
+				$efilename = rawurlencode($filename);
+				header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
+				header("Cache-Control: public");
+				
+				sendFile($basedir .$filename );
+			}
+		}
+		return true;
+	} /* }}} */
+
+	public function log() { /* {{{ */
+		$dms = $this->params['dms'];
+		$filename = $this->params['file'];
+		$basedir = $this->params['basedir'];
+
+		if(null === $this->callHook('log')) {
+			if(file_exists($basedir . $filename)) {
+				header("Content-Type: text/plain; name=\"" . $filename . "\"");
+				header("Content-Transfer-Encoding: binary");
+				$efilename = rawurlencode($filename);
+				header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
+				header("Cache-Control: must-revalidate");
+
+				sendFile($basedir.$filename);
+			}
+		}
+		return true;
+	} /* }}} */
+
+	public function sqldump() { /* {{{ */
+		$dms = $this->params['dms'];
+		$filename = $this->params['file'];
+		$basedir = $this->params['basedir'];
+
+		if(null === $this->callHook('sqldump')) {
+			if(file_exists($basedir . $filename)) {
+				header("Content-Type: application/zip");
+				header("Content-Transfer-Encoding: binary");
+				$efilename = rawurlencode($filename);
+				header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
+				header("Cache-Control: must-revalidate");
+				
+				sendFile($basedir.$filename);
+			}
+		}
+		return true;
+	} /* }}} */
+
+	public function approval() { /* {{{ */
+		$dms = $this->params['dms'];
+		$document = $this->params['document'];
+		$logid = $this->params['approvelogid'];
+
+		$filename = $dms->contentDir . $document->getDir().'a'.$logid;
+		if (!file_exists($filename) ) {
+			$this->error = 1;
+			return false;
+		}
+
+		if(null === $this->callHook('approval')) {
+			$finfo = finfo_open(FILEINFO_MIME_TYPE);
+			$mimetype = finfo_file($finfo, $filename);
+
+			header("Content-Type: ".$mimetype);
+			header("Content-Transfer-Encoding: binary");
+			header("Content-Disposition: attachment; filename=\"approval-" . $document->getID()."-".(int) $_GET['approvelogid'] . get_extension($mimetype) . "\"");
+			header("Cache-Control: must-revalidate");
+			sendFile($filename);
+		}
+		return true;
+	} /* }}} */
+
+	public function review() { /* {{{ */
+		$dms = $this->params['dms'];
+		$document = $this->params['document'];
+		$logid = $this->params['reviewlogid'];
+
+		$filename = $dms->contentDir . $document->getDir().'r'.$logid;
+		if (!file_exists($filename) ) {
+			$this->error = 1;
+			return false;
+		}
+
+		if(null === $this->callHook('review')) {
+			$finfo = finfo_open(FILEINFO_MIME_TYPE);
+			$mimetype = finfo_file($finfo, $filename);
+
+			header("Content-Type: ".$mimetype);
+			header("Content-Transfer-Encoding: binary");
+			header("Content-Length: " . filesize($filename ));
+			header("Content-Disposition: attachment; filename=\"review-" . $document->getID()."-".(int) $_GET['reviewlogid'] . get_extension($mimetype) . "\"");
+			header("Cache-Control: must-revalidate");
+			sendFile($filename);
+		}
+		return true;
+	} /* }}} */
+
+	public function run() { /* {{{ */
 		$dms = $this->params['dms'];
 		$type = $this->params['type'];
 
 		switch($type) {
 			case "version":
-				if(empty($this->params['content'])) {
+				return $this->version();
-					$version = $this->params['version'];
+				break;
-					$document = $this->params['document'];
+			case "file":
-					if($version < 1) {
+				return $this->file();
-						$content = $this->callHook('documentLatestContent', $document);
+				break;
-						if($content === null)
+			case "archive":
-							$content = $document->getLatestContent();
+				return $this->archive();
-					} else {
+				break;
-						$content = $this->callHook('documentContent', $document, $version);
+			case "log":
-						if($content === null)
+				return $this->log();
-							$content = $document->getContentByVersion($version);
+				break;
-					}
+			case "sqldump":
-					if (!is_object($content)) {
+				return $this->sqldump();
-						$this->errormsg = 'invalid_version';
+				break;
-						return false;
+			case "approval":
-					}
+				return $this->approval();
-					/* set params['content'] for compatiblity with older extensions which
+				break;
-					 * expect the content in the controller
+			case "review":
-					 */
+				return $this->review();
-					$this->params['content'] = $content;
-				} else {
-					$content = $this->params['content'];
-				}
-				if(null === $this->callHook('version')) {
-					if(file_exists($dms->contentDir . $content->getPath())) {
-						header("Content-Transfer-Encoding: binary");
-						$efilename = rawurlencode($content->getOriginalFileName());
-						header("Content-Disposition: attachment; filename=\"" . $efilename . "\"; filename*=UTF-8''".$efilename);
-						header("Content-Type: " . $content->getMimeType());
-						header("Cache-Control: must-revalidate");
-						header("ETag: ".$content->getChecksum());
-
-						sendFile($dms->contentDir.$content->getPath());
-					}
-				}
 				break;
 		}
-		return true;
+	} /* }}} */
-	}
 }

controllers/class.Login.php

@@ -64,6 +64,16 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
 			return false;
 		}
 
+		if($settings->_enable2FactorAuthentication) {
+			if($user->getSecret()) {
+				$tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS');
+				if($tfa->verifyCode($user->getSecret(), $_POST['twofactauth']) !== true) {
+					$this->setErrorMsg("login_error_text");
+					return false;
+				}
+			}
+		}
+
 		/* Run any additional checks which may prevent login */
 		if(false === $this->callHook('restrictLogin', $user)) {
 			if(empty($this->errormsg))
@@ -222,7 +232,8 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
 			}
 		}
 
-		$user = $authenticator->authenticate($login, $pwd);
+		if(!is_object($user))
+			$user = $authenticator->authenticate($login, $pwd);
 
 		if(0) {
 		/* Authenticate against LDAP server {{{ */

controllers/class.ReceiptDocument.php

@@ -0,0 +1,67 @@
+<?php
+/**
+ * Implementation of ReceiptDocument controller
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class which does the busines logic for downloading a document
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Controller_ReceiptDocument extends SeedDMS_Controller_Common {
+
+	public function run() {
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$settings = $this->params['settings'];
+		$document = $this->params['document'];
+		$content = $this->params['content'];
+		$receiptstatus = $this->params['receiptstatus'];
+		$receipttype = $this->params['receipttype'];
+		$group = $this->params['group'];
+		$comment = $this->params['comment'];
+
+		/* Get the document id and name before removing the document */
+		$docname = $document->getName();
+		$documentid = $document->getID();
+
+		if(!$this->callHook('preReceiptDocument', $content)) {
+		}
+
+		$result = $this->callHook('receiptDocument', $content);
+		if($result === null) {
+
+			if ($receipttype == "ind") {
+				if(0 > $content->setReceiptByInd($user, $user, $receiptstatus, $comment)) {
+					$this->error = 1;
+					$this->errormsg = "receipt_update_failed";
+					return false;
+				}
+			} elseif ($receipttype == "grp") {
+				if(0 > $content->setReceiptByGrp($group, $user, $receiptstatus, $comment)) {
+					$this->error = 1;
+					$this->errormsg = "receipt_update_failed";
+					return false;
+				}
+			}
+		}
+
+		if(!$this->callHook('postReceiptDocument', $content)) {
+		}
+
+		return true;
+	}
+}
+

controllers/class.ReviewDocument.php

@@ -36,83 +36,96 @@ class SeedDMS_Controller_ReviewDocument extends SeedDMS_Controller_Common {
 		$this->oldstatus = $overallStatus['status'];
 		$this->newstatus = $this->oldstatus;
 
-		if ($reviewtype == "ind") {
+		if(!$this->callHook('preReviewDocument', $content)) {
-			$reviewLogID = $content->setReviewByInd($user, $user, $reviewstatus, $reviewcomment, $reviewfile);
-		} elseif($reviewtype == "grp") {
-			$reviewLogID = $content->setReviewByGrp($reviewgroup, $user, $reviewstatus, $reviewcomment, $reviewfile);
-		} else {
-			$this->errormsg = "review_wrong_type";
-			return false;
-		}
-		if($reviewLogID === false || 0 > $reviewLogID) {
-			$this->errormsg = "review_update_failed";
-			return false;
 		}
 
-		if($reviewstatus == -1) {
+		$result = $this->callHook('reviewDocument', $content);
-			$this->newstatus = S_REJECTED;
+		if($result === null) {
-			if($content->setStatus(S_REJECTED, $reviewcomment, $user)) {
+			if ($reviewtype == "ind") {
-				if(isset($GLOBALS['SEEDDMS_HOOKS']['reviewDocument'])) {
+				$reviewLogID = $content->setReviewByInd($user, $user, $reviewstatus, $reviewcomment, $reviewfile);
-					foreach($GLOBALS['SEEDDMS_HOOKS']['reviewDocument'] as $hookObj) {
+			} elseif($reviewtype == "grp") {
-						if (method_exists($hookObj, 'postReviewDocument')) {
+				$reviewLogID = $content->setReviewByGrp($reviewgroup, $user, $reviewstatus, $reviewcomment, $reviewfile);
-							$hookObj->postReviewDocument(null, $content, S_REJECTED);
+			} else {
-						}
+				$this->errormsg = "review_wrong_type";
-					}
-				}
-			}
-		} else {
-			$docReviewStatus = $content->getReviewStatus();
-			if (is_bool($docReviewStatus) && !$docReviewStatus) {
-				$this->errormsg = "cannot_retrieve_review_snapshot";
 				return false;
 			}
-			$reviewCT = 0;
+			if($reviewLogID === false || 0 > $reviewLogID) {
-			$reviewTotal = 0;
+				$this->errormsg = "review_update_failed";
-			foreach ($docReviewStatus as $drstat) {
+				return false;
-				if ($drstat["status"] == 1) {
-					$reviewCT++;
-				}
-				if ($drstat["status"] != -2) {
-					$reviewTotal++;
-				}
 			}
-			// If all reviews have been received and there are no rejections, retrieve a
+		}
-			// count of the approvals required for this document.
+
-			if ($reviewCT == $reviewTotal) {
+		$result = $this->callHook('reviewUpdateDocumentStatus', $content);
-				$docApprovalStatus = $content->getApprovalStatus();
+		if($result === null) {
-				if (is_bool($docApprovalStatus) && !$docApprovalStatus) {
+			if($reviewstatus == -1) {
-					$this->errormsg = "cannot_retrieve_approval_snapshot";
+				$this->newstatus = S_REJECTED;
-					return false;
+				if($content->setStatus(S_REJECTED, $reviewcomment, $user)) {
-				}
-				$approvalCT = 0;
-				$approvalTotal = 0;
-				foreach($docApprovalStatus as $dastat) {
-					if($dastat["status"] == 1) {
-						$approvalCT++;
-					}
-					if($dastat["status"] != -2) {
-						$approvalTotal++;
-					}
-				}
-				// If the approvals received is less than the approvals total, then
-				// change status to pending approval.
-				if($approvalCT < $approvalTotal) {
-					$this->newstatus = S_DRAFT_APP;
-				} else {
-					// Otherwise, change the status to released.
-					$this->newstatus = S_RELEASED;
-				}
-				if($content->setStatus($this->newstatus, getMLText("automatic_status_update"), $user)) {
 					if(isset($GLOBALS['SEEDDMS_HOOKS']['reviewDocument'])) {
 						foreach($GLOBALS['SEEDDMS_HOOKS']['reviewDocument'] as $hookObj) {
 							if (method_exists($hookObj, 'postReviewDocument')) {
-								$hookObj->postReviewDocument(null, $content, $this->newstatus);
+								$hookObj->postReviewDocument(null, $content, S_REJECTED);
+							}
+						}
+					}
+				}
+			} else {
+				$docReviewStatus = $content->getReviewStatus();
+				if (is_bool($docReviewStatus) && !$docReviewStatus) {
+					$this->errormsg = "cannot_retrieve_review_snapshot";
+					return false;
+				}
+				$reviewCT = 0;
+				$reviewTotal = 0;
+				foreach ($docReviewStatus as $drstat) {
+					if ($drstat["status"] == 1) {
+						$reviewCT++;
+					}
+					if ($drstat["status"] != -2) {
+						$reviewTotal++;
+					}
+				}
+				// If all reviews have been received and there are no rejections, retrieve a
+				// count of the approvals required for this document.
+				if ($reviewCT == $reviewTotal) {
+					$docApprovalStatus = $content->getApprovalStatus();
+					if (is_bool($docApprovalStatus) && !$docApprovalStatus) {
+						$this->errormsg = "cannot_retrieve_approval_snapshot";
+						return false;
+					}
+					$approvalCT = 0;
+					$approvalTotal = 0;
+					foreach($docApprovalStatus as $dastat) {
+						if($dastat["status"] == 1) {
+							$approvalCT++;
+						}
+						if($dastat["status"] != -2) {
+							$approvalTotal++;
+						}
+					}
+					// If the approvals received is less than the approvals total, then
+					// change status to pending approval.
+					if($approvalCT < $approvalTotal) {
+						$this->newstatus = S_DRAFT_APP;
+					} else {
+						// Otherwise, change the status to released.
+						$this->newstatus = S_RELEASED;
+					}
+					if($content->setStatus($this->newstatus, getMLText("automatic_status_update"), $user)) {
+						if(isset($GLOBALS['SEEDDMS_HOOKS']['reviewDocument'])) {
+							foreach($GLOBALS['SEEDDMS_HOOKS']['reviewDocument'] as $hookObj) {
+								if (method_exists($hookObj, 'postReviewDocument')) {
+									$hookObj->postReviewDocument(null, $content, $this->newstatus);
+								}
 							}
 						}
 					}
 				}
 			}
 		}
+
+		if(!$this->callHook('postReviewDocument', $content)) {
+		}
+
 		return true;
 	} /* }}} */
 }

controllers/class.ReviseDocument.php

@@ -0,0 +1,143 @@
+<?php
+/**
+ * Implementation of ReviseDocument controller
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class which does the busines logic for downloading a document
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Controller_ReviseDocument extends SeedDMS_Controller_Common {
+
+	public $oldstatus;
+
+	public $newstatus;
+
+	public function run() {
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$settings = $this->params['settings'];
+		$document = $this->params['document'];
+		$content = $this->params['content'];
+		$revisionstatus = $this->params['revisionstatus'];
+		$revisiontype = $this->params['revisiontype'];
+		$group = $this->params['group'];
+		$comment = $this->params['comment'];
+		$overallStatus = $content->getStatus();
+		$this->oldstatus = $overallStatus['status'];
+		$this->newstatus = $this->oldstatus;
+
+		/* if set to true, a single reject will reject the doc. If set to false
+		 * all revisions will be collected first and afterwards the doc is rejected
+		 * if one has rejected it. So in the very end the doc is rejected, but
+		 * doc remainѕ in S_IN_REVISION until all have revised the doc
+		 */
+		$onevotereject = $this->params['onevotereject'];
+
+		/* Get the document id and name before removing the document */
+		$docname = $document->getName();
+		$documentid = $document->getID();
+
+		if(!$this->callHook('preReviseDocument', $content)) {
+		}
+
+		$result = $this->callHook('reviseDocument', $content);
+		if($result === null) {
+
+			if ($revisiontype == "ind") {
+				if(0 > $content->setRevision($user, $user, $revisionstatus, $comment)) {
+					$this->error = 1;
+					$this->errormsg = "revision_update_failed";
+					return false;
+				}
+			} elseif ($revisiontype == "grp") {
+				if(0 > $content->setRevision($group, $user, $revisionstatus, $comment)) {
+					$this->error = 1;
+					$this->errormsg = $ll."revision_update_failed";
+					return false;
+				}
+			}
+		}
+
+		/* Check to see if the overall status for the document version needs to be
+		 * updated.
+		 */
+		$result = $this->callHook('reviseUpdateDocumentStatus', $content);
+		if($result === null) {
+			if ($onevotereject && $revisionstatus == -1){
+				$this->newstatus = S_NEEDS_CORRECTION;
+				if(!$content->setStatus(S_NEEDS_CORRECTION,$comment,$user)) {
+					$this->error = 1;
+					$this->errormsg = "revision_update_failed";
+					return false;
+				}
+			} else {
+				$docRevisionStatus = $content->getRevisionStatus();
+				if (is_bool($docRevisionStatus) && !$docRevisionStatus) {
+					$this->error = 1;
+					$this->errormsg = "cannot_retrieve_revision_snapshot";
+					return false;
+				}
+				$revisionok = 0;
+				$revisionnotok = 0;
+				$revisionTotal = 0;
+				foreach ($docRevisionStatus as $drstat) {
+					if ($drstat["status"] == 1) {
+						$revisionok++;
+					}
+					if ($drstat["status"] == -1) {
+						$revisionnotok++;
+					}
+					if ($drstat["status"] != -2) {
+						$revisionTotal++;
+					}
+				}
+				// If all revisions have been done and there are no rejections,
+				// then release the document. If all revisions have been done but some
+				// of them were rejections then documents needs correction.
+				// Otherwise put it back into revision workflow
+				if ($revisionok == $revisionTotal) {
+					$this->newstatus=S_RELEASED;
+					if ($content->finishRevision($user, $this->newstatus, 'Finished revision workflow', getMLText("automatic_status_update"))) {
+						if(!$this->callHook('finishReviseDocument', $content)) {
+						}
+					}
+				} elseif (($revisionok + $revisionnotok) == $revisionTotal) {
+					$this->newstatus=S_NEEDS_CORRECTION;
+//					if ($content->finishRevision($user, $this->newstatus, 'Finished revision workflow', getMLText("automatic_status_update"))) {
+					if(!$content->setStatus($this->newstatus,$comment,$user)) {
+						$this->error = 1;
+						$this->errormsg = "revision_update_failed";
+						return false;
+					}
+				} else {
+					$this->newstatus=S_IN_REVISION;
+					if(!$content->setStatus($this->newstatus,$comment,$user)) {
+						$this->error = 1;
+						$this->errormsg = "revision_update_failed";
+						return false;
+					}
+				}
+			}
+		}
+
+		if(!$this->callHook('postReviseDocument', $content)) {
+		}
+
+		return true;
+	}
+}
+

controllers/class.RoleMgr.php

@@ -0,0 +1,56 @@
+<?php
+/**
+ * Implementation of Role manager controller
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class which does the busines logic for role manager
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Controller_RoleMgr extends SeedDMS_Controller_Common {
+
+	public function run() {
+	}
+
+	public function addrole() {
+		$dms = $this->params['dms'];
+		$name = $this->params['name'];
+		$role = $this->params['role'];
+
+		return($dms->addRole($name, $role));
+	}
+
+	public function removerole() {
+		$roleobj = $this->params['roleobj'];
+		return $roleobj->remove();
+	}
+
+	public function editrole() {
+		$dms = $this->params['dms'];
+		$name = $this->params['name'];
+		$role = $this->params['role'];
+		$roleobj = $this->params['roleobj'];
+		$noaccess = $this->params['noaccess'];
+
+		if ($roleobj->getName() != $name)
+			$roleobj->setName($name);
+		if ($roleobj->getRole() != $role)
+			$roleobj->setRole($role);
+		$roleobj->setNoAccess($noaccess);
+
+		return true;
+	}
+}

controllers/class.TransmittalDownload.php

@@ -0,0 +1,68 @@
+<?php
+/**
+ * Implementation of Transmittal Download controller
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class which does the busines logic for downloading a transmittal
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2010-2013 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Controller_TransmittalDownload extends SeedDMS_Controller_Common {
+
+	public function run() {
+		$dms = $this->params['dms'];
+		$user = $this->params['user'];
+		$transmittal = $this->params['transmittal'];
+
+		$items = $transmittal->getItems();
+		if($items) {
+			include("../inc/inc.ClassDownloadMgr.php");
+			$downmgr = new SeedDMS_Download_Mgr();
+			if($extraheader = $this->callHook('extraDownloadHeader'))
+				$downmgr->addHeader($extraheader);
+
+			foreach($items as $item) {
+				$content = $item->getContent();
+				$document = $content->getDocument();
+				if ($document->getAccessMode($user) >= M_READ) {
+					$extracols = $this->callHook('extraDownloadColumns', $document);
+					$filename = $this->callHook('filenameDownloadItem', $content);
+					if($rawcontent = $this->callHook('rawcontent', $content)) {
+						$downmgr->addItem($content, $extracols, $rawcontent, $filename);
+					} else
+						$downmgr->addItem($content, $extracols, null, $filename);
+				}
+			}
+
+			$filename = tempnam(sys_get_temp_dir(), 'transmittal-download-');
+			if($filename) {
+				if($downmgr->createArchive($filename)) {
+					header("Content-Transfer-Encoding: binary");
+					header("Content-Length: " . filesize($filename));
+					header("Content-Disposition: attachment; filename=\"export-" .date('Y-m-d') . ".zip\"");
+					header("Content-Type: application/zip");
+					header("Cache-Control: must-revalidate");
+
+					readfile($filename);
+				} else {
+				}
+				unlink($filename);
+			}
+			exit;
+		}
+	}
+}
+

controllers/class.UpdateDocument.php

@@ -48,16 +48,18 @@ class SeedDMS_Controller_UpdateDocument extends SeedDMS_Controller_Common {
 		$userfiletype = $this->getParam('userfiletype');
 		$reviewers = $this->getParam('reviewers');
 		$approvers = $this->getParam('approvers');
+		$recipients = $this->getParam('recipients');
 		$reqversion = $this->getParam('reqversion');
 		$comment = $this->getParam('comment');
 		$attributes = $this->getParam('attributes');
 		$workflow = $this->getParam('workflow');
 		$maxsizeforfulltext = $this->getParam('maxsizeforfulltext');
+		$initialdocumentstatus = $this->getParam('initialdocumentstatus');
 
 		$content = $this->callHook('updateDocument');
 		if($content === null) {
 			$filesize = SeedDMS_Core_File::fileSize($userfiletmp);
-			if($contentResult=$document->addContent($comment, $user, $userfiletmp, utf8_basename($userfilename), $filetype, $userfiletype, $reviewers, $approvers, 0, $attributes, $workflow)) {
+			if($contentResult=$document->addContent($comment, $user, $userfiletmp, utf8_basename($userfilename), $filetype, $userfiletype, $reviewers, $approvers, 0, $attributes, $workflow, $initialdocumentstatus)) {
 
 				if ($this->hasParam('expires')) {
 					if($document->setExpires($this->getParam('expires'))) {
@@ -65,6 +67,21 @@ class SeedDMS_Controller_UpdateDocument extends SeedDMS_Controller_Common {
 					}
 				}
 
+				if(!empty($recipients['i'])) {
+					foreach($recipients['i'] as $uid) {
+						if($u = $dms->getUser($uid)) {
+							$res = $contentResult->getContent()->addIndRecipient($u, $user);
+						}
+					}
+				}
+				if(!empty($recipients['g'])) {
+					foreach($recipients['g'] as $gid) {
+						if($g = $dms->getGroup($gid)) {
+							$res = $contentResult->getContent()->addGrpRecipient($g, $user);
+						}
+					}
+				}
+
 				$content = $contentResult->getContent();
 			} else {
 				$this->errormsg = 'error_update_document';

develop/retrieveml.sh

@@ -1,3 +1,3 @@
 #!/bin/sh
 # This command retrieves the strings that need to be translated
-sgrep -o "%r\n" '"getMLText(\"" __ "\""' */*.php|sort|uniq -c
+sgrep -o "%r\n" '"getMLText(\"" __ "\""' */*.php views/bootstrap/*.php |sort|uniq -c

develop/transcomp.php

@@ -1,7 +1,7 @@
 <?php
 /* Determine all languages keys used in the php files */
 $output = array();
-if(exec('sgrep -o "%r\n" \'"tMLText(\"" __ "\""\' */*.php|sort|uniq -c', $output)) {
+if(exec('sgrep -o "%r\n" \'"tMLText(\"" __ "\""\' */*.php views/bootstrap/*.php|sort|uniq -c', $output)) {
 	$allkeys = array();
 	foreach($output as $line) {
 		$data = explode(' ', trim($line));
@@ -9,8 +9,9 @@ if(exec('sgrep -o "%r\n" \'"tMLText(\"" __ "\""\' */*.php|sort|uniq -c', $output
 	}
 }
 
+$languages = array('ar_EG', 'bg_BG', 'ca_ES', 'cs_CZ', 'de_DE', 'en_GB', 'es_ES', 'fr_FR', 'hu_HU', 'it_IT', 'nl_NL', 'pl_PL', 'pt_BR', 'ro_RO', 'ru_RU', 'sk_SK', 'sv_SE', 'tr_TR', 'zh_CN', 'zh_TW');
 /* Reading languages */
-foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
+foreach($languages as $lang) {
 	include('languages/'.$lang.'/lang.inc');
 	ksort($text);
 	$langarr[$lang] = $text;
@@ -20,7 +21,7 @@ foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
 echo "List of missing keys\n";
 echo "-----------------------------\n";
 foreach(array_keys($allkeys) as $key) {
-	foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
+	foreach($languages as $lang) {
 		if(!isset($langarr[$lang][$key])) {
 			echo "Missing key '".$key."' in language ".$lang."\n";
 		}
@@ -31,7 +32,7 @@ echo "\n";
 /* Check for phrases not used anymore */
 echo "List of superflous keys\n";
 echo "-----------------------------\n";
-foreach(array('en_GB', 'de_DE', 'it_IT', 'sk_SK', 'cs_CZ') as $lang) {
+foreach($languages as $lang) {
 	$n = 0;
 	foreach($langarr[$lang] as $key=>$value) {
 		if(!isset($allkeys[$key])) {

doc/README.Converters

@@ -49,6 +49,9 @@ application/vnd.openxmlformats-officedocument.wordprocessingml.document
 application/msword
   catdoc %s
 
+application/vnd.oasis.opendocument.text
+	odt2txt %s
+
 application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
   xlsx2csv -d tab %s
 

doc/README.Install.md

@@ -8,13 +8,13 @@ SeedDMS is a web-based application written in PHP. It uses MySQL,
 SQLite3 or PostgreSQL to manage the documents that were uploaded into
 the application. Be aware that PostgreSQL is not very well tested.
 
-Make sure you have PHP >= 7.4 and MySQL 5 or higher installed. SeedDMS
+Make sure you have PHP >= 8.2 and MySQL 5 or higher installed. SeedDMS
 will work with PHP running in CGI-mode as well as running as a module under
 apache.
 
 Here is a detailed list of requirements:
 
-1. A web server with at least php 7.4
+1. A web server with at least php 8.2
 2. A mysql database, unless you use SQLite
 3. The php installation must have support for `pdo_mysql`, `pdo_pgsql` or `pdo_sqlite`,
    `php_gd2`, `php_mbstring`, `php_xml`

doc/README.Notification

@@ -126,3 +126,28 @@ op/op.TriggerWorkflow.php
 op/op.UpdateDocument.php
 * document was updated
   subscribers of the document
+
+op/op.ReceiptDocument.php
+* document was received
+  subscribers of the document
+
+op/op.ReviseDocument.php
+* document was revised
+  subscribers of the document
+
+op/op.SetRevisors.php
+* Revisors were added/deleted
+  subscribers of the document
+  uploader of version
+  revisor
+
+op/op.ReceiptDocument.php
+* document was receipt
+  subscribers of the document
+
+op/op.SetRecipients.php
+* Recipients were added/deleted
+  subscribers of the document
+  uploader of version
+  recipient
+

doc/README.Scheduler.md

@@ -0,0 +1,26 @@
+Scheduler
+==========
+
+The scheduler in SeedDMS manages frequently run tasks. It is very similar
+to regular unix cron jobs. A task in SeedDMS is an instanciation of a task
+class which itself is defined by an extension or SeedDMS itself.
+SeedDMS has some predefined classes e.g. core::expireddocs.
+
+In order for tasks to be runnalbe, a user `cli_scheduler` must exists in
+SeedDMS.
+
+All tasks are executed by a single cronjob in the directory `utils`
+
+> */5 * * * * /home/www-data/seeddms60x/seeddms/utils/seeddms-schedulercli --mode=run
+
+Please keep in mind, that the php interpreter used for the cronjob may be
+different from the php interpreter used für the web application. Hence, two
+different php.ini files might be used. php and the php extensions may differ as
+well. This can cause some extensions to be disabled and consequently some task
+classes are not defined.
+
+`utils/seeddms-schedulercli` can also be run on the command line. If you
+do that, run it with the same system user used for the web server. On Debian
+this is www-data. Hence run it like
+
+sudo -u www-data utils/seeddms-schedulercli --mode=list

doc/README.cron

@@ -0,0 +1,42 @@
+Running the scheduler
+======================
+
+Since version 6 of SeedDMS a scheduler is implemented which runs
+scheduled tasks. Such tasks must be implemented in an extension
+and can be scheduled by the administrator within the user interface.
+
+In order to check frequently for tasks ready to run, a system cron job
+must be installed. On Linux this can be done by adding the following line
+to the crontab
+
+*/5 * * * * /var/www/seeddms60x/seeddms/utils/seeddms-schedulercli --mode=run
+
+(Of course you need to change the path to `seeddms-schedulercli`)
+
+This will install a cronjob running every 5 minutes. `seeddms-schedulercli` will check
+for tasks ready to run and execute them in that case. You can decrease the time between
+two calls of the cronjob, but keep in mind that seeddms tasks may take longer and
+are being started again before the previous task has been ended.
+
+If the configuration file of SeedDMS is not found, its path can be passed
+on the command, though this should not be needed in a regular installation
+obeying the directory structure of the quickstart archive.
+
+*/5 * * * * /var/www/seeddms60x/seeddms/utils/seeddms-schedulercli --config /var/www/seeddms60x/seeddms/conf/settings.xml --mode=run
+
+For testing purposes it may be usefull to run `seeddms-schedulercli` in list mode.
+
+seeddms-schedulercli --mode=list
+
+This will just list all tasks and its scheduled exection time. Tasks ready to run,
+because its scheduled execution time is already in the past will be marked with
+a `*`. Tasks which are disabled will be marked with a `-`.
+
+Executing `seeddms-schedulercli` in `dryrun` mode will behave just like in `run` mode
+but instead of running the task it will just issue a line.
+
+Instead of running utils/seeddms-schedulercli you may as well access
+op/op.Cron.php which also runs all scheduled tasks. On Linux you do this
+by setting up a cronjob like
+
+*/5 * * * * wget -q -O - "http://<your domain>/op/op.Cron.php"

ext/example/class.example.php

@@ -177,7 +177,32 @@ class SeedDMS_ExtExample_ViewFolder {
  * @package SeedDMS
  * @subpackage  example
  */
-class SeedDMS_ExtExample_Task {
+class SeedDMS_ExtExample_Task extends SeedDMS_SchedulerTaskBase {
-	public function execute() {
+
+	/**
+	 * Run the task
+	 *
+	 * @param $task task to be executed
+	 * @return boolean true if task was executed succesfully, otherwise false
+	 */
+	public function execute($task) {
+		$dms = $this->dms;
+		$user = $this->user;
+    $settings = $this->settings;
+    $logger = $this->logger;
+		$taskparams = $task->getParameter();
+		return true;
+	}
+
+	public function getDescription() {
+		return 'Description';
+	}
+
+	public function getAdditionalParams() {
+		return array(array(
+			'name'=>'email',
+			'type'=>'string',
+			'description'=> '',
+		));
 	}
 }

ext/example/conf.php

@@ -1,7 +1,7 @@
 <?php
 $EXT_CONF['example'] = array(
 	'title' => 'Example Extension',
-	'description' => 'This sample extension demonstrate the use of various hooks',
+	'description' => 'This sample extension demonstrates the use of various hooks',
 	'disable' => true,
 	'version' => '1.0.1',
 	'releasedate' => '2018-03-21',

ext/example/lang.php

@@ -1,4 +1,9 @@
 <?php
 $__lang['de_DE'] = array(
 	'folder_contents' => 'Dies war mal "Ordner enthält". Wurde von sample Extension geändert.',
+	'task_example_example_email' => 'Email',
+);
+$__lang['en_GB'] = array(
+	'folder_contents' => 'This used to be "Folder contents". Was changed by sample Extension.',
+	'task_example_example_email' => 'Email',
 );

inc/inc.Authentication.php

@@ -21,17 +21,23 @@ if (!strncmp("/op", $refer, 3)) {
 } else {
 	$refer = urlencode($refer);
 }
+
+/* Check if this is a ajax call. In that case do not redirect to any page */
+$isajax = isset($_GET['action']) && ($_GET['action'] != 'show');
+
 if (!isset($_COOKIE["mydms_session"])) {
 	if($settings->_enableGuestLogin && $settings->_enableGuestAutoLogin) {
 		$session = new SeedDMS_Session($db);
 		if(!$dms_session = $session->create(array('userid'=>$settings->_guestID, 'theme'=>$settings->_theme, 'lang'=>$settings->_language))) {
-			header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+			if(!$isajax)
+				header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
 			exit;
 		}
 		$resArr = $session->load($dms_session);
 	}	elseif($settings->_autoLoginUser) {
 		if(!($user = $dms->getUser($settings->_autoLoginUser))/* || !$user->isGuest()*/) {
-			header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+			if(!$isajax)
+				header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
 			exit;
 		}
 		$theme = $user->getTheme();
@@ -46,12 +52,14 @@ if (!isset($_COOKIE["mydms_session"])) {
 		}
 		$session = new SeedDMS_Session($db);
 		if(!$dms_session = $session->create(array('userid'=>$user->getID(), 'theme'=>$theme, 'lang'=>$lang))) {
-			header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+			if(!$isajax)
+				header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
 			exit;
 		}
 		$resArr = $session->load($dms_session);
 	} else {
-		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+		if(!$isajax)
+			header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
 		exit;
 	}
 } else {
@@ -60,7 +68,8 @@ if (!isset($_COOKIE["mydms_session"])) {
 	$session = new SeedDMS_Session($db);
 	if(!$resArr = $session->load($dms_session)) {
 		setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
-		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+		if(!$isajax)
+			header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
 		exit;
 	}
 }
@@ -73,13 +82,16 @@ if((int)$resArr['lastAccess']+60 < time())
 $user = $dms->getUser($resArr["userID"]);
 if (!is_object($user)) {
 	setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
-	header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+	if(!$isajax)
+		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
 	exit;
 }
 
-if($user->isAdmin()) {
+$origuser = null;
-	if($resArr["su"]) {
+if($resArr["su"] && $su = $dms->getUser($resArr["su"])) {
-		$user = $dms->getUser($resArr["su"]);
+	if($user->isAdmin() || $user->maySwitchToUser($su)) {
+		$origuser = $user;
+		$user = $su;
 	} else {
 	//	$session->resetSu();
 	}
@@ -92,6 +104,8 @@ if($settings->_useHomeAsRootFolder && !$user->isAdmin() && $user->getHomeFolder(
 	$dms->checkWithinRootDir = true;
 	$dms->setRootFolderID($user->getHomeFolder());
 }
+$role = $user->getRole();
+$dms->noReadForStatus = $role->getNoAccess();
 
 /* Include additional language file for view
  * This file must set $LANG[xx][]
@@ -100,13 +114,17 @@ if(file_exists($settings->_rootDir . "view/".$theme."/languages/" . $lang . "/la
 	include $settings->_rootDir . "view/".$theme."/languages/" . $lang . "/lang.inc";
 }
 
+/* if this is a ajax call, then exit early as the rest of the script is irrelevant */
+if($isajax)
+	return;
+
 /* Check if password needs to be changed because it expired. If it needs
  * to be changed redirect to out/out.ForcePasswordChange.php. Do this
  * check only if password expiration is turned on, we are not on the
  * page to change the password or the page that changes the password, the
  * current user is not admin, and no user substitution has occured. */
 
-if (!$user->isAdmin() && !$resArr['su']) {
+if (!$user->isAdmin() && $origuser == null) {
 	if($settings->_passwordExpiration > 0) {
 		if(basename($_SERVER['SCRIPT_NAME']) != 'out.ForcePasswordChange.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.EditUserData.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.Logout.php') {
 			$pwdexp = $user->getPwdExpiration();
@@ -121,6 +139,17 @@ if (!$user->isAdmin() && !$resArr['su']) {
 	}
 }
 
+/* Check if secret is set for 2-factor authentication. Redirect to Setup2Factor.php
+ * if secret is not set and 2-factor authentication is turned on. Also check if
+ * already on the page Setup2Factor.php and no user substiation has occured.
+ */
+if($settings->_enable2FactorAuthentication && $settings->_guestID != $user->getID() && $settings->_autoLoginUser != $user->getID() && $origuser == null && $user->getSecret() == '') {
+	if(basename($_SERVER['SCRIPT_NAME']) != 'out.Setup2Factor.php' && basename($_SERVER['SCRIPT_NAME']) != 'op.Setup2Factor.php') {
+		header("Location: ../out/out.Setup2Factor.php");
+		exit;
+	}
+}
+
 /* Update cookie lifetime */
 if($settings->_cookieLifetime) {
 	$lifetime = time() + intval($settings->_cookieLifetime);

inc/inc.BasicAuthentication.php

@@ -0,0 +1,41 @@
+<?php
+/**
+ * Do authentication of users and session management
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2002-2005 Markus Westphal,
+ *             2006-2008 Malcolm Cowe, 2010 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+require_once("inc.Utils.php");
+require_once("inc.ClassNotificationService.php");
+require_once("inc.ClassEmailNotify.php");
+require_once("inc.ClassSession.php");
+require_once("inc.ClassAccessOperation.php");
+
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+	header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
+	header('HTTP/1.0 401 Unauthorized');
+	echo getMLText('cancel_basic_authentication');
+	exit;
+} else {
+	if(!($user = $authenticator->authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))) {
+		header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
+		header('HTTP/1.0 401 Unauthorized');
+		echo getMLText('cancel_basic_authentication');
+		exit;
+	}
+}
+
+/* Clear login failures if login was successful */
+$user->clearLoginFailures();
+
+$dms->setUser($user);
+
+require_once('inc/inc.Notification.php');
+

inc/inc.ClassAccessOperation.php

@@ -11,6 +11,8 @@
  * @version    Release: @package_version@
  */
 
+require_once "inc.ClassAcl.php";
+
 /**
  * Class to check certain access restrictions
  *
@@ -27,33 +29,32 @@ class SeedDMS_AccessOperation {
 	 */
 	private $dms;
 
-	/**
-	 * @var object $obj object being accessed
-	 * @access protected
-	 */
-	private $obj;
-
 	/**
 	 * @var object $user user requesting the access
 	 * @access protected
 	 */
-	private $user;
+	protected $user;
 
 	/**
 	 * @var object $settings SeedDMS Settings
 	 * @access protected
 	 */
-	private $settings;
+	protected $settings;
 
 	/**
-	 * @var array $legacy_access list of objects with access
+	 * @var object $aro access request object for caching
+	 * @access protected
+	 */
+	private $_aro;
+
+	/**
+	 * @var array $legacy_access list of objects with access use for view and controller
 	 * @access protected
 	 */
 	private $legacy_access;
 
-	function __construct($dms, $obj, $user, $settings) { /* {{{ */
+	function __construct($dms, $user, $settings) { /* {{{ */
 		$this->dms = $dms;
-		$this->obj = $obj;
 		$this->user = $user;
 		$this->settings = $settings;
 		$this->legacy_access['guest'] = array(
@@ -80,6 +81,7 @@ class SeedDMS_AccessOperation {
 			'CategoryChooser',
 			'ChangePassword',
 			'CheckInDocument',
+			'CheckOutDocument',
 			'Clipboard',
 			'Dashboard',
 			'DocumentAccess',
@@ -163,15 +165,15 @@ class SeedDMS_AccessOperation {
 	 * document may delete versions. The admin may even delete a version
 	 * even if is disallowed in the settings.
 	 */
-	function mayEditVersion($vno=0) { /* {{{ */
+	function mayEditVersion($document, $vno=0) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
 			if($vno)
-				$version = $this->obj->getContentByVersion($vno);
+				$version = $document->getContentByVersion($vno);
 			else
-				$version = $this->obj->getLatestContent();
+				$version = $document->getLatestContent();
 			if (!isset($this->settings->_editOnlineFileTypes) || !is_array($this->settings->_editOnlineFileTypes) || (!in_array(strtolower($version->getFileType()), $this->settings->_editOnlineFileTypes) && !in_array(strtolower($version->getMimeType()), $this->settings->_editOnlineFileTypes)))
 				return false;
-			if ($this->obj->getAccessMode($this->user) == M_ALL || $this->user->isAdmin()) {
+			if ($document->getAccessMode($this->user) == M_ALL || $this->user->isAdmin()) {
 				return true;
 			}
 		}
@@ -187,10 +189,10 @@ class SeedDMS_AccessOperation {
 	 * document may delete versions. The admin may even delete a version
 	 * even if is disallowed in the settings.
 	 */
-	function mayRemoveVersion() { /* {{{ */
+	function mayRemoveVersion($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			$versions = $this->obj->getContent();
+			$versions = $document->getContent();
-			if ((($this->settings->_enableVersionDeletion && ($this->obj->getAccessMode($this->user, 'removeVersion') == M_ALL)) || $this->user->isAdmin() ) && (count($versions) > 1)) {
+			if ((($this->settings->_enableVersionDeletion && ($document->getAccessMode($this->user, 'removeVersion') == M_ALL)) || $this->user->isAdmin() ) && (count($versions) > 1)) {
 				return true;
 			}
 		}
@@ -207,11 +209,11 @@ class SeedDMS_AccessOperation {
 	 * The admin may even modify the status
 	 * even if is disallowed in the settings.
 	 */
-	function mayOverwriteStatus() { /* {{{ */
+	function mayOverrideStatus($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
-				if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_RELEASED || $status["status"]==S_OBSOLETE )) {
+				if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_DRAFT || $status["status"]==S_RELEASED || $status["status"]==S_REJECTED || $status["status"]==S_OBSOLETE || $status["status"]==S_NEEDS_CORRECTION)) {
 					return true;
 				}
 			}
@@ -226,12 +228,13 @@ class SeedDMS_AccessOperation {
 	 * reviewers/approvers is only allowed if version modification is turned on
 	 * in the settings and the document has not been reviewed/approved by any
 	 * user/group already.
-	 * The admin may even set reviewers/approvers if is disallowed in the
+	 * The admin may even set reviewers/approvers after the review/approval
-	 * settings.
+	 * process has been started, but only if _allowChangeRevAppInProcess
+	 * explicitly allows it.
 	 */
-	function maySetReviewersApprovers() { /* {{{ */
+	function maySetReviewersApprovers($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
 				$reviewstatus = $latestContent->getReviewStatus();
 				$hasreview = false;
@@ -245,7 +248,49 @@ class SeedDMS_AccessOperation {
 					if($r['status'] == 1 || $r['status'] == -1)
 						$hasapproval = true;
 				}
-				if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (($status["status"]==S_DRAFT_REV && !$hasreview) || ($status["status"]==S_DRAFT_APP && !$hasreview && !$hasapproval))) {
+				if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (($status["status"]==S_DRAFT_REV && (!$hasreview || ($this->user->isAdmin() && $this->settings->_allowChangeRevAppInProcess))) || ($status["status"]==S_DRAFT_APP && ((!$hasreview && !$hasapproval) || ($this->user->isAdmin() && $this->settings->_allowChangeRevAppInProcess))) || $status["status"]==S_DRAFT)) {
+					return true;
+				}
+			}
+		}
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check if recipients may be edited
+	 *
+	 * This check can only be done for documents. Setting the document
+	 * recipients is only allowed if version modification is turned on
+	 * in the settings.  The
+	 * admin may even set recipients if is disallowed in the
+	 * settings.
+	 */
+	function maySetRecipients($document) { /* {{{ */
+		if($document->isType('document')) {
+			if($latestContent = $document->getLatestContent()) {
+				$status = $latestContent->getStatus();
+				if (($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) >= M_READWRITE)) || $this->user->isAdmin()) {
+					return true;
+				}
+			}
+		}
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check if revisors may be edited
+	 *
+	 * This check can only be done for documents. Setting the document
+	 * revisors is only allowed if version modification is turned on
+	 * in the settings.  The
+	 * admin may even set revisors if is disallowed in the
+	 * settings.
+	 */
+	function maySetRevisors($document) { /* {{{ */
+		if($document->isType('document')) {
+			if($latestContent = $document->getLatestContent()) {
+				$status = $latestContent->getStatus();
+				if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && ($status["status"]==S_RELEASED || $status["status"]==S_IN_REVISION)) {
 					return true;
 				}
 			}
@@ -262,12 +307,12 @@ class SeedDMS_AccessOperation {
 	 * admin may even set the workflow if is disallowed in the
 	 * settings.
 	 */
-	function maySetWorkflow() { /* {{{ */
+	function maySetWorkflow($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$workflow = $latestContent->getWorkflow();
 				$workflowstate = $latestContent->getWorkflowState();
-				if ((($this->settings->_enableVersionModification && ($this->obj->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (!$workflow || ($workflowstate && ($workflow->getInitState()->getID() == $workflowstate->getID())))) {
+				if ((($this->settings->_enableVersionModification && ($document->getAccessMode($this->user) == M_ALL)) || $this->user->isAdmin()) && (!$workflow || ($workflowstate && ($workflow->getInitState()->getID() == $workflowstate->getID())))) {
 					return true;
 				}
 			}
@@ -281,11 +326,11 @@ class SeedDMS_AccessOperation {
 	 * This check can only be done for documents. Setting the documents
 	 * expiration date is only allowed if the document has not been obsoleted.
 	 */
-	function maySetExpires() { /* {{{ */
+	function maySetExpires($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
-				if ((($this->obj->getAccessMode($this->user) == M_ALL) || $this->user->isAdmin()) && ($status["status"]!=S_OBSOLETE)) {
+				if ((($document->getAccessMode($this->user) >= M_READWRITE) || $this->user->isAdmin()) && ($status["status"]!=S_OBSOLETE)) {
 					return true;
 				}
 			}
@@ -302,17 +347,17 @@ class SeedDMS_AccessOperation {
 	 * The admin may set the comment even if is
 	 * disallowed in the settings.
 	 */
-	function mayEditComment() { /* {{{ */
+	function mayEditComment($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($this->obj->getAccessMode($this->user) < M_READWRITE)
+			if($document->getAccessMode($this->user) < M_READWRITE)
 				return false;
-			if($this->obj->isLocked()) {
+			if($document->isLocked()) {
-				$lockingUser = $this->obj->getLockingUser();
+				$lockingUser = $document->getLockingUser();
-				if (($lockingUser->getID() != $this->user->getID()) && ($this->obj->getAccessMode($this->user) != M_ALL)) {
+				if (($lockingUser->getID() != $this->user->getID()) && ($document->getAccessMode($this->user) != M_ALL)) {
 					return false;
 				}
 			}
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
 				if (($this->settings->_enableVersionModification || $this->user->isAdmin()) && !in_array($status["status"], array(S_OBSOLETE, S_EXPIRED))) {
 					return true;
@@ -330,15 +375,15 @@ class SeedDMS_AccessOperation {
 	 * the settings or the document is still in an approval/review
 	 * or intial workflow step.
 	 */
-	function mayEditAttributes() { /* {{{ */
+	function mayEditAttributes($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
 				$workflow = $latestContent->getWorkflow();
 				$workflowstate = $latestContent->getWorkflowState();
-				if($this->obj->getAccessMode($this->user) < M_READWRITE)
+				if($document->getAccessMode($this->user) < M_READWRITE)
 					return false;
-				if ($this->settings->_enableVersionModification || in_array($status["status"], array(S_DRAFT_REV, S_DRAFT_APP)) || ($workflow && $workflowstate && $workflow->getInitState()->getID() == $workflowstate->getID())) {
+				if ($this->settings->_enableVersionModification || in_array($status["status"], array(S_DRAFT_REV, S_DRAFT_APP, S_IN_REVISION)) || ($workflow && $workflowstate && $workflow->getInitState()->getID() == $workflowstate->getID())) {
 					return true;
 				}
 			}
@@ -353,11 +398,11 @@ class SeedDMS_AccessOperation {
 	 * review. There are other requirements which are not taken into
 	 * account here.
 	 */
-	function mayReview() { /* {{{ */
+	function mayReview($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
-				if ($status["status"]==S_DRAFT_REV) {
+				if ($document->getAccessMode($this->user) >= M_READ && $status["status"]==S_DRAFT_REV) {
 					return true;
 				}
 			}
@@ -371,9 +416,24 @@ class SeedDMS_AccessOperation {
 	 * A review may only be updated by the user who originaly addedd the
 	 * review and if it is allowed in the settings
 	 */
-	function mayUpdateReview($updateUser) { /* {{{ */
+	function mayUpdateReview($document, $updateUser) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && !$this->obj->hasExpired()) {
+			if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && $document->getAccessMode($this->user) >= M_READ && !$document->hasExpired()) {
+				return true;
+			}
+		}
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check if a approval maybe edited
+	 *
+	 * An approval may only be updated by the user who originaly addedd the
+	 * approval and if it is allowed in the settings
+	 */
+	function mayUpdateApproval($document, $updateUser) { /* {{{ */
+		if($document->isType('document')) {
+			if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && $document->getAccessMode($this->user) >= M_READ && !$document->hasExpired()) {
 				return true;
 			}
 		}
@@ -389,11 +449,11 @@ class SeedDMS_AccessOperation {
 	 * There are other requirements which are not taken into
 	 * account here.
 	 */
-	function mayApprove() { /* {{{ */
+	function mayApprove($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($latestContent = $this->obj->getLatestContent()) {
+			if($latestContent = $document->getLatestContent()) {
 				$status = $latestContent->getStatus();
-				if ($status["status"]==S_DRAFT_APP) {
+				if ($document->getAccessMode($this->user) >= M_READ && $status["status"]==S_DRAFT_APP) {
 					return true;
 				}
 			}
@@ -402,14 +462,70 @@ class SeedDMS_AccessOperation {
 	} /* }}} */
 
 	/**
-	 * Check if a approval maybe edited
+	 * Check if document content may be receipted
 	 *
-	 * An approval may only be updated by the user who originaly addedd the
+	 * Reviewing a document content is only allowed if the document was not
-	 * approval and if it is allowed in the settings
+	 * obsoleted. There are other requirements which are not taken into
+	 * account here.
 	 */
-	function mayUpdateApproval($updateUser) { /* {{{ */
+	function mayReceipt($document) { /* {{{ */
-		if($this->obj->isType('document')) {
+		if($document->isType('document')) {
-			if($this->settings->_enableUpdateRevApp && ($updateUser == $this->user) && !$this->obj->hasExpired()) {
+			if($latestContent = $document->getLatestContent()) {
+				$status = $latestContent->getStatus();
+				if ($document->getAccessMode($this->user) >= M_READ && $status["status"]==S_RELEASED) {
+					return true;
+				}
+			}
+		}
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check if a review maybe edited
+	 *
+	 * A review may only be updated by the user who originaly addedd the
+	 * review and if it is allowed in the settings
+	 */
+	function mayUpdateReceipt($document, $updateUser) { /* {{{ */
+		if($document->isType('document')) {
+			if($this->settings->_enableUpdateReceipt && ($updateUser == $this->user) && $document->getAccessMode($this->user) >= M_READ && !$document->hasExpired()) {
+				return true;
+			}
+		}
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check if document content may be revised
+	 *
+	 * Revising a document content is only allowed if the document was not
+	 * obsoleted. There may be other requirements which are not taken into
+	 * account here.
+	 */
+	function mayRevise($document) { /* {{{ */
+		if($document->isType('document')) {
+			if($latestContent = $document->getLatestContent()) {
+				$status = $latestContent->getStatus();
+				if ($document->getAccessMode($this->user) >= M_READ && $status["status"]!=S_OBSOLETE) {
+					return true;
+				}
+			}
+		}
+		return false;
+	} /* }}} */
+
+	/**
+	 * Check if document content may be checked in
+	 *
+	 *
+	 */
+	function mayCheckIn($document) { /* {{{ */
+		if($document->isType('document')) {
+			$checkoutinfo = $document->getCheckOutInfo();
+			if(!$checkoutinfo)
+				return false;
+			$info = $checkoutinfo[0];
+			if($this->user->getID() == $info['userID'] || $document->getAccessMode($this->user) == M_ALL) {
 				return true;
 			}
 		}
@@ -448,11 +564,44 @@ class SeedDMS_AccessOperation {
 		return false;
 	} /* }}} */
 
+	protected function check_controller_legacy_access($controller, $get=array()) { /* {{{ */
+		if($this->user->isAdmin())
+			return true;
+
+		if(is_string($controller)) {
+			$scripts = array($controller);
+		} elseif(is_array($controller)) {
+			$scripts = $controller;
+		} elseif(is_subclass_of($controller, 'SeedDMS_Controller_Common')) {
+			$scripts = array($controller->getParam('class'));
+		} else {
+			return false;
+		}
+
+		if($this->user->isGuest()) {
+			$user_allowed = $this->legacy_access['guest'];
+		} else {
+			$user_allowed = $this->legacy_access['user'];
+		}
+
+		if(array_intersect($scripts, $user_allowed))
+			return true;
+
+		return false;
+	} /* }}} */
+
 	/**
 	 * Check for access permission on view
 	 *
-	 * This function will always return true because it was added to smooth
+	 * If the parameter $view is an array then each element is considered the
-	 * migration from 5.1.x to 6.0.x
+	 * name of a view and true will be returned if one of them is accessible.
+	 * Whether access is allowed also depends on the currently logged in user
+	 * stored in the view object. If the user is an admin the access 
+	 * on a view must be explicitly disallowed. For regular users the access
+	 * must be explicitly allowed.
+	 *
+	 * If advanced access control is turn off, this function will always return
+	 * true for admins and false for other users.
 	 *
 	 * @param mixed $view Instanz of view, name of view or array of view names
 	 * @param string $get query parameters possible containing the element 'action'
@@ -460,20 +609,79 @@ class SeedDMS_AccessOperation {
 	 * no specific access right is set, otherwise false
 	 */
 	function check_view_access($view, $get=array()) { /* {{{ */
-		return $this->check_view_legacy_access($view, $get);
+		if(!$this->settings->_advancedAcl) {
+			return $this->check_view_legacy_access($view, $get);
+		}
+		if(is_string($view)) {
+			$scripts = array($view);
+		} elseif(is_array($view)) {
+			$scripts = $view;
+		} elseif(is_subclass_of($view, 'SeedDMS_View_Common')) {
+			$scripts = array($view->getParam('class'));
+		} else {
+			return false;
+		}
+		$scope = 'Views';
+		$action = (isset($get['action']) && $get['action']) ? $get['action'] : 'show';
+		$acl = new SeedDMS_Acl($this->dms);
+		if(!$this->_aro)
+			$this->_aro = SeedDMS_Aro::getInstance($this->user->getRole(), $this->dms);
+		foreach($scripts as $script) {
+			$aco = SeedDMS_Aco::getInstance($scope.'/'.$script.'/'.$action, $this->dms);
+			$ll = $acl->check($this->_aro, $aco);
+			if($ll === 1 && !$this->user->isAdmin() || $ll !== -1 && $this->user->isAdmin())
+				return true;
+		}
+		return false;
 	} /* }}} */
 
 	/**
 	 * Check for access permission on controller
 	 *
-	 * This function will always return true because it was added to smooth
+	 * If the parameter $controller is an array then each element is considered the
-	 * migration from 5.1.x to 6.0.x
+	 * name of a controller and true will be returned if one is accesible.
+	 * If advanced access controll is turn off, this function will return false
+	 * for guest users and true otherwise.
 	 *
 	 * @param mixed $controller Instanz of controller, name of controller or array of controller names
 	 * @param string $get query parameters
 	 * @return boolean true if access is allowed otherwise false
 	 */
 	function check_controller_access($controller, $get=array()) { /* {{{ */
-		return true;
+		if(!$this->settings->_advancedAcl) {
+			return $this->check_controller_legacy_access($controller, $get);
+			/*
+			if($this->user->isGuest())
+				return false;
+			elseif($this->user->isAdmin())
+				return true;
+			else {
+				if($controller == 'AddDocument' && isset($get['action']) && $get['action'] == 'setOwner')
+					return false;
+				return true;
+			}
+			 */
+		}
+		if(is_string($controller)) {
+			$scripts = array($controller);
+		} elseif(is_array($controller)) {
+			$scripts = $controller;
+		} elseif(is_subclass_of($controller, 'SeedDMS_Controller_Common')) {
+			$scripts = array($controller->getParam('class'));
+		} else {
+			return false;
+		}
+		$scope = 'Controllers';
+		$action = (isset($get['action']) && $get['action']) ? $get['action'] : 'run';
+		$acl = new SeedDMS_Acl($this->dms);
+		if(!$this->_aro)
+			$this->_aro = SeedDMS_Aro::getInstance($this->user->getRole(), $this->dms);
+		foreach($scripts as $script) {
+			$aco = SeedDMS_Aco::getInstance($scope.'/'.$script.'/'.$action, $this->dms);
+			$ll = $acl->check($this->_aro, $aco);
+			if($ll === 1 && !$this->user->isAdmin() || $ll !== -1 && $this->user->isAdmin())
+				return true;
+		}
+		return false;
 	} /* }}} */
 }

inc/inc.ClassAcl.php

@@ -0,0 +1,390 @@
+<?php
+/**
+ * Implementation of a access control list.
+ *
+ * SeedDMS uses access control list for setting permission,
+ * on various operations.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class to represent an access request object
+ *
+ * This class provides a model for access request objects.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Acl { /* {{{ */
+	/**
+	 * @var object $dms reference to dms object.
+	 * @access public
+	 */
+	public $_dms;
+
+	/**
+	 * Create a new instance of an acl
+	 *
+	 * @param object $dms object of dms
+	 * @return object instance of SeedDMS_Acl
+	 */
+	public function __construct($dms) { /* {{{ */
+		$this->_dms = $dms;
+	} /* }}} */
+
+	/**
+	 * Check if Aro has access on Aco
+	 *
+	 * @param object $aro access request object
+	 * @param object $aco access control object
+	 * @return integer/boolean -1 if access is explictly denied, 1 if access
+	 * is explictly allow, 0 if no access restrictions exists, false if
+	 * an error occured.
+	 */
+	public function check($aro, $aco) { /* {{{ */
+		$db = $this->_dms->getDB();
+
+		while($aco) {
+			$acoid = $aco->getID();
+			$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$acoid;
+			$resArr = $db->getResultArray($queryStr);
+			if (is_bool($resArr) && $resArr === false)
+				return false;
+			if (count($resArr) == 1)
+				return((int) $resArr[0]['read']);
+
+			$aco = $aco->getParent();
+		}
+
+		return 0;
+	} /* }}} */
+
+	public function toggle($aro, $aco) { /* {{{ */
+		$db = $this->_dms->getDB();
+		$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr === false)
+			return false;
+		if (count($resArr) != 1)
+			return false;
+		$resArr = $resArr[0];
+
+		$newperm = $resArr['read'] == 1 ? -1 : 1;
+		$queryStr = "UPDATE `tblArosAcos` SET `read`=".$newperm." WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
+		if (!$db->getResult($queryStr))
+			return false;
+		return true;
+
+	} /* }}} */
+
+	public function add($aro, $aco, $perm=-1) { /* {{{ */
+		$db = $this->_dms->getDB();
+		$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr === false)
+			return false;
+		if (count($resArr) == 1) {
+			$resArr = $resArr[0];
+
+			$newperm = $resArr['read'] == 1 ? -1 : 1;
+			$queryStr = "UPDATE `tblArosAcos` SET `read`=".$newperm." WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
+			if (!$db->getResult($queryStr))
+				return false;
+		} else {
+			$queryStr = "INSERT INTO `tblArosAcos` (`aro`, `aco`, `read`) VALUES (".$aro->getID().", ".$aco->getID().", ".$perm.")";
+			if (!$db->getResult($queryStr))
+				return false;
+		}
+		return true;
+
+	} /* }}} */
+
+	public function remove($aro, $aco) { /* {{{ */
+		$db = $this->_dms->getDB();
+		$queryStr = "DELETE FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$aco->getID();
+		if (!$db->getResult($queryStr))
+			return false;
+		return true;
+	} /* }}} */
+} /* }}} */
+
+/**
+ * Class to represent an access request/controll object
+ *
+ * This class provides a model for access request/controll objects.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_AroAco { /* {{{ */
+	/**
+	 * @var object $dms reference to dms object.
+	 * @access protected
+	 */
+	public $_dms;
+
+	/**
+	 * @var integer id of access request object
+	 */
+	protected $_id;
+
+	/**
+	 * @var integer id of parent of access request object
+	 */
+	protected $_parent;
+
+	/**
+	 * @var string alias of access request object
+	 */
+	protected $_alias;
+
+	/**
+	 * @var object object of access request object
+	 */
+	protected $_object;
+
+	/**
+	 * Create a new instance of an aro
+	 *
+	 * @param object $dms object of dms
+	 * @return object instance of SeedDMS_Aco
+	 */
+	function __construct($dms, $id, $parent, $object, $alias) { /* {{{ */
+		$this->_dms = $dms;
+		$this->_id = $id;
+		$this->_parent = $parent;
+		$this->_object = $object;
+		$this->_alias = $alias;
+	} /* }}} */
+
+	public function setDMS($dms) { /* {{{ */
+		$this->_dms = $dms;
+	} /* }}} */
+
+	public function getDMS() { /* {{{ */
+		return($this->_dms);
+	} /* }}} */
+
+	public function getID() { /* {{{ */
+		return $this->_id;
+	} /* }}} */
+
+	public function getAlias() { /* {{{ */
+		return $this->_alias;
+	} /* }}} */
+
+	public function getObject() { /* {{{ */
+		return $this->_object;
+	} /* }}} */
+} /* }}} */
+
+/**
+ * Class to represent an access request object
+ *
+ * This class provides a model for access request objects.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Aro extends SeedDMS_AroAco { /* {{{ */
+
+	/**
+	 * Create a new instance of an aro
+	 *
+	 * @param object $dms object to access the underlying database
+	 * @return object instance of SeedDMS_Aro
+	 */
+	public static function getInstance($id, $dms) { /* {{{ */
+		$db = $dms->getDB();
+		if(is_int($id)) {
+			$queryStr = "SELECT * FROM `tblAros` WHERE `id` = " . (int) $id;
+			$resArr = $db->getResultArray($queryStr);
+			if (is_bool($resArr) && $resArr === false)
+				return null;
+			if (count($resArr) != 1)
+				return null;
+			$resArr = $resArr[0];
+		} elseif(is_object($id)) {
+			if($dms->getClassname('role') == get_class($id)) {
+				$model = 'Role';
+				$queryStr = "SELECT * FROM `tblAros` WHERE `model`=".$db->qstr($model)." AND `foreignid`=".$id->getID();
+				$resArr = $db->getResultArray($queryStr);
+				if (is_bool($resArr) && $resArr === false)
+					return null;
+				if (count($resArr) == 0) {
+					$queryStr = "INSERT INTO `tblAros` (`parent`, `model`, `foreignid`) VALUES (0, ".$db->qstr($model).", ".$id->getID().")";
+					if (!$db->getResult($queryStr))
+						return null;
+					$id = $db->getInsertID();
+					$queryStr = "SELECT * FROM `tblAros` WHERE `id` = " . $id;
+					$resArr = $db->getResultArray($queryStr);
+				}
+				$resArr = $resArr[0];
+			} else {
+				return null;
+			}
+		}
+
+		if($resArr['model'] == 'Role') {
+			$classname = $dms->getClassname('role');
+			$object = $classname::getInstance($resArr['foreignid'], $dms);
+		} else {
+			$object = null;
+		}
+
+		$aro = new SeedDMS_Aro($dms, $resArr["id"], $resArr['parent'], $object, $resArr['alias']);
+		$aro->setDMS($dms);
+		return $aro;
+	} /* }}} */
+
+} /* }}} */
+
+/**
+ * Class to represent an access control object
+ *
+ * This class provides a model for access control objects.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Aco extends SeedDMS_AroAco{ /* {{{ */
+
+	/**
+	 * Create a new instance of an aco
+	 *
+	 * @param object $dms object to access the underlying database
+	 * @return object instance of SeedDMS_Aco
+	 */
+	public static function getInstance($id, $dms) { /* {{{ */
+		$db = $dms->getDB();
+		if(is_int($id)) {
+			$queryStr = "SELECT * FROM `tblAcos` WHERE `id` = " . (int) $id;
+			$resArr = $db->getResultArray($queryStr);
+			if (is_bool($resArr) && $resArr === false)
+				return null;
+			if (count($resArr) == 0) {
+				return null;
+			}
+			$resArr = $resArr[0];
+		} elseif(is_string($id)) {
+			$tmp = explode('/', $id);
+			$parentid = 0;
+			foreach($tmp as $part) {
+				$queryStr = "SELECT * FROM `tblAcos` WHERE `alias` = " . $db->qstr($part);
+//				if($parentid)
+				$queryStr .= " AND parent=".$parentid;
+				$resArr = $db->getResultArray($queryStr);
+				if (is_bool($resArr) && $resArr === false)
+					return null;
+				if (count($resArr) == 0) {
+					$queryStr = "INSERT INTO `tblAcos` (`parent`, `alias`, `model`) VALUES (".$parentid.",".$db->qstr($part).", '')";
+					if (!$db->getResult($queryStr))
+						return null;
+					$id = $db->getInsertID();
+					$queryStr = "SELECT * FROM `tblAcos` WHERE `id` = " . $id;
+					$resArr = $db->getResultArray($queryStr);
+				}
+				$parentid = (int) $resArr[0]['id'];
+			}
+			$resArr = $resArr[0];
+		}
+
+		if($resArr['model'] == 'Document') {
+			$classname = $dms->getClassname('document');
+			$object = $classname::getInstance($resArr['foreignid'], $dms);
+		} elseif($resArr['model'] == 'Folder') {
+			$classname = $dms->getClassname('focument');
+			$object = $classname::getInstance($resArr['foreignid'], $dms);
+		} else {
+			$object = null;
+		}
+
+		$aco = new SeedDMS_Aco($dms, $resArr["id"], $resArr['parent'], $object, $resArr['alias']);
+		$aco->setDMS($dms);
+		return $aco;
+	} /* }}} */
+
+	public function getChildren() { /* {{{ */
+		$dms = $this->getDMS();
+		$db = $dms->getDB();
+		$queryStr = "SELECT * FROM `tblAcos` WHERE `parent` = ".$this->_id." ORDER BY `alias`";
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr === false)
+			return null;
+		if (count($resArr) == 0)
+			return null;
+
+		$acos = array();
+		foreach($resArr as $row) {
+			$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
+			$aco->setDMS($dms);
+			$acos[] = $aco;
+		}
+		return $acos;
+	} /* }}} */
+
+	public function getPermission($aro) { /* {{{ */
+		if(!$aro)
+			return 0;
+		$dms = $this->getDMS();
+		$db = $dms->getDB();
+		$queryStr = "SELECT * FROM `tblArosAcos` WHERE `aro`=".$aro->getID()." AND `aco`=".$this->_id;
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr === false)
+			return false;
+		if (count($resArr) != 1)
+			return 0;
+		return (int) $resArr[0]['read'];
+	} /* }}} */
+
+	public static function getRoot($dms) { /* {{{ */
+		$db = $dms->getDB();
+		$queryStr = "SELECT * FROM `tblAcos` WHERE `parent` = 0 ORDER BY `alias`";
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr === false)
+			return null;
+
+		$acos = array();
+		foreach($resArr as $row) {
+			$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
+			$aco->setDMS($dms);
+			$acos[] = $aco;
+		}
+		return $acos;
+	} /* }}} */
+
+	public function getParent() { /* {{{ */
+		$dms = $this->getDMS();
+		$db = $dms->getDB();
+		$queryStr = "SELECT * FROM `tblAcos` WHERE `id` = ".$this->_parent;
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr === false)
+			return null;
+		if (count($resArr) != 1)
+			return null;
+
+		$row = $resArr[0];
+		$aco = new SeedDMS_Aco($dms, $row["id"], $row['parent'], null, $row['alias']);
+		$aco->setDMS($dms);
+		return $aco;
+	} /* }}} */
+} /* }}} */

inc/inc.ClassController.php

@@ -52,6 +52,7 @@ class Controller {
 			require_once($filename);
 			$controller = new $classname($params);
 			/* Set some configuration parameters */
+			$controller->setParam('class', $class);
 			$controller->setParam('postVars', $_POST);
 			$controller->setParam('getVars', $_GET);
 			$controller->setParam('requestVars', $_REQUEST);

inc/inc.ClassControllerCommon.php

@@ -75,7 +75,7 @@ class SeedDMS_Controller_Common {
 				if(method_exists($this, $action)) {
 					$refl = new ReflectionMethod($this, $action);
 					if($refl->isPublic())
-						return $this->{$action}();
+						$ret = $this->{$action}();
 					else {
 						echo "Action '".$action."' not public";
 						return false;
@@ -85,11 +85,12 @@ class SeedDMS_Controller_Common {
 					return false;
 				}
 			} else
-				return $this->run();
+				$ret = $this->run();
 		} else {
 			return false;
 		}
 		$this->callHook('postRun', get_class($this), $action ? $action : 'run');
+		return $ret;
 	}
 
 	public function setParams($params) {
@@ -316,4 +317,26 @@ class SeedDMS_Controller_Common {
 		}
 		return false;
 	} /* }}} */
+
+	/**
+	 * Check if the access on the contoller with given name or the current
+	 * controller itself may be accessed.
+	 *
+	 * The function requires the parameter 'accessobject' to be available in the
+	 * controller, because it calls SeedDMS_AccessOperation::check_controller_access()
+	 * to check access rights. If the the optional $name is not set the
+	 * current controller is used.
+	 *
+	 * @param string|array $name name of controller or list of controller names
+	 * @return boolean true if access is allowed otherwise false
+	 */
+	protected function check_access($name='') { /* {{{ */
+		if(!$name)
+			$name = $this;
+		if(!isset($this->params['accessobject']))
+			return false;
+		$access = $this->params['accessobject']->check_controller_access($name);
+		return $access;
+	} /* }}} */
+
 }

inc/inc.ClassDownloadMgr.php

@@ -93,11 +93,25 @@ class SeedDMS_Download_Mgr {
 	 */
 	protected $filenames;
 
+	/**
+	 * @var boolean $skipdefaultcols skip default columns, will only export extracols
+	 * @access protected
+	 */
+	protected $skipdefaultcols;
+
 	function __construct($tmpdir = '') {
 		$this->tmpdir = $tmpdir;
 		$this->items = array();
 		$this->folder_items = array();
-		$this->header = array(getMLText('download_header_document_no'), getMLText('download_header_document_name'), getMLText('download_header_filename'), getMLText('download_header_state'), getMLText('download_header_internal_version'), getMLText('download_header_reviewer'), getMLText('download_header_review_date'), getMLText('download_header_review_comment'), getMLText('download_header_review_state'), getMLText('download_header_approver'), getMLText('download_header_approval_date'), getMLText('download_header_approval_comment'), getMLText('download_header_approval_state'));
+		$this->header = array(getMLText('download_header_document_no'), getMLText('download_header_document_name'), getMLText('download_header_filename'), getMLText('download_header_state'), getMLText('download_header_internal_version'));
+		$this->header[] = getMLText('download_header_reviewer');
+	 	$this->header[] =	getMLText('download_header_review_date');
+	 	$this->header[] =	getMLText('download_header_review_comment');
+	 	$this->header[] =	getMLText('download_header_review_state');
+	 	$this->header[] =	getMLText('download_header_approver');
+	 	$this->header[] =	getMLText('download_header_approval_date');
+	 	$this->header[] =	getMLText('download_header_approval_comment');
+	 	$this->header[] =	getMLText('download_header_approval_state');
 		$this->folder_header = array(getMLText('download_header_folder_no'), getMLText('download_header_folder_name'));
 		$this->extracols = array();
 		$this->folder_extracols = array();
@@ -105,8 +119,14 @@ class SeedDMS_Download_Mgr {
 		$this->extraheader = array();
 		$this->folder_extraheader = array();
 		$this->filenames = array();
+		$this->includereviewers = false;
+		$this->includeapprovers = false;
 	}
 
+	public function skipDefaultCols($v) { /* {{{ */
+		$this->skipdefaultcols = (bool) $v;
+	} /* }}} */
+
 	public function addHeader($extraheader) { /* {{{ */
 		$this->extraheader = $extraheader;
 	} /* }}} */
@@ -129,7 +149,7 @@ class SeedDMS_Download_Mgr {
 
 	public function createToc($file) { /* {{{ */
 		$objPHPExcel = new PhpOffice\PhpSpreadsheet\Spreadsheet();
-		//$objPHPExcel->setValueBinder(new \PhpOffice\PhpSpreadsheet\Cell\AdvancedValueBinder());
+		$objPHPExcel->setValueBinder(new \PhpOffice\PhpSpreadsheet\Cell\AdvancedValueBinder());
 		$objPHPExcel->getProperties()->setCreator("SeedDMS")->setTitle("Metadata");
 		if($items = $this->items) {
 		$sheet = $objPHPExcel->setActiveSheetIndex(0);
@@ -137,10 +157,11 @@ class SeedDMS_Download_Mgr {
 
 		$i = 1;
 		$col = 1;
-		foreach($this->header as $h)
+		if(!$this->skipdefaultcols)
-			$sheet->setCellValueByColumnAndRow($col++, $i, $h);
+			foreach($this->header as $h)
+				$sheet->setCellValue([$col++, $i], $h);
 		foreach($this->extraheader as $h)
-			$sheet->setCellValueByColumnAndRow($col++, $i, $h);
+			$sheet->setCellValue([$col++, $i], $h);
 		$i++;
 		foreach($items as $item) {
 			if($item->isType('documentcontent')) {
@@ -151,13 +172,14 @@ class SeedDMS_Download_Mgr {
 			$approvalStatus = $item->getApprovalStatus();
 
 			$col = 1;
-			$sheet->setCellValueByColumnAndRow($col++, $i, $document->getID());
+			$l = $i; // Number of reviewers
-			$sheet->setCellValueByColumnAndRow($col++, $i, $document->getName());
+			$k = $i; // Number of approvers
-			$sheet->setCellValueByColumnAndRow($col++, $i, $document->getID()."-".$item->getOriginalFileName());
+			if(!$this->skipdefaultcols) {
-			$sheet->setCellValueByColumnAndRow($col++, $i, getOverallStatusText($status['status']));
+			$sheet->setCellValue([$col++, $i], $document->getID());
-			$sheet->setCellValueByColumnAndRow($col++, $i, $item->getVersion());
+			$sheet->setCellValue([$col++, $i], $document->getName());
-			$l = $i;
+			$sheet->setCellValue([$col++, $i], $document->getID()."-".$item->getOriginalFileName());
-			$k = $i;
+			$sheet->setCellValue([$col++, $i], getOverallStatusText($status['status']));
+			$sheet->setCellValue([$col++, $i], $item->getVersion());
 			if($reviewStatus) {
 				foreach ($reviewStatus as $r) {
 					switch ($r["type"]) {
@@ -179,11 +201,11 @@ class SeedDMS_Download_Mgr {
 							break;
 					}
 					$tcol = $col;
-					$sheet->setCellValueByColumnAndRow($tcol++, $l, $reqName);
+					$sheet->setCellValue([$tcol++, $l], $reqName);
-					$sheet->setCellValueByColumnAndRow($tcol, $l, ($r['status']==1 || $r['status']==-1) ? \PhpOffice\PhpSpreadsheet\Shared\Date::PHPToExcel(new DateTime($r['date'])) : null);
+					$sheet->setCellValue([$tcol, $l], ($r['status']==1 || $r['status']==-1) ? \PhpOffice\PhpSpreadsheet\Shared\Date::PHPToExcel(new DateTime($r['date'])) : null);
-					$sheet->getStyleByColumnAndRow($tcol++, $l)->getNumberFormat()->setFormatCode(\PhpOffice\PhpSpreadsheet\Style\NumberFormat::FORMAT_DATE_DATETIME);
+					$sheet->getStyle([$tcol++, $l])->getNumberFormat()->setFormatCode(\PhpOffice\PhpSpreadsheet\Style\NumberFormat::FORMAT_DATE_DATETIME);
-					$sheet->setCellValueByColumnAndRow($tcol++, $l, $r['comment']);
+					$sheet->setCellValue([$tcol++, $l], $r['comment']);
-					$sheet->setCellValueByColumnAndRow($tcol++, $l, getReviewStatusText($r["status"]));
+					$sheet->setCellValue([$tcol++, $l], getReviewStatusText($r["status"]));
 					$l++;
 				}
 				$l--;
@@ -210,19 +232,20 @@ class SeedDMS_Download_Mgr {
 							break;
 					}
 					$tcol = $col;
-					$sheet->setCellValueByColumnAndRow($tcol++, $k, $reqName);
+					$sheet->setCellValue([$tcol++, $k], $reqName);
-					$sheet->setCellValueByColumnAndRow($tcol, $k, ($r['status']==1 || $r['status']==-1) ? \PhpOffice\PhpSpreadsheet\Shared\Date::PHPToExcel(new DateTime($r['date'])) : null);
+					$sheet->setCellValue([$tcol, $k], ($r['status']==1 || $r['status']==-1) ? \PhpOffice\PhpSpreadsheet\Shared\Date::PHPToExcel(new DateTime($r['date'])) : null);
-					$sheet->getStyleByColumnAndRow($tcol++, $k)->getNumberFormat()->setFormatCode(\PhpOffice\PhpSpreadsheet\Style\NumberFormat::FORMAT_DATE_DATETIME);
+					$sheet->getStyle([$tcol++, $k])->getNumberFormat()->setFormatCode(\PhpOffice\PhpSpreadsheet\Style\NumberFormat::FORMAT_DATE_DATETIME);
-					$sheet->setCellValueByColumnAndRow($tcol++, $k, $r['comment']);
+					$sheet->setCellValue([$tcol++, $k], $r['comment']);
-					$sheet->setCellValueByColumnAndRow($tcol++, $k, getApprovalStatusText($r["status"]));
+					$sheet->setCellValue([$tcol++, $k], getApprovalStatusText($r["status"]));
 					$k++;
 				}
 				$k--;
 			}
 			$col += 4;
+			}
 			if(isset($this->extracols[$item->getID()]) && $this->extracols[$item->getID()]) {
 				foreach($this->extracols[$item->getID()] as $column)
-					$sheet->setCellValueByColumnAndRow($col++, $i, is_array($column) ? implode("\n", $column) : $column );
+					$sheet->setCellValue([$col++, $i], is_array($column) ? implode("\n", $column) : $column );
 			}
 			$i = max($l, $k);
 			$i++;
@@ -239,10 +262,11 @@ class SeedDMS_Download_Mgr {
 
 			$i = 1;
 			$col = 1;
-			foreach($this->folder_header as $h)
+			if(!$this->skipdefaultcols)
-				$sheet->setCellValueByColumnAndRow($col++, $i, $h);
+				foreach($this->folder_header as $h)
+					$sheet->setCellValue([$col++, $i], $h);
 			foreach($this->folder_extraheader as $h)
-				$sheet->setCellValueByColumnAndRow($col++, $i, $h);
+				$sheet->setCellValue([$col++, $i], $h);
 			$i++;
 			$items = $this->folder_items;
 			foreach($items as $item) {
@@ -251,11 +275,13 @@ class SeedDMS_Download_Mgr {
 					$dms = $folder->_dms;
 
 					$col = 1;
-					$sheet->setCellValueByColumnAndRow($col++, $i, $folder->getID());
+					if(!$this->skipdefaultcols) {
-					$sheet->setCellValueByColumnAndRow($col++, $i, $folder->getName());
+						$sheet->setCellValue([$col++, $i], $folder->getID());
+						$sheet->setCellValue([$col++, $i], $folder->getName());
+					}
 					if(isset($this->folder_extracols[$item->getID()]) && $this->folder_extracols[$item->getID()]) {
 						foreach($this->folder_extracols[$item->getID()] as $column)
-							$sheet->setCellValueByColumnAndRow($col++, $i, is_array($column) ? implode("\n", $column) : $column );
+							$sheet->setCellValue([$col++, $i], is_array($column) ? implode("\n", $column) : $column );
 					}
 					$i++;
 				}

inc/inc.ClassEmailNotify.php

@@ -122,7 +122,6 @@ class SeedDMS_EmailNotify extends SeedDMS_Notify {
 			$from = $this->from_address;
 		}
 
-
 		$body = '';
 		if(!isset($params['__skip_header__']) || !$params['__skip_header__']) {
 			if(!isset($params['__header__']))
@@ -206,7 +205,7 @@ class SeedDMS_EmailNotify extends SeedDMS_Notify {
 		if($returnpath)
 			$headers['Return-Path'] = $returnpath;
 		$headers['To'] = $to;
-		$preferences = array("input-charset" => "UTF-8", "output-charset" => "UTF-8");
+		$preferences = array("input-charset" => "UTF-8", "output-charset" => "UTF-8", "scheme"=>"Q");
 		$encoded_subject = iconv_mime_encode("Subject", getMLText($subject, $params, null, $lang), $preferences);
 		$headers['Subject'] = substr($encoded_subject, strlen('Subject: '));
 		$headers['Date'] = date('r', time());
@@ -280,10 +279,12 @@ class SeedDMS_EmailNotify extends SeedDMS_Notify {
 	 * The dispatching is now done in SeedDMS_NotificationService::toList()
 	 */
 	function toList($sender, $recipients, $subject, $message, $params=array()) { /* {{{ */
+		/*
 		if ((!is_object($sender) && strcasecmp(get_class($sender), $this->_dms->getClassname('user'))) ||
 				(!is_array($recipients) && count($recipients)==0)) {
 			return false;
 		}
+		 */
 
 		$ret = true;
 		foreach ($recipients as $recipient) {

inc/inc.ClassExtensionMgr.php

@@ -148,6 +148,10 @@ class SeedDMS_Extension_Mgr {
 		}
 	} /* }}} */
 
+	public function getRepositoryUrl() { /* {{{ */
+		return $this->reposurl;
+	} /* }}} */
+
 	private function getStreamContext() { /* {{{ */
 		if(!$this->proxyurl)
 			return null;
@@ -206,13 +210,19 @@ class SeedDMS_Extension_Mgr {
 		$fp = @fopen(self::getExtensionsConfFile(), "w");
 		if($fp) {
 			if($extensions) {
+				$EXT_CONF = [];
 				foreach($extensions as $_ext) {
 					if(file_exists($this->extdir . "/" . $_ext . "/conf.php")) {
-						$content = file_get_contents($this->extdir . "/" . $_ext . "/conf.php");
+						include $this->extdir . "/" . $_ext . "/conf.php";
-						fwrite($fp, $content);
+//						$content = file_get_contents($this->extdir . "/" . $_ext . "/conf.php");
+//						fwrite($fp, $content);
 					}
 				}
 			}
+//			fclose($fp);
+//			$fp = @fopen(self::getExtensionsConfFile(), "w");
+			fwrite($fp, '<?php
+$EXT_CONF = '.var_export($EXT_CONF, true).';');
 			fclose($fp);
 			return true;
 		} else {
@@ -606,14 +616,15 @@ class SeedDMS_Extension_Mgr {
 		$result = array();
 		$vcache = array(); // keep highest version of extension
 		foreach($list as $e) {
-			if($e[0] != '#') {
+			if($e[0] != '#' && trim($e)) {
-				$re = json_decode($e, true);
+				if($re = json_decode($e, true)) {
-				if(!isset($result[$re['name']])) {
+					if(!isset($result[$re['name']])) {
-					$result[$re['name']] = $re;
+						$result[$re['name']] = $re;
-					$vcache[$re['name']] = $re['version'];
+						$vcache[$re['name']] = $re['version'];
-				} elseif(self::cmpVersion($re['version'], $vcache[$re['name']]) > 0) {
+					} elseif(self::cmpVersion($re['version'], $vcache[$re['name']]) > 0) {
-					$result[$re['name']] = $re;
+						$result[$re['name']] = $re;
-					$vcache[$re['name']] = $re['version'];
+						$vcache[$re['name']] = $re['version'];
+					}
 				}
 			}
 		}

inc/inc.ClassNotificationService.php

@@ -51,6 +51,8 @@ class SeedDMS_NotificationService {
 	const RECV_APPROVER = 4;
 	const RECV_WORKFLOW = 5;
 	const RECV_UPLOADER = 6;
+	const RECV_REVISOR = 7;
+	const RECV_RECIPIENT = 8;
 
 	public function __construct($logger = null, $settings = null) { /* {{{ */
 		$this->services = array();
@@ -1175,6 +1177,80 @@ class SeedDMS_NotificationService {
 			$this->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_UPLOADER);
 	} /* }}} */
 
+	public function sendSubmittedReceiptMail($content, $user, $receiptlog) { /* {{{ */
+		$document = $content->getDocument();
+		$nl=$document->getNotifyList();
+		$folder = $document->getFolder();
+		$subject = "receipt_submit_email_subject";
+		$message = "receipt_submit_email_body";
+		$params = array();
+		$params['name'] = $document->getName();
+		$params['document_id'] = $document->getId();
+		$params['version'] = $content->getVersion();
+		$params['folder_path'] = $folder->getFolderPathPlain();
+		$params['status'] = getReceiptStatusText($receiptlog["status"]);
+		$params['comment'] = $receiptlog['comment'];
+		$params['username'] = $user->getFullName();
+		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
+		$params['sitename'] = $this->settings->_siteName;
+		$params['http_root'] = $this->settings->_httpRoot;
+		$this->toList($user, $nl["users"], $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
+		foreach ($nl["groups"] as $grp) {
+			$this->toGroup($user, $grp, $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
+		}
+		/* Send mail to owner only if the currently logged in user is not the
+		 * owner and the owner is not already in the list of notifiers.
+		 */
+		/*
+		if($user->getID() != $document->getOwner()->getID() && false === SeedDMS_Core_DMS::inList($document->getOwner(), $nl['users']))
+			$this->toIndividual($user, $document->getOwner(), $subject, $message, $params, SeedDMS_NotificationService::RECV_OWNER);
+		 */
+
+		/* Send mail to uploader of version only if the uploader is not the owner and
+		 * the currently logged in user is not the
+		 * owner and the owner is not already in the list of notifiers.
+		 */
+		if($user->getID() != $content->getUser()->getID() /* && $content->getUser()->getID() != $document->getOwner()->getID() */ && false === SeedDMS_Core_DMS::inList($content->getUser(), $nl['users']))
+			$this->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_UPLOADER);
+	} /* }}} */
+
+	public function sendSubmittedRevisionMail($content, $user, $revisionlog) { /* {{{ */
+		$document = $content->getDocument();
+		$nl=$document->getNotifyList();
+		$folder = $document->getFolder();
+		$subject = "revision_submit_email_subject";
+		$message = "revision_submit_email_body";
+		$params = array();
+		$params['name'] = $document->getName();
+		$params['document_id'] = $document->getId();
+		$params['version'] = $content->getVersion();
+		$params['folder_path'] = $folder->getFolderPathPlain();
+		$params['status'] = getRevisionStatusText($revisionlog["status"]);
+		$params['comment'] = $revisionlog['comment'];
+		$params['username'] = $user->getFullName();
+		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
+		$params['sitename'] = $this->settings->_siteName;
+		$params['http_root'] = $this->settings->_httpRoot;
+		$this->toList($user, $nl["users"], $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
+		foreach ($nl["groups"] as $grp) {
+			$this->toGroup($user, $grp, $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
+		}
+		/* Send mail to owner only if the currently logged in user is not the
+		 * owner and the owner is not already in the list of notifiers.
+		 */
+		/*
+		if($user->getID() != $document->getOwner()->getID() && false === SeedDMS_Core_DMS::inList($document->getOwner(), $nl['users']))
+			$this->toIndividual($user, $document->getOwner(), $subject, $message, $params, SeedDMS_NotificationService::RECV_OWNER);
+		 */
+
+		/* Send mail to uploader of version only if the uploader is not the owner and
+		 * the currently logged in user is not the
+		 * owner and the owner is not already in the list of notifiers.
+		 */
+		if($user->getID() != $content->getUser()->getID() /* && $content->getUser()->getID() != $document->getOwner()->getID() */ && false === SeedDMS_Core_DMS::inList($content->getUser(), $nl['users']))
+			$this->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_UPLOADER);
+	} /* }}} */
+
 	public function sendDeleteApprovalMail($content, $user, $approver) { /* {{{ */
 		$document = $content->getDocument();
 		$folder = $document->getFolder();
@@ -1208,7 +1284,11 @@ class SeedDMS_NotificationService {
 		$params['folder_path'] = $folder->getFolderPathPlain();
 		$params['version'] = $content->getVersion();
 		$params['comment'] = $content->getComment();
-		$params['username'] = $user->getFullName();
+		if($reviewer->isType('user'))
+			$params['reviewer'] = $reviewer->getFullName();
+		elseif($reviewer->isType('group'))
+			$params['reviewer'] = $reviewer->getName();
+		$params['username'] = $user->getName();
 		$params['sitename'] = $this->settings->_siteName;
 		$params['http_root'] = $this->settings->_httpRoot;
 		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
@@ -1219,6 +1299,58 @@ class SeedDMS_NotificationService {
 			$this->toGroup($user, $reviewer, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVIEWER);
 	} /* }}} */
 
+	public function sendDeleteRevisionMail($content, $user, $revisor) { /* {{{ */
+		$document = $content->getDocument();
+		$folder = $document->getFolder();
+		$subject = "revision_deletion_email_subject";
+		$message = "revision_deletion_email_body";
+		$params = array();
+		$params['name'] = $document->getName();
+		$params['document_id'] = $document->getId();
+		$params['folder_path'] = $folder->getFolderPathPlain();
+		$params['version'] = $content->getVersion();
+		$params['comment'] = $content->getComment();
+		if($revisor->isType('user'))
+			$params['revisor'] = $revisor->getFullName();
+		elseif($revisor->isType('group'))
+			$params['revisor'] = $revisor->getName();
+		$params['username'] = $user->getFullName();
+		$params['sitename'] = $this->settings->_siteName;
+		$params['http_root'] = $this->settings->_httpRoot;
+		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
+
+		if($revisor->isType('user'))
+			$this->toIndividual($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
+		elseif($revisor->isType('group'))
+			$this->toGroup($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
+	} /* }}} */
+
+	public function sendDeleteReceiptMail($content, $user, $recipient) { /* {{{ */
+		$document = $content->getDocument();
+		$folder = $document->getFolder();
+		$subject = "receipt_deletion_email_subject";
+		$message = "receipt_deletion_email_body";
+		$params = array();
+		$params['name'] = $document->getName();
+		$params['document_id'] = $document->getId();
+		$params['folder_path'] = $folder->getFolderPathPlain();
+		$params['version'] = $content->getVersion();
+		$params['comment'] = $content->getComment();
+		if($recipient->isType('user'))
+			$params['recipient'] = $recipient->getFullName();
+		elseif($recipient->isType('group'))
+			$params['recipient'] = $recipient->getName();
+		$params['username'] = $user->getFullName();
+		$params['sitename'] = $this->settings->_siteName;
+		$params['http_root'] = $this->settings->_httpRoot;
+		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
+
+		if($recipient->isType('user'))
+			$this->toIndividual($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
+		elseif($recipient->isType('group'))
+			$this->toGroup($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
+	} /* }}} */
+
 	/**
 	 * This notification is send if a new approver is added.
 	 *
@@ -1270,6 +1402,10 @@ class SeedDMS_NotificationService {
 		$params['folder_path'] = $folder->getFolderPathPlain();
 		$params['version'] = $content->getVersion();
 		$params['comment'] = $content->getComment();
+		if($reviewer->isType('user'))
+			$params['reviewer'] = $reviewer->getFullName();
+		elseif($reviewer->isType('group'))
+			$params['reviewer'] = $reviewer->getName();
 		$params['username'] = $user->getFullName();
 		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
 		$params['sitename'] = $this->settings->_siteName;
@@ -1281,6 +1417,89 @@ class SeedDMS_NotificationService {
 			$this->toGroup($user, $reviewer, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVIEWER);
 	} /* }}} */
 
+	public function sendAddRevisionMail($content, $user, $revisor) { /* {{{ */
+		$document = $content->getDocument();
+		$folder = $document->getFolder();
+
+		$subject = "revision_request_email_subject";
+		$message = "revision_request_email_body";
+		$params = array();
+		$params['name'] = $document->getName();
+		$params['document_id'] = $document->getId();
+		$params['folder_path'] = $folder->getFolderPathPlain();
+		$params['version'] = $content->getVersion();
+		$params['comment'] = $content->getComment();
+		if($revisor->isType('user'))
+			$params['revisor'] = $revisor->getFullName();
+		elseif($revisor->isType('group'))
+			$params['revisor'] = $user->getName();
+		$params['username'] = $user->getFullName();
+		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
+		$params['sitename'] = $this->settings->_siteName;
+		$params['http_root'] = $this->settings->_httpRoot;
+
+		if($revisor->isType('user'))
+			$this->toIndividual($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
+		elseif($revisor->isType('group'))
+			$this->toGroup($user, $revisor, $subject, $message, $params, SeedDMS_NotificationService::RECV_REVISOR);
+	} /* }}} */
+
+	public function sendAddReceiptMail($content, $user, $recipient) { /* {{{ */
+		$document = $content->getDocument();
+		$folder = $document->getFolder();
+
+		$subject = "receipt_request_email_subject";
+		$message = "receipt_request_email_body";
+		$params = array();
+		$params['name'] = $document->getName();
+		$params['document_id'] = $document->getId();
+		$params['folder_path'] = $folder->getFolderPathPlain();
+		$params['version'] = $content->getVersion();
+		$params['comment'] = $content->getComment();
+		if($recipient->isType('user'))
+			$params['recipient'] = $recipient->getFullName();
+		elseif($recipient->isType('group'))
+			$params['recipient'] = $user->getName();
+		$params['username'] = $user->getFullName();
+		$params['url'] = getBaseUrl().$this->settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
+		$params['sitename'] = $this->settings->_siteName;
+		$params['http_root'] = $this->settings->_httpRoot;
+
+		if($recipient->isType('user'))
+			$this->toIndividual($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
+		elseif($recipient->isType('group'))
+			$this->toGroup($user, $recipient, $subject, $message, $params, SeedDMS_NotificationService::RECV_RECIPIENT);
+	} /* }}} */
+
+	/**
+	 * Send a request receipt notification to all recipients of the document content
+	 *
+	 * This method can be called when the status of a document content changes
+	 * to 'released'. The recipients haven't been informed when the
+	 * document content was created but not immediatly released.
+	 */
+	public function sendToAllReceiptMail($content, $user) { /* {{{ */
+		$dms = $content->getDMS();
+
+		$receiptStatus = $content->getReceiptStatus();
+		if (!empty($receiptStatus)) {
+			foreach ($receiptStatus as $r) {
+				if($r['status'] == 0) {
+					switch ($r["type"]) {
+						case 0: // Recipient is an individual.
+							if($recipient = $dms->getUser($r["required"]))
+								$this->sendAddReceiptMail($content, $user, $recipient);
+							break;
+						case 1: // Recipient is a group.
+							if($recipient = $dms->getGroup($r["required"]))
+								$this->sendAddReceiptMail($content, $user, $recipient);
+							break;
+					}
+				}
+			}
+		}
+	} /* }}} */
+
 	public function sendChangedDocumentOwnerMail($document, $user, $oldowner) { /* {{{ */
 		if($oldowner->getID() != $document->getOwner()->getID()) {
 			$notifyList = $document->getNotifyList();

inc/inc.ClassScheduler.php

@@ -0,0 +1,74 @@
+<?php
+/**
+ * Implementation of an SchedulerTask.
+ *
+ * SeedDMS can be extended by extensions. Extension usually implement
+ * hook.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2018 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class to represent a SchedulerTask
+ *
+ * This class provides some very basic methods to manage extensions.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2011 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_Scheduler {
+
+	/**
+	 * Instanz of database
+	 */
+	protected $db;
+
+	public function getTask($id) { /* {{{ */
+		return SeedDMS_SchedulerTask::getInstance($id, $this->db);
+	} /* }}} */
+
+	public function getTasksByExtension($extname, $taskname) { /* {{{ */
+		return SeedDMS_SchedulerTask::getInstancesByExtension($extname, $taskname, $this->db);
+	} /* }}} */
+
+	public function getTasks() { /* {{{ */
+		return SeedDMS_SchedulerTask::getInstances($this->db);
+	} /* }}} */
+
+	public function addTask($extname, $taskname, $name, $description, $frequency, $disabled, $params) { /* {{{ */
+		$db = $this->db;
+		if(!$extname)
+			return false;
+		if(!$taskname)
+			return false;
+		try {
+			$cron = Cron\CronExpression::factory($frequency);
+		} catch (Exception $e) {
+			return false;
+		}
+		$nextrun = $cron->getNextRunDate()->format('Y-m-d H:i:s');
+
+		$queryStr = "INSERT INTO `tblSchedulerTask` (`extension`, `task`, `name`, `description`, `frequency`, `disabled`, `params`, `nextrun`, `lastrun`) VALUES (".$db->qstr($extname).", ".$db->qstr($taskname).", ".$db->qstr($name).", ".$db->qstr($description).", ".$db->qstr($frequency).", ".intval($disabled).", ".$db->qstr(json_encode($params)).", '".$nextrun."', NULL)";
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$task = SeedDMS_SchedulerTask::getInstance($db->getInsertID('tblSchedulerTask'), $db);
+
+		return $task;
+	} /* }}} */
+
+	function __construct($db) {
+		$this->db = $db;
+	}
+
+}

inc/inc.ClassSchedulerTask.php

@@ -0,0 +1,347 @@
+<?php
+/**
+ * Implementation of an SchedulerTask.
+ *
+ * SeedDMS can be extended by extensions. Extension usually implement
+ * hook.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2018 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Class to represent a SchedulerTask
+ *
+ * This class provides some very basic methods to manage extensions.
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  2011 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_SchedulerTask {
+	/**
+	 * Instanz of database
+	 */
+	protected $db;
+
+	/**
+	 * @var integer unique id of task
+	 */
+	protected $_id;
+
+	/**
+	 * @var string name of task
+	 */
+	protected $_name;
+
+	/**
+	 * @var string description of task
+	 */
+	protected $_description;
+
+	/**
+	 * @var string extension of task
+	 */
+	protected $_extension;
+
+	/**
+	 * @var string task of task
+	 */
+	protected $_task;
+
+	/**
+	 * @var string frequency of task
+	 */
+	protected $_frequency;
+
+	/**
+	 * @var integer set if disabled
+	 */
+	protected $_disabled;
+
+	/**
+	 * @var array list of parameters
+	 */
+	protected $_params;
+
+	/**
+	 * @var integer last run
+	 */
+	protected $_lastrun;
+
+	/**
+	 * @var integer next run
+	 */
+	protected $_nextrun;
+
+	public static function getInstance($id, $db) { /* {{{ */
+		$queryStr = "SELECT * FROM `tblSchedulerTask` WHERE `id` = " . (int) $id;
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr == false)
+			return false;
+		if (count($resArr) != 1)
+			return null;
+		$row = $resArr[0];
+
+		$task = new self($row["id"], $row['name'], $row["description"], $row["extension"], $row["task"], $row["frequency"], $row['disabled'], json_decode($row['params'], true), $row["nextrun"], $row["lastrun"]);
+		$task->setDB($db);
+
+		return $task;
+	} /* }}} */
+
+	public static function getInstances($db) { /* {{{ */
+		$queryStr = "SELECT * FROM `tblSchedulerTask`";
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr == false)
+			return false;
+		if (count($resArr) == 0)
+			return array();
+
+		$tasks = array();
+		foreach($resArr as $row) {
+			$task = new self($row["id"], $row['name'], $row["description"], $row["extension"], $row["task"], $row["frequency"], $row['disabled'], json_decode($row['params'], true), $row["nextrun"], $row["lastrun"]);
+			$task->setDB($db);
+			$tasks[] = $task;
+		}
+
+		return $tasks;
+	} /* }}} */
+
+	public static function getInstancesByExtension($extname, $taskname, $db) { /* {{{ */
+		$queryStr = "SELECT * FROM `tblSchedulerTask` WHERE `extension` = '".$extname."' AND `task` = '".$taskname."'";
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr == false)
+			return false;
+		if (count($resArr) == 0)
+			return array();
+
+		$tasks = array();
+		foreach($resArr as $row) {
+			$task = new self($row["id"], $row['name'], $row["description"], $row["extension"], $row["task"], $row["frequency"], $row['disabled'], json_decode($row['params'], true), $row["nextrun"], $row["lastrun"]);
+			$task->setDB($db);
+			$tasks[] = $task;
+		}
+
+		return $tasks;
+	} /* }}} */
+
+	function __construct($id, $name, $description, $extension, $task, $frequency, $disabled, $params, $nextrun, $lastrun) {
+		$this->_id = $id;
+		$this->_name = $name;
+		$this->_description = $description;
+		$this->_extension = $extension;
+		$this->_task = $task;
+		$this->_frequency = $frequency;
+		$this->_disabled = $disabled;
+		$this->_params = $params;
+		$this->_nextrun = $nextrun;
+		$this->_lastrun = $lastrun;
+	}
+
+	public function setDB($db) {
+		$this->db = $db;
+	}
+
+	public function getID() {
+		return $this->_id;
+	}
+
+	public function getName() {
+		return $this->_name;
+	}
+
+	public function setName($newName) { /* {{{ */
+		$db = $this->db;
+
+		$queryStr = "UPDATE `tblSchedulerTask` SET `name` =".$db->qstr($newName)." WHERE `id` = " . $this->_id;
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$this->_name = $newName;
+		return true;
+	} /* }}} */
+
+	public function getDescription() {
+		return $this->_description;
+	}
+
+	public function setDescription($newDescripion) { /* {{{ */
+		$db = $this->db;
+
+		$queryStr = "UPDATE `tblSchedulerTask` SET `description` =".$db->qstr($newDescripion)." WHERE `id` = " . $this->_id;
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$this->_description = $newDescripion;
+		return true;
+	} /* }}} */
+
+	public function getExtension() {
+		return $this->_extension;
+	}
+
+	public function getTask() {
+		return $this->_task;
+	}
+
+	public function getFrequency() {
+		return $this->_frequency;
+	}
+
+	public function setFrequency($newFrequency) { /* {{{ */
+		$db = $this->db;
+
+		try {
+			$cron = Cron\CronExpression::factory($newFrequency);
+		} catch (Exception $e) {
+			return false;
+		}
+		$nextrun = $cron->getNextRunDate()->format('Y-m-d H:i:s');
+
+		$queryStr = "UPDATE `tblSchedulerTask` SET `frequency` =".$db->qstr($newFrequency).", `nextrun` = '".$nextrun."' WHERE `id` = " . $this->_id;
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$this->_frequency = $newFrequency;
+		$this->_nextrun = $nextrun;
+		return true;
+	} /* }}} */
+
+	public function getNextRun() {
+		return $this->_nextrun;
+	}
+
+	public function getLastRun() {
+		return $this->_lastrun;
+	}
+
+	public function getDisabled() {
+		return $this->_disabled;
+	}
+
+	public function setDisabled($newDisabled) { /* {{{ */
+		$db = $this->db;
+
+		$queryStr = "UPDATE `tblSchedulerTask` SET `disabled` =".intval($newDisabled)." WHERE `id` = " . $this->_id;
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$this->_disabled = $newDisabled;
+		return true;
+	} /* }}} */
+
+	public function setParameter($newParams) { /* {{{ */
+		$db = $this->db;
+
+		$queryStr = "UPDATE `tblSchedulerTask` SET `params` =".$db->qstr(json_encode($newParams))." WHERE `id` = " . $this->_id;
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$this->_params = $newParams;
+		return true;
+	} /* }}} */
+
+	public function getParameter($name = '') {
+		if($name)
+			return isset($this->_params[$name]) ? $this->_params[$name] : null;
+		return $this->_params;
+	}
+
+	/**
+	 * Check if task is due
+	 *
+	 * This methods compares the current time with the time in the database
+	 * field `nextrun`.
+	 * If nextrun is smaller than the current time, the the task is due.
+	 * The methode does not rely on the value in the class variable `_nextrun`,
+	 * because that value could be 'very old', retrieved at a time
+	 * when the task list was fetched for checking due tasks e.g. by the
+	 * scheduler client. There is good reason to always take the current
+	 * value of nextrun from the database.
+	 *
+	 * Assuming there are two tasks. Task 1 takes 13 mins and task 2 takes only
+	 * 30 sec. Task 1 is run every hour and task 2 starts at 8:06. The cronjob
+	 * runs every 5 min. At e.g. 8:00 the list of tasks is read from the database
+	 * task 1 is due and starts running and before it runs it sets the database
+	 * field nextrun to 9:00. Task 2 isn't due at that time.
+	 * At 8:05 the cron job runs again, task 1 has already a new nextrun value
+	 * and will not run again. Task 2 isn't due yet and task 1 started at 8:00 is
+	 * still running.
+	 * At 8:10 task 1 is still running an not due again, but task 2 is due and
+	 * will be run. The database field `nextrun` of task 2 will be set to 8:06
+	 * on the next day.
+	 * At 8:13 task 1 which started at 8:00 is finished and the list of tasks
+	 * from that time will be processed further. Task 2 still has the old value
+	 * in the class variable `_nextrun` (8:06 the current day),
+	 * though the database field `nextrun` has been updated in
+	 * between. Taking the value of the class variable would rerun task 2 again,
+	 * though it ran at 8:10 already.
+	 * That's why this method always takes the current value of nextrun
+	 * from the database.
+	 *
+	 * @return boolean true if task is due, otherwise false
+	 */
+	public function isDue() {
+		$db = $this->db;
+
+		$queryStr = "SELECT * FROM `tblSchedulerTask` WHERE `id` = " . $this->_id;
+		$resArr = $db->getResultArray($queryStr);
+		if (is_bool($resArr) && $resArr == false)
+			return false;
+		if (count($resArr) != 1)
+			return false;
+		$row = $resArr[0];
+		$this->_nextrun = $row['nextrun'];
+
+		return $this->_nextrun < date('Y-m-d H:i:s');
+	}
+
+	public function updateLastNextRun() {
+		$db = $this->db;
+
+		$lastrun = date('Y-m-d H:i:s');
+		try {
+			$cron = Cron\CronExpression::factory($this->_frequency);
+			$nextrun = $cron->getNextRunDate()->format('Y-m-d H:i:s');
+		} catch (Exception $e) {
+			$nextrun = null;
+		}
+
+		$queryStr = "UPDATE `tblSchedulerTask` SET `lastrun`=".$db->qstr($lastrun).", `nextrun`=".($nextrun ? $db->qstr($nextrun) : "NULL")." WHERE `id` = " . $this->_id;
+		$res = $db->getResult($queryStr);
+		if (!$res)
+			return false;
+
+		$this->_lastrun = $lastrun;
+		$this->_nextrun = $nextrun;
+	}
+
+	/**
+	 * Delete task
+	 *
+	 * @return boolean true on success or false in case of an error
+	 */
+	function remove() { /* {{{ */
+		$db = $this->db;
+
+		$queryStr = "DELETE FROM `tblSchedulerTask` WHERE `id` = " . $this->_id;
+		if (!$db->getResult($queryStr)) {
+			return false;
+		}
+
+		return true;
+	} /* }}} */
+
+}

inc/inc.ClassSchedulerTaskBase.php

@@ -0,0 +1,139 @@
+<?php
+/***************************************************************
+*  Copyright notice
+*
+*  (c) 2018 Uwe Steinmann <uwe@steinmann.cx>
+*  All rights reserved
+*
+*  This script is part of the SeedDMS project. The SeedDMS project is
+*  free software; you can redistribute it and/or modify
+*  it under the terms of the GNU General Public License as published by
+*  the Free Software Foundation; either version 2 of the License, or
+*  (at your option) any later version.
+*
+*  The GNU General Public License can be found at
+*  http://www.gnu.org/copyleft/gpl.html.
+*
+*  This script is distributed in the hope that it will be useful,
+*  but WITHOUT ANY WARRANTY; without even the implied warranty of
+*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+*  GNU General Public License for more details.
+*
+*  This copyright notice MUST APPEAR in all copies of the script!
+***************************************************************/
+
+/**
+ * Base class for scheduler task
+ *
+ * @author  Uwe Steinmann <uwe@steinmann.cx>
+ * @package SeedDMS
+ */
+class SeedDMS_SchedulerTaskBase {
+	var $dms;
+
+	var $user;
+
+	var $settings;
+
+	var $logger;
+
+	var $fulltextservice;
+
+	var $notifier;
+
+	var $conversionmgr;
+
+	/**
+	 * Call a hook with a given name
+	 *
+	 * Checks if a hook with the given name and for the current task
+	 * exists and executes it. The name of the current task is taken
+	 * from the current class name by lower casing the first char.
+	 * This function will execute all registered hooks in the order
+	 * they were registered.
+	 *
+	 * Attention: as func_get_arg() cannot handle references passed to the hook,
+	 * callHook() should not be called if that is required. In that case get
+	 * a list of hook objects with getHookObjects() and call the hooks yourself.
+	 *
+	 * @params string $hook name of hook
+	 * @return string concatenated string, merged arrays or whatever the hook
+	 * function returns
+	 */
+	public function callHook($hook) { /* {{{ */
+		$tmps = array();
+		$tmp = explode('_', get_class($this));
+		$tmps[] = $tmp[1];
+		$tmp = explode('_', get_parent_class($this));
+		$tmps[] = $tmp[1];
+		/* Run array_unique() in case the parent class has the same suffix */
+		$tmps = array_unique($tmps);
+		$ret = null;
+		foreach($tmps as $tmp)
+		if(isset($GLOBALS['SEEDDMS_HOOKS']['task'][lcfirst($tmp)])) {
+			foreach($GLOBALS['SEEDDMS_HOOKS']['task'][lcfirst($tmp)] as $hookObj) {
+				if (method_exists($hookObj, $hook)) {
+					switch(func_num_args()) {
+						case 1:
+							$tmpret = $hookObj->$hook($this);
+							break;
+						case 2:
+							$tmpret = $hookObj->$hook($this, func_get_arg(1));
+							break;
+						case 3:
+							$tmpret = $hookObj->$hook($this, func_get_arg(1), func_get_arg(2));
+							break;
+						case 4:
+							$tmpret = $hookObj->$hook($this, func_get_arg(1), func_get_arg(2), func_get_arg(3));
+							break;
+						default:
+						case 5:
+							$tmpret = $hookObj->$hook($this, func_get_arg(1), func_get_arg(2), func_get_arg(3), func_get_arg(4));
+							break;
+					}
+					if($tmpret !== null) {
+						if(is_string($tmpret)) {
+							$ret = ($ret === null) ? $tmpret : (is_string($ret) ? $ret.$tmpret : array_merge($ret, array($tmpret)));
+						} elseif(is_array($tmpret) || is_object($tmpret)) {
+							$ret = ($ret === null) ? $tmpret : (is_string($ret) ? array_merge(array($ret), $tmpret) : array_merge($ret, $tmpret));
+						} else
+							$ret = $tmpret;
+					}
+				}
+			}
+		}
+		return $ret;
+	} /* }}} */
+
+	public function __construct($dms=null, $user=null, $settings=null, $logger=null, $fulltextservice=null, $notifier=null, $conversionmgr=null) { /* {{{ */
+		$this->dms = $dms;
+		$this->user = $user;
+		$this->settings = $settings;
+		$this->logger = $logger;
+		$this->fulltextservice = $fulltextservice;
+		$this->notifier = $notifier;
+		$this->conversionmgr = $conversionmgr;
+	} /* }}} */
+
+	public function execute(SeedDMS_SchedulerTask $task) { /* {{{ */
+		return true;
+	} /* }}} */
+
+	public function getDescription() { /* {{{ */
+		return '';
+	} /* }}} */
+
+	public function getAdditionalParams() { /* {{{ */
+		return array();
+	} /* }}} */
+
+	public function getAdditionalParamByName($name) { /* {{{ */
+		foreach($this->getAdditionalParams() as $param) {
+			if($param['name'] == $name)
+				return $param;
+		}
+		return null;
+	} /* }}} */
+}
+
+?>

inc/inc.ClassSession.php

@@ -286,6 +286,24 @@ class SeedDMS_Session {
 		return (array) $this->data['clipboard'];
 	} /* }}} */
 
+	/**
+	 * Check if object is on clipboard
+	 *
+	 * @param object $object Document or folder
+	 */
+	function isOnClipboard($object) { /* {{{ */
+		/* id is only set if load() was called before */
+		if($this->id) {
+			$dms = $object->getDMS();
+			if($object->isType('document')) {
+				return in_array($object->getID(), $this->data['clipboard']['docs']);
+			} elseif($object->isType('folder')) {
+				return in_array($object->getID(), $this->data['clipboard']['folders']);
+			}
+		}
+		return false;
+	} /* }}} */
+
 	/**
 	 * Add to clipboard of session
 	 *

inc/inc.ClassSettings.php

@@ -45,6 +45,8 @@ class Settings { /* {{{ */
 	var $_enableGuestLogin = false;
 	// If you even want guest to be logged in automatically, set the following to true
 	var $_enableGuestAutoLogin = false;
+	// Set to true for 2-factor Authentication
+	var $_enable2FactorAuthentication = false;
 	// If you want to allow login by email, set the following to true
 	var $_enableLoginByEmail = false;
 	// Allow users to reset their password
@@ -116,6 +118,12 @@ class Settings { /* {{{ */
 	var $_dropFolderDir = null;
 	// Where the backup directory is located
 	var $_backupDir = null;
+	// Where the library folder is located
+	var $_libraryFolder = 1;
+	// Where the checked out files are located
+	var $_checkOutDir = null;
+	// Create checkout dir if it doesn't exists
+	var $_createCheckOutDir = false;
 	// Where the repository for extensions is located
 	var $_repositoryUrl = null;
 	// URL of proxy
@@ -144,6 +152,8 @@ class Settings { /* {{{ */
 	var $_batchOperations = array(); // or 'all', 'change_owner', etc.
 	// jump straight to the document if it is the only hit of a search
 	var $_showSingleSearchHit = true;
+	// enable/disable use of memcached
+	var $_enableMemcached = false;
 	// contentOffsetDirTo
 	var $_contentOffsetDir = "1048576";
 	// Maximum number of sub-directories per parent directory
@@ -186,6 +196,18 @@ class Settings { /* {{{ */
 	var $_enableUpdateRevApp = false;
 	// enable/disable removal of a review/approval by the administrator
 	var $_enableRemoveRevApp = false;
+	// enable/disable listing logged in user as recipient
+	var $_enableSelfReceipt = false;
+	// enable/disable hidden user as recipient
+	var $_enableHiddenReceipt = true;
+	// enable/disable update of a receipt by the recipient
+	var $_enableUpdateReceipt = false;
+	// enable/disable listing administrator as recipient
+	var $_enableAdminReceipt = false;
+	// enable/disable listing owner as recipient
+	var $_enableOwnerReceipt = false;
+	// enable/disable filter for receipt by the recipient
+	var $_enableFilterReceipt = false;
 	// group manager is mandatory reviewer
 	var $_addManagerAsReviewer = false;
 	// group manager is mandatory approver
@@ -208,8 +230,12 @@ class Settings { /* {{{ */
 	var $_enableDuplicateDocNames = true;
 	// enable/disable duplicate names of a subfolder in a folder
 	var $_enableDuplicateSubFolderNames = true;
+	// allow/disallow to cancel a checkout
+	var $_enableCancelCheckout = true;
 	// override mimetype set by browser when uploading a file
 	var $_overrideMimeType = false;
+	// advanced access control lists
+	var $_advancedAcl = false;
 	// enable/disable notification when added as a reviewer/approver
 	var $_enableNotificationAppRev = true;
 	// enable/disable notification of users/group who need to take action for
@@ -219,12 +245,26 @@ class Settings { /* {{{ */
 	var $_enableNotificationWorkflow = false;
 	// preset expiration date
 	var $_presetExpirationDate = "";
+	// initial document status
+	var $_initialDocumentStatus = 2; //S_RELEASED;
 	// the name of the versioning info file created by the backup tool
 	var $_versioningFileName = "versioning_info.txt";
 	// the mode of workflow
 	var $_workflowMode = "traditional";
+	// enable/disable acknowledge workflow
+	var $_enableReceiptWorkflow = true;
+	// enable/disable reject of reception
+	var $_enableReceiptReject = false;
+	// enable/disable comment of reception
+	var $_disableReceiptComment = false;
+	// enable/disable revision workflow
+	var $_enableRevisionWorkflow = true;
+	// enable/disable revision on vote reject
+	var $_enableRevisionOneVoteReject = true;
 	// Allow to set just a reviewer in tradional workflow
 	var $_allowReviewerOnly = true;
+	// Allow to change reviewer/approver after review/approval has started
+	var $_allowChangeRevAppInProcess = false;
 	// enable/disable log system
 	var $_logFileEnable = true;
 	// max log level
@@ -261,8 +301,12 @@ class Settings { /* {{{ */
 	var $_enableClipboard = true;
 	// show always clipboard in main menu, even if empty
 	var $_alwaysShowClipboard = false;
+	// enable/disable list of transmittals in main menu
+	var $_enableMenuTransmittals = false;
 	// enable/disable list of tasks in main menu
 	var $_enableMenuTasks = true;
+	// select which tasks show up in main menu
+	var $_tasksInMenu = array();
 	// show always tasks in main menu, even if none are due
 	var $_alwaysShowMenuTasks = true;
 	// enable/disable list of files in drop folder
@@ -441,6 +485,18 @@ class Settings { /* {{{ */
 		return $out;
 	} /* }}} */
 
+	/**
+	 * Check if a variable is a string and returns an array
+	 *
+	 * @param array $var value
+	 * @return true/false
+	 */
+	function arrayVal($var) { /* {{{ */
+		if((string) $var)
+			return explode(';', $var);
+		return array();
+	} /* }}} */
+
 	/**
 	 * Return ';' seperated string from array
 	 *
@@ -565,8 +621,10 @@ class Settings { /* {{{ */
 		$this->_enableSessionList = Settings::boolVal($tab["enableSessionList"]);
 		$this->_enableClipboard = Settings::boolVal($tab["enableClipboard"]);
 		$this->_alwaysShowClipboard = Settings::boolVal($tab["alwaysShowClipboard"]);
+		$this->_enableMenuTransmittals = Settings::boolVal($tab["enableMenuTransmittals"]);
 		$this->_enableMenuTasks = Settings::boolVal($tab["enableMenuTasks"]);
 		$this->_alwaysShowMenuTasks = Settings::boolVal($tab["alwaysShowMenuTasks"]);
+		$this->_tasksInMenu = Settings::arrayVal($tab["tasksInMenu"]);
 		$this->_enableDropFolderList = Settings::boolVal($tab["enableDropFolderList"]);
 		$this->_enableDropUpload = Settings::boolVal($tab["enableDropUpload"]);
 		$this->_enableMultiUpload = Settings::boolVal($tab["enableMultiUpload"]);
@@ -592,6 +650,7 @@ class Settings { /* {{{ */
 		$this->_sortUsersInList = strval($tab["sortUsersInList"]);
 		$this->_sortFoldersDefault = strval($tab["sortFoldersDefault"]);
 		$this->_expandFolderTree = intval($tab["expandFolderTree"]);
+		$this->_libraryFolder = intval($tab["libraryFolder"]);
 		$this->_defaultDocPosition = strval($tab["defaultDocPosition"]);
 		$this->_defaultFolderPosition = strval($tab["defaultFolderPosition"]);
 
@@ -635,6 +694,8 @@ class Settings { /* {{{ */
 			$this->_luceneDir = strval($tab["luceneDir"]);
 			$this->_dropFolderDir = strval($tab["dropFolderDir"]);
 			$this->_backupDir = strval($tab["backupDir"]);
+			$this->_checkOutDir = strval($tab["checkOutDir"]);
+			$this->_createCheckOutDir = Settings::boolVal($tab["createCheckOutDir"]);
 			$this->_repositoryUrl = strval($tab["repositoryUrl"]);
 			$this->_proxyUrl = strval($tab["proxyUrl"]);
 			$this->_proxyUser = strval($tab["proxyUser"]);
@@ -647,14 +708,14 @@ class Settings { /* {{{ */
 			$this->_partitionSize = strval($tab["partitionSize"]);
 			$this->_maxUploadSize = strval($tab["maxUploadSize"]);
 			$this->_enableXsendfile = Settings::boolVal($tab["enableXsendfile"]);
-		}
+			$this->_enableMemcached = Settings::boolVal($tab["enableMemcached"]);
 
-		// XML Path: /configuration/system/authentication
+			// XML Path: /configuration/system/authentication
-		$node = $xml->xpath('/configuration/system/authentication');
+			$node = $xml->xpath('/configuration/system/authentication');
-		if($node) {
 			$tab = $node[0]->attributes();
 			$this->_enableGuestLogin = Settings::boolVal($tab["enableGuestLogin"]);
 			$this->_enableGuestAutoLogin = Settings::boolVal($tab["enableGuestAutoLogin"]);
+			$this->_enable2FactorAuthentication = Settings::boolVal($tab["enable2FactorAuthentication"]);
 			$this->_enableLoginByEmail = Settings::boolVal($tab["enableLoginByEmail"]);
 			$this->_enablePasswordForgotten = Settings::boolVal($tab["enablePasswordForgotten"]);
 			$this->_passwordStrength = intval($tab["passwordStrength"]);
@@ -792,6 +853,11 @@ class Settings { /* {{{ */
 			$this->_enableHiddenRevApp = Settings::boolval($tab["enableHiddenRevApp"]);
 			$this->_enableUpdateRevApp = Settings::boolval($tab["enableUpdateRevApp"]);
 			$this->_enableRemoveRevApp = Settings::boolval($tab["enableRemoveRevApp"]);
+			$this->_enableSelfReceipt = Settings::boolval($tab["enableSelfReceipt"]);
+			$this->_enableAdminReceipt = Settings::boolval($tab["enableAdminReceipt"]);
+			$this->_enableOwnerReceipt = Settings::boolval($tab["enableOwnerReceipt"]);
+			$this->_enableUpdateReceipt = Settings::boolval($tab["enableUpdateReceipt"]);
+			$this->_enableFilterReceipt = Settings::boolval($tab["enableFilterReceipt"]);
 			$this->_addManagerAsReviewer = Settings::boolval($tab["addManagerAsReviewer"]);
 			$this->_addManagerAsApprover = Settings::boolval($tab["addManagerAsApprover"]);
 			if(trim(strval($tab["globalReviewer"])))
@@ -803,14 +869,23 @@ class Settings { /* {{{ */
 			if(trim(strval($tab["globalGroupApprover"])))
 				$this->_globalGroupApprover = explode(',',strval($tab["globalGroupApprover"]));
 			$this->_presetExpirationDate = strval($tab["presetExpirationDate"]);
+			$this->_initialDocumentStatus = intval($tab["initialDocumentStatus"]);
 			$this->_versioningFileName = strval($tab["versioningFileName"]);
 			$this->_workflowMode = strval($tab["workflowMode"]);
+			$this->_enableReceiptWorkflow = Settings::boolval($tab["enableReceiptWorkflow"]);
+			$this->_enableReceiptReject = Settings::boolval($tab["enableReceiptReject"]);
+			$this->_disableReceiptComment = Settings::boolval($tab["disableReceiptComment"]);
+			$this->_enableRevisionWorkflow = Settings::boolval($tab["enableRevisionWorkflow"]);
+			$this->_enableRevisionOneVoteReject = Settings::boolval($tab["enableRevisionOneVoteReject"]);
 			$this->_allowReviewerOnly = Settings::boolval($tab["allowReviewerOnly"]);
+			$this->_allowChangeRevAppInProcess = Settings::boolval($tab["allowChangeRevAppInProcess"]);
 			$this->_enableVersionDeletion = Settings::boolval($tab["enableVersionDeletion"]);
 			$this->_enableVersionModification = Settings::boolval($tab["enableVersionModification"]);
 			$this->_enableDuplicateDocNames = Settings::boolval($tab["enableDuplicateDocNames"]);
 			$this->_enableDuplicateSubFolderNames = Settings::boolval($tab["enableDuplicateSubFolderNames"]);
+			$this->_enableCancelCheckout = Settings::boolval($tab["enableCancelCheckout"]);
 			$this->_overrideMimeType = Settings::boolval($tab["overrideMimeType"]);
+			$this->_advancedAcl = Settings::boolval($tab["advancedAcl"]);
 			$this->_removeFromDropFolder = Settings::boolval($tab["removeFromDropFolder"]);
 			$this->_uploadedAttachmentIsPublic = Settings::boolval($tab["uploadedAttachmentIsPublic"]);
 		}
@@ -895,6 +970,8 @@ class Settings { /* {{{ */
 				$attributValue = "true";
 			else
 				$attributValue = "false";
+		} elseif(is_array($attributValue)) {
+			$attributValue = implode(';', $attributValue);
 		}
 
 		if (isset($node[$attributName])) {
@@ -937,6 +1014,8 @@ class Settings { /* {{{ */
 		if (is_null($configFilePath))
 			$configFilePath = $this->_configFilePath;
 
+		// copy($configFilePath, $configFilePath.'.'.time());
+
 		// Load
 		$xml = simplexml_load_string(file_get_contents($configFilePath));
 		$this->getXMLNode($xml, '/', 'configuration');
@@ -978,8 +1057,10 @@ class Settings { /* {{{ */
 		$this->setXMLAttributValue($node, "enableSessionList", $this->_enableSessionList);
 		$this->setXMLAttributValue($node, "enableClipboard", $this->_enableClipboard);
 		$this->setXMLAttributValue($node, "alwaysShowClipboard", $this->_alwaysShowClipboard);
+		$this->setXMLAttributValue($node, "enableMenuTransmittals", $this->_enableMenuTransmittals);
 		$this->setXMLAttributValue($node, "enableMenuTasks", $this->_enableMenuTasks);
 		$this->setXMLAttributValue($node, "alwaysShowMenuTasks", $this->_alwaysShowMenuTasks);
+		$this->setXMLAttributValue($node, "tasksInMenu", $this->_tasksInMenu);
 		$this->setXMLAttributValue($node, "enableDropFolderList", $this->_enableDropFolderList);
 		$this->setXMLAttributValue($node, "enableDropUpload", $this->_enableDropUpload);
 		$this->setXMLAttributValue($node, "enableMultiUpload", $this->_enableMultiUpload);
@@ -1002,6 +1083,7 @@ class Settings { /* {{{ */
     $this->setXMLAttributValue($node, "stopWordsFile", $this->_stopWordsFile);
     $this->setXMLAttributValue($node, "sortUsersInList", $this->_sortUsersInList);
     $this->setXMLAttributValue($node, "sortFoldersDefault", $this->_sortFoldersDefault);
+    $this->setXMLAttributValue($node, "libraryFolder", $this->_libraryFolder);
     $this->setXMLAttributValue($node, "defaultDocPosition", $this->_defaultDocPosition);
     $this->setXMLAttributValue($node, "defaultFolderPosition", $this->_defaultFolderPosition);
 
@@ -1033,6 +1115,8 @@ class Settings { /* {{{ */
     $this->setXMLAttributValue($node, "luceneDir", $this->_luceneDir);
     $this->setXMLAttributValue($node, "dropFolderDir", $this->_dropFolderDir);
     $this->setXMLAttributValue($node, "backupDir", $this->_backupDir);
+    $this->setXMLAttributValue($node, "checkOutDir", $this->_checkOutDir);
+    $this->setXMLAttributValue($node, "createCheckOutDir", $this->_createCheckOutDir);
     $this->setXMLAttributValue($node, "repositoryUrl", $this->_repositoryUrl);
     $this->setXMLAttributValue($node, "proxyUrl", $this->_proxyUrl);
     $this->setXMLAttributValue($node, "proxyUser", $this->_proxyUser);
@@ -1045,11 +1129,13 @@ class Settings { /* {{{ */
     $this->setXMLAttributValue($node, "partitionSize", $this->_partitionSize);
     $this->setXMLAttributValue($node, "maxUploadSize", $this->_maxUploadSize);
     $this->setXMLAttributValue($node, "enableXsendfile", $this->_enableXsendfile);
+    $this->setXMLAttributValue($node, "enableMemcached", $this->_enableMemcached);
 
     // XML Path: /configuration/system/authentication
     $node = $this->getXMLNode($xml, '/configuration/system', 'authentication');
     $this->setXMLAttributValue($node, "enableGuestLogin", $this->_enableGuestLogin);
     $this->setXMLAttributValue($node, "enableGuestAutoLogin", $this->_enableGuestAutoLogin);
+    $this->setXMLAttributValue($node, "enable2FactorAuthentication", $this->_enable2FactorAuthentication);
     $this->setXMLAttributValue($node, "enableLoginByEmail", $this->_enableLoginByEmail);
     $this->setXMLAttributValue($node, "enablePasswordForgotten", $this->_enablePasswordForgotten);
     $this->setXMLAttributValue($node, "passwordStrength", $this->_passwordStrength);
@@ -1161,6 +1247,13 @@ class Settings { /* {{{ */
 		$this->setXMLAttributValue($node, "enableHiddenRevApp", $this->_enableHiddenRevApp);
 		$this->setXMLAttributValue($node, "enableUpdateRevApp", $this->_enableUpdateRevApp);
 		$this->setXMLAttributValue($node, "enableRemoveRevApp", $this->_enableRemoveRevApp);
+		$this->setXMLAttributValue($node, "enableSelfReceipt", $this->_enableSelfReceipt);
+		$this->setXMLAttributValue($node, "enableAdminReceipt", $this->_enableAdminReceipt);
+		$this->setXMLAttributValue($node, "enableOwnerReceipt", $this->_enableOwnerReceipt);
+		$this->setXMLAttributValue($node, "enableUpdateReceipt", $this->_enableUpdateReceipt);
+		$this->setXMLAttributValue($node, "enableFilterReceipt", $this->_enableFilterReceipt);
+		$this->setXMLAttributValue($node, "presetExpirationDate", $this->_presetExpirationDate);
+		$this->setXMLAttributValue($node, "initialDocumentStatus", $this->_initialDocumentStatus);
 		$this->setXMLAttributValue($node, "addManagerAsReviewer", $this->_addManagerAsReviewer);
 		$this->setXMLAttributValue($node, "addManagerAsApprover", $this->_addManagerAsApprover);
 		$this->setXMLAttributValue($node, "globalReviewer", implode(',', $this->_globalReviewer));
@@ -1170,14 +1263,21 @@ class Settings { /* {{{ */
 		$this->setXMLAttributValue($node, "presetExpirationDate", $this->_presetExpirationDate);
 		$this->setXMLAttributValue($node, "apiOrigin", $this->_apiOrigin);
 		$this->setXMLAttributValue($node, "versioningFileName", $this->_versioningFileName);
-		$this->setXMLAttributValue($node, "presetExpirationDate", $this->_presetExpirationDate);
 		$this->setXMLAttributValue($node, "workflowMode", $this->_workflowMode);
+		$this->setXMLAttributValue($node, "enableReceiptWorkflow", $this->_enableReceiptWorkflow);
+		$this->setXMLAttributValue($node, "enableReceiptReject", $this->_enableReceiptReject);
+		$this->setXMLAttributValue($node, "disableReceiptComment", $this->_disableReceiptComment);
+		$this->setXMLAttributValue($node, "enableRevisionWorkflow", $this->_enableRevisionWorkflow);
+		$this->setXMLAttributValue($node, "enableRevisionOneVoteReject", $this->_enableRevisionOneVoteReject);
 		$this->setXMLAttributValue($node, "allowReviewerOnly", $this->_allowReviewerOnly);
+		$this->setXMLAttributValue($node, "allowChangeRevAppInProcess", $this->_allowChangeRevAppInProcess);
 		$this->setXMLAttributValue($node, "enableVersionDeletion", $this->_enableVersionDeletion);
 		$this->setXMLAttributValue($node, "enableVersionModification", $this->_enableVersionModification);
 		$this->setXMLAttributValue($node, "enableDuplicateDocNames", $this->_enableDuplicateDocNames);
 		$this->setXMLAttributValue($node, "enableDuplicateSubFolderNames", $this->_enableDuplicateSubFolderNames);
+		$this->setXMLAttributValue($node, "enableCancelCheckout", $this->_enableCancelCheckout);
 		$this->setXMLAttributValue($node, "overrideMimeType", $this->_overrideMimeType);
+		$this->setXMLAttributValue($node, "advancedAcl", $this->_advancedAcl);
 		$this->setXMLAttributValue($node, "removeFromDropFolder", $this->_removeFromDropFolder);
 		$this->setXMLAttributValue($node, "uploadedAttachmentIsPublic", $this->_uploadedAttachmentIsPublic);
 
@@ -1256,9 +1356,9 @@ class Settings { /* {{{ */
 			 */
 			foreach($extension as $fieldname=>$confvalue) {
 				if($fieldname != '___disable__' && $confvalue) {
-				$parameter = $extnode->addChild('parameter');
+					$parameter = $extnode->addChild('parameter');
-				$parameter[0] = isset($extension[$fieldname]) ? (is_array($extension[$fieldname]) ? implode(',', $extension[$fieldname]) : $extension[$fieldname]) : '';
+					$parameter[0] = isset($extension[$fieldname]) ? (is_array($extension[$fieldname]) ? implode(',', $extension[$fieldname]) : $extension[$fieldname]) : '';
-				$this->setXMLAttributValue($parameter, 'name', $fieldname);
+					$this->setXMLAttributValue($parameter, 'name', $fieldname);
 				}
 			}
 			/* Old code saves those parameters listed in the configuration

inc/inc.ClassUI.php

@@ -20,6 +20,7 @@
 
 require_once('inc.ClassUI_Default.php');
 require_once('inc.ClassViewCommon.php');
+require_once('inc.ClassAccessOperation.php');
 
 /* $theme was possibly set in inc.Authentication.php */
 if (!isset($theme) || strlen($theme)==0) {
@@ -45,7 +46,7 @@ class UI extends UI_Default {
 	 * @return object an object of a class implementing the view
 	 */
 	static public function factory($theme, $class='', $params=array()) { /* {{{ */
-		global $settings, $session, $extMgr, $request, $logger, $notifier;
+		global $settings, $dms, $user, $session, $extMgr, $request, $logger, $notifier, $fulltextservice;
 		if(!$class) {
 			$class = 'Bootstrap';
 			$class = 'Style';
@@ -127,6 +128,7 @@ class UI extends UI_Default {
 			$params['settings'] = $settings;
 			$view = new $classname($params, $theme);
 			/* Set some configuration parameters */
+			$view->setParam('accessobject', new SeedDMS_AccessOperation($dms, $user, $settings));
 			$view->setParam('referer', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
 			$view->setParam('requesturi', $_SERVER['REQUEST_URI']);
 			$view->setParam('absbaseprefix', $settings->_httpRoot.$httpbasedir);
@@ -136,6 +138,7 @@ class UI extends UI_Default {
 			$view->setParam('request', $request);
 			$view->setParam('logger', $logger);
 			$view->setParam('notifier', $notifier);
+			$view->setParam('fulltextservice', $fulltextservice);
 //			$view->setParam('settings', $settings);
 			$view->setParam('sitename', $settings->_siteName);
 			$view->setParam('rootfolderid', $settings->_rootFolderID);
@@ -153,11 +156,14 @@ class UI extends UI_Default {
 			$view->setParam('enablefoldertree', $settings->_enableFolderTree);
 			$view->setParam('enablelanguageselector', $settings->_enableLanguageSelector);
 			$view->setParam('enableclipboard', $settings->_enableClipboard);
+			$view->setParam('enablemenutransmittals', $settings->_enableMenuTransmittals);
 			$view->setParam('enablemenutasks', $settings->_enableMenuTasks);
+			$view->setParam('tasksinmenu', $settings->_tasksInMenu);
 			$view->setParam('enabledropfolderlist', $settings->_enableDropFolderList);
 			$view->setParam('dropfolderdir', $settings->_dropFolderDir);
 			$view->setParam('enablesessionlist', $settings->_enableSessionList);
 			$view->setParam('workflowmode', $settings->_workflowMode);
+			$view->setParam('checkoutdir', $settings->_checkOutDir);
 			$view->setParam('partitionsize', SeedDMS_Core_File::parse_filesize( $settings->_partitionSize));
 			$view->setParam('maxuploadsize', $settings->getMaximumUploadSize());
 			$view->setParam('showmissingtranslations', $settings->_showMissingTranslations);
@@ -193,7 +199,6 @@ class UI extends UI_Default {
 
 	static public function exitError($pagetitle, $error, $noexit=false, $plain=false) {
 		global $theme, $dms, $user, $settings;
-		$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
 		$view = UI::factory($theme, 'ErrorDlg');
 		$request = $view->getParam('request');
 		if($request) {
@@ -201,7 +206,6 @@ class UI extends UI_Default {
 		}
 		$view->setParam('dms', $dms);
 		$view->setParam('user', $user);
-		$view->setParam('accessobject', $accessop);
 		$view->setParam('pagetitle', $pagetitle);
 		$view->setParam('errormsg', $error);
 		$view->setParam('plain', $plain);

inc/inc.ClassViewCommon.php

@@ -322,8 +322,10 @@ class SeedDMS_View_Common {
 	 */
 	protected function html_url($view, $urlparams=array()) { /* {{{ */
 		$url = $this->params['settings']->_httpRoot."out/out.".$view.".php";
-		if($urlparams)
+		if(is_array($urlparams))
 			$url .= "?".http_build_query($urlparams);
+		elseif(is_string($urlparams))
+			$url .= "?".$urlparams;
 		return $url;
 	} /* }}} */
 

inc/inc.DBInit.php

@@ -56,7 +56,7 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initStorage'])) {
 
 $dms = new SeedDMS_Core_DMS($db, $storage ? $storage : $settings->_contentDir.$settings->_contentOffsetDir);
 
-if(extension_loaded('memcached')) {
+if($settings->_enableMemcached && extension_loaded('memcached')) {
 	$memcache = new Memcached('seeddms');
 	$memcache->addServers(array(
 		array('localhost',11211),
@@ -87,6 +87,7 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) {
 	}
 }
 
+require_once('inc/inc.Tasks.php');
 require_once("inc.ConversionInit.php");
 require_once('inc.FulltextInit.php');
 require_once('inc.AuthenticationInit.php');

inc/inc.Extension.php

@@ -14,6 +14,7 @@
 global $logger;
 
 require "inc.ClassExtensionMgr.php";
+require_once "inc.ClassSchedulerTaskBase.php";
 require_once "inc.ClassExtBase.php";
 
 $extMgr = new SeedDMS_Extension_Mgr($settings->_rootDir."/ext", $settings->_cacheDir, $settings->_repositoryUrl, $settings->_proxyUrl, $settings->_proxyUser, $settings->_proxyPassword);

inc/inc.FulltextInit.php

@@ -26,6 +26,7 @@ $fulltextservice = null;
 if($settings->_enableFullSearch) {
 	require_once("inc.ClassFulltextService.php");
 	$fulltextservice = new SeedDMS_FulltextService();
+	$fulltextservice->setLogger($logger);
 
 	if($settings->_fullSearchEngine == 'sqlitefts') {
 		$indexconf = array(

inc/inc.Language.php

@@ -174,6 +174,68 @@ function getReviewStatusText($status, $date=0) { /* {{{ */
 	}
 } /* }}} */
 
+function printReceiptStatusText($status, $date=0) { /* {{{ */
+	print getReceiptStatusText($status, $date);
+} /* }}} */
+
+function getReceiptStatusText($status, $date=0) { /* {{{ */
+	if (is_null($status)) {
+		return getMLText("status_unknown");
+	}
+	else {
+		switch ($status) {
+			case -2:
+				return getMLText("status_recipient_removed");
+				break;
+			case -1:
+				return getMLText("status_receipt_rejected").($date !=0 ? " ".$date : "");
+				break;
+			case 0:
+				return getMLText("status_not_receipted");
+				break;
+			case 1:
+				return getMLText("status_receipted").($date !=0 ? " ".$date : "");
+				break;
+			default:
+				return getMLText("status_unknown");
+				break;
+		}
+	}
+} /* }}} */
+
+function printRevisionStatusText($status, $date=0) { /* {{{ */
+	print getRevisionStatusText($status, $date);
+} /* }}} */
+
+function getRevisionStatusText($status, $date=0) { /* {{{ */
+	if (is_null($status)) {
+		return getMLText("status_unknown");
+	}
+	else {
+		switch ($status) {
+			case -3:
+				return getMLText("status_revision_sleeping");
+				break;
+			case -2:
+				return getMLText("status_revisor_removed");
+				break;
+			case -1:
+				return getMLText("status_needs_correction").($date !=0 ? " ".$date : "");
+				return getMLText("status_revision_rejected").($date !=0 ? " ".$date : "");
+				break;
+			case 0:
+				return getMLText("status_not_revised");
+				break;
+			case 1:
+				return getMLText("status_revised").($date !=0 ? " ".$date : "");
+				break;
+			default:
+				return getMLText("status_unknown");
+				break;
+		}
+	}
+} /* }}} */
+
 function printApprovalStatusText($status, $date=0) { /* {{{ */
 	if (is_null($status)) {
 		print getMLText("status_unknown");
@@ -255,6 +317,15 @@ function getOverallStatusText($status) { /* {{{ */
 			case S_EXPIRED:
 				return getMLText("expired");
 				break;
+			case S_IN_REVISION:
+				return getMLText("in_revision");
+				break;
+			case S_DRAFT:
+				return getMLText("draft");
+				break;
+			case S_NEEDS_CORRECTION:
+				return getMLText("needs_correction");
+				break;
 			default:
 				return getMLText("status_unknown");
 				break;

inc/inc.Scheduler.php

@@ -0,0 +1,17 @@
+<?php
+/**
+ * Initialize scheduler
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2018 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+require_once "inc.ClassSchedulerTaskBase.php";
+require_once "inc.ClassScheduler.php";
+require_once "inc.ClassSchedulerTask.php";
+

inc/inc.Utils.php

@@ -447,7 +447,7 @@ function utf8_basename($path, $suffix='') { /* {{{ */
  * @return string valid file name
  */
 function getFilenameByDocname($content) { /* {{{ */
-	if(is_string) {
+	if(is_string($content)) {
 		$filename = $content;
 	} else {
 		$document = $content->getDocument();
@@ -795,6 +795,18 @@ function addDirSep($str, $chr=DIRECTORY_SEPARATOR) { /* {{{ */
 } /* }}} */
 
 /**
+ * Formats comments for aknowledge of reception.
+ *
+ * Only use in documentListRow()
+ */
+function formatComment($an) { /* {{{ */
+	$t = array();
+	foreach($an as $a)
+		$t[] = $a['n']." × ".$a['c'];
+	return $t;
+} /* }}} */
+
+/*
  * Determines if a command exists on the current environment
  *
  * @param string $command The command to check
@@ -970,6 +982,19 @@ function seed_pass_verify($password, $hash) { /* {{{ */
 	return $hash === md5($password);
 } /* }}} */
 
+function resolveTask($task) { /* {{{ */
+	global $dms, $user, $settings, $logger, $fulltextservice, $notifier, $conversionmgr;
+
+	if(is_object($task))
+		return $task;
+	if(is_string($task)) {
+		if(class_exists($task)) {
+			$task = new $task($dms, $user, $settings, $logger, $fulltextservice, $notifier, $conversionmgr);
+		}
+	}
+	return $task;
+} /* }}} */
+
 /**
  * Return nonce for CSP
  *
@@ -1075,7 +1100,9 @@ function getMandatoryReviewers($folder, $document, $user) { /* {{{ */
 		foreach($groups as $group) {
 			$managers = $group->getManagers();
 			foreach($managers as $manager) {
-				$revi[] = $manager->getId();
+				/* Do not add myself, if I'm the manager of the group */
+				if($manager->getId() != $user->getId())
+					$revi[] = $manager->getId();
 			}
 		}
 	}
@@ -1170,7 +1197,9 @@ function getMandatoryApprovers($folder, $document, $user) { /* {{{ */
 		foreach($groups as $group) {
 			$managers = $group->getManagers();
 			foreach($managers as $manager) {
-				$appi[] = $manager->getId();
+				/* Do not add myself, if I'm the manager of the group */
+				if($manager->getId() != $user->getId())
+					$appi[] = $manager->getId();
 			}
 		}
 	}
@@ -1391,3 +1420,659 @@ class SeedDMS_FolderTree { /* {{{ */
 	} /* }}} */
 
 } /* }}} */
+
+class SeedDMS_Search { /* {{{ */
+	protected $dms;
+
+	protected $user;
+
+	protected $fulltextservice;
+
+	protected $settings;
+
+	public $searchparams;
+
+	protected $dcount;
+
+	protected $fcount;
+
+	protected $totalPages;
+
+	protected $entries;
+
+	protected $terms;
+
+	protected $searchTime;
+
+	public function __construct($dms, $user, $fulltextservice, $settings) {
+		$this->dms = $dms;
+		$this->user = $user;
+		$this->fulltextservice = $fulltextservice;
+		$this->settings = $settings;
+		$this->searchparams = [];
+		$this->dcount = 0;
+		$this->fcount = 0;
+		$this->totalPages = 0;
+		$this->entries = array();
+		$this->terms = array();
+		$this->searchTime = 0;
+	}
+
+	protected function getTime() { /* {{{ */
+		if (function_exists('microtime')) {
+			$tm = microtime();
+			$tm = explode(' ', $tm);
+			return (float) sprintf('%f', $tm[1] + $tm[0]);
+		}
+		return time();
+	} /* }}} */
+
+	public function createSearchFromQuery($get) { /* {{{ */
+		$dms = $this->dms;
+
+		/* Creation date {{{ */
+		$createstartts = null;
+		$createstartdate = null;
+		$createendts = null;
+		$createenddate = null;
+		$created['from'] = null;
+		$created['to'] = null;
+		if(!empty($get["created"]["from"])) {
+			$createstartts = makeTsFromDate($get["created"]["from"]);
+			$createstartdate = array('year'=>(int)date('Y', $createstartts), 'month'=>(int)date('m', $createstartts), 'day'=>(int)date('d', $createstartts), 'hour'=>0, 'minute'=>0, 'second'=>0);
+			if (!checkdate($createstartdate['month'], $createstartdate['day'], $createstartdate['year'])) {
+				UI::exitError(getMLText("search"),getMLText("invalid_create_date_end"));
+			}
+			$created['from'] = $createstartts;
+		}
+		if(!empty($get["created"]["to"])) {
+			$createendts = makeTsFromDate($get["created"]["to"]);
+			$createenddate = array('year'=>(int)date('Y', $createendts), 'month'=>(int)date('m', $createendts), 'day'=>(int)date('d', $createendts), 'hour'=>23, 'minute'=>59, 'second'=>59);
+			if (!checkdate($createenddate['month'], $createenddate['day'], $createenddate['year'])) {
+				UI::exitError(getMLText("search"),getMLText("invalid_create_date_end"));
+			}
+			$created['to'] = $createendts;
+		}
+		$this->searchparams['created'] = $created;
+		/* }}} */
+
+		/* Modification date {{{ */
+		$modifystartts = null;
+		$modifystartdate = null;
+		$modifyendts = null;
+		$modifyenddate = null;
+		$modified['from'] = null;
+		$modified['to'] = null;
+		if(!empty($get["modified"]["from"])) {
+			$modifystartts = makeTsFromDate($get["modified"]["from"]);
+			$modifystartdate = array('year'=>(int)date('Y', $modifystartts), 'month'=>(int)date('m', $modifystartts), 'day'=>(int)date('d', $modifystartts), 'hour'=>0, 'minute'=>0, 'second'=>0);
+			if (!checkdate($modifystartdate['month'], $modifystartdate['day'], $modifystartdate['year'])) {
+				UI::exitError(getMLText("search"),getMLText("invalid_modification_date_end"));
+			}
+			$modified['from'] = $modifystartts;
+		}
+		if(!empty($get["modified"]["to"])) {
+			$modifyendts = makeTsFromDate($get["modified"]["to"]);
+			$modifyenddate = array('year'=>(int)date('Y', $modifyendts), 'month'=>(int)date('m', $modifyendts), 'day'=>(int)date('d', $modifyendts), 'hour'=>23, 'minute'=>59, 'second'=>59);
+			if (!checkdate($modifyenddate['month'], $modifyenddate['day'], $modifyenddate['year'])) {
+				UI::exitError(getMLText("search"),getMLText("invalid_modification_date_end"));
+			}
+			$modified['to'] = $modifyendts;
+		}
+		$this->searchparams['modified'] = $modified;
+		/* }}} */
+
+		/* Filesize {{{ */
+		$filesizestart = 0;
+		$filesizeend = 0;
+		$filesize['from'] = null;
+		$filesize['to'] = null;
+		if(!empty($get["filesize"]["from"])) {
+			$filesizestart = $get["filesize"]["from"];
+			$filesize['from'] = $get["filesize"]["from"];
+		}
+		if(!empty($get["filesize"]["to"])) {
+			$filesizeend = $get["filesize"]["to"];
+			$filesize['to'] = $get["filesize"]["to"];
+		}
+		$this->searchparams['filesize'] = $filesize;
+		/* }}} */
+
+		// Check to see if the search has been restricted to a particular
+		// document owner.
+		// $get['owner'] can be a name of an array of names or ids {{{
+		$owner = [];
+		$ownernames = []; // Needed by fulltext search
+		$ownerobjs = []; // Needed by database search
+		if(!empty($get["owner"])) {
+			$owner = $get['owner'];
+			if (!is_array($get['owner'])) {
+				if(is_numeric($get['owner']))
+					$o = $dms->getUser($get['owner']);
+				else
+					$o = $dms->getUserByLogin($get['owner']);
+				if($o) {
+					$ownernames[] = $o->getLogin();
+					$ownerobjs[] = $o;
+				}
+			} else {
+				foreach($get["owner"] as $l) {
+					if($l) {
+						if(is_numeric($l))
+							$o = $dms->getUser($l);
+						else
+							$o = $dms->getUserByLogin($l);
+						if($o) {
+							$ownernames[] = $o->getLogin();
+							$ownerobjs[] = $o;
+						}
+					}
+				}
+			}
+		}
+		$this->searchparams['ownernames'] = $ownernames;
+		$this->searchparams['ownerobjs'] = $ownerobjs;
+		/* }}} */
+
+		// category {{{
+		$categories = array();
+		$categorynames = array();
+		$category = array();
+		if(isset($get['category']) && $get['category']) {
+			$category = $get['category'];
+			foreach($get['category'] as $catid) {
+				if($catid) {
+					if(is_numeric($catid)) {
+						if($cat = $dms->getDocumentCategory($catid)) {
+							$categories[] = $cat;
+							$categorynames[] = $cat->getName();
+						}
+					} else {
+						$categorynames[] = $catid;
+					}
+				}
+			}
+		}
+		$this->searchparams['categorynames'] = $categorynames;
+		$this->searchparams['categories'] = $categories;
+		/* }}} */
+
+		if (isset($get["orderby"]) && is_string($get["orderby"])) {
+			$orderby = $get["orderby"];
+		} else {
+			$orderby = "";
+		}
+		$this->searchparams['orderby'] = $orderby;
+
+		$limit = (isset($get["limit"]) && is_numeric($get["limit"])) ? (int) $get['limit'] : 20;
+		$this->searchparams['limit'] = $limit;
+		$fullsearch = ((!isset($get["fullsearch"]) && $this->settings->_defaultSearchMethod == 'fulltext') || !empty($get["fullsearch"])) && $this->settings->_enableFullSearch;
+		$this->searchparams['fullsearch'] = $fullsearch;
+		$facetsearch = !empty($get["facetsearch"]) && $this->settings->_enableFullSearch;
+		$this->searchparams['facetsearch'] = $facetsearch;
+
+		if (isset($get["query"]) && is_string($get["query"])) {
+			$query = $get["query"];
+		} else {
+			$query = "";
+		}
+		$this->searchparams['query'] = $query;
+
+		// Check to see if the search has been restricted to a particular
+		// mimetype. {{{
+		$mimetype = [];
+		if (isset($get["mimetype"])) {
+			if (!is_array($get['mimetype'])) {
+				if(!empty($get['mimetype']))
+					$mimetype[] = $get['mimetype'];
+			} else {
+				foreach($get["mimetype"] as $l) {
+					if($l)
+						$mimetype[] = $l;
+				}
+			}
+		}
+		$this->searchparams['mimetype'] = $mimetype;
+		/* }}} */
+
+		// status
+		$status = isset($get['status']) ? $get['status'] : array();
+		$this->searchparams['status'] = $status;
+
+		// Get the page number to display. If the result set contains more than
+		// 25 entries, it is displayed across multiple pages.
+		//
+		// This requires that a page number variable be used to track which page the
+		// user is interested in, and an extra clause on the select statement.
+		//
+		// Default page to display is always one.
+		$pageNumber=1;
+		if (isset($get["pg"])) {
+			if (is_numeric($get["pg"]) && $get["pg"]>0) {
+				$pageNumber = (int) $get["pg"];
+			}
+			elseif (!strcasecmp($get["pg"], "all")) {
+				$pageNumber = "all";
+			}
+		}
+		$this->searchparams['pageNumber'] = $pageNumber;
+
+		if($fullsearch) {
+			// Search in Fulltext {{{
+
+			// record_type
+			if(isset($get['record_type']))
+				$record_type = $get['record_type'];
+			else
+				$record_type = array();
+			$this->searchparams['record_type'] = $record_type;
+
+			if (isset($get["attributes"]))
+				$attributes = $get["attributes"];
+			else
+				$attributes = array();
+
+			foreach($attributes as $an=>&$av) {
+				if(substr($an, 0, 5) == 'attr_') {
+					$tmp = explode('_', $an);
+					if($attrdef = $dms->getAttributeDefinition($tmp[1])) {
+						switch($attrdef->getType()) {
+						/* Turn dates into timestamps */
+						case SeedDMS_Core_AttributeDefinition::type_date:
+							foreach(['from', 'to'] as $kk)
+								if(!empty($av[$kk])) {
+									if(!is_numeric($av[$kk])) {
+										$av[$kk] = makeTsFromDate($av[$kk]);
+									}
+								}
+							break;
+						}
+					}
+				}
+			}
+			$this->searchparams['attributes'] = $attributes;
+
+			/* Create $order array for fulltext search */
+			$order = ['by'=>'', 'dir'=>''];
+			switch($orderby) {
+			case 'dd':
+				$order = ['by'=>'created', 'dir'=>'desc'];
+				break;
+			case 'd':
+				$order = ['by'=>'created', 'dir'=>'asc'];
+				break;
+			case 'nd':
+				$order = ['by'=>'title', 'dir'=>'desc'];
+				break;
+			case 'n':
+				$order = ['by'=>'title', 'dir'=>'asc'];
+				break;
+			case 'id':
+				$order = ['by'=>'id', 'dir'=>'desc'];
+				break;
+			case 'i':
+				$order = ['by'=>'id', 'dir'=>'asc'];
+				break;
+			default:
+				$order = ['by'=>'', 'dir'=>''];
+			}
+			$this->searchparams['order'] = $order;
+
+			// Check to see if the search has been restricted to a particular sub-tree in
+			// the folder hierarchy.
+			$startFolder = null;
+			if (isset($get["folderfullsearchid"]) && is_numeric($get["folderfullsearchid"]) && $get["folderfullsearchid"]>0) {
+				$targetid = $get["folderfullsearchid"];
+				$startFolder = $this->dms->getFolder($targetid);
+				if (!is_object($startFolder)) {
+					UI::exitError(getMLText("search"),getMLText("invalid_folder_id"));
+				}
+			}
+			$this->searchparams['startFolder'] = $startFolder;
+
+			$rootFolder = $this->dms->getFolder($this->settings->_rootFolderID);
+			$this->searchparams['rootFolder'] = $rootFolder;
+
+			// }}}
+		} else {
+			// Search in Database {{{
+
+			/* Select if only documents (0x01), only folders (0x02) or both (0x03)
+			 * are found
+			 */
+			$resultmode = 0x03;
+			if (isset($get["resultmode"]) && is_numeric($get["resultmode"])) {
+					$resultmode = $get['resultmode'];
+			}
+			$this->searchparams['resultmode'] = $resultmode;
+
+			$mode = "AND";
+			if (isset($get["mode"]) && is_numeric($get["mode"]) && $get["mode"]==0) {
+					$mode = "OR";
+			}
+			$this->searchparams['mode'] = $mode;
+
+			$searchin = array();
+			if (isset($get['searchin']) && is_array($get["searchin"])) {
+				foreach ($get["searchin"] as $si) {
+					if (isset($si) && is_numeric($si)) {
+						switch ($si) {
+							case 1: // keywords
+							case 2: // name
+							case 3: // comment
+							case 4: // attributes
+							case 5: // id
+								$searchin[$si] = $si;
+								break;
+						}
+					}
+				}
+			}
+
+			// if none is checkd search all
+			if (count($searchin)==0) $searchin=array(1, 2, 3, 4, 5);
+			$this->searchparams['searchin'] = $searchin;
+
+			// Check to see if the search has been restricted to a particular sub-tree in
+			// the folder hierarchy.
+			if (isset($get["targetid"]) && is_numeric($get["targetid"]) && $get["targetid"]>0) {
+				$targetid = $get["targetid"];
+				$startFolder = $this->dms->getFolder($targetid);
+			}
+			else {
+				$startFolder = $this->dms->getRootFolder();
+			}
+			if (!is_object($startFolder)) {
+				UI::exitError(getMLText("search"),getMLText("invalid_folder_id"));
+			}
+			$this->searchparams['startFolder'] = $startFolder;
+
+			/* Revision date {{{ */
+			$revisionstartts = null;
+			$revisionstartdate = array();
+			$revisionendts = null;
+			$revisionenddate = array();
+			$revised['from'] = null;
+			$revised['to'] = null;
+			if(!empty($get["revisiondatestart"])) {
+				$revisionstartts = makeTsFromDate($get["revisiondatestart"]);
+				$revisionstartdate = array('year'=>(int)date('Y', $revisionstartts), 'month'=>(int)date('m', $revisionstartts), 'day'=>(int)date('d', $revisionstartts), 'hour'=>0, 'minute'=>0, 'second'=>0);
+				if (!checkdate($revisionstartdate['month'], $revisionstartdate['day'], $revisionstartdate['year'])) {
+					UI::exitError(getMLText("search"),getMLText("invalid_revision_date_start"));
+				}
+				$revised['from'] = $revisionstartts;
+			}
+			$this->searchparams['revisionstartdate'] = $revisionstartdate;
+			if(!empty($get["revisiondateend"])) {
+				$revisionendts = makeTsFromDate($get["revisiondateend"]);
+				$revisionenddate = array('year'=>(int)date('Y', $revisionendts), 'month'=>(int)date('m', $revisionendts), 'day'=>(int)date('d', $revisionendts), 'hour'=>23, 'minute'=>59, 'second'=>59);
+				if (!checkdate($revisionenddate['month'], $revisionenddate['day'], $revisionenddate['year'])) {
+					UI::exitError(getMLText("search"),getMLText("invalid_revision_date_end"));
+				}
+				$revised['to'] = $revisionendts;
+			}
+			$this->searchparams['revisionenddate'] = $revisionenddate;
+			/* }}} */
+
+			/* Status date {{{ */
+			$statusstartdate = array();
+			$statusenddate = array();
+			if(!empty($get["statusdatestart"])) {
+				$statusstartts = makeTsFromDate($get["statusdatestart"]);
+				$statusstartdate = array('year'=>(int)date('Y', $statusstartts), 'month'=>(int)date('m', $statusstartts), 'day'=>(int)date('d', $statusstartts), 'hour'=>0, 'minute'=>0, 'second'=>0);
+			}
+			$this->searchparams['statusstartdate'] = $statusstartdate;
+			if ($statusstartdate && !checkdate($statusstartdate['month'], $statusstartdate['day'], $statusstartdate['year'])) {
+				UI::exitError(getMLText("search"),getMLText("invalid_status_date_start"));
+			}
+			$this->searchparams['statusstartdate'] = $statusstartdate;
+
+			if(!empty($get["statusdateend"])) {
+				$statusendts = makeTsFromDate($get["statusdateend"]);
+				$statusenddate = array('year'=>(int)date('Y', $statusendts), 'month'=>(int)date('m', $statusendts), 'day'=>(int)date('d', $statusendts), 'hour'=>23, 'minute'=>59, 'second'=>59);
+			}
+			if ($statusenddate && !checkdate($statusenddate['month'], $statusenddate['day'], $statusenddate['year'])) {
+				UI::exitError(getMLText("search"),getMLText("invalid_status_date_end"));
+			}
+			$this->searchparams['statusenddate'] = $statusenddate;
+			/* }}} */
+
+			/* Expiration date {{{ */
+			$expstartdate = array();
+			$expenddate = array();
+			if(!empty($get["expirationstart"])) {
+				$expstartts = makeTsFromDate($get["expirationstart"]);
+				$expstartdate = array('year'=>(int)date('Y', $expstartts), 'month'=>(int)date('m', $expstartts), 'day'=>(int)date('d', $expstartts), 'hour'=>0, 'minute'=>0, 'second'=>0);
+				if (!checkdate($expstartdate['month'], $expstartdate['day'], $expstartdate['year'])) {
+					UI::exitError(getMLText("search"),getMLText("invalid_expiration_date_start"));
+				}
+			}
+			$this->searchparams['expstartdate'] = $expstartdate;
+			if(!empty($get["expirationend"])) {
+				$expendts = makeTsFromDate($get["expirationend"]);
+				$expenddate = array('year'=>(int)date('Y', $expendts), 'month'=>(int)date('m', $expendts), 'day'=>(int)date('d', $expendts), 'hour'=>23, 'minute'=>59, 'second'=>59);
+				if (!checkdate($expenddate['month'], $expenddate['day'], $expenddate['year'])) {
+					UI::exitError(getMLText("search"),getMLText("invalid_expiration_date_end"));
+				}
+			}
+			$this->searchparams['expenddate'] = $expenddate;
+			/* }}} */
+
+			$reception = array();
+			if (isset($get["reception"])){
+				$reception = $get["reception"];
+			}
+			$this->searchparams['reception'] = $reception;
+
+			/* Do not search for folders if result shall be filtered by status.
+			 * If this is not done, unexplainable results will be delivered.
+			 * e.g. a search for expired documents of a given user will list
+			 * also all folders of that user because the status doesn't apply
+			 * to folders.
+			 */
+		//	if($status)
+		//		$resultmode = 0x01;
+
+			if (isset($get["attributes"]))
+				$attributes = $get["attributes"];
+			else
+				$attributes = array();
+
+			foreach($attributes as $attrdefid=>$attribute) {
+				$attrdef = $this->dms->getAttributeDefinition($attrdefid);
+				if($attribute) {
+					if($attrdef->getType() == SeedDMS_Core_AttributeDefinition::type_date) {
+						if(is_array($attribute)) {
+							if(!empty($attributes[$attrdefid]['from']))
+								$attributes[$attrdefid]['from'] = date('Y-m-d', makeTsFromDate($attribute['from']));
+							if(!empty($attributes[$attrdefid]['to']))
+								$attributes[$attrdefid]['to'] = date('Y-m-d', makeTsFromDate($attribute['to']));
+						} else {
+							$attributes[$attrdefid] = date('Y-m-d', makeTsFromDate($attribute));
+						}
+					}
+				}
+			}
+			$this->searchparams['attributes'] = $attributes;
+
+		// }}}
+		}
+		return $this->searchparams;
+	} /* }}} */
+
+	public function setSearchParam($name, $value) {
+		$this->searchparams[$name] = $value;
+	}
+
+	public function search() { /* {{{ */
+		if($this->searchparams['fullsearch']) {
+			if($this->settings->_fullSearchEngine == 'lucene') {
+				Zend_Search_Lucene_Search_QueryParser::setDefaultEncoding('utf-8');
+			}
+
+			$startTime = $this->getTime();
+			$total = 0;
+			$index = $this->fulltextservice->Indexer();
+			if($index) {
+				if(!empty($this->settings->_suggestTerms) && !empty($get['query'])) {
+					$st = preg_split("/[\s,]+/", trim($get['query']));
+					if($lastterm = end($st))
+						$this->terms = $index->terms($lastterm, $this->settings->_suggestTerms);
+				}
+				$limit = $this->searchparams['limit'];
+				$lucenesearch = $this->fulltextservice->Search();
+				$searchresult = $lucenesearch->search($this->searchparams['query'],
+					array(
+						'record_type'=>$this->searchparams['record_type'],
+						'owner'=>$this->searchparams['ownernames'],
+						'status'=>$this->searchparams['status'],
+						'category'=>$this->searchparams['categorynames'],
+						'user'=>$this->user->isAdmin() ? [] : [$this->user->getLogin()],
+						'mimetype'=>$this->searchparams['mimetype'],
+						'startFolder'=>$this->searchparams['startFolder'],
+						'rootFolder'=>$this->searchparams['rootFolder'],
+						'created_start'=>$this->searchparams['created']['from'],
+						'created_end'=>$this->searchparams['created']['to'],
+						'modified_start'=>$this->searchparams['modified']['from'],
+						'modified_end'=>$this->searchparams['modified']['to'],
+						'filesize_start'=>$this->searchparams['filesize']['from'],
+						'filesize_end'=>$this->searchparams['filesize']['to'],
+						'attributes'=>$this->searchparams['attributes']
+					), ($this->searchparams['pageNumber'] == 'all' ? array() : array('limit'=>$limit, 'offset'=>$limit * ($this->searchparams['pageNumber']-1))), $this->searchparams['order']);
+				if($searchresult !== false) {
+					$entries = array();
+					$facets = $searchresult['facets'];
+					$stats = $searchresult['stats'] ?? null;
+					$dcount = 0;
+					$fcount = 0;
+					if($searchresult['hits']) {
+						foreach($searchresult['hits'] as $hit) {
+							if($hit['document_id'][0] == 'D') {
+								if($tmp = $this->dms->getDocument(substr($hit['document_id'], 1))) {
+	//								if($tmp->getAccessMode($user) >= M_READ) {
+										$tmp->verifyLastestContentExpriry();
+										$entries[] = $tmp;
+										$dcount++;
+	//								}
+								}
+							} elseif($hit['document_id'][0] == 'F') {
+								if($tmp = $this->dms->getFolder(substr($hit['document_id'], 1))) {
+	//								if($tmp->getAccessMode($user) >= M_READ) {
+										$entries[] = $tmp;
+										$fcount++;
+	//								}
+								}
+							}
+						}
+						if(isset($facets['record_type'])) {
+							$fcount = isset($facets['record_type']['folder']) ? $facets['record_type']['folder'] : 0;
+							$dcount = isset($facets['record_type']['document']) ? $facets['record_type']['document'] : 0 ;
+						}
+					}
+					$this->fcount = $fcount;
+					$this->dcount = $dcount;
+					$this->stats = $stats;
+					$this->entries = $entries;
+					$this->facets = $facets;
+					$totalPages = 0;
+					if($limit > 0) {
+						if($searchresult['count'] > $limit) {
+							$totalPages = (int) ($searchresult['count']/$limit);
+							if($searchresult['count']%$limit)
+								$totalPages++;
+						} else {
+							$totalPages = 1;
+						}
+					}
+					$this->total = $searchresult['count'];
+					$this->totalPages = $totalPages;
+				}
+				$searchTime = $this->getTime() - $startTime;
+				$this->searchTime = round($searchTime, 2);
+			}
+		} else {
+			// ---------------- Start searching -----------------------------------------
+			$startTime = $this->getTime();
+			$resArr = $this->dms->search(array(
+				'query'=>$this->searchparams['query'],
+				'limit'=>0,
+				'offset'=>0,
+				'logicalmode'=>$this->searchparams['mode'],
+				'searchin'=>$this->searchparams['searchin'],
+				'startFolder'=>$this->searchparams['startFolder'],
+				'owner'=>$this->searchparams['ownerobjs'],
+				'status'=>$this->searchparams['status'],
+				'mimetype'=>$this->searchparams['mimetype'],
+				'creationstartdate'=>$this->searchparams['created']['from'],
+				'creationenddate'=>$this->searchparams['created']['to'],
+				'modificationstartdate'=>$this->searchparams['modified']['from'],
+				'modificationenddate'=>$this->searchparams['modified']['to'],
+				'filesizestart'=>$this->searchparams['filesize']['from'],
+				'filesizeend'=>$this->searchparams['filesize']['to'],
+				'categories'=>$this->searchparams['categories'],
+				'attributes'=>$this->searchparams['attributes'],
+				'mode'=>$this->searchparams['resultmode'],
+				'expirationstartdate'=>$this->searchparams['expstartdate'],
+				'expirationenddate'=>$this->searchparams['expenddate'],
+				'revisionstartdate'=>$this->searchparams['revisionstartdate'],
+				'revisionenddate'=>$this->searchparams['revisionenddate'],
+				'reception'=>$this->searchparams['reception'],
+				'statusstartdate'=>$this->searchparams['statusstartdate'],
+				'statusenddate'=>$this->searchparams['statusenddate'],
+				'orderby'=>$this->searchparams['orderby']
+			));
+			$this->total = $resArr['totalDocs'] + $resArr['totalFolders'];
+			$searchTime = $this->getTime() - $startTime;
+			$this->searchTime = round($searchTime, 2);
+
+			$entries = array();
+			$fcount = 0;
+			if($resArr['folders']) {
+				foreach ($resArr['folders'] as $entry) {
+					if ($entry->getAccessMode($this->user) >= M_READ) {
+						$entries[] = $entry;
+						$fcount++;
+					}
+				}
+			}
+			$this->fcount = $fcount;
+			$dcount = 0;
+			if($resArr['docs']) {
+				foreach ($resArr['docs'] as $entry) {
+					if ($entry->getAccessMode($this->user) >= M_READ) {
+						if($entry->getLatestContent()) {
+							$entry->verifyLastestContentExpriry();
+							$entries[] = $entry;
+							$dcount++;
+						}
+					}
+				}
+			}
+			$limit = $this->searchparams['limit'];
+			$this->dcount = $dcount;
+			$totalPages = 0;
+			if($limit > 0) {
+				$totalPages = (int) (count($entries)/$limit);
+				if(count($entries)%$limit)
+					$totalPages++;
+			}
+			if($this->searchparams['pageNumber'] != 'all')
+				$this->entries = array_slice($entries, ($this->searchparams['pageNumber']-1)*$limit, $limit);
+			$this->totalPages = $totalPages;
+			$this->facets = array();
+			$this->stats = array();
+		}
+	} /* }}} */
+
+	public function getFolderCount() {
+		return $this->fcount;
+	}
+
+	public function getDocumentCount() {
+		return $this->dcount;
+	}
+
+	public function getTotal() {
+		return $this->total;
+	}
+} /* }}} */

inc/inc.Version.php

@@ -20,7 +20,7 @@
 
 class SeedDMS_Version { /* {{{ */
 
-	const _number = "5.1.37";
+	const _number = "6.0.33";
 	const _string = "SeedDMS";
 
 	function __construct() {

index.php

@@ -44,32 +44,9 @@ if(true) {
 
 	$containerBuilder = new \DI\ContainerBuilder();
 	$c = $containerBuilder->build();
-	/*
-	$c['notFoundHandler'] = function ($c) use ($settings, $dms) {
-		return function ($request, $response) use ($c, $settings, $dms) {
-			$uri = $request->getUri();
-			if($uri->getBasePath())
-				$file = $uri->getPath();
-			else
-				$file = substr($uri->getPath(), 1);
-			if(file_exists($file) && is_file($file)) {
-				$_SERVER['SCRIPT_FILENAME'] = basename($file);
-//				include($file);
-				exit;
-			}
-			if($request->isXhr()) {
-				exit;
-			}
-//			print_r($request->getUri());
-//			exit;
-			return $c['response']
-				->withStatus(302)
-				->withHeader('Location', isset($settings->_siteDefaultPage) && strlen($settings->_siteDefaultPage)>0 ? $settings->_httpRoot.$settings->_siteDefaultPage : $settings->_httpRoot."out/out.ViewFolder.php");
-		};
-	};
-	 */
 	AppFactory::setContainer($c);
 	$app = AppFactory::create();
+
 	/* put lots of data into the container, because if slim instanciates
 	 * a class by itself (with the help from the DI container), it will
 	 * pass the container to the constructor of the instanciated class.
@@ -91,12 +68,8 @@ if(true) {
 			}
 	}
 
-	$app->get('/', function($request, $response) {
+	$app->addErrorMiddleware(false, true, true);
-		return $response
-			->withHeader('Location', '/out/out.ViewFolder.php')
-			->withStatus(302);
 
-	});
 	if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) {
 		foreach($GLOBALS['SEEDDMS_HOOKS']['initDMS'] as $hookObj) {
 			if (method_exists($hookObj, 'addRoute')) {
@@ -107,20 +80,13 @@ if(true) {
 		}
 	}
 
-	/*
+	/* Catch all route */
-	$app->get('/out/[{path:.*}]', function($request, $response, $path = null) use ($app) {
+	$app->get('/{path:.*}', function($request, $response) use ($settings) {
-		$uri = $request->getUri();
+		return $response
-		if($uri->getBasePath())
+			->withHeader('Location', $settings->_httpRoot.'out/out.ViewFolder.php')
-			$file = $uri->getPath();
+			->withStatus(302);
-		else
+
-			$file = substr($uri->getPath(), 1);
-		if(file_exists($file) && is_file($file)) {
-			$_SERVER['SCRIPT_FILENAME'] = basename($file);
-			include($file);
-			exit;
-		}
 	});
-	 */
 
 	$app->run();
 } else {

install/class.Install.php

@@ -406,86 +406,97 @@ echo '<p><a href="install.php">' . getMLText("settings_start_install") . '</a></
 		$this->contentHeading("SeedDMS Installation for version ".$_GET['version']);
 		$this->contentContainerStart();
 
-$sqlfile = "update.sql";
+		$sqlfile = "update.sql";
-switch($settings->_dbDriver) {
+		switch($settings->_dbDriver) {
-	case 'mysql':
+			case 'mysql':
-	case 'mysqli':
+			case 'mysqli':
-	case 'mysqlnd':
+			case 'mysqlnd':
-		$tmp = explode(":", $settings->_dbHostname);
+				$tmp = explode(":", $settings->_dbHostname);
-		$dsn = $settings->_dbDriver.":dbname=".$settings->_dbDatabase.";host=".$tmp[0];
+				$dsn = $settings->_dbDriver.":dbname=".$settings->_dbDatabase.";host=".$tmp[0];
-		if(isset($tmp[1]))
+				if(isset($tmp[1]))
-			$dsn .= ";port=".$tmp[1];
+					$dsn .= ";port=".$tmp[1];
-		break;
+				break;
-	case 'sqlite':
+			case 'sqlite':
-		$dsn = $settings->_dbDriver.":".$settings->_dbDatabase;
+				$dsn = $settings->_dbDriver.":".$settings->_dbDatabase;
-		if(file_exists('update-'.$_GET['version'].'/update-sqlite3.sql'))
+				if(file_exists('update-'.$_GET['version'].'/update-sqlite3.sql'))
-			$sqlfile = "update-sqlite3.sql";
+					$sqlfile = "update-sqlite3.sql";
-		break;
+				break;
-	case 'pgsql':
+			case 'pgsql':
-		$tmp = explode(":", $settings->_dbHostname);
+				$tmp = explode(":", $settings->_dbHostname);
-		$dsn = $settings->_dbDriver.":dbname=".$settings->_dbDatabase.";host=".$tmp[0];
+				$dsn = $settings->_dbDriver.":dbname=".$settings->_dbDatabase.";host=".$tmp[0];
-		if(isset($tmp[1]))
+				if(isset($tmp[1]))
-			$dsn .= ";port=".$tmp[1];
+					$dsn .= ";port=".$tmp[1];
-		if(file_exists('update-'.$_GET['version'].'/update-postgres.sql'))
+				if(file_exists('update-'.$_GET['version'].'/update-postgres.sql'))
-			$sqlfile = "update-postgres.sql";
+					$sqlfile = "update-postgres.sql";
-}
+		}
-$db = new PDO($dsn, $settings->_dbUser, $settings->_dbPass);
+		$db = new PDO($dsn, $settings->_dbUser, $settings->_dbPass);
-if (!$db) {
+		if (!$db) {
-	die;
+			die;
-}
+		}
 
-$errorMsg = '';
+		$errorMsg = '';
-$res = $db->query('select * from tblVersion');
+		switch($settings->_dbDriver) {
-$recs = $res->fetchAll(PDO::FETCH_ASSOC);
+			case 'mysql':
-if(!empty($recs)) {
+			case 'mysqli':
-	$rec = $recs[0];
+			case 'mysqlnd':
-	if($_GET['version'] > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
+			case 'sqlite':
+				$sql = 'select * from `tblVersion`';
+				break;
+			case 'pgsql':
+				$sql = 'select * from "tblVersion"';
+				break;
+		}
+		$res = $db->query($sql);
+		$recs = $res->fetchAll(PDO::FETCH_ASSOC);
+		if(!empty($recs)) {
+			$rec = $recs[0];
+			if($_GET['version'] > $rec['major'].'.'.$rec['minor'].'.'.$rec['subminor']) {
 
-		if(file_exists('update-'.$_GET['version'].'/'.$sqlfile)) {
+				if(file_exists('update-'.$_GET['version'].'/'.$sqlfile)) {
-			$queries = file_get_contents('update-'.$_GET['version'].'/'.$sqlfile);
+					$queries = file_get_contents('update-'.$_GET['version'].'/'.$sqlfile);
-			$queries = explode(";", $queries);
+					$queries = explode(";", $queries);
 
-			// execute queries
+					// execute queries
-			if($queries) {
+					if($queries) {
-				echo "<h3>Updating database schema</h3>";
+						echo "<h3>Updating database schema</h3>";
-				foreach($queries as $query) {
+						foreach($queries as $query) {
-					$query = trim($query);
+							$query = trim($query);
-					if (!empty($query)) {
+							if (!empty($query)) {
-						echo $query."<br />";
+								echo $query."<br />";
-						if(false === $db->exec($query)) {
+								if(false === $db->exec($query)) {
-							$e = $db->ErrorInfo();
+									$e = $db->ErrorInfo();
-							$errorMsg .= $e[2] . "<br/>";
+									$errorMsg .= $e[2] . "<br/>";
+								}
+							}
 						}
 					}
+				} else {
+					echo "<p>SQL file for update missing!</p>";
 				}
+			} else {
+				echo "<p>Database schema already up to date.</p>";
 			}
+
+
+			if(!$errorMsg) {
+				if(file_exists('update-'.$_GET['version'].'/update.php')) {
+					echo "<h3>Running update script</h3>";
+					include('update-'.$_GET['version'].'/update.php');
+				}
+			} else {
+				echo "<h3>Error Messages</h3>";
+				echo $errorMsg;
+			}
+			echo "<p><a href=\"install.php\">Go back to installation and recheck.</a></p>";
 		} else {
-			echo "<p>SQL file for update missing!</p>";
+			echo "<p>Could not determine database schema version.</p>";
 		}
-	} else {
+		$db = null;
-		echo "<p>Database schema already up to date.</p>";
-	}
 
-
+		// just remove info for web page installation
-	if(!$errorMsg) {
+		$settings->_printDisclaimer = false;
-		if(file_exists('update-'.$_GET['version'].'/update.php')) {
+		$settings->_footNote = false;
-			echo "<h3>Running update script</h3>";
+		// end of the page
-			include('update-'.$_GET['version'].'/update.php');
-		}
-	} else {
-		echo "<h3>Error Messages</h3>";
-		echo $errorMsg;
-	}
-	echo "<p><a href=\"install.php\">Go back to installation and recheck.</a></p>";
-} else {
-	echo "<p>Could not determine database schema version.</p>";
-}
-$db = null;
-
-// just remove info for web page installation
-$settings->_printDisclaimer = false;
-$settings->_footNote = false;
-// end of the page
 		$this->contentContainerEnd();
 		$this->contentEnd();
 		$this->htmlEndPage();

install/create_tables-innodb.sql

@@ -47,19 +47,35 @@ CREATE TABLE `tblAttributeDefinitions` (
 -- --------------------------------------------------------
 
 --
--- Table structure for table `tblUsers`
+-- Table structure for table `tblRoles`
 --
 
+CREATE TABLE `tblRoles` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(50) DEFAULT NULL,
+  `role` smallint(1) NOT NULL DEFAULT '0',
+  `noaccess` varchar(30) NOT NULL DEFAULT '',
+  PRIMARY KEY (`id`),
+  UNIQUE (`name`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `tblUsers`
+-- 
+
 CREATE TABLE `tblUsers` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `login` varchar(50) DEFAULT NULL,
   `pwd` varchar(50) DEFAULT NULL,
+  `secret` varchar(50) DEFAULT NULL,
   `fullName` varchar(100) DEFAULT NULL,
   `email` varchar(70) DEFAULT NULL,
   `language` varchar(32) NOT NULL,
   `theme` varchar(32) NOT NULL,
   `comment` text NOT NULL,
-  `role` smallint(1) NOT NULL DEFAULT '0',
+  `role` int(11) NOT NULL,
   `hidden` smallint(1) NOT NULL DEFAULT '0',
   `pwdExpiration` datetime DEFAULT NULL,
   `loginfailures` tinyint(4) NOT NULL DEFAULT '0',
@@ -67,11 +83,28 @@ CREATE TABLE `tblUsers` (
   `quota` bigint(20) DEFAULT NULL,
   `homefolder` int(11) DEFAULT NULL,
   PRIMARY KEY (`id`),
-  UNIQUE KEY `login` (`login`)
+  UNIQUE KEY `login` (`login`),
+  CONSTRAINT `tblUsers_role` FOREIGN KEY (`role`) REFERENCES `tblRoles` (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblUserSubstitutes`
+--
+
+CREATE TABLE `tblUserSubstitutes` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `user` int(11) DEFAULT null,
+  `substitute` int(11) DEFAULT null,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `user` (`user`,`substitute`),
+  CONSTRAINT `tblUserSubstitutes_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`substitute`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+);
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblUserPasswordRequest`
 --
@@ -222,6 +255,7 @@ CREATE TABLE `tblDocumentApprovers` (
   UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
   CONSTRAINT `tblDocumentApprovers_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE INDEX `indDocumentApproversRequired` ON `tblDocumentApprovers` (`required`);
 
 -- --------------------------------------------------------
 
@@ -262,6 +296,7 @@ CREATE TABLE `tblDocumentContent` (
   `mimeType` varchar(100) NOT NULL DEFAULT '',
   `fileSize` bigint(20) DEFAULT NULL,
   `checksum` char(32) DEFAULT NULL,
+  `revisiondate` datetime DEFAULT NULL,
   PRIMARY KEY (`id`),
   UNIQUE KEY `document` (`document`,`version`),
   CONSTRAINT `tblDocumentContent_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`)
@@ -350,6 +385,23 @@ CREATE TABLE `tblDocumentLocks` (
 -- --------------------------------------------------------
 
 --
+-- Table structure for table `tblDocumentCheckOuts`
+--
+
+CREATE TABLE `tblDocumentCheckOuts` (
+  `document` int(11) NOT NULL DEFAULT '0',
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `userID` int(11) NOT NULL DEFAULT '0',
+  `date` datetime NOT NULL,
+  `filename` varchar(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`document`),
+  CONSTRAINT `tblDocumentCheckOuts_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblDocumentCheckOuts_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+-- 
 -- Table structure for table `tblDocumentReviewers`
 --
 
@@ -363,6 +415,7 @@ CREATE TABLE `tblDocumentReviewers` (
   UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
   CONSTRAINT `tblDocumentReviewers_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE INDEX `indDocumentReviewersRequired` ON `tblDocumentReviewers` (`required`);
 
 -- --------------------------------------------------------
 
@@ -386,6 +439,83 @@ CREATE TABLE `tblDocumentReviewLog` (
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblDocumentRecipients`
+--
+
+CREATE TABLE `tblDocumentRecipients` (
+  `receiptID` int(11) NOT NULL AUTO_INCREMENT,
+  `documentID` int(11) NOT NULL DEFAULT '0',
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `type` tinyint(4) NOT NULL DEFAULT '0',
+  `required` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`receiptID`),
+  UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
+  CONSTRAINT `tblDocumentRecipients_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentReceiptLog`
+--
+
+CREATE TABLE `tblDocumentReceiptLog` (
+  `receiptLogID` int(11) NOT NULL AUTO_INCREMENT,
+  `receiptID` int(11) NOT NULL DEFAULT '0',
+  `status` tinyint(4) NOT NULL DEFAULT '0',
+  `comment` text NOT NULL,
+  `date` datetime NOT NULL,
+  `userID` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`receiptLogID`),
+  KEY `tblDocumentReceiptLog_receipt` (`receiptID`),
+  KEY `tblDocumentReceiptLog_user` (`userID`),
+  CONSTRAINT `tblDocumentReceiptLog_recipient` FOREIGN KEY (`receiptID`) REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
+  CONSTRAINT `tblDocumentReceiptLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentRevisors`
+--
+
+CREATE TABLE `tblDocumentRevisors` (
+  `revisionID` int(11) NOT NULL AUTO_INCREMENT,
+  `documentID` int(11) NOT NULL DEFAULT '0',
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `type` tinyint(4) NOT NULL DEFAULT '0',
+  `required` int(11) NOT NULL DEFAULT '0',
+  `startdate` datetime DEFAULT NULL,
+  PRIMARY KEY (`revisionID`),
+  UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
+  CONSTRAINT `tblDocumentRevisors_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentRevisionLog`
+--
+
+CREATE TABLE `tblDocumentRevisionLog` (
+  `revisionLogID` int(11) NOT NULL AUTO_INCREMENT,
+  `revisionID` int(11) NOT NULL DEFAULT '0',
+  `status` tinyint(4) NOT NULL DEFAULT '0',
+  `comment` text NOT NULL,
+  `date` datetime NOT NULL,
+  `userID` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`revisionLogID`),
+  KEY `tblDocumentRevisionLog_revision` (`revisionID`),
+  KEY `tblDocumentRevisionLog_user` (`userID`),
+  CONSTRAINT `tblDocumentRevisionLog_revision` FOREIGN KEY (`revisionID`) REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
+  CONSTRAINT `tblDocumentRevisionLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblDocumentStatus`
 --
@@ -608,6 +738,7 @@ CREATE TABLE `tblWorkflows` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `name` text NOT NULL,
   `initstate` int(11) NOT NULL,
+  `layoutdata` text DEFAULT NULL,
   PRIMARY KEY (`id`),
   KEY `tblWorkflow_initstate` (`initstate`),
   CONSTRAINT `tblWorkflow_initstate` FOREIGN KEY (`initstate`) REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE
@@ -674,53 +805,52 @@ CREATE TABLE `tblWorkflowTransitionGroups` (
 
 -- --------------------------------------------------------
 
---
--- Table structure for table `tblWorkflowLog`
---
-
-CREATE TABLE `tblWorkflowLog` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `document` int(11) DEFAULT NULL,
-  `version` smallint(5) DEFAULT NULL,
-  `workflow` int(11) DEFAULT NULL,
-  `userid` int(11) DEFAULT NULL,
-  `transition` int(11) DEFAULT NULL,
-  `date` datetime NOT NULL,
-  `comment` text,
-  PRIMARY KEY (`id`),
-  KEY `tblWorkflowLog_document` (`document`),
-  KEY `tblWorkflowLog_workflow` (`workflow`),
-  KEY `tblWorkflowLog_userid` (`userid`),
-  KEY `tblWorkflowLog_transition` (`transition`),
-  CONSTRAINT `tblWorkflowLog_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `tblWorkflowLog_transition` FOREIGN KEY (`transition`) REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `tblWorkflowLog_userid` FOREIGN KEY (`userid`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
-  CONSTRAINT `tblWorkflowLog_workflow` FOREIGN KEY (`workflow`) REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- --------------------------------------------------------
-
 --
 -- Table structure for table `tblWorkflowDocumentContent`
 --
 
 CREATE TABLE `tblWorkflowDocumentContent` (
-  `parentworkflow` int(11) DEFAULT '0',
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `parent` int(11) DEFAULT NULL,
   `workflow` int(11) DEFAULT NULL,
   `document` int(11) DEFAULT NULL,
   `version` smallint(5) DEFAULT NULL,
   `state` int(11) DEFAULT NULL,
   `date` datetime NOT NULL,
+  PRIMARY KEY (`id`),
   KEY `tblWorkflowDocument_document` (`document`),
   KEY `tblWorkflowDocument_workflow` (`workflow`),
   KEY `tblWorkflowDocument_state` (`state`),
   CONSTRAINT `tblWorkflowDocument_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
   CONSTRAINT `tblWorkflowDocument_state` FOREIGN KEY (`state`) REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblWorkflowDocumentContent_parent` FOREIGN KEY (`parent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
   CONSTRAINT `tblWorkflowDocument_workflow` FOREIGN KEY (`workflow`) REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblWorkflowLog`
+--
+
+CREATE TABLE `tblWorkflowLog` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `workflowdocumentcontent` int(11) NOT NULL DEFAULT '0',
+  `userid` int(11) DEFAULT NULL,
+  `transition` int(11) DEFAULT NULL,
+  `date` datetime NOT NULL,
+  `comment` text,
+  PRIMARY KEY (`id`),
+  KEY `tblWorkflowLog_userid` (`userid`),
+  KEY `tblWorkflowLog_transition` (`transition`),
+  KEY `tblWorkflowLog_workflowdocumentcontent` (`workflowdocumentcontent`),
+  CONSTRAINT `tblWorkflowLog_workflowdocumentcontent` FOREIGN KEY (`workflowdocumentcontent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblWorkflowLog_transition` FOREIGN KEY (`transition`) REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblWorkflowLog_userid` FOREIGN KEY (`userid`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblWorkflowMandatoryWorkflow`
 --
@@ -736,6 +866,127 @@ CREATE TABLE `tblWorkflowMandatoryWorkflow` (
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for transmittal
+--
+
+CREATE TABLE `tblTransmittals` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` text NOT NULL,
+  `comment` text NOT NULL,
+  `userID` int(11) NOT NULL DEFAULT '0',
+  `date` datetime DEFAULT NULL,
+  `public` tinyint(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  CONSTRAINT `tblTransmittals_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for transmittal item
+--
+
+CREATE TABLE `tblTransmittalItems` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `transmittal` int(11) NOT NULL DEFAULT '0',
+  `document` int(11) DEFAULT NULL,
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `date` datetime DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE (transmittal, document, version),
+  CONSTRAINT `tblTransmittalItems_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblTransmittalItem_transmittal` FOREIGN KEY (`transmittal`) REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for cached read access
+-- 
+
+CREATE TABLE `tblCachedAccess` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `document` int(11) DEFAULT NULL,
+  `user` int(11) DEFAULT null,
+  `mode` tinyint(4) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  CONSTRAINT `tblCachedAccess_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblCachedAccess_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for access request objects
+-- 
+
+CREATE TABLE `tblAros` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `parent` int(11),
+  `model` text NOT NULL,
+  `foreignid` int(11) NOT NULL DEFAULT '0',
+  `alias` varchar(255),
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for access control objects
+-- 
+
+CREATE TABLE `tblAcos` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `parent` int(11),
+  `model` text NOT NULL,
+  `foreignid` int(11) NOT NULL DEFAULT '0',
+  `alias` varchar(255),
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for acos/aros relation
+-- 
+
+CREATE TABLE `tblArosAcos` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `aro` int(11) NOT NULL DEFAULT '0',
+  `aco` int(11) NOT NULL DEFAULT '0',
+  `create` tinyint(4) NOT NULL DEFAULT '-1',
+  `read` tinyint(4) NOT NULL DEFAULT '-1',
+  `update` tinyint(4) NOT NULL DEFAULT '-1',
+  `delete` tinyint(4) NOT NULL DEFAULT '-1',
+  PRIMARY KEY (`id`),
+  UNIQUE (aco, aro),
+  CONSTRAINT `tblArosAcos_acos` FOREIGN KEY (`aco`) REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblArosAcos_aros` FOREIGN KEY (`aro`) REFERENCES `tblAros` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblSchedulerTask`
+--
+
+CREATE TABLE `tblSchedulerTask` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(100) DEFAULT NULL,
+  `description` text DEFAULT NULL,
+  `disabled` smallint(1) NOT NULL DEFAULT '0',
+  `extension` varchar(100) DEFAULT NULL,
+  `task` varchar(100) DEFAULT NULL,
+  `frequency` varchar(100) DEFAULT NULL,
+  `params` text DEFAULT NULL,
+  `nextrun` datetime DEFAULT NULL,
+  `lastrun` datetime DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblVersion`
 --
@@ -753,7 +1004,10 @@ CREATE TABLE `tblVersion` (
 -- Initial content for database
 --
 
-INSERT INTO tblUsers VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
-INSERT INTO tblUsers VALUES (2, 'guest', NULL, 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
+INSERT INTO tblUsers VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', '', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
+INSERT INTO tblUsers VALUES (2, 'guest', NULL, '', 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
 INSERT INTO tblFolders VALUES (1, 'DMS', 0, '', 'DMS root', UNIX_TIMESTAMP(), 1, 0, 2, 0);
-INSERT INTO tblVersion VALUES (NOW(), 5, 1, 0);
+INSERT INTO tblVersion VALUES (NOW(), 6, 0, 0);

install/create_tables-postgres.sql

@@ -43,6 +43,19 @@ CREATE TABLE "tblAttributeDefinitions" (
 
 -- --------------------------------------------------------
 
+-- 
+-- Table structure for table `tblRoles`
+-- 
+
+CREATE TABLE "tblRoles" (
+  "id" SERIAL UNIQUE,
+  "name" varchar(50) default NULL,
+  "role" INTEGER NOT NULL default '0',
+  "noaccess" varchar(30) NOT NULL default ''
+) ;
+
+-- --------------------------------------------------------
+
 -- 
 -- Table structure for table "tblUsers"
 -- 
@@ -51,6 +64,7 @@ CREATE TABLE "tblUsers" (
   "id" SERIAL UNIQUE,
   "login" varchar(50) default NULL,
   "pwd" varchar(50) default NULL,
+  "secret" varchar(50) default NULL,
   "fullName" varchar(100) default NULL,
   "email" varchar(70) default NULL,
   "language" varchar(32) NOT NULL,
@@ -68,6 +82,18 @@ CREATE TABLE "tblUsers" (
 
 -- --------------------------------------------------------
 
+-- 
+-- Table structure for table `tblUserSubstitutes`
+-- 
+
+CREATE TABLE "tblUserSubstitutes" (
+  "id" SERIAL UNIQUE,
+  "user" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
+  "substitute" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+);
+
+-- --------------------------------------------------------
+
 -- 
 -- Table structure for table "tblUserPasswordRequest"
 -- 
@@ -225,6 +251,7 @@ CREATE TABLE "tblDocumentContent" (
   "mimeType" varchar(100) NOT NULL default '',
   "fileSize" BIGINT,
   "checksum" char(32),
+  "revisiondate" TIMESTAMP default NULL,
   UNIQUE ("document","version")
 ) ;
 
@@ -290,6 +317,21 @@ CREATE TABLE "tblDocumentLocks" (
 
 -- --------------------------------------------------------
 
+-- 
+-- Table structure for table `tblDocumentCheckOuts`
+-- 
+
+CREATE TABLE "tblDocumentCheckOuts" (
+  "document" INTEGER REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
+  "version" INTEGER NOT NULL default '0',
+  "userID" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id"),
+  "date" TEXT NOT NULL,
+  "filename" varchar(255) NOT NULL default '',
+  UNIQUE ("document")
+) ;
+
+-- --------------------------------------------------------
+
 -- 
 -- Table structure for table "tblDocumentReviewers"
 -- 
@@ -320,6 +362,67 @@ CREATE TABLE "tblDocumentReviewLog" (
 
 -- --------------------------------------------------------
 
+-- 
+-- Table structure for table `tblDocumentRecipients`
+-- 
+
+CREATE TABLE "tblDocumentRecipients" (
+  "receiptID" SERIAL UNIQUE,
+  "documentID" INTEGER NOT NULL default '0' REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
+  "version" INTEGER NOT NULL default '0',
+  "type" INTEGER NOT NULL default '0',
+  "required" INTEGER NOT NULL default '0',
+  UNIQUE ("documentID","version","type","required")
+) ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table "tblDocumentReceiptLog"
+-- 
+
+CREATE TABLE "tblDocumentReceiptLog" (
+  "receiptLogID" SERIAL UNIQUE,
+  "receiptID" INTEGER NOT NULL default 0 REFERENCES "tblDocumentRecipients" ("receiptID") ON DELETE CASCADE,
+  "status" INTEGER NOT NULL default 0,
+  "comment" TEXT NOT NULL,
+  "date" TEXT NOT NULL,
+  "userID" INTEGER NOT NULL default 0 REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+) ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `tblDocumentRevisors`
+-- 
+
+CREATE TABLE "tblDocumentRevisors" (
+  "revisionID" SERIAL UNIQUE,
+  "documentID" INTEGER NOT NULL default '0' REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
+  "version" INTEGER NOT NULL default '0',
+  "type" INTEGER NOT NULL default '0',
+  "required" INTEGER NOT NULL default '0',
+  "startdate" TIMESTAMP default NULL,
+  UNIQUE ("documentID","version","type","required")
+) ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table "tblDocumentRevisionLog"
+-- 
+
+CREATE TABLE "tblDocumentRevisionLog" (
+  "revisionLogID" SERIAL UNIQUE,
+  "revisionID" INTEGER NOT NULL default 0 REFERENCES "tblDocumentRevisors" ("revisionID") ON DELETE CASCADE,
+  "status" INTEGER NOT NULL default 0,
+  "comment" TEXT NOT NULL,
+  "date" TIMESTAMP default NULL,
+  "userID" INTEGER NOT NULL default 0 REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+) ;
+
+-- --------------------------------------------------------
+
 -- 
 -- Table structure for table "tblDocumentStatus"
 -- 
@@ -433,7 +536,7 @@ CREATE TABLE "tblSessions" (
   "theme" varchar(30) NOT NULL default '',
   "language" varchar(30) NOT NULL default '',
   "clipboard" text default NULL,
-	"su" INTEGER DEFAULT NULL,
+  "su" INTEGER DEFAULT NULL,
   "splashmsg" text default NULL
 ) ;
 
@@ -514,7 +617,8 @@ CREATE TABLE "tblWorkflowActions" (
 CREATE TABLE "tblWorkflows" (
   "id" SERIAL UNIQUE,
   "name" text NOT NULL,
-  "initstate" INTEGER NOT NULL REFERENCES "tblWorkflowStates" ("id") ON DELETE CASCADE
+  "initstate" INTEGER NOT NULL REFERENCES "tblWorkflowStates" ("id") ON DELETE CASCADE,
+  "layoutdata" text default NULL
 ) ;
 
 -- --------------------------------------------------------
@@ -559,29 +663,13 @@ CREATE TABLE "tblWorkflowTransitionGroups" (
 
 -- --------------------------------------------------------
 
--- 
--- Table structure for workflow log
--- 
-
-CREATE TABLE "tblWorkflowLog" (
-  "id" SERIAL UNIQUE,
-  "document" INTEGER default NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
-  "version" INTEGER default NULL,
-  "workflow" INTEGER default NULL REFERENCES "tblWorkflows" ("id") ON DELETE CASCADE,
-  "userid" INTEGER default NULL REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
-  "transition" INTEGER default NULL REFERENCES "tblWorkflowTransitions" ("id") ON DELETE CASCADE,
-  "date" TIMESTAMP default NULL,
-  "comment" text
-) ;
-
--- --------------------------------------------------------
-
 -- 
 -- Table structure for workflow document relation
 -- 
 
 CREATE TABLE "tblWorkflowDocumentContent" (
-  "parentworkflow" INTEGER DEFAULT 0,
+  "id" SERIAL UNIQUE,
+  "parent" INTEGER DEFAULT NULL REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE,
   "workflow" INTEGER DEFAULT NULL REFERENCES "tblWorkflows" ("id") ON DELETE CASCADE,
   "document" INTEGER DEFAULT NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
   "version" INTEGER DEFAULT NULL,
@@ -591,6 +679,21 @@ CREATE TABLE "tblWorkflowDocumentContent" (
 
 -- --------------------------------------------------------
 
+-- 
+-- Table structure for workflow log
+-- 
+
+CREATE TABLE "tblWorkflowLog" (
+  "id" SERIAL UNIQUE,
+  "workflowdocumentcontent" INTEGER DEFAULT NULL REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE,
+  "userid" INTEGER default NULL REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
+  "transition" INTEGER default NULL REFERENCES "tblWorkflowTransitions" ("id") ON DELETE CASCADE,
+  "date" TIMESTAMP default NULL,
+  "comment" text
+) ;
+
+-- --------------------------------------------------------
+
 -- 
 -- Table structure for mandatory workflows
 -- 
@@ -603,6 +706,101 @@ CREATE TABLE "tblWorkflowMandatoryWorkflow" (
 
 -- --------------------------------------------------------
 
+-- 
+-- Table structure for transmittal
+-- 
+
+CREATE TABLE "tblTransmittals" (
+  "id" SERIAL UNIQUE,
+  "name" text NOT NULL,
+  "comment" text NOT NULL,
+  "userID" INTEGER NOT NULL default '0' REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
+  "date" TIMESTAMP default NULL,
+  "public" INTEGER NOT NULL default '0'
+);
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for transmittal item
+-- 
+
+CREATE TABLE "tblTransmittalItems" (
+  "id" SERIAL UNIQUE,
+  "transmittal" INTEGER NOT NULL DEFAULT '0' REFERENCES "tblTransmittals" ("id") ON DELETE CASCADE,
+  "document" INTEGER default NULL REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
+  "version" INTEGER NOT NULL default '0',
+  "date" TIMESTAMP default NULL,
+  UNIQUE (transmittal, document, version)
+);
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for access request objects
+-- 
+
+CREATE TABLE "tblAros" (
+  "id" SERIAL UNIQUE,
+  "parent" INTEGER,
+  "model" TEXT NOT NULL,
+  "foreignid" INTEGER NOT NULL DEFAULT '0',
+  "alias" TEXT
+) ;
+
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for access control objects
+-- 
+
+CREATE TABLE "tblAcos" (
+  "id" SERIAL UNIQUE,
+  "parent" INTEGER,
+  "model" TEXT NOT NULL,
+  "foreignid" INTEGER NOT NULL DEFAULT '0',
+  "alias" TEXT
+) ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for acos/aros relation
+-- 
+
+CREATE TABLE "tblArosAcos" (
+  "id" SERIAL UNIQUE,
+  "aro" INTEGER NOT NULL DEFAULT '0' REFERENCES "tblAros" ("id") ON DELETE CASCADE,
+  "aco" INTEGER NOT NULL DEFAULT '0' REFERENCES "tblAcos" ("id") ON DELETE CASCADE,
+  "create" INTEGER NOT NULL DEFAULT '-1',
+  "read" INTEGER NOT NULL DEFAULT '-1',
+  "update" INTEGER NOT NULL DEFAULT '-1',
+  "delete" INTEGER NOT NULL DEFAULT '-1',
+  UNIQUE (aco, aro)
+) ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for tblSchedulerTask
+-- 
+
+CREATE TABLE "tblSchedulerTask" (
+  "id" SERIAL UNIQUE,
+  "name" varchar(100) DEFAULT NULL,
+  "description" TEXT DEFAULT NULL,
+  "disabled" INTEGER NOT NULL DEFAULT '0',
+  "extension" varchar(100) DEFAULT NULL,
+  "task" varchar(100) DEFAULT NULL,
+  "frequency" varchar(100) DEFAULT NULL,
+  "params" TEXT DEFAULT NULL,
+  "nextrun" TIMESTAMP DEFAULT NULL,
+  "lastrun" TIMESTAMP DEFAULT NULL
+) ;
+
+-- --------------------------------------------------------
+
 -- 
 -- Table structure for version
 -- 
@@ -620,10 +818,16 @@ CREATE TABLE "tblVersion" (
 -- Initial content for database
 --
 
-INSERT INTO "tblUsers" VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
+INSERT INTO "tblRoles" ("id", "name", "role") VALUES (1, 'Admin', 1);
+SELECT nextval('"tblRoles_id_seq"');
+INSERT INTO "tblRoles" ("id", "name", "role") VALUES (2, 'Guest', 2);
+SELECT nextval('"tblRoles_id_seq"');
+INSERT INTO "tblRoles" ("id", "name", "role") VALUES (3, 'User', 0);
+SELECT nextval('"tblRoles_id_seq"');
+INSERT INTO "tblUsers" VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', '', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, NULL, 0, 0, 0, NULL);
 SELECT nextval('"tblUsers_id_seq"');
-INSERT INTO "tblUsers" VALUES (2, 'guest', NULL, 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
+INSERT INTO "tblUsers" VALUES (2, 'guest', NULL, '', 'Guest User', NULL, '', '', '', 2, 0, NULL, 0, 0, 0, NULL);
 SELECT nextval('"tblUsers_id_seq"');
 INSERT INTO "tblFolders" VALUES (1, 'DMS', 0, '', 'DMS root', extract(epoch from now()), 1, 0, 2, 0);
 SELECT nextval('"tblFolders_id_seq"');
-INSERT INTO "tblVersion" VALUES (CURRENT_TIMESTAMP, 5, 1, 0);
+INSERT INTO "tblVersion" VALUES (CURRENT_TIMESTAMP, 6, 0, 0);

install/create_tables-sqlite3.sql

@@ -43,6 +43,20 @@ CREATE TABLE `tblAttributeDefinitions` (
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblRoles`
+--
+
+CREATE TABLE `tblRoles` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `name` varchar(50) default NULL,
+  `role` INTEGER NOT NULL default '0',
+  `noaccess` varchar(30) NOT NULL default '',
+  UNIQUE (`name`)
+) ;
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblUsers`
 --
@@ -51,12 +65,13 @@ CREATE TABLE `tblUsers` (
   `id` INTEGER PRIMARY KEY AUTOINCREMENT,
   `login` varchar(50) default NULL,
   `pwd` varchar(50) default NULL,
+  `secret` varchar(50) default NULL,
   `fullName` varchar(100) default NULL,
   `email` varchar(70) default NULL,
   `language` varchar(32) NOT NULL,
   `theme` varchar(32) NOT NULL,
   `comment` text NOT NULL,
-  `role` INTEGER NOT NULL default '0',
+  `role` INTEGER NOT NULL REFERENCES `tblRoles` (`id`),
   `hidden` INTEGER NOT NULL default '0',
   `pwdExpiration` TEXT default NULL,
   `loginfailures` INTEGER NOT NULL default '0',
@@ -68,6 +83,19 @@ CREATE TABLE `tblUsers` (
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblUserSubstitutes`
+--
+
+CREATE TABLE `tblUserSubstitutes` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `user` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  `substitute` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  UNIQUE (`user`, `substitute`)
+);
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblUserPasswordRequest`
 --
@@ -135,7 +163,7 @@ CREATE TABLE `tblFolderAttributes` (
   `folder` INTEGER default NULL REFERENCES `tblFolders` (`id`) ON DELETE CASCADE,
   `attrdef` INTEGER default NULL REFERENCES `tblAttributeDefinitions` (`id`),
   `value` text default NULL,
-  UNIQUE (folder, attrdef)
+  UNIQUE (`folder`, `attrdef`)
 ) ;
  
 -- --------------------------------------------------------
@@ -171,7 +199,7 @@ CREATE TABLE `tblDocumentAttributes` (
   `document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
   `attrdef` INTEGER default NULL REFERENCES `tblAttributeDefinitions` (`id`),
   `value` text default NULL,
-  UNIQUE (document, attrdef)
+  UNIQUE (`document`, `attrdef`)
 ) ;
 
 -- --------------------------------------------------------
@@ -188,6 +216,7 @@ CREATE TABLE `tblDocumentApprovers` (
   `required` INTEGER NOT NULL default '0',
   UNIQUE (`documentID`,`version`,`type`,`required`)
 ) ;
+CREATE INDEX `indDocumentApproversRequired` ON `tblDocumentApprovers` (`required`);
 
 -- --------------------------------------------------------
 
@@ -203,6 +232,7 @@ CREATE TABLE `tblDocumentApproveLog` (
   `date` TEXT NOT NULL,
   `userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
 ) ;
+CREATE INDEX `indDocumentApproveLogApproveID` ON `tblDocumentApproveLog` (`approveID`);
 
 -- --------------------------------------------------------
 
@@ -223,6 +253,7 @@ CREATE TABLE `tblDocumentContent` (
   `mimeType` varchar(100) NOT NULL default '',
   `fileSize` INTEGER,
   `checksum` char(32),
+  `revisiondate` TEXT default NULL,
   UNIQUE (`document`,`version`)
 ) ;
 
@@ -237,7 +268,7 @@ CREATE TABLE `tblDocumentContentAttributes` (
   `content` INTEGER default NULL REFERENCES `tblDocumentContent` (`id`) ON DELETE CASCADE,
   `attrdef` INTEGER default NULL REFERENCES `tblAttributeDefinitions` (`id`),
   `value` text default NULL,
-  UNIQUE (content, attrdef)
+  UNIQUE (`content`, `attrdef`)
 ) ;
 
 -- --------------------------------------------------------
@@ -288,6 +319,21 @@ CREATE TABLE `tblDocumentLocks` (
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblDocumentCheckOuts`
+--
+
+CREATE TABLE `tblDocumentCheckOuts` (
+  `document` INTEGER REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`),
+  `date` TEXT NOT NULL,
+  `filename` varchar(255) NOT NULL default '',
+  UNIQUE (`document`)
+) ;
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblDocumentReviewers`
 --
@@ -300,6 +346,7 @@ CREATE TABLE `tblDocumentReviewers` (
   `required` INTEGER NOT NULL default '0',
   UNIQUE (`documentID`,`version`,`type`,`required`)
 ) ;
+CREATE INDEX `indDocumentReviewersRequired` ON `tblDocumentReviewers` (`required`);
 
 -- --------------------------------------------------------
 
@@ -315,6 +362,72 @@ CREATE TABLE `tblDocumentReviewLog` (
   `date` TEXT NOT NULL,
   `userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
 ) ;
+CREATE INDEX `indDocumentReviewLogReviewID` ON `tblDocumentReviewLog` (`reviewID`);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentRecipients`
+--
+
+CREATE TABLE `tblDocumentRecipients` (
+  `receiptID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `type` INTEGER NOT NULL default '0',
+  `required` INTEGER NOT NULL default '0',
+  UNIQUE (`documentID`,`version`,`type`,`required`)
+) ;
+CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentReceiptLog`
+--
+
+CREATE TABLE `tblDocumentReceiptLog` (
+  `receiptLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `receiptID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
+  `status` INTEGER NOT NULL default 0,
+  `comment` TEXT NOT NULL,
+  `date` TEXT NOT NULL,
+  `userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ;
+CREATE INDEX `indDocumentReceiptLogReceiptID` ON `tblDocumentReceiptLog` (`receiptID`);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentRevisors`
+--
+
+CREATE TABLE `tblDocumentRevisors` (
+  `revisionID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `type` INTEGER NOT NULL default '0',
+  `required` INTEGER NOT NULL default '0',
+  `startdate` TEXT default NULL,
+  UNIQUE (`documentID`,`version`,`type`,`required`)
+) ;
+CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblDocumentRevisionLog`
+--
+
+CREATE TABLE `tblDocumentRevisionLog` (
+  `revisionLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `revisionID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
+  `status` INTEGER NOT NULL default 0,
+  `comment` TEXT NOT NULL,
+  `date` TEXT NOT NULL,
+  `userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ;
+CREATE INDEX `indDocumentRevisionLogRevisionID` ON `tblDocumentRevisionLog` (`revisionID`);
 
 -- --------------------------------------------------------
 
@@ -343,6 +456,7 @@ CREATE TABLE `tblDocumentStatusLog` (
   `date` TEXT NOT NULL,
   `userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
 ) ;
+CREATE INDEX `indDocumentStatusLogStatusID` ON `tblDocumentStatusLog` (`StatusID`);
 
 -- --------------------------------------------------------
 
@@ -512,7 +626,8 @@ CREATE TABLE `tblWorkflowActions` (
 CREATE TABLE `tblWorkflows` (
   `id` INTEGER PRIMARY KEY AUTOINCREMENT,
   `name` text NOT NULL,
-  `initstate` INTEGER NOT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE
+  `initstate` INTEGER NOT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
+  `layoutdata` text default NULL
 ) ;
 
 -- --------------------------------------------------------
@@ -557,29 +672,13 @@ CREATE TABLE `tblWorkflowTransitionGroups` (
 
 -- --------------------------------------------------------
 
---
--- Table structure for table `tblWorkflowLog`
---
-
-CREATE TABLE `tblWorkflowLog` (
-  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
-  `document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
-  `version` INTEGER default NULL,
-  `workflow` INTEGER default NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
-  `userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
-  `transition` INTEGER default NULL REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
-  `date` datetime NOT NULL,
-  `comment` text
-) ;
-
--- --------------------------------------------------------
-
 --
 -- Table structure for table `tblWorkflowDocumentContent`
 --
 
 CREATE TABLE `tblWorkflowDocumentContent` (
-  `parentworkflow` INTEGER DEFAULT 0,
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `parent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
   `workflow` INTEGER DEFAULT NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
   `document` INTEGER DEFAULT NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
   `version` INTEGER DEFAULT NULL,
@@ -589,6 +688,21 @@ CREATE TABLE `tblWorkflowDocumentContent` (
 
 -- --------------------------------------------------------
 
+--
+-- Table structure for table `tblWorkflowLog`
+--
+
+CREATE TABLE `tblWorkflowLog` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `workflowdocumentcontent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent`   (`id`) ON DELETE CASCADE,
+  `userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  `transition` INTEGER default NULL REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
+  `date` datetime NOT NULL,
+  `comment` text
+) ;
+
+-- --------------------------------------------------------
+
 --
 -- Table structure for table `tblWorkflowMandatoryWorkflow`
 --
@@ -596,7 +710,102 @@ CREATE TABLE `tblWorkflowDocumentContent` (
 CREATE TABLE `tblWorkflowMandatoryWorkflow` (
   `userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
   `workflow` INTEGER default NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
-  UNIQUE(userid, workflow)
+  UNIQUE(`userid`, `workflow`)
+) ;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for transmittal
+--
+
+CREATE TABLE `tblTransmittals` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `name` text NOT NULL,
+  `comment` text NOT NULL,
+  `userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  `date` TEXT default NULL,
+  `public` INTEGER NOT NULL default '0'
+);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for transmittal item
+--
+
+CREATE TABLE `tblTransmittalItems` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `transmittal` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE,
+  `document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `date` TEXT default NULL,
+  UNIQUE (`transmittal`, `document`, `version`)
+);
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for access request objects
+--
+
+CREATE TABLE `tblAros` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `parent` INTEGER,
+  `model` TEXT NOT NULL,
+  `foreignid` INTEGER NOT NULL DEFAULT '0',
+  `alias` TEXT
+) ;
+
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for access control objects
+--
+
+CREATE TABLE `tblAcos` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `parent` INTEGER,
+  `model` TEXT NOT NULL,
+  `foreignid` INTEGER NOT NULL DEFAULT '0',
+  `alias` TEXT
+) ;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for acos/aros relation
+--
+
+CREATE TABLE `tblArosAcos` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `aro` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAros` (`id`) ON DELETE CASCADE,
+  `aco` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
+  `create` INTEGER NOT NULL DEFAULT '-1',
+  `read` INTEGER NOT NULL DEFAULT '-1',
+  `update` INTEGER NOT NULL DEFAULT '-1',
+  `delete` INTEGER NOT NULL DEFAULT '-1',
+  UNIQUE (`aco`, `aro`)
+) ;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `tblSchedulerTask`
+--
+
+CREATE TABLE `tblSchedulerTask` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `name` varchar(100) DEFAULT NULL,
+  `description` TEXT DEFAULT NULL,
+  `disabled` INTEGER NOT NULL DEFAULT '0',
+  `extension` varchar(100) DEFAULT NULL,
+  `task` varchar(100) DEFAULT NULL,
+  `frequency` varchar(100) DEFAULT NULL,
+  `params` TEXT DEFAULT NULL,
+  `nextrun` TEXT DEFAULT NULL,
+  `lastrun` TEXT DEFAULT NULL
 ) ;
 
 -- --------------------------------------------------------
@@ -618,7 +827,10 @@ CREATE TABLE `tblVersion` (
 -- Initial content for database
 --
 
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
 INSERT INTO `tblUsers` (`id`, `login`, `pwd`, `fullName`, `email`, `language`, `theme`, `comment`, `role`, `hidden`, `pwdExpiration`, `loginfailures`, `disabled`, `quota`, `homefolder`) VALUES (1, 'admin', '21232f297a57a5a743894a0e4a801fc3', 'Administrator', 'info@seeddms.org', '', '', '', 1, 0, '', 0, 0, 0, NULL);
 INSERT INTO `tblUsers` (`id`, `login`, `pwd`, `fullName`, `email`, `language`, `theme`, `comment`, `role`, `hidden`, `pwdExpiration`, `loginfailures`, `disabled`, `quota`, `homefolder`) VALUES (2, 'guest', NULL, 'Guest User', NULL, '', '', '', 2, 0, '', 0, 0, 0, NULL);
 INSERT INTO `tblFolders` (`id`, `name`, `parent`, `folderList`, `comment`, `date`, `owner`, `inheritAccess`, `defaultAccess`, `sequence`) VALUES (1, 'DMS', NULL, '', 'DMS root', strftime('%s','now'), 1, 0, 2, 0);
-INSERT INTO `tblVersion` VALUES (DATETIME(), 5, 1, 0);
+INSERT INTO `tblVersion` VALUES (DATETIME(), 6, 0, 0);

install/update-6.0.0/update-postgres.sql

@@ -0,0 +1,181 @@
+START TRANSACTION;
+
+ALTER TABLE "tblDocumentContent" ADD COLUMN "revisiondate" TIMESTAMP default NULL;
+
+ALTER TABLE "tblUsers" ADD COLUMN "secret" varchar(50) default NULL;
+
+ALTER TABLE "tblWorkflows" ADD COLUMN "layoutdata" text default NULL;
+
+ALTER TABLE "tblWorkflowDocumentContent" ADD COLUMN "id" SERIAL UNIQUE;
+
+ALTER TABLE "tblWorkflowLog" ADD COLUMN "workflowdocumentcontent" INTEGER NOT NULL DEFAULT '0';
+
+UPDATE "tblWorkflowLog" SET "workflowdocumentcontent" = "tblWorkflowDocumentContent"."id" FROM "tblWorkflowDocumentContent" WHERE "tblWorkflowLog"."document" = "tblWorkflowDocumentContent"."document" AND "tblWorkflowLog"."version" = "tblWorkflowDocumentContent"."version" AND "tblWorkflowLog"."workflow" = "tblWorkflowDocumentContent"."workflow";
+
+INSERT INTO "tblWorkflowDocumentContent" ("parentworkflow", "workflow", "document", "version", "state", "date") SELECT 0 AS "parentworkflow", "workflow", "document", "version", NULL AS "state", max("date") AS "date" FROM "tblWorkflowLog" WHERE "workflowdocumentcontent" = 0 GROUP BY "workflow", "document", "version";
+
+UPDATE "tblWorkflowLog" SET "workflowdocumentcontent" = "tblWorkflowDocumentContent"."id" FROM "tblWorkflowDocumentContent" WHERE "tblWorkflowLog"."document" = "tblWorkflowDocumentContent"."document" AND "tblWorkflowLog"."version" = "tblWorkflowDocumentContent"."version" AND "tblWorkflowLog"."workflow" = "tblWorkflowDocumentContent"."workflow";
+
+ALTER TABLE "tblWorkflowLog" ADD CONSTRAINT "tblWorkflowLog_workflowdocumentcontent" FOREIGN KEY ("workflowdocumentcontent") REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE;
+
+ALTER TABLE "tblWorkflowDocumentContent" ADD COLUMN "parent" INTEGER DEFAULT NULL;
+
+ALTER TABLE "tblWorkflowDocumentContent" ADD CONSTRAINT "tblWorkflowDocumentContent_parent" FOREIGN KEY ("parent") REFERENCES "tblWorkflowDocumentContent" ("id") ON DELETE CASCADE;
+
+ALTER TABLE "tblWorkflowDocumentContent" DROP COLUMN "parentworkflow";
+
+ALTER TABLE "tblWorkflowLog" DROP COLUMN "document";
+
+ALTER TABLE "tblWorkflowLog" DROP COLUMN "version";
+
+ALTER TABLE "tblWorkflowLog" DROP COLUMN "workflow";
+
+CREATE TABLE "tblUserSubstitutes" (
+  "id" SERIAL UNIQUE,
+  "user" INTEGER default null,
+  "substitute" INTEGER default null,
+  UNIQUE ("user", "substitute"),
+  CONSTRAINT "tblUserSubstitutes_user" FOREIGN KEY ("user") REFERENCES "tblUsers" ("id") ON DELETE CASCADE,
+  CONSTRAINT "tblUserSubstitutes_substitute" FOREIGN KEY ("user") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblDocumentCheckOuts" (
+  "document" INTEGER NOT NULL default '0',
+  "version" INTEGER NOT NULL default '0',
+  "userID" INTEGER NOT NULL default '0',
+  "date" TIMESTAMP NOT NULL,
+  "filename" varchar(255) NOT NULL default '',
+  CONSTRAINT "tblDocumentCheckOuts_document" FOREIGN KEY ("document") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
+  CONSTRAINT "tblDocumentCheckOuts_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblDocumentRecipients" (
+  "receiptID" SERIAL UNIQUE,
+  "documentID" INTEGER NOT NULL default '0',
+  "version" INTEGER NOT NULL default '0',
+  "type" INTEGER NOT NULL default '0',
+  "required" INTEGER NOT NULL default '0',
+  UNIQUE ("documentID","version","type","required"),
+  CONSTRAINT "tblDocumentRecipients_document" FOREIGN KEY ("documentID") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblDocumentReceiptLog" (
+  "receiptLogID" SERIAL UNIQUE,
+  "receiptID" INTEGER NOT NULL default '0',
+  "status" INTEGER NOT NULL default '0',
+  "comment" text NOT NULL,
+  "date" TIMESTAMP NOT NULL,
+  "userID" INTEGER NOT NULL default '0',
+  CONSTRAINT "tblDocumentReceiptLog_recipient" FOREIGN KEY ("receiptID") REFERENCES "tblDocumentRecipients" ("receiptID") ON DELETE CASCADE,
+  CONSTRAINT "tblDocumentReceiptLog_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblDocumentRevisors" (
+  "revisionID" SERIAL UNIQUE,
+  "documentID" INTEGER NOT NULL default '0',
+  "version" INTEGER NOT NULL default '0',
+  "type" INTEGER NOT NULL default '0',
+  "required" INTEGER NOT NULL default '0',
+  "startdate" TIMESTAMP default NULL,
+  UNIQUE ("documentID","version","type","required"),
+  CONSTRAINT "tblDocumentRevisors_document" FOREIGN KEY ("documentID") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblDocumentRevisionLog" (
+  "revisionLogID" SERIAL UNIQUE,
+  "revisionID" INTEGER NOT NULL default '0',
+  "status" INTEGER NOT NULL default '0',
+  "comment" text NOT NULL,
+  "date" TIMESTAMP NOT NULL,
+  "userID" INTEGER NOT NULL default '0',
+  CONSTRAINT "tblDocumentRevisionLog_revision" FOREIGN KEY ("revisionID") REFERENCES "tblDocumentRevisors" ("revisionID") ON DELETE CASCADE,
+  CONSTRAINT "tblDocumentRevisionLog_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblTransmittals" (
+  "id" SERIAL UNIQUE,
+  "name" text NOT NULL,
+  "comment" text NOT NULL,
+  "userID" INTEGER NOT NULL default '0',
+  "date" TIMESTAMP default NULL,
+  "public" INTEGER NOT NULL default '0',
+  CONSTRAINT "tblTransmittals_user" FOREIGN KEY ("userID") REFERENCES "tblUsers" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblTransmittalItems" (
+  "id" SERIAL UNIQUE,
+	"transmittal" INTEGER NOT NULL DEFAULT '0',
+  "document" INTEGER default NULL,
+  "version" INTEGER NOT NULL default '0',
+  "date" TIMESTAMP default NULL,
+  UNIQUE ("transmittal", "document", "version"),
+  CONSTRAINT "tblTransmittalItems_document" FOREIGN KEY ("document") REFERENCES "tblDocuments" ("id") ON DELETE CASCADE,
+  CONSTRAINT "tblTransmittalItem_transmittal" FOREIGN KEY ("transmittal") REFERENCES "tblTransmittals" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblRoles" (
+  "id" SERIAL UNIQUE,
+  "name" varchar(50) default NULL,
+  "role" INTEGER NOT NULL default '0',
+  "noaccess" varchar(30) NOT NULL default '',
+  UNIQUE ("name")
+);
+
+INSERT INTO "tblRoles" ("id", "name", "role") VALUES (1, 'Admin', 1);
+SELECT nextval('"tblRoles_id_seq"');
+INSERT INTO "tblRoles" ("id", "name", "role") VALUES (2, 'Guest', 2);
+SELECT nextval('"tblRoles_id_seq"');
+INSERT INTO "tblRoles" ("id", "name", "role") VALUES (3, 'User', 0);
+SELECT nextval('"tblRoles_id_seq"');
+
+ALTER TABLE "tblUsers" ALTER "role" DROP DEFAULT;
+ALTER TABLE "tblUsers" ALTER "role" SET NOT NULL;
+UPDATE "tblUsers" SET role=3 WHERE role=0;
+ALTER TABLE "tblUsers" ADD CONSTRAINT "tblUsers_role" FOREIGN KEY ("role") REFERENCES "tblRoles" ("id");
+
+CREATE TABLE "tblAros" (
+  "id" SERIAL UNIQUE,
+  "parent" INTEGER,
+  "model" text NOT NULL,
+  "foreignid" INTEGER NOT NULL DEFAULT '0',
+  "alias" varchar(255)
+);
+
+CREATE TABLE "tblAcos" (
+  "id" SERIAL UNIQUE,
+  "parent" INTEGER,
+  "model" text NOT NULL,
+  "foreignid" INTEGER NOT NULL DEFAULT '0',
+  "alias" varchar(255)
+);
+
+CREATE TABLE "tblArosAcos" (
+  "id" SERIAL UNIQUE,
+  "aro" INTEGER NOT NULL DEFAULT '0',
+  "aco" INTEGER NOT NULL DEFAULT '0',
+  "create" INTEGER NOT NULL DEFAULT '-1',
+  "read" INTEGER NOT NULL DEFAULT '-1',
+  "update" INTEGER NOT NULL DEFAULT '-1',
+  "delete" INTEGER NOT NULL DEFAULT '-1',
+  UNIQUE ("aco", "aro"),
+  CONSTRAINT "tblArosAcos_acos" FOREIGN KEY ("aco") REFERENCES "tblAcos" ("id") ON DELETE CASCADE,
+  CONSTRAINT "tblArosAcos_aros" FOREIGN KEY ("aro") REFERENCES "tblAros" ("id") ON DELETE CASCADE
+);
+
+CREATE TABLE "tblSchedulerTask" (
+  "id" SERIAL UNIQUE,
+  "name" varchar(100) DEFAULT NULL,
+  "description" TEXT DEFAULT NULL,
+  "disabled" INTEGER NOT NULL DEFAULT '0',
+  "extension" varchar(100) DEFAULT NULL,
+  "task" varchar(100) DEFAULT NULL,
+  "frequency" varchar(100) DEFAULT NULL,
+  "params" TEXT DEFAULT NULL,
+  "nextrun" TIMESTAMP DEFAULT NULL,
+  "lastrun" TIMESTAMP DEFAULT NULL
+) ;
+
+UPDATE "tblVersion" set "major"=6, "minor"=0, "subminor"=0;
+
+COMMIT;
+

install/update-6.0.0/update-sqlite3.sql

@@ -0,0 +1,206 @@
+BEGIN;
+
+ALTER TABLE `tblDocumentContent` ADD COLUMN `revisiondate` TEXT default NULL;
+
+ALTER TABLE `tblUsers` ADD COLUMN `secret` varchar(50) default NULL;
+
+ALTER TABLE `tblWorkflows` ADD COLUMN `layoutdata` text default NULL;
+
+CREATE TABLE `new_tblWorkflowDocumentContent` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `parent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
+  `workflow` INTEGER DEFAULT NULL REFERENCES `tblWorkflows` (`id`) ON DELETE CASCADE,
+  `document` INTEGER DEFAULT NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER DEFAULT NULL,
+  `state` INTEGER DEFAULT NULL REFERENCES `tblWorkflowStates` (`id`) ON DELETE CASCADE,
+  `date` datetime NOT NULL
+) ;
+
+INSERT INTO `new_tblWorkflowDocumentContent` (`parent`, `workflow`, `document`, `version`,     `state`, `date`) SELECT NULL as `parent`, `workflow`, `document`, `version`, `state`, `date` FROM `tblWorkflowDocumentContent`;
+
+INSERT INTO `new_tblWorkflowDocumentContent` (`parent`, `workflow`, `document`, `version`, `state`, `date`) SELECT NULL, `a`.`workflow`, `a`.`document`, `a`.`version`, NULL AS `state`, max(`a`.`date`) FROM `tblWorkflowLog` `a` LEFT JOIN `tblWorkflowDocumentContent` `b` ON `a`.`document`=`b`.`document` AND `a`.`version`=`b`.`version` AND `a`.`workflow`=`b`.`workflow` WHERE `b`.`document` IS NULL GROUP BY `a`.`document`, `a`.`version`, `a`.`workflow`;
+
+CREATE TABLE `new_tblWorkflowLog` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+	`workflowdocumentcontent` INTEGER DEFAULT NULL REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE,
+  `userid` INTEGER default NULL REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  `transition` INTEGER default NULL REFERENCES `tblWorkflowTransitions` (`id`) ON DELETE CASCADE,
+  `date` datetime NOT NULL,
+  `comment` text
+) ;
+
+INSERT INTO `new_tblWorkflowLog` (`id`, `workflowdocumentcontent`, `userid`, `transition`, `date`, `comment`) SELECT `a`.`id`, `b`.`id`, `a`.`userid`, `a`.`transition`, `a`.`date`, `a`.`comment` FROM `tblWorkflowLog` `a` LEFT JOIN `new_tblWorkflowDocumentContent` `b` ON `a`.`document`=`b`.`document` AND `a`.`version`=`b`.`version` AND `a`.`workflow`=`b`.`workflow` WHERE `b`.`document` IS NOT NULL;
+
+DROP TABLE `tblWorkflowLog`;
+
+ALTER TABLE `new_tblWorkflowLog` RENAME TO `tblWorkflowLog`;
+
+DROP TABLE `tblWorkflowDocumentContent`;
+
+ALTER TABLE `new_tblWorkflowDocumentContent` RENAME TO `tblWorkflowDocumentContent`;
+
+CREATE TABLE `tblUserSubstitutes` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `user` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  `substitute` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  UNIQUE (`user`, `substitute`)
+);
+
+CREATE TABLE `tblDocumentCheckOuts` (
+  `document` INTEGER REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`),
+  `date` TEXT NOT NULL,
+  `filename` varchar(255) NOT NULL default '',
+  UNIQUE (`document`)
+) ;
+
+CREATE TABLE `tblDocumentRecipients` (
+  `receiptID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `type` INTEGER NOT NULL default '0',
+  `required` INTEGER NOT NULL default '0',
+  UNIQUE (`documentID`,`version`,`type`,`required`)
+) ;
+CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
+
+CREATE TABLE `tblDocumentReceiptLog` (
+  `receiptLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `receiptID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
+  `status` INTEGER NOT NULL default 0,
+  `comment` TEXT NOT NULL,
+  `date` TEXT NOT NULL,
+  `userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ;
+CREATE INDEX `indDocumentReceiptLogReceiptID` ON `tblDocumentReceiptLog` (`receiptID`);
+
+CREATE TABLE `tblDocumentRevisors` (
+  `revisionID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `documentID` INTEGER NOT NULL default '0' REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `type` INTEGER NOT NULL default '0',
+  `required` INTEGER NOT NULL default '0',
+  `startdate` TEXT default NULL,
+  UNIQUE (`documentID`,`version`,`type`,`required`)
+) ;
+CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
+
+CREATE TABLE `tblDocumentRevisionLog` (
+  `revisionLogID` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `revisionID` INTEGER NOT NULL default 0 REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
+  `status` INTEGER NOT NULL default 0,
+  `comment` TEXT NOT NULL,
+  `date` TEXT NOT NULL,
+  `userID` INTEGER NOT NULL default 0 REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ;
+CREATE INDEX `indDocumentRevisionLogRevisionID` ON `tblDocumentRevisionLog` (`revisionID`);
+
+CREATE TABLE `tblTransmittals` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `name` text NOT NULL,
+  `comment` text NOT NULL,
+  `userID` INTEGER NOT NULL default '0' REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  `date` TEXT default NULL,
+  `public` INTEGER NOT NULL default '0'
+);
+
+CREATE TABLE `tblTransmittalItems` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+	`transmittal` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE,
+  `document` INTEGER default NULL REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  `version` INTEGER unsigned NOT NULL default '0',
+  `date` TEXT default NULL,
+  UNIQUE (transmittal, document, version)
+);
+
+CREATE TABLE `tblRoles` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `name` varchar(50) default NULL,
+  `role` INTEGER NOT NULL default '0',
+  `noaccess` varchar(30) NOT NULL default '',
+  UNIQUE (`name`)
+);
+
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
+
+UPDATE `tblUsers` SET role=3 WHERE role=0;
+
+CREATE TABLE `new_tblUsers` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `login` varchar(50) default NULL,
+  `pwd` varchar(50) default NULL,
+  `fullName` varchar(100) default NULL,
+  `email` varchar(70) default NULL,
+  `language` varchar(32) NOT NULL,
+  `theme` varchar(32) NOT NULL,
+  `comment` text NOT NULL,
+  `role` INTEGER NOT NULL REFERENCES `tblRoles` (`id`),
+  `hidden` INTEGER NOT NULL default '0',
+  `pwdExpiration` TEXT default NULL,
+  `loginfailures` INTEGER NOT NULL default '0',
+  `disabled` INTEGER NOT NULL default '0',
+  `quota` INTEGER,
+  `homefolder` INTEGER default NULL REFERENCES `tblFolders` (`id`),
+  `secret` varchar(50) default NULL,
+  UNIQUE (`login`)
+);
+
+INSERT INTO new_tblUsers SELECT * FROM tblUsers;
+
+DROP TABLE tblUsers;
+
+ALTER TABLE new_tblUsers RENAME TO tblUsers;
+
+CREATE TABLE `tblAros` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `parent` INTEGER,
+  `model` TEXT NOT NULL,
+  `foreignid` INTEGER NOT NULL DEFAULT '0',
+  `alias` TEXT
+) ;
+
+CREATE TABLE `tblAcos` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `parent` INTEGER,
+  `model` TEXT NOT NULL,
+  `foreignid` INTEGER NOT NULL DEFAULT '0',
+  `alias` TEXT
+) ;
+
+CREATE TABLE `tblArosAcos` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `aro` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAros` (`id`) ON DELETE CASCADE,
+  `aco` INTEGER NOT NULL DEFAULT '0' REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
+  `create` INTEGER NOT NULL DEFAULT '-1',
+  `read` INTEGER NOT NULL DEFAULT '-1',
+  `update` INTEGER NOT NULL DEFAULT '-1',
+  `delete` INTEGER NOT NULL DEFAULT '-1',
+  UNIQUE (aco, aro)
+) ;
+
+CREATE INDEX `indDocumentStatusLogStatusID` ON `tblDocumentStatusLog` (`StatusID`);
+CREATE INDEX `indDocumentApproversRequired` ON `tblDocumentApprovers` (`required`);
+CREATE INDEX `indDocumentApproveLogApproveID` ON `tblDocumentApproveLog` (`approveID`);
+CREATE INDEX `indDocumentReviewersRequired` ON `tblDocumentReviewers` (`required`);
+CREATE INDEX `indDocumentReviewLogReviewID` ON `tblDocumentReviewLog` (`reviewID`);
+
+CREATE TABLE `tblSchedulerTask` (
+  `id` INTEGER PRIMARY KEY AUTOINCREMENT,
+  `name` varchar(100) DEFAULT NULL,
+  `description` TEXT DEFAULT NULL,
+  `disabled` INTEGER NOT NULL DEFAULT '0',
+  `extension` varchar(100) DEFAULT NULL,
+  `task` varchar(100) DEFAULT NULL,
+  `frequency` varchar(100) DEFAULT NULL,
+  `params` TEXT DEFAULT NULL,
+  `nextrun` TEXT DEFAULT NULL,
+  `lastrun` TEXT DEFAULT NULL
+) ;
+
+UPDATE tblVersion set major=6, minor=0, subminor=0;
+
+COMMIT;
+

install/update-6.0.0/update.sql

@@ -0,0 +1,200 @@
+START TRANSACTION;
+
+ALTER TABLE `tblDocumentContent` ADD COLUMN `revisiondate` datetime DEFAULT NULL;
+
+ALTER TABLE `tblUsers` ADD COLUMN `secret` varchar(50) DEFAULT NULL AFTER `pwd`;
+
+ALTER TABLE `tblWorkflows` ADD COLUMN `layoutdata` text DEFAULT NULL AFTER `initstate`;
+
+ALTER TABLE `tblWorkflowDocumentContent` ADD COLUMN `id` int(11) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`);
+
+ALTER TABLE `tblWorkflowLog` ADD COLUMN `workflowdocumentcontent` int(11) NOT NULL DEFAULT '0' AFTER `id`;
+
+UPDATE `tblWorkflowLog` a, `tblWorkflowDocumentContent` b SET a.`workflowdocumentcontent` = b.`id` WHERE a.`document` = b.`document` AND a.`version` = b.`version` AND a.`workflow` = b.`workflow`;
+
+INSERT INTO `tblWorkflowDocumentContent` (`parentworkflow`, `workflow`, `document`, `version`, `state`, `date`) SELECT 0 AS `parentworkflow`, `workflow`, `document`, `version`, NULL AS `state`, max(`date`) AS `date` FROM `tblWorkflowLog` WHERE `workflowdocumentcontent` = 0 GROUP BY `workflow`, `document`, `version`;
+
+UPDATE `tblWorkflowLog` a, `tblWorkflowDocumentContent` b SET a.`workflowdocumentcontent` = b.`id` WHERE a.`document` = b.`document` AND a.`version` = b.`version` AND a.`workflow` = b.`workflow`;
+
+ALTER TABLE `tblWorkflowLog` ADD CONSTRAINT `tblWorkflowLog_workflowdocumentcontent` FOREIGN KEY (`workflowdocumentcontent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE;
+
+ALTER TABLE `tblWorkflowDocumentContent` ADD COLUMN `parent` int(11) DEFAULT NULL AFTER `id`;
+
+ALTER TABLE `tblWorkflowDocumentContent` ADD CONSTRAINT `tblWorkflowDocumentContent_parent` FOREIGN KEY (`parent`) REFERENCES `tblWorkflowDocumentContent` (`id`) ON DELETE CASCADE;
+
+ALTER TABLE `tblWorkflowDocumentContent` DROP COLUMN `parentworkflow`;
+
+ALTER TABLE `tblWorkflowLog` DROP FOREIGN KEY `tblWorkflowLog_document`;
+
+ALTER TABLE `tblWorkflowLog` DROP COLUMN `document`;
+
+ALTER TABLE `tblWorkflowLog` DROP COLUMN `version`;
+
+ALTER TABLE `tblWorkflowLog` DROP FOREIGN KEY `tblWorkflowLog_workflow`;
+
+ALTER TABLE `tblWorkflowLog` DROP COLUMN `workflow`;
+
+CREATE TABLE `tblUserSubstitutes` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `user` int(11) DEFAULT null,
+  `substitute` int(11) DEFAULT null,
+  PRIMARY KEY (`id`),
+  UNIQUE (`user`, `substitute`),
+  CONSTRAINT `tblUserSubstitutes_user` FOREIGN KEY (`user`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblUserSubstitutes_substitute` FOREIGN KEY (`substitute`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblDocumentCheckOuts` (
+  `document` int(11) NOT NULL DEFAULT '0',
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `userID` int(11) NOT NULL DEFAULT '0',
+  `date` datetime NOT NULL,
+  `filename` varchar(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`document`),
+  CONSTRAINT `tblDocumentCheckOuts_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblDocumentCheckOuts_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblDocumentRecipients` (
+  `receiptID` int(11) NOT NULL AUTO_INCREMENT,
+  `documentID` int(11) NOT NULL DEFAULT '0',
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `type` tinyint(4) NOT NULL DEFAULT '0',
+  `required` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`receiptID`),
+  UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
+  CONSTRAINT `tblDocumentRecipients_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE INDEX `indDocumentRecipientsRequired` ON `tblDocumentRecipients` (`required`);
+
+CREATE TABLE `tblDocumentReceiptLog` (
+  `receiptLogID` int(11) NOT NULL AUTO_INCREMENT,
+  `receiptID` int(11) NOT NULL DEFAULT '0',
+  `status` tinyint(4) NOT NULL DEFAULT '0',
+  `comment` text NOT NULL,
+  `date` datetime NOT NULL,
+  `userID` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`receiptLogID`),
+  KEY `tblDocumentReceiptLog_receipt` (`receiptID`),
+  KEY `tblDocumentReceiptLog_user` (`userID`),
+  CONSTRAINT `tblDocumentReceiptLog_recipient` FOREIGN KEY (`receiptID`) REFERENCES `tblDocumentRecipients` (`receiptID`) ON DELETE CASCADE,
+  CONSTRAINT `tblDocumentReceiptLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblDocumentRevisors` (
+  `revisionID` int(11) NOT NULL AUTO_INCREMENT,
+  `documentID` int(11) NOT NULL DEFAULT '0',
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `type` tinyint(4) NOT NULL DEFAULT '0',
+  `required` int(11) NOT NULL DEFAULT '0',
+  `startdate` datetime DEFAULT NULL,
+  PRIMARY KEY (`revisionID`),
+  UNIQUE KEY `documentID` (`documentID`,`version`,`type`,`required`),
+  CONSTRAINT `tblDocumentRevisors_document` FOREIGN KEY (`documentID`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE INDEX `indDocumentRevisorsRequired` ON `tblDocumentRevisors` (`required`);
+
+CREATE TABLE `tblDocumentRevisionLog` (
+  `revisionLogID` int(11) NOT NULL AUTO_INCREMENT,
+  `revisionID` int(11) NOT NULL DEFAULT '0',
+  `status` tinyint(4) NOT NULL DEFAULT '0',
+  `comment` text NOT NULL,
+  `date` datetime NOT NULL,
+  `userID` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`revisionLogID`),
+  KEY `tblDocumentRevisionLog_revision` (`revisionID`),
+  KEY `tblDocumentRevisionLog_user` (`userID`),
+  CONSTRAINT `tblDocumentRevisionLog_revision` FOREIGN KEY (`revisionID`) REFERENCES `tblDocumentRevisors` (`revisionID`) ON DELETE CASCADE,
+  CONSTRAINT `tblDocumentRevisionLog_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblTransmittals` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` text NOT NULL,
+  `comment` text NOT NULL,
+  `userID` int(11) NOT NULL DEFAULT '0',
+  `date` datetime DEFAULT NULL,
+  `public` tinyint(1) NOT NULL DEFAULT '0',
+  PRIMARY KEY  (`id`),
+  CONSTRAINT `tblTransmittals_user` FOREIGN KEY (`userID`) REFERENCES `tblUsers` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblTransmittalItems` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `transmittal` int(11) NOT NULL DEFAULT '0',
+  `document` int(11) DEFAULT NULL,
+  `version` smallint(5) unsigned NOT NULL DEFAULT '0',
+  `date` datetime DEFAULT NULL,
+  PRIMARY KEY  (`id`),
+  UNIQUE (transmittal, document, version),
+  CONSTRAINT `tblTransmittalItems_document` FOREIGN KEY (`document`) REFERENCES `tblDocuments` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblTransmittalItem_transmittal` FOREIGN KEY (`transmittal`) REFERENCES `tblTransmittals` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblRoles` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(50) DEFAULT NULL,
+  `role` smallint(1) NOT NULL DEFAULT '0',
+  `noaccess` varchar(30) NOT NULL DEFAULT '',
+  PRIMARY KEY (`id`),
+  UNIQUE (`name`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (1, 'Admin', 1);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (2, 'Guest', 2);
+INSERT INTO `tblRoles` (`id`, `name`, `role`) VALUES (3, 'User', 0);
+ALTER TABLE `tblRoles` AUTO_INCREMENT=4;
+
+ALTER TABLE tblUsers CHANGE role role int(11) NOT NULL;
+UPDATE `tblUsers` SET role=3 WHERE role=0;
+ALTER TABLE tblUsers ADD CONSTRAINT `tblUsers_role` FOREIGN KEY (`role`) REFERENCES `tblRoles` (`id`);
+
+CREATE TABLE `tblAros` (
+  `id` int(11) NOT NULL auto_increment,
+  `parent` int(11),
+  `model` text NOT NULL,
+  `foreignid` int(11) NOT NULL DEFAULT '0',
+  `alias` varchar(255),
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblAcos` (
+  `id` int(11) NOT NULL auto_increment,
+  `parent` int(11),
+  `model` text NOT NULL,
+  `foreignid` int(11) NOT NULL DEFAULT '0',
+  `alias` varchar(255),
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblArosAcos` (
+  `id` int(11) NOT NULL auto_increment,
+  `aro` int(11) NOT NULL DEFAULT '0',
+  `aco` int(11) NOT NULL DEFAULT '0',
+  `create` tinyint(4) NOT NULL DEFAULT '-1',
+  `read` tinyint(4) NOT NULL DEFAULT '-1',
+  `update` tinyint(4) NOT NULL DEFAULT '-1',
+  `delete` tinyint(4) NOT NULL DEFAULT '-1',
+  PRIMARY KEY (`id`),
+  UNIQUE (aco, aro),
+  CONSTRAINT `tblArosAcos_acos` FOREIGN KEY (`aco`) REFERENCES `tblAcos` (`id`) ON DELETE CASCADE,
+  CONSTRAINT `tblArosAcos_aros` FOREIGN KEY (`aro`) REFERENCES `tblAros` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `tblSchedulerTask` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(100) DEFAULT NULL,
+  `description` text DEFAULT NULL,
+  `disabled` smallint(1) NOT NULL DEFAULT '0',
+  `extension` varchar(100) DEFAULT NULL,
+  `task` varchar(100) DEFAULT NULL,
+  `frequency` varchar(100) DEFAULT NULL,
+  `params` text DEFAULT NULL,
+  `nextrun` datetime DEFAULT NULL,
+  `lastrun` datetime DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+UPDATE tblVersion set major=6, minor=0, subminor=0;
+
+COMMIT;

install/update-6.0.0/update.txt

@@ -0,0 +1,52 @@
+Caution when you update seeddms with workflow mode `advanced`
+=============================================================
+
+The previous database layout for tracking the workflow state of a
+document content was not very well done. It did not allow to run
+the document through another workflow at a later time, expecially
+the same workflow, e.g. for a scheduled revision of a document.
+
+Technical details
+==================
+This update modifies the tables tblWorkflowDocumentContent and
+tblWorkflowLog. It adds a new autoincrement field as a primary key
+(id) to tblWorkflowDocumentContent and references that field in
+tblWorkflowLog (workflowdocumentcontent). Till now the two tables
+where linked by the fields `document`, `version`, and `workflow` which will
+be replaced by the two new fields. The fields `document`, `version`, and
+`workflow` will be removed from tblWorkflowLog. tblWorkflowDocumentContent
+contained just the workflows currently active for a particlar document.
+From now on the table will also contain finished workflows, which
+will have the field `state` set to null. This allows to run even the
+same workflow again and still be able to distinguish the log entries.
+
+MySQL
+------
+
+The update process will first add the new auto incrementing, primary
+field to tblWorkflowDocumentContent and a referencing field to
+tblWorkflowLog. It will then fill out the referencing field with the
+automatically incremented field value from tblWorkflowDocumentContent
+by joining the two tables with its common fields document, version,
+and workflow.  This will not fill out all referencing field values,
+because once a workflow has ended the record in
+tblWorkflowDocumentContent will be deleted and just the records in
+tblWorkflowLog are kept. The still missing records in
+tblWorkflowDocumentContent for already completed workflows will be
+reconstructed from the records in tblWorkflowLog which do not have a
+reference to tblWorkflowDocumentContent yet. Once that is done the
+referencing field in tblWorkflowLog can be filled in a second pass.
+The date of the new records in tblWorkflowDocumentContent will be
+taken from the last record for that workflow in tblWorkflowLog.  The
+state of the new records will be set null, indicating that this
+workflow is no longer active.
+
+SQLite
+-------
+
+The update process will first create new table for tblWorkflowDocumentContent
+containing a new field for the primary key field. It then copies the
+records from the old table to the new table. The missing records for
+workflows which has been finished already are recreated from the old
+table `tblWorkflowLog`. Which is then replaced by a new table having
+the foreign key to table `tblWorkflowDocumentContent`.

languages/ar_EG/lang.inc

@@ -686,6 +686,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'إرشيف أطول',
 'extension_changelog' => 'سجل التعديلات',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'تحميل الإضافات',
@@ -1140,6 +1142,7 @@ URL: [url]',
 'no_groups' => 'لايوجد مجموعات',
 'no_group_members' => 'هذه المجموعة لايوجد بها اعضاء',
 'no_linked_files' => 'لايوجد ملفات مرتبطة',
+'no_mimetype' => '',
 'no_previous_versions' => 'لايوجد اصدارات سابقة',
 'no_receipt_needed' => 'لا يحتاج لأي مستلم',
 'no_review_needed' => 'لايوجد مراجعات في الانتظار',
@@ -1287,6 +1290,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'إزالة مجلد من إسقاط لائحة',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'ازالة الملفات المختارة',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1683,6 +1687,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'تمكين تحميل الملفات الكبيرة',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'تمكين مهام القائمة',
 'settings_enableMenuTasks_desc' => 'تمكين مهام القائمة',
 'settings_enableMenuTransmittals' => '',
@@ -2001,6 +2007,7 @@ URL: [url]',
 'sign_out' => 'تسجيل الخروج',
 'sign_out_user' => 'تسجيل خروج مستخدم',
 'site_brand' => 'مجلس النواب اللبناني',
+'skip_default_export_cols' => '',
 'sk_SK' => 'السلوفاكية',
 'sort_by_date' => 'رتب حسب التاريخ',
 'sort_by_expiration_date' => '',
@@ -2130,6 +2137,7 @@ URL: [url]',
 'status_revision_sleeping' => 'مراجعة الوضع في حالة النوم',
 'status_revisor_removed' => 'تم ازالة حالة المراجع',
 'status_unknown' => 'مجهول',
+'storage' => '',
 'storage_size' => 'حجم التخزين',
 'subfolder_duplicate_name' => 'اسم مجلد فرعي مكرر',
 'submit_2_fact_auth' => 'قدم ثنائي عامل التوثيق',

languages/bg_BG/lang.inc

@@ -620,6 +620,8 @@ $text = array(
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1018,6 +1020,7 @@ $text = array(
 'no_groups' => 'Няма групи',
 'no_group_members' => 'Групата няма членове',
 'no_linked_files' => 'Няма свързани файлове',
+'no_mimetype' => '',
 'no_previous_versions' => 'Няма други версии',
 'no_receipt_needed' => '',
 'no_review_needed' => 'Рецензия не е нужна',
@@ -1156,6 +1159,7 @@ $text = array(
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => '',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1525,6 +1529,8 @@ $text = array(
 'settings_enableLargeFileUpload_desc' => 'Ако е включено, качване на файлове е дустъпно и чрез джава-аплет, именован jumploader, без лимит за размер на файла. Това също ще позволи да се качват няколко файла наведнъж.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '',
 'settings_enableMenuTasks_desc' => '',
 'settings_enableMenuTransmittals' => '',
@@ -1843,6 +1849,7 @@ $text = array(
 'sign_out' => 'изход',
 'sign_out_user' => '',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Словашки',
 'sort_by_date' => 'Сортирай по дата"',
 'sort_by_expiration_date' => '',
@@ -1972,6 +1979,7 @@ $text = array(
 'status_revision_sleeping' => '',
 'status_revisor_removed' => '',
 'status_unknown' => 'Неизвестен',
+'storage' => '',
 'storage_size' => 'Размер на хранилището',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/ca_ES/lang.inc

@@ -625,6 +625,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1023,6 +1025,7 @@ URL: [url]',
 'no_groups' => 'No hi ha grups',
 'no_group_members' => 'Aquest grup no té membres',
 'no_linked_files' => 'No hi ha fitxers enllaçats',
+'no_mimetype' => '',
 'no_previous_versions' => 'No s\'han trobat altres versions',
 'no_receipt_needed' => '',
 'no_review_needed' => 'No hi ha revisions pendents.',
@@ -1161,6 +1164,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Esborrar carpeta després de la importació',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => '',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1530,6 +1534,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => '',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '',
 'settings_enableMenuTasks_desc' => '',
 'settings_enableMenuTransmittals' => '',
@@ -1848,6 +1854,7 @@ URL: [url]',
 'sign_out' => 'desconnectar',
 'sign_out_user' => '',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Eslovac',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -1977,6 +1984,7 @@ URL: [url]',
 'status_revision_sleeping' => '',
 'status_revisor_removed' => '',
 'status_unknown' => 'Desconegut',
+'storage' => '',
 'storage_size' => 'Storage size',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/cs_CZ/lang.inc

@@ -710,6 +710,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'Rozšíření',
 'extension_changelog' => 'Changelog',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Načítání rozšíření',
@@ -1171,6 +1173,7 @@ URL: [url]',
 'no_groups' => 'Žádné skupiny',
 'no_group_members' => 'Tato skupina nemá žádné členy',
 'no_linked_files' => 'Žádné propojené soubory',
+'no_mimetype' => '',
 'no_previous_versions' => 'Nebyly nalezeny žádné jiné verze',
 'no_receipt_needed' => 'Nejsou žádné dokumenty, které by vyžadovaly potvrzení o přijetí.',
 'no_review_needed' => 'Nic nečeká k recenzi.',
@@ -1333,6 +1336,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Odstranit složku po nahrání',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Odstranit označené soubory',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1755,6 +1759,8 @@ Jméno: [username]
 'settings_enableLargeFileUpload_desc' => 'Je-li nastaveno, nahrávání souborů je také k dispozici prostřednictvím java appletu s názvem jumploader bez omezení velikosti souboru nastaveného prohlížečem. Umožňuje také nahrát několik souborů v jednom kroku.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Povolit seznam úkolů v nabídce',
 'settings_enableMenuTasks_desc' => 'Aktivovat / Zakázat položku nabídky, která obsahuje všechny úkoly pro uživatele. Obsahuje dokumenty, které musí být přezkoumány, schváleny atd.',
 'settings_enableMenuTransmittals' => '',
@@ -2073,6 +2079,7 @@ Jméno: [username]
 'sign_out' => 'Odhlásit',
 'sign_out_user' => 'Odhlášení uživatele',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovenština',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2202,6 +2209,7 @@ Jméno: [username]
 'status_revision_sleeping' => 'Probíhá',
 'status_revisor_removed' => 'Kontrolor odstraněn ze seznamu',
 'status_unknown' => 'Neznámý',
+'storage' => '',
 'storage_size' => 'Velikost úložiště',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => 'Poslán tajný kód',

languages/de_DE/lang.inc

@@ -19,7 +19,7 @@
 //    along with this program; if not, write to the Free Software
 //    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 //
-//    Translators: Admin (3433), dgrutsch (22)
+//    Translators: Admin (3444), dgrutsch (22)
 
 $text = array(
 '2_factor_auth' => '2-Faktor Authentifizierung',
@@ -409,7 +409,7 @@ URL: [url]</p>',
 'current_version' => 'Aktuelle Version',
 'daily' => 'täglich',
 'dashboard' => 'Übersicht',
-'databasesearch' => 'Datenbanksuche',
+'databasesearch' => 'Datenbank',
 'database_schema_version' => 'Version des Datenbankschemas',
 'data_loading' => 'Bitte warten, bis die Daten geladen sind …',
 'date' => 'Datum',
@@ -850,6 +850,8 @@ URL: [url]</p>',
 'export_user_list_csv' => 'Exportiere Benutzer als CSV-Datei',
 'extension_archive' => 'Erweiterung',
 'extension_changelog' => 'Versionshistorie',
+'extension_config' => 'Einstellungen',
+'extension_info' => 'Erweiterungen',
 'extension_is_off_now' => 'Erweiterung ist ausgeschaltet',
 'extension_is_on_now' => 'Erweiterung ist eingeschaltet',
 'extension_loading' => 'Lade Erweiterungen ...',
@@ -865,7 +867,7 @@ URL: [url]</p>',
 'extension_readme' => 'Readme',
 'extension_toggle_error' => 'Konnte Erweiterung nicht aus/einschalten',
 'extension_version_list' => 'Versionen',
-'facetfullsearch' => 'Volltextsuche (Facetten)',
+'facetfullsearch' => 'Volltext (Facetten)',
 'february' => 'Februar',
 'file' => 'Datei',
 'files' => 'Dateien',
@@ -1046,7 +1048,7 @@ URL: [url]</p>',
 'friday_abbr' => 'Fr',
 'from' => 'von',
 'fr_FR' => 'Französisch',
-'fullsearch' => 'Volltextsuche',
+'fullsearch' => 'Volltext',
 'fullsearch_hint' => 'Volltext-Index benutzen',
 'fulltextsearch_disabled' => 'Volltext-Index ist ausgeschaltet',
 'fulltext_converters' => 'Index Dokumentenumwandlung',
@@ -1404,6 +1406,7 @@ URL: [url]</p>',
 'no_groups' => 'keine Gruppen',
 'no_group_members' => 'Diese Gruppe hat keine Mitglieder',
 'no_linked_files' => 'Keine verknüpften Dokumente',
+'no_mimetype' => 'Kein Mime-Type',
 'no_previous_versions' => 'Keine anderen Versionen gefunden',
 'no_receipt_needed' => 'Es gibt zur Zeit keine Dokumente, die eine Empfangsbestätigung erfordern.',
 'no_review_needed' => 'Keine offenen Prüfungen.',
@@ -1622,6 +1625,7 @@ URL: [url]</p>',
 'removeFolderFromDropFolder' => 'Ordner nach Import entfernen',
 'removeFolderFromDropFolder_desc' => 'Schalten Sie dies ein, um den importierten Ordner im Ablageordner auf der Festplatte zu löschen.',
 'remove_approval_log' => 'Einzelne Freigabe entfernen',
+'remove_from_clipboard' => 'Aus Zwischenablage entfernen',
 'remove_marked_files' => 'Markierte Dateien löschen',
 'remove_review_log' => 'Einzelne Prüfung entfernen',
 'remove_task' => 'Task entfernen',
@@ -2146,6 +2150,8 @@ Sollten Sie kein Passwort bekommen haben, dann nutzen Sie bitte die Passwort-Ver
 'settings_enableLargeFileUpload_desc' => 'Wenn dies gesetzt ist, dann ist ebenfalls der Upload von Dokumenten durch ein java applet mit Namen \'jumploader\' ohne Begrenzung der maximalen Dateigröße möglich. Auch das Hochladen mehrerer Dokumente in einem Schritt wird dadurch ermöglicht. Das Einschalten bewirkt, dass keine http only Cookies mehr gesetzt werden.',
 'settings_enableLoginByEmail' => 'Anmeldung mit E-Mail erlauben',
 'settings_enableLoginByEmail_desc' => 'Wenn eingeschaltet, dann ist auch die Anmeldung mit der E-Mail-Adresse möglich. Die Anmeldung mit dem Benutzername bleibt weiterhin möglich. Diese Einstellung wird möglicherweise nicht von allen Authentifizierungsmethoden berücksichtigt. Da die E-Mail nicht eindeutig ist, kann die Identifikation fehlschagen, auch wenn das Password aus Sicht des anmeldenen Benutzers korrekt ist.',
+'settings_enableMemcached' => 'Memcached verwenden',
+'settings_enableMemcached_desc' => 'Verwendet intern memcached, um einige Datenbankoperationen zu beschleunigen und sollte nicht im Produktionsbetrieb eingeschaltet werden.',
 'settings_enableMenuTasks' => 'Aufgabenliste im Menü',
 'settings_enableMenuTasks_desc' => 'Ein-/Ausschalten des Menüeintrags, der anstehenden Aufgaben des Benutzers enthält. Diese Liste beinhaltet Dokumente die geprüft, freigegeben, usw. werden müssen.',
 'settings_enableMenuTransmittals' => 'Dokumentenlisten im Menü',
@@ -2464,6 +2470,7 @@ Sollten Sie kein Passwort bekommen haben, dann nutzen Sie bitte die Passwort-Ver
 'sign_out' => 'Abmelden',
 'sign_out_user' => 'Benutzer abmelden',
 'site_brand' => '',
+'skip_default_export_cols' => 'Keine voreingestellten Spalten',
 'sk_SK' => 'Slovakisch',
 'sort_by_date' => 'Nach Datum sortieren',
 'sort_by_expiration_date' => 'Nach Ablaufdatum sortieren',
@@ -2593,6 +2600,7 @@ Sollten Sie kein Passwort bekommen haben, dann nutzen Sie bitte die Passwort-Ver
 'status_revision_sleeping' => 'wartend',
 'status_revisor_removed' => 'Wiederholungsprüfer von Liste entfernt',
 'status_unknown' => 'unbekannt',
+'storage' => 'Speicherung',
 'storage_size' => 'Speicherverbrauch',
 'subfolder_duplicate_name' => 'Doppelter Unterordnername',
 'submit_2_fact_auth' => 'Schlüssel speichern',

languages/el_GR/lang.inc

@@ -620,6 +620,8 @@ $text = array(
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1029,6 +1031,7 @@ URL: [url]',
 'no_groups' => '',
 'no_group_members' => '',
 'no_linked_files' => 'δεν υπάρχουν συνδεδεμένα αρχεία',
+'no_mimetype' => '',
 'no_previous_versions' => '',
 'no_receipt_needed' => '',
 'no_review_needed' => '',
@@ -1167,6 +1170,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => '',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1536,6 +1540,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => '',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '',
 'settings_enableMenuTasks_desc' => '',
 'settings_enableMenuTransmittals' => '',
@@ -1854,6 +1860,7 @@ URL: [url]',
 'sign_out' => 'Αποσύνδεση',
 'sign_out_user' => 'Αποσύνδεση χρήστη',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Σλοβάκικα',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -1983,6 +1990,7 @@ URL: [url]',
 'status_revision_sleeping' => '',
 'status_revisor_removed' => '',
 'status_unknown' => '',
+'storage' => '',
 'storage_size' => '',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/en_GB/lang.inc

@@ -19,7 +19,7 @@
 //    along with this program; if not, write to the Free Software
 //    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 //
-//    Translators: Admin (2531), archonwang (3), dgrutsch (9), netixw (14)
+//    Translators: Admin (2547), archonwang (3), dgrutsch (9), netixw (14)
 
 $text = array(
 '2_factor_auth' => '2-factor authentication',
@@ -409,7 +409,7 @@ URL: [url]</p>',
 'current_version' => 'Current version',
 'daily' => 'Daily',
 'dashboard' => 'Dashboard',
-'databasesearch' => 'Database search',
+'databasesearch' => 'Database',
 'database_schema_version' => 'Version of database schema',
 'data_loading' => 'Please wait, until the data is loaded …',
 'date' => 'Date',
@@ -467,7 +467,7 @@ URL: [url]</p>',
 'documents_user_no_reception' => 'Documents without reception',
 'documents_user_obsolete' => 'Obsolete documents',
 'documents_user_reception' => 'Documents awaiting reception',
-'documents_user_rejected' => 'Rejected documents',
+'documents_user_rejected' => 'Documents rejected',
 'documents_user_requiring_attention' => 'Documents owned by you that require attention',
 'documents_with_notification' => 'Documents with notification',
 'document_access_permission_changed_email' => 'Permission changed',
@@ -850,6 +850,8 @@ URL: [url]</p>',
 'export_user_list_csv' => 'Export users as CSV',
 'extension_archive' => 'Extension',
 'extension_changelog' => 'Changelog',
+'extension_config' => 'Settings',
+'extension_info' => 'Extensions',
 'extension_is_off_now' => 'Extension off now',
 'extension_is_on_now' => 'Extension now enabled',
 'extension_loading' => 'Loading extensions ...',
@@ -865,7 +867,7 @@ URL: [url]</p>',
 'extension_readme' => 'Readme',
 'extension_toggle_error' => 'Could not toggle extension',
 'extension_version_list' => 'Versions',
-'facetfullsearch' => 'Full text search (facetts)',
+'facetfullsearch' => 'Full text (facetts)',
 'february' => 'February',
 'file' => 'File',
 'files' => 'Files',
@@ -875,7 +877,7 @@ URL: [url]</p>',
 'files_loading' => 'Please wait, until the list of files is loaded …',
 'filetype' => 'File type',
 'filter_for_documents' => 'Additional filter for documents',
-'filter_for_documents_and_folders' => 'Additional filter for folder and documents',
+'filter_for_documents_and_folders' => 'Additional filter for folders and documents',
 'filter_for_folders' => 'Additional filter for folders',
 'finished_workflow_log' => 'Finished workflows',
 'folder' => 'Folder',
@@ -1046,7 +1048,7 @@ URL: [url]</p>',
 'friday_abbr' => 'Fr',
 'from' => 'From',
 'fr_FR' => 'French',
-'fullsearch' => 'Full text search',
+'fullsearch' => 'Full text',
 'fullsearch_hint' => 'Use fulltext index',
 'fulltextsearch_disabled' => 'Fulltext index is disabled',
 'fulltext_converters' => 'Index document conversion',
@@ -1198,9 +1200,9 @@ URL: [url]</p>',
 'language' => 'Language',
 'lastaccess' => 'Last access',
 'last_update' => 'Last Update',
-'latest_newdocuments' => 'Latest added documents',
+'latest_newdocuments' => 'Recently added documents',
-'latest_statuschange' => 'Latest status change',
+'latest_statuschange' => 'Documents with recent status change',
-'latest_updateddocuments' => 'Latest updated documents',
+'latest_updateddocuments' => 'Recently updated documents',
 'legend' => 'Legend',
 'librarydoc' => 'Document from library',
 'linked_document' => 'Linked document',
@@ -1406,6 +1408,7 @@ URL: [url]</p>',
 'no_groups' => 'No groups',
 'no_group_members' => 'This group has no members',
 'no_linked_files' => 'No linked files',
+'no_mimetype' => 'No mimetype',
 'no_previous_versions' => 'No other versions found',
 'no_receipt_needed' => 'There are currently no documents requiring a receipt confirmation.',
 'no_review_needed' => 'No review pending.',
@@ -1624,6 +1627,7 @@ URL: [url]</p>',
 'removeFolderFromDropFolder' => 'Remove folder after import',
 'removeFolderFromDropFolder_desc' => 'Enable this if you want the folder which was imported to be removed from the drop folder.',
 'remove_approval_log' => 'Remove approval',
+'remove_from_clipboard' => 'Remove from clipboard',
 'remove_marked_files' => 'Remove marked files',
 'remove_review_log' => 'Remove review',
 'remove_task' => 'Remove task',
@@ -2148,6 +2152,8 @@ If you did not receive a password, please use the password forgotten function on
 'settings_enableLargeFileUpload_desc' => 'If set, file upload is also available through a java applet called jumploader without a file size limit set by the browser. It also allows to upload several files in one step. Turning this on will turn off http only cookies.',
 'settings_enableLoginByEmail' => 'Enable login by email',
 'settings_enableLoginByEmail_desc' => 'If enabled, the user maya also use the email address for login. This will not disable login with the username. This setting may not be regarded by all authentication methods. Because the email is not unique, authentication may fail, even if the user enters a right password.',
+'settings_enableMemcached' => 'Use memcached (experimental)',
+'settings_enableMemcached_desc' => 'Use memcached for accelerating some database operations. This should not be be turned on in production.',
 'settings_enableMenuTasks' => 'Enable task list in menu',
 'settings_enableMenuTasks_desc' => 'Enable/Disable the menu item which contains all tasks for the user. This contains documents, that need to be reviewed, approved, etc.',
 'settings_enableMenuTransmittals' => 'Enable transmittals in menu',
@@ -2466,6 +2472,7 @@ If you did not receive a password, please use the password forgotten function on
 'sign_out' => 'Sign out',
 'sign_out_user' => 'Sign out user',
 'site_brand' => '',
+'skip_default_export_cols' => 'Skip default columns',
 'sk_SK' => 'Slovak',
 'sort_by_date' => 'Sort by date',
 'sort_by_expiration_date' => 'Sort by date of expiration',
@@ -2595,6 +2602,7 @@ If you did not receive a password, please use the password forgotten function on
 'status_revision_sleeping' => 'pending',
 'status_revisor_removed' => 'Revisor removed from list',
 'status_unknown' => 'Unknown',
+'storage' => 'Storage',
 'storage_size' => 'Storage size',
 'subfolder_duplicate_name' => 'Duplicate subfolder name',
 'submit_2_fact_auth' => 'Save secret',

languages/es_ES/lang.inc

@@ -699,6 +699,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => 'Log de Cambios',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Cargando extensiones',
@@ -1155,6 +1157,7 @@ URL: [url]',
 'no_groups' => 'No hay grupos',
 'no_group_members' => 'Este grupo no tiene miembros',
 'no_linked_files' => 'No hay ficheros vinculados',
+'no_mimetype' => '',
 'no_previous_versions' => 'No se han encontrado otras versiones',
 'no_receipt_needed' => '',
 'no_review_needed' => 'No hay revisiones pendientes.',
@@ -1310,6 +1313,7 @@ nURL: [url]',
 'removeFolderFromDropFolder' => 'Eliminar carpeta después de importar',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Eliminar ficheros marcados',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1706,6 +1710,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'Si se habilita, la carga de ficheros también estará disponible a través de un applet java llamado jumploader, sin límite de tamaño de fichero fijado por el navegador. También permite la carga de múltiples ficheros de una sola vez.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Activar en el menú la lista de tareas',
 'settings_enableMenuTasks_desc' => 'Habilita/Deshabillita la parte del menú que contiene todas las tareas para el usuario. Contiene documentos que necesitan ser revisados, aprobados, etc.',
 'settings_enableMenuTransmittals' => '',
@@ -2024,6 +2030,7 @@ URL: [url]',
 'sign_out' => 'Salir',
 'sign_out_user' => 'Desconectar usuario',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovaco',
 'sort_by_date' => 'Ordenar por Fecha',
 'sort_by_expiration_date' => 'Ordenar por fecha de vencimiento',
@@ -2153,6 +2160,7 @@ URL: [url]',
 'status_revision_sleeping' => 'pendiente',
 'status_revisor_removed' => '',
 'status_unknown' => 'Desconocido',
+'storage' => '',
 'storage_size' => 'Tamaño de almacenamiento',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/fr_FR/lang.inc

@@ -19,7 +19,7 @@
 //    along with this program; if not, write to the Free Software
 //    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 //
-//    Translators: Admin (1173), jeromerobert (50), lonnnew (9), Oudiceval (1171)
+//    Translators: Admin (1175), jeromerobert (50), lonnnew (9), Oudiceval (1171)
 
 $text = array(
 '2_factor_auth' => 'Authentification forte',
@@ -820,6 +820,8 @@ URL : [url]</p>',
 'export_user_list_csv' => 'Exporter les utilisateurs en CSV',
 'extension_archive' => 'Extension',
 'extension_changelog' => 'Journal des modifications',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => 'L’extension est désactivée',
 'extension_is_on_now' => 'L’extension est activée',
 'extension_loading' => 'Chargement des extensions…',
@@ -1361,6 +1363,7 @@ URL : [url]</p>',
 'no_groups' => 'Aucun groupe',
 'no_group_members' => 'Ce groupe ne contient aucun membre',
 'no_linked_files' => 'Aucun fichier lié',
+'no_mimetype' => '',
 'no_previous_versions' => 'Aucune autre version trouvée',
 'no_receipt_needed' => 'Il n’y a actuellement aucun document nécessitant une confirmation de réception.',
 'no_review_needed' => 'Aucune vérification en attente',
@@ -1577,6 +1580,7 @@ URL : [url]</p>',
 'removeFolderFromDropFolder' => 'Suppression du dossier après importation',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => 'Approbation retirée',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Supprimer les fichiers sélectionnés',
 'remove_review_log' => 'Vérification retirée',
 'remove_task' => '',
@@ -2093,6 +2097,8 @@ Nom : [username]
 'settings_enableLargeFileUpload_desc' => 'Si défini, le téléchargement de fichier est également disponible via un applet java appelé jumploader sans limite de taille définie par le navigateur. Il permet également de télécharger plusieurs fichiers en une seule fois.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Activer le menu des tâches',
 'settings_enableMenuTasks_desc' => 'Affiche un menu avec la liste des tâches. Cette liste contient les documents en attente d’une action par l’utilisateur.',
 'settings_enableMenuTransmittals' => '',
@@ -2411,6 +2417,7 @@ Nom : [username]
 'sign_out' => 'Déconnexion',
 'sign_out_user' => 'Déconnecter l\'utilisateur',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovaque',
 'sort_by_date' => 'Trier par date',
 'sort_by_expiration_date' => 'Trier par date d’expiration',
@@ -2540,6 +2547,7 @@ Nom : [username]
 'status_revision_sleeping' => 'en attente',
 'status_revisor_removed' => 'Réviseur retiré de la liste',
 'status_unknown' => 'Inconnu',
+'storage' => '',
 'storage_size' => 'Taille occupée',
 'subfolder_duplicate_name' => 'Un sous-dossier porte déjà ce nom !',
 'submit_2_fact_auth' => 'Enregistrer la clé secrète',
@@ -2684,7 +2692,7 @@ URL : [url]</p>',
 'type_to_filter' => 'Filtrer dans la liste',
 'type_to_search' => 'Effectuer une recherche',
 'uk_UA' => 'Ukrénien',
-'undefined' => '',
+'undefined' => 'indéfini',
 'under_folder' => 'Dans le dossier',
 'unknown_attrdef' => 'Définition d’attribut inconnue',
 'unknown_command' => 'Commande non reconnue.',
@@ -2703,7 +2711,7 @@ URL : [url]</p>',
 'unlock_cause_locking_user' => 'Vous pouvez encore le mettre à jour, car vous êtes le seul à l\'avoir verrouillé. Le verrouillage sera automatiquement annulé.',
 'unlock_document' => 'Déverrouiller',
 'update' => 'Mettre à jour',
-'updated' => '',
+'updated' => 'mis à jour',
 'updated_documents' => '',
 'update_approvers' => 'Mettre à jour la liste des approbateurs',
 'update_document' => 'Mettre à jour',

languages/hu_HU/lang.inc

@@ -693,6 +693,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'Bővítmények',
 'extension_changelog' => 'Változásnapló',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Kiterjesztések betöltése ...',
@@ -1146,6 +1148,7 @@ URL: [url]',
 'no_groups' => 'Nincsenek csoportok',
 'no_group_members' => 'Ennek a csoportnak nincsenek tagjai',
 'no_linked_files' => 'Nincsenek hivatkozott állományok',
+'no_mimetype' => '',
 'no_previous_versions' => 'Nem találhatók más változatok',
 'no_receipt_needed' => '',
 'no_review_needed' => 'Nincs folyamatban lévő felülvizsgálat.',
@@ -1301,6 +1304,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Megjelölt állományok eltávolítása',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1696,6 +1700,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'Ha beállítja az állományok feltöltése elérhető lesz egy jumploadernek hívott java appleten keresztül a böngészőprogram állomány méret korlátja nélkül. Ez engedélyezi több állomány feltöltését egy lépésben.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Feladatok menüpont engedélyezése',
 'settings_enableMenuTasks_desc' => 'Engedélyezi / letiltja a menüelemet, amely a felhasználó összes feladatát tartalmazza. Ez olyan dokumentumokat tartalmaz, amelyeket felül kell vizsgálni, jóvá kell hagyni stb.',
 'settings_enableMenuTransmittals' => '',
@@ -2014,6 +2020,7 @@ URL: [url]',
 'sign_out' => 'Kijelentkezés',
 'sign_out_user' => 'Kijelentkezés',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Szlovák',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2143,6 +2150,7 @@ URL: [url]',
 'status_revision_sleeping' => '',
 'status_revisor_removed' => '',
 'status_unknown' => 'Ismeretlen',
+'storage' => '',
 'storage_size' => 'Tároló mérete',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/id_ID/lang.inc

@@ -19,7 +19,7 @@
 //    along with this program; if not, write to the Free Software
 //    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 //
-//    Translators: Admin (485), atoz-chevara (835)
+//    Translators: Admin (489), atoz-chevara (835)
 
 $text = array(
 '2_factor_auth' => '',
@@ -382,7 +382,7 @@ URL: [url]</p>',
 'dashboard' => '',
 'databasesearch' => 'Pencarian Basis data',
 'database_schema_version' => 'Versi skema basis data',
-'data_loading' => '',
+'data_loading' => 'Harap tunggu, data sedang disiapkan.',
 'date' => 'Tanggal',
 'days' => 'hari',
 'debug' => 'Debug',
@@ -689,7 +689,7 @@ URL: [url]</p>',
 'empty_notify_list' => 'Tidak ada entri',
 'enable_extension' => 'Aktifkan ekstensi',
 'enddate' => '',
-'en_GB' => '',
+'en_GB' => 'Inggris (GB)',
 'equal_transition_states' => 'Status awal dan akhir sama',
 'error' => 'Galat',
 'error_add_aro' => 'Kesalahan saat menambahkan objek permintaan akses',
@@ -749,6 +749,8 @@ URL: [url]',
 'export_user_list_csv' => 'Ekspor pengguna sebagai CSV',
 'extension_archive' => 'Ekstensi',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => 'Perpanjangan tidak aktif sekarang',
 'extension_is_on_now' => '',
 'extension_loading' => 'Memuat ekstensi...',
@@ -965,7 +967,7 @@ URL: [url]</p>',
 'index_processing' => '',
 'index_waiting' => 'Mengunggu',
 'individuals' => 'Perorangan',
-'individuals_in_groups' => '',
+'individuals_in_groups' => 'Anggota di grup',
 'ind_review_removed' => 'Perubahan status, karena ulasan pengguna [name] telah dihapus.',
 'info_recipients_tab_not_released' => '',
 'info_rm_user_from_processes_none' => '',
@@ -1239,6 +1241,7 @@ URL: [url]',
 'no_groups' => 'Tidak ada kelompok',
 'no_group_members' => 'Kelompok ini tidak memiliki anggota',
 'no_linked_files' => 'Tidak ada berkas yang ditautkan',
+'no_mimetype' => '',
 'no_previous_versions' => 'Tidak ada versi lain yang ditemukan',
 'no_receipt_needed' => 'Saat ini tidak ada dokumen yang memerlukan konfirmasi tanda terima.',
 'no_review_needed' => 'Tidak ada tinjauan yang tertunda.',
@@ -1410,6 +1413,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Hapus folder setelah diimpor',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => 'Hapus persetujuan',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Hapus file yang ditandai',
 'remove_review_log' => 'Hapus ulasan',
 'remove_task' => '',
@@ -1786,6 +1790,8 @@ Jika Anda tidak menerima kata sandi, silakan gunakan fitur lupa kata sandi di ha
 'settings_enableLargeFileUpload_desc' => 'Jika disetel, unggah berkas juga tersedia melalui java applet yang disebut jumploader tanpa batas ukuran berkas yang ditetapkan oleh peramban. Ini juga memungkinkan untuk mengunggah beberapa berkas dalam satu langkah. Mengaktifkan ini akan mematikan cookie http saja.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Aktifkan daftar task di menu',
 'settings_enableMenuTasks_desc' => '',
 'settings_enableMenuTransmittals' => '',
@@ -2104,6 +2110,7 @@ Jika Anda tidak menerima kata sandi, silakan gunakan fitur lupa kata sandi di ha
 'sign_out' => 'Keluar',
 'sign_out_user' => '',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovakia',
 'sort_by_date' => 'Urutkan berdasarkan tanggal',
 'sort_by_expiration_date' => 'Urutkan berdasarkan tanggal kadaluwarsa',
@@ -2233,6 +2240,7 @@ Jika Anda tidak menerima kata sandi, silakan gunakan fitur lupa kata sandi di ha
 'status_revision_sleeping' => 'tertunda',
 'status_revisor_removed' => '',
 'status_unknown' => 'Tidak diketahui',
+'storage' => '',
 'storage_size' => 'Ukuran penyimpanan',
 'subfolder_duplicate_name' => 'Duplikasi nama subfolder',
 'submit_2_fact_auth' => '',

languages/it_IT/lang.inc

@@ -703,6 +703,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'Archivio estensioni',
 'extension_changelog' => 'Registro delle modifiche delle estensioni',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Caricamento estensioni...',
@@ -1153,6 +1155,7 @@ URL: [url]',
 'no_groups' => 'Nessun gruppo',
 'no_group_members' => 'Questo gruppo non ha membri',
 'no_linked_files' => 'Nessun file collegato',
+'no_mimetype' => '',
 'no_previous_versions' => 'Nessun\'altra versione trovata',
 'no_receipt_needed' => 'Rete disco',
 'no_review_needed' => 'Nessuna revisione in corso.',
@@ -1319,6 +1322,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Rimuovi la cartella di pubblicazione dopo l\'importazione',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Rimuovi i files contrassegnati',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1742,6 +1746,8 @@ Name: [username]
 'settings_enableLargeFileUpload_desc' => 'Se selezionato, il caricamento (upload) dei files può essere effettuato anche attraverso un\'applet Java chiamata Jumploader evitando il limite di dimensioni file imposto dal browser; Jumploader permette anche il caricamento di diversi files contemporaneamente.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Abilita compito delle attività nel menù',
 'settings_enableMenuTasks_desc' => 'Abilita/disabilita la voce di menu che contiene tutte le attività degli utenti. Questo conterrà i documenti che devono essere rivisti, approvati, etc.',
 'settings_enableMenuTransmittals' => '',
@@ -2060,6 +2066,7 @@ Name: [username]
 'sign_out' => 'Disconnettiti',
 'sign_out_user' => 'Disconnetti l\'utente',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovacco',
 'sort_by_date' => 'Ordina per data',
 'sort_by_expiration_date' => '',
@@ -2189,6 +2196,7 @@ Name: [username]
 'status_revision_sleeping' => 'in attesa',
 'status_revisor_removed' => 'Revisore rimosso dalla lista',
 'status_unknown' => 'Sconosciuto',
+'storage' => '',
 'storage_size' => 'Spazio di archiviazione',
 'subfolder_duplicate_name' => 'Nome sottocartella duplicato',
 'submit_2_fact_auth' => 'Salva segreto',

languages/ko_KR/lang.inc

@@ -699,6 +699,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1153,6 +1155,7 @@ URL [url]',
 'no_groups' => '그룹이 없음',
 'no_group_members' => '그룹 회원 이 없습니다.',
 'no_linked_files' => '연결되지 않은 파일',
+'no_mimetype' => '',
 'no_previous_versions' => '다른 버전을 찾을 수 없습니다',
 'no_receipt_needed' => '접수가 필요하지 않습니다',
 'no_review_needed' => '검토중인 자료가 없습니다.',
@@ -1300,6 +1303,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => '마크 파일을 제거',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1713,6 +1717,8 @@ URL : [url]',
 'settings_enableLargeFileUpload_desc' => '설정하면, 브라우저가 설정 한 파일 크기 제한없이 jumploader라는 파일 업로드 자바 애플릿을 통해 사용할 수 있습니다. 또한 한 번에 여러 파일을 업로드 할 수 있습니다.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '메뉴의 작업 목록 허용',
 'settings_enableMenuTasks_desc' => '사용자의 모든 작업이 포함되어있는 메뉴 항목을 활성/비활성 합니다. 이것은 검토, 승인등이 필요한 문서를 포함 합니다',
 'settings_enableMenuTransmittals' => '',
@@ -2031,6 +2037,7 @@ URL : [url]',
 'sign_out' => '로그 아웃',
 'sign_out_user' => '사용자가 로그 아웃',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => '슬로바키아어',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2160,6 +2167,7 @@ URL : [url]',
 'status_revision_sleeping' => '보류',
 'status_revisor_removed' => '감사자 목록에서 제거',
 'status_unknown' => '알 수없는',
+'storage' => '',
 'storage_size' => '저장 크기',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/lo_LA/lang.inc

@@ -696,6 +696,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1150,6 +1152,7 @@ URL: [url]',
 'no_groups' => 'ບໍ່ມີກຸ່ມ',
 'no_group_members' => 'ກຸ່ມນີ້ຍັງບໍ່ມີສະມາຊິກ',
 'no_linked_files' => 'ບໍ່ມີໄຟລທີ່ເຊື່ອມໂຍງ',
+'no_mimetype' => '',
 'no_previous_versions' => 'ບໍ່ພົບເວີຊັນອື່ນ',
 'no_receipt_needed' => 'ປະຈຸບັນນີ້ບໍ່ມີເອກະສານທີ່ຈະຕ້ອງຢືນຢັນກ່ຽວກັບການຮັບສິນຄ້າ',
 'no_review_needed' => 'ບໍ່ມີເອກະສານທີຍັງຄ້າງທີລໍຖ້າກວດຄືນ',
@@ -1316,6 +1319,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'ຍ້າຍໂຟລເດີຫຼັງຈາກນຳຂໍ້ມູນເຂົ້າ',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'ລົບໄຟລທີມີເຄື່ອງໝາຍໄວ້',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1739,6 +1743,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'ການຕັ້ງຄ່າອັບໂຫລດໄຟລຈະມີໃຫ້ບໍລິການຜ່ານທາງດ້ານຂວາຂອງເອັບເຟັກທີ່ເອີ້ນວ່າ jumploader ໂດຍບໍ່ມີຂິດຈຳກັດຂອງຂະໜາດໄຟລທີກຳນົດໂດຍບາວເຊີ ນອກຈາກນີຍັງຊ່ວຍໃນການອັບໂຫລດໄຟລຫຼາຍໄຟລໃນຂັນຕອນດຽວການເປີດຄຸນລັກສະນະນີ້ຈະປິດຄຸກກີ້ສະເພາະ Http ເທົ່ານັ້ນ',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'ເປີດການໄຊ້ງານ',
 'settings_enableMenuTasks_desc' => 'ເປີດ/ປິດ ລາຍການເມນູທີ່ມີວຽກທັງໝົດສຳລັບຜູ້ໄຊ້ເອກະສານນີ້ມີເອກະສານທີຈ້ອງໄດ້ຮັບການກວດສອບ',
 'settings_enableMenuTransmittals' => '',
@@ -2057,6 +2063,7 @@ URL: [url]',
 'sign_out' => 'ອອກຈາກລະບົບ',
 'sign_out_user' => 'ອອກຈາກລະບົບຜູ້ໄຊ້',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'ສະໂລວາເກຍ',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2186,6 +2193,7 @@ URL: [url]',
 'status_revision_sleeping' => 'ຢູ່ລະຫວ່າງດຳເນີນການ',
 'status_revisor_removed' => 'ແກ້ໄຂຄຳອະທິບາຍອອກຈາກລາຍການ',
 'status_unknown' => 'ບໍ່ຮູ້',
+'storage' => '',
 'storage_size' => 'ຂະໜາດພື້ນທີ່ເກັບຂໍ້ມູນ',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => 'ເກັບຄວາມລັບໄວ້',

languages/nb_NO/lang.inc

@@ -710,6 +710,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'Utvidelse',
 'extension_changelog' => 'Endringslogg',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Laster inn utvidelser ...',
@@ -1171,6 +1173,7 @@ URL: [url]',
 'no_groups' => 'Ingen grupper',
 'no_group_members' => 'Denne gruppen har ingen medlemmer',
 'no_linked_files' => 'Ingen koblede filer',
+'no_mimetype' => '',
 'no_previous_versions' => 'Ingen andre versjoner funnet',
 'no_receipt_needed' => 'Det er for øyeblikket ingen dokumenter som krever kvitteringsbekreftelse.',
 'no_review_needed' => 'Ingen gjennomgang i påvente.',
@@ -1331,6 +1334,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Fjern mappe etter import',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Fjern markerte filer',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1752,6 +1756,8 @@ Bruker: [username]
 'settings_enableLargeFileUpload_desc' => 'Hvis det er satt, er filopplasting også tilgjengelig via en java-applet som heter jumploader uten en filstørrelsesgrense som er angitt av nettleseren. Det gjør det også mulig å laste opp flere filer på ett trinn. Hvis du slår på dette, slås bare av cookies.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Aktiver oppgaveliste i menyen',
 'settings_enableMenuTasks_desc' => 'Aktiver/deaktiver menypunktet som inneholder alle oppgaver for brukeren. Denne inneholder dokumenter som må gjennomgås, godkjennes osv.',
 'settings_enableMenuTransmittals' => '',
@@ -2070,6 +2076,7 @@ Bruker: [username]
 'sign_out' => 'Logg ut',
 'sign_out_user' => 'Logg ut bruker',
 'site_brand' => 'Nettsted merke/logo',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovakisk',
 'sort_by_date' => 'Sorter etter dato',
 'sort_by_expiration_date' => '',
@@ -2199,6 +2206,7 @@ Bruker: [username]
 'status_revision_sleeping' => 'avventer',
 'status_revisor_removed' => 'Revisor fjernet fra listen',
 'status_unknown' => 'Ukjent',
+'storage' => '',
 'storage_size' => 'Lagrings størrelse',
 'subfolder_duplicate_name' => 'Dupliser navnet på undermappen',
 'submit_2_fact_auth' => 'Lagre hemmelighet',

languages/nl_NL/lang.inc

@@ -703,6 +703,8 @@ URL: [url]',
 'export_user_list_csv' => 'Exporteer gebruikers in csv-formaat',
 'extension_archive' => 'Extensies',
 'extension_changelog' => 'Overzicht van wijzigingen',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => 'Extensie uitgeschakeld',
 'extension_is_on_now' => 'Extensie ingeschakeld',
 'extension_loading' => 'Laden van extensies ...',
@@ -1163,6 +1165,7 @@ URL: [url]',
 'no_groups' => 'Geen groepen',
 'no_group_members' => 'Deze groep heeft geen leden',
 'no_linked_files' => 'Geen gekoppelde bestanden',
+'no_mimetype' => '',
 'no_previous_versions' => 'Geen andere versie(s) gevonden',
 'no_receipt_needed' => 'Geen ontvangstbericht nodig',
 'no_review_needed' => 'Geen review bezig.',
@@ -1329,6 +1332,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Map verwijderen uit Dropfilder',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Geselecteerde bestanden worden verwijderd',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1751,6 +1755,8 @@ Name: [username]
 'settings_enableLargeFileUpload_desc' => 'Indien ingeschakeld, is bestandsupload ook beschikbaar via een java applet jumploader genaamd zonder een bestandsgrootte limiet door de browser. Het staat ook toe om meerdere bestanden in een keer te versturen.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Menu-taken aanzetten',
 'settings_enableMenuTasks_desc' => 'Menu-taken aanzetten',
 'settings_enableMenuTransmittals' => '',
@@ -2069,6 +2075,7 @@ Name: [username]
 'sign_out' => 'Log uit',
 'sign_out_user' => 'Log gebruiker uit',
 'site_brand' => 'Merk van de site',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slowaaks',
 'sort_by_date' => 'Sorteren op datum',
 'sort_by_expiration_date' => 'Sorteren op vervaldatum',
@@ -2198,6 +2205,7 @@ Name: [username]
 'status_revision_sleeping' => 'Slapend',
 'status_revisor_removed' => 'Verwijderd',
 'status_unknown' => 'Onbekend',
+'storage' => '',
 'storage_size' => 'Omvang opslag',
 'subfolder_duplicate_name' => 'Dubble mapnaam',
 'submit_2_fact_auth' => '2-factor-authentificatie verstuurd',

languages/pl_PL/lang.inc

@@ -686,6 +686,8 @@ URL: [url]',
 'export_user_list_csv' => 'Eksportuj użytkowników do pliku CSV',
 'extension_archive' => 'Rozszerzenie',
 'extension_changelog' => 'Log Zmian',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Wgrywam dodatki...',
@@ -1140,6 +1142,7 @@ URL: [url]',
 'no_groups' => 'Brak grup',
 'no_group_members' => 'Ta grupa nie ma członków',
 'no_linked_files' => 'Brak powiązanych dokumentów',
+'no_mimetype' => '',
 'no_previous_versions' => 'Nie znaleziono poprzednich wersji',
 'no_receipt_needed' => 'Brak dokumentów w trakcie potwierdzenia',
 'no_review_needed' => 'Brak dokumentów w trakcie opiniowania',
@@ -1295,6 +1298,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Usuń folder po imporcie',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Usuń zaznaczone pliki',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1682,6 +1686,8 @@ Name: [username]
 'settings_enableLargeFileUpload_desc' => 'Jeśli zaznaczone, wczytywanie plików będzie możliwe również przez aplet javy bez limitu rozmiaru plików. Aplet pozwala również na wczytywanie wielu plików jednocześnie.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Włącz listę zadań w menu',
 'settings_enableMenuTasks_desc' => 'Włącza/Wyłącza pozycję w menu w której znajdują się wszystkie zadania dla użytkownika. Zawiera dokumenty, które potrzebują być ocenione, zatwierdzone, itd.',
 'settings_enableMenuTransmittals' => '',
@@ -2000,6 +2006,7 @@ Name: [username]
 'sign_out' => 'Wyloguj',
 'sign_out_user' => 'Wyloguj użytkownika',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'słowacki',
 'sort_by_date' => 'Sortuj według daty',
 'sort_by_expiration_date' => 'Sortuj według daty ważności',
@@ -2129,6 +2136,7 @@ Name: [username]
 'status_revision_sleeping' => 'Oczekujące',
 'status_revisor_removed' => 'Revisor usunięty z listy',
 'status_unknown' => 'Nieznany',
+'storage' => '',
 'storage_size' => 'Zajętość dysku',
 'subfolder_duplicate_name' => 'Zduplikowana nazwa podfolderu',
 'submit_2_fact_auth' => 'Zapisz sekretne hasło',

languages/pt_BR/lang.inc

@@ -710,6 +710,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'Extensão',
 'extension_changelog' => 'Alterações no Log',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Carregando Extensões',
@@ -1170,6 +1172,7 @@ URL: [url]',
 'no_groups' => 'Sem grupos',
 'no_group_members' => 'Este grupo não tem membros',
 'no_linked_files' => 'Não há arquivos vinculados',
+'no_mimetype' => '',
 'no_previous_versions' => 'Nenhuma outra versão encontrada',
 'no_receipt_needed' => 'Atualmente, não há documentos que exijam uma confirmação de recebimento.',
 'no_review_needed' => 'Nenhuma revisão pendente.',
@@ -1336,6 +1339,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Remover pasta após a importação',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Remover arquivos marcados',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1758,6 +1762,8 @@ Nome: [username]
 'settings_enableLargeFileUpload_desc' => 'Se selecionado, o upload de arquivo também estará disponível através de um applet java chamado jumploader sem limite de tamanho de arquivo definido pelo navegador. Ele também permite fazer o upload de vários arquivos de uma só vez.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Ativar lista de tarefas no menu',
 'settings_enableMenuTasks_desc' => 'Ativar / desativar o item de menu que contém todas as tarefas do usuário. Contém documentos que precisam ser revisados, aprovados etc.',
 'settings_enableMenuTransmittals' => '',
@@ -2076,6 +2082,7 @@ Nome: [username]
 'sign_out' => 'Sair',
 'sign_out_user' => 'Sair usuário',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Eslovaco',
 'sort_by_date' => 'classificar por data',
 'sort_by_expiration_date' => '',
@@ -2205,6 +2212,7 @@ Nome: [username]
 'status_revision_sleeping' => 'Pendente',
 'status_revisor_removed' => 'Revisor removido da lista',
 'status_unknown' => 'Desconhecido',
+'storage' => '',
 'storage_size' => 'Tamanho de armazenamento',
 'subfolder_duplicate_name' => 'nome duplicado da subpasta',
 'submit_2_fact_auth' => 'Salvar senha',

languages/ro_RO/lang.inc

@@ -698,6 +698,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Se incarca extensiile',
@@ -1152,6 +1154,7 @@ URL: [url]',
 'no_groups' => 'Nu există grupe',
 'no_group_members' => 'Acest grup nu are membri',
 'no_linked_files' => 'Nici un fișiere asociate',
+'no_mimetype' => '',
 'no_previous_versions' => 'Nu sunt alte versiuni gasite',
 'no_receipt_needed' => '',
 'no_review_needed' => 'Nici o revizuire în așteptare.',
@@ -1307,6 +1310,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Eliminați fișierele marcate',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1720,6 +1724,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'Dacă este setat, incărcarea este de asemenea disponibilă prin intermediul unui applet Java numit jumploader fără limită de dimensiune a fișierului stabilită de browser. De asemenea, permite încărcarea mai multor fișiere într-un singur pas. Activand aceasta optiune va dezactiva optiunea http only cookies.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '',
 'settings_enableMenuTasks_desc' => '',
 'settings_enableMenuTransmittals' => '',
@@ -2038,6 +2044,7 @@ URL: [url]',
 'sign_out' => 'Sign out',
 'sign_out_user' => 'Sign out utilizator',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovacă',
 'sort_by_date' => 'Sortare dupa data',
 'sort_by_expiration_date' => '',
@@ -2167,6 +2174,7 @@ URL: [url]',
 'status_revision_sleeping' => 'in asteptare',
 'status_revisor_removed' => 'Revizuitor eliminat din lista',
 'status_unknown' => 'Necunoscut',
+'storage' => '',
 'storage_size' => 'Dimensiunea de stocare',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/ru_RU/lang.inc

@@ -698,6 +698,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => 'Журнал изменений',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Загрузка расширений',
@@ -1151,6 +1153,7 @@ URL: [url]',
 'no_groups' => 'Нет групп',
 'no_group_members' => 'Группа не имеет членов',
 'no_linked_files' => 'Нет связанных документов',
+'no_mimetype' => '',
 'no_previous_versions' => 'Нет предыдущих версий',
 'no_receipt_needed' => 'Нет документов, нуждающихся в подтверждении получения',
 'no_review_needed' => 'Рецензия не требуется',
@@ -1309,6 +1312,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Удалить выбранные файлы',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1727,6 +1731,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'Если включено, загрузка файлов доступна так же через Java-апплет, называемый jumploader, без ограничения размера файла. Это также позволит загружать несколько файлов за раз.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Включить список задач в меню',
 'settings_enableMenuTasks_desc' => 'Включить/отключить пункт меню, который содержит все задачи пользователя. Там содержатся документы, которые нуждаются в рецензии, утверждении и т.д.',
 'settings_enableMenuTransmittals' => '',
@@ -2045,6 +2051,7 @@ URL: [url]',
 'sign_out' => 'Выйти',
 'sign_out_user' => 'Пользовательский выход',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovak',
 'sort_by_date' => 'Сортировка по дате',
 'sort_by_expiration_date' => '',
@@ -2174,6 +2181,7 @@ URL: [url]',
 'status_revision_sleeping' => 'В ожидании рецензии',
 'status_revisor_removed' => 'Ревизор удален из списка',
 'status_unknown' => 'Неизвестный',
+'storage' => '',
 'storage_size' => 'Размер хранилища',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/sk_SK/lang.inc

@@ -710,6 +710,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => 'Rozšírenie',
 'extension_changelog' => 'Denník zmien',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Nahrávajú sa rozšírenia ...',
@@ -1171,6 +1173,7 @@ URL: [url]',
 'no_groups' => 'Žiadne skupiny',
 'no_group_members' => 'Táto skupina nemá žiadnych členov',
 'no_linked_files' => 'No linked files',
+'no_mimetype' => '',
 'no_previous_versions' => 'Neboli nájdené žiadne iné verzie',
 'no_receipt_needed' => 'There are currently no documents requiring a receipt confirmation.',
 'no_review_needed' => 'No review pending.',
@@ -1337,6 +1340,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Po importe odstrániť zložku',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Odstrániť označené súbory',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1760,6 +1764,8 @@ Meno: [username]
 'settings_enableLargeFileUpload_desc' => 'If set, file upload is also available through a java applet called jumploader without a file size limit set by the browser. It also allows to upload several files in one step. Turning this on will turn off http only cookies.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Enable task list in menu',
 'settings_enableMenuTasks_desc' => 'Enable/Disable the menu item which contains all tasks for the user. This contains documents, that need to be reviewed, approved, etc.',
 'settings_enableMenuTransmittals' => '',
@@ -2078,6 +2084,7 @@ Meno: [username]
 'sign_out' => 'odhlásiť',
 'sign_out_user' => 'Odhlásiť používateľa',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovenčina',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2207,6 +2214,7 @@ Meno: [username]
 'status_revision_sleeping' => 'pending',
 'status_revisor_removed' => 'Revisor removed from list',
 'status_unknown' => 'Neznámy',
+'storage' => '',
 'storage_size' => 'Objem dát',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => 'Save secret',

languages/sv_SE/lang.inc

@@ -704,6 +704,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1158,6 +1160,7 @@ URL: [url]',
 'no_groups' => 'Inga grupper',
 'no_group_members' => 'Denna grupp har inga medlemmar',
 'no_linked_files' => 'Inga länkade filer',
+'no_mimetype' => '',
 'no_previous_versions' => 'Inga andra versioner hittades.',
 'no_receipt_needed' => 'Det finns inga dokument som saknar mottagningsbevis.',
 'no_review_needed' => 'Det finns inga dokument som du behöver granska.',
@@ -1310,6 +1313,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => 'Radera katalog efter import',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Ta bort markerade filer',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1733,6 +1737,8 @@ Kommentar: [comment]',
 'settings_enableLargeFileUpload_desc' => 'Om aktiverad, kan filer laddas upp via javaapplet med namnet jumploader, utan begränsningar i filstorlek. Flera filer kan även laddas upp samtidigt i ett steg.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Aktivera uppgiftslista i menyn',
 'settings_enableMenuTasks_desc' => 'Aktiverar ett menyobjekt som visar användarens uppgifter, såsom dokument som behöver granskas eller godkännas.',
 'settings_enableMenuTransmittals' => '',
@@ -2051,6 +2057,7 @@ Kommentar: [comment]',
 'sign_out' => 'Logga ut',
 'sign_out_user' => 'Logga ut användare',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovakiska',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2180,6 +2187,7 @@ Kommentar: [comment]',
 'status_revision_sleeping' => 'Vilande',
 'status_revisor_removed' => 'Reviderare borttagen från listan',
 'status_unknown' => 'Okänd',
+'storage' => '',
 'storage_size' => 'Lagringsstorlek',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => 'Spara hemlighet',

languages/tr_TR/lang.inc

@@ -692,6 +692,8 @@ URL: [url]',
 'export_user_list_csv' => 'Kullanıcıları CSV olarak dışa aktar',
 'extension_archive' => '',
 'extension_changelog' => 'Değişiklik Listesi',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => 'Uzantı yüklendi',
@@ -1144,6 +1146,7 @@ URL: [url]',
 'no_groups' => 'Grup yok',
 'no_group_members' => 'Bu grubun hiç üyesi yok',
 'no_linked_files' => 'Link verilmiş dosya yok',
+'no_mimetype' => '',
 'no_previous_versions' => 'Başka versiyon yok',
 'no_receipt_needed' => '',
 'no_review_needed' => 'Bekleyen kontrol yok.',
@@ -1301,6 +1304,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'İşaretli dosyaları sil',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1697,6 +1701,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'Etkinleştirilirse, büyük dosyalar dosya limitine bakılmaksızın jumploader isimli java applet aracılığıyla yüklenebilir. Bu ayrıca bir seferde birden çok dosya yüklemeyi de sağlar. Bu açıldığında sadece http çerezleri kapanmış olur.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '',
 'settings_enableMenuTasks_desc' => '',
 'settings_enableMenuTransmittals' => '',
@@ -2015,6 +2021,7 @@ URL: [url]',
 'sign_out' => 'Çıkış',
 'sign_out_user' => 'Kullanıcı hesabından çıkış',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovakça',
 'sort_by_date' => 'Tarihe göre sırala',
 'sort_by_expiration_date' => '',
@@ -2144,6 +2151,7 @@ URL: [url]',
 'status_revision_sleeping' => '',
 'status_revisor_removed' => '',
 'status_unknown' => 'Bilinmeyen',
+'storage' => '',
 'storage_size' => 'Depo boyutu',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/uk_UA/lang.inc

@@ -697,6 +697,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '',
 'extension_changelog' => '',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '',
@@ -1150,6 +1152,7 @@ URL: [url]',
 'no_groups' => 'Немає груп',
 'no_group_members' => 'Група не має членів',
 'no_linked_files' => 'Немає пов\'язаних документів',
+'no_mimetype' => '',
 'no_previous_versions' => 'Немає попередніх версій',
 'no_receipt_needed' => 'Немає документів, які потребують підтвердження отримання',
 'no_review_needed' => 'Рецензія не потрібна',
@@ -1308,6 +1311,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => 'Видалити обрані файли',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1719,6 +1723,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => 'Якщо увімкнено, завантаження файлів доступне також через Java-аплет jumploader без обмеження розміру файлів. Це також дозволить завантажувати кілька файлів за раз.',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => 'Включити список завдань в меню',
 'settings_enableMenuTasks_desc' => 'Включити/відключити пункт меню, який містить всі завдання користувача. Там містяться документи, які потребують рецензії, затвердження і т.ін.',
 'settings_enableMenuTransmittals' => '',
@@ -2037,6 +2043,7 @@ URL: [url]',
 'sign_out' => 'Вийти',
 'sign_out_user' => 'Вихід користувача',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => 'Slovak',
 'sort_by_date' => '',
 'sort_by_expiration_date' => '',
@@ -2166,6 +2173,7 @@ URL: [url]',
 'status_revision_sleeping' => 'Ревізію призупинено',
 'status_revisor_removed' => 'Ревізора видалено зі списку',
 'status_unknown' => 'Невідомий',
+'storage' => '',
 'storage_size' => 'Розмір сховища',
 'subfolder_duplicate_name' => '',
 'submit_2_fact_auth' => '',

languages/zh_CN/lang.inc

@@ -700,6 +700,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '扩展',
 'extension_changelog' => '更新日志',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '加载扩展',
@@ -1154,6 +1156,7 @@ URL: [url]',
 'no_groups' => '无组别',
 'no_group_members' => '该组没有成员',
 'no_linked_files' => '无链接文件',
+'no_mimetype' => '',
 'no_previous_versions' => '无其它版本',
 'no_receipt_needed' => '目前没有需要收据确认的文件',
 'no_review_needed' => '无待校对的文件',
@@ -1314,6 +1317,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '导入后删除文件夹',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => '删除选中的文件',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1707,6 +1711,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => '如果设置了文件上传，也可以通过一个名为jumploader的浏览器java小程序来实现文件上传。它还允许一次上传多个文件。打开此选项将关闭网页cookie。',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '在菜单中启用任务列表',
 'settings_enableMenuTasks_desc' => '启用/禁用包含用户所有任务的菜单项。其中包含需要审核、批准的文件等。',
 'settings_enableMenuTransmittals' => '',
@@ -2025,6 +2031,7 @@ URL: [url]',
 'sign_out' => '登出',
 'sign_out_user' => '退出登录',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => '斯洛伐克语',
 'sort_by_date' => '日期排序',
 'sort_by_expiration_date' => '',
@@ -2154,6 +2161,7 @@ URL: [url]',
 'status_revision_sleeping' => '等待',
 'status_revisor_removed' => '从名单中删除校订人',
 'status_unknown' => '未知',
+'storage' => '',
 'storage_size' => '存储大小',
 'subfolder_duplicate_name' => '重复的文件夹',
 'submit_2_fact_auth' => '保存秘钥',

languages/zh_TW/lang.inc

@@ -710,6 +710,8 @@ URL: [url]',
 'export_user_list_csv' => '',
 'extension_archive' => '擴充',
 'extension_changelog' => '修改紀錄',
+'extension_config' => '',
+'extension_info' => '',
 'extension_is_off_now' => '',
 'extension_is_on_now' => '',
 'extension_loading' => '擴充套件讀取中',
@@ -1171,6 +1173,7 @@ URL: [url]',
 'no_groups' => '無組別',
 'no_group_members' => '該組沒有成員',
 'no_linked_files' => '無連結檔',
+'no_mimetype' => '',
 'no_previous_versions' => '無其它版本',
 'no_receipt_needed' => '當前沒有需要收據確認的文件。',
 'no_review_needed' => '無待校對的文件',
@@ -1335,6 +1338,7 @@ URL: [url]',
 'removeFolderFromDropFolder' => '導入後刪除文件夾',
 'removeFolderFromDropFolder_desc' => '',
 'remove_approval_log' => '',
+'remove_from_clipboard' => '',
 'remove_marked_files' => '刪除勾選的檔案',
 'remove_review_log' => '',
 'remove_task' => '',
@@ -1758,6 +1762,8 @@ URL: [url]',
 'settings_enableLargeFileUpload_desc' => '如果設置了該選項，則還可以通過一個名為Jumploader的Java小程序來上傳文件，而瀏覽器沒有設置文件大小限制。它還允許一步上傳幾個文件。啟用此功能將關閉僅HTTP cookie。',
 'settings_enableLoginByEmail' => '',
 'settings_enableLoginByEmail_desc' => '',
+'settings_enableMemcached' => '',
+'settings_enableMemcached_desc' => '',
 'settings_enableMenuTasks' => '在菜單中啟用任務列表',
 'settings_enableMenuTasks_desc' => '啟用/禁用包含用戶所有任務的菜單項。其中包含需要審查，批准等的文件。',
 'settings_enableMenuTransmittals' => '',
@@ -2076,6 +2082,7 @@ URL: [url]',
 'sign_out' => '登出',
 'sign_out_user' => '登出使用者',
 'site_brand' => '',
+'skip_default_export_cols' => '',
 'sk_SK' => '斯洛伐克語',
 'sort_by_date' => '依日期排序',
 'sort_by_expiration_date' => '',
@@ -2205,6 +2212,7 @@ URL: [url]',
 'status_revision_sleeping' => '待定',
 'status_revisor_removed' => '修訂者已從清單中刪除',
 'status_unknown' => '未知',
+'storage' => '',
 'storage_size' => '存儲大小',
 'subfolder_duplicate_name' => '子文件夾名稱重複',
 'submit_2_fact_auth' => '保存秘密',

op/op.Acl.php

@@ -0,0 +1,118 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//    Copyright (C) 2010-2012 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+require_once("../inc/inc.Settings.php");
+require_once("../inc/inc.Utils.php");
+require_once("../inc/inc.LogInit.php");
+require_once("../inc/inc.Language.php");
+require_once("../inc/inc.Init.php");
+require_once("../inc/inc.Extension.php");
+require_once("../inc/inc.DBInit.php");
+require_once("../inc/inc.ClassUI.php");
+require_once("../inc/inc.Authentication.php");
+
+if (!$user->isAdmin()) {
+	$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+	echo json_encode($result);
+	exit;
+}
+
+if (isset($_GET["action"])) $action=$_GET["action"];
+else $action=NULL;
+
+if($action == 'add_aro') {
+	if (isset($_GET["roleid"])) {
+		if(!($role = SeedDMS_Core_Role::getInstance((int) $_GET["roleid"], $dms))) {
+			$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+			echo json_encode($result);
+			exit;
+		}
+	} else {
+		$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+		echo json_encode($result);
+		exit;
+	}
+
+} else {
+	if (isset($_GET["aroid"])) {
+		if(!($aro = SeedDMS_Aro::getInstance((int) $_GET["aroid"], $dms))) {
+			$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+			echo json_encode($result);
+			exit;
+		}
+	} else {
+		$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+		echo json_encode($result);
+		exit;
+	}
+
+	if (isset($_GET["acoid"])) {
+		if(!($aco = SeedDMS_Aco::getInstance((int) $_GET["acoid"], $dms))) {
+			$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+			echo json_encode($result);
+			exit;
+		}
+	} else {
+		$result = array('type'=>'error', 'msg'=>getMLText("access_denied"));
+		echo json_encode($result);
+		exit;
+	}
+}
+
+switch($action) {
+case "toggle_permission":
+	$acl = new SeedDMS_Acl($dms);
+	if($acl->toggle($aro, $aco))
+		$result = array('type'=>'success', 'msg'=>getMLText('success_toogle_permission'));
+	else
+		$result = array('type'=>'error', 'msg'=>getMLText('error_toogle_permission'));
+	header('Content-Type: application/json');
+	echo json_encode($result);
+	break;
+case "add_permission":
+	$acl = new SeedDMS_Acl($dms);
+	if($acl->add($aro, $aco))
+		$result = array('type'=>'success', 'msg'=>getMLText('success_add_permission'));
+	else
+		$result = array('type'=>'error', 'msg'=>getMLText('error_add_permission'));
+	header('Content-Type: application/json');
+	echo json_encode($result);
+	break;
+case "remove_permission":
+	$acl = new SeedDMS_Acl($dms);
+	if($acl->remove($aro, $aco))
+		$result = array('type'=>'success', 'msg'=>getMLText('success_remove_permission'));
+	else
+		$result = array('type'=>'error', 'msg'=>getMLText('error_remove_permission'));
+	header('Content-Type: application/json');
+	echo json_encode($result);
+	break;
+case "add_aro":
+	if(SeedDMS_Aro::getInstance($role, $dms)) {
+		$result = array('type'=>'success', 'msg'=>getMLText('success_add_aro'));
+	} else {
+		$result = array('type'=>'error', 'msg'=>getMLText('error_add_aro'));
+	}
+	header('Content-Type: application/json');
+	echo json_encode($result);
+	break;
+}
+

op/op.AddDocument.php

@@ -69,8 +69,9 @@ if($settings->_quota > 0) {
 	}
 }
 
-if($user->isAdmin()) {
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
-	$ownerid = !empty($_POST['ownerid']) ? (int) $_POST["ownerid"] : null;
+if ($accessop->check_controller_access($controller, array('action'=>'setOwner'))) {
+	$ownerid = (int) $_POST["ownerid"];
 	if($ownerid) {
 		if(!($owner = $dms->getUser($ownerid))) {
 			UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_occured"));
@@ -173,10 +174,13 @@ default:
 // Get the list of reviewers and approvers for this document.
 $reviewers = array();
 $approvers = array();
+$recipients = array();
 $reviewers["i"] = array();
 $reviewers["g"] = array();
 $approvers["i"] = array();
 $approvers["g"] = array();
+$recipients["i"] = array();
+$recipients["g"] = array();
 $workflow = null;
 
 if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
@@ -193,6 +197,16 @@ if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'tra
 				$reviewers["g"][] = $grp;
 			}
 		}
+		// Retrieve the list of reviewer groups whose members become individual reviewers
+		if (isset($_POST["grpIndReviewers"])) {
+			foreach ($_POST["grpIndReviewers"] as $grp) {
+				if($group = $dms->getGroup($grp)) {
+					$members = $group->getUsers();
+					foreach($members as $member)
+						$reviewers["i"][] = $member->getID();
+				}
+			}
+		}
 	}
 
 	// Retrieve the list of individual approvers from the form.
@@ -207,6 +221,17 @@ if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'tra
 			$approvers["g"][] = $grp;
 		}
 	}
+	// Retrieve the list of reviewer groups whose members become individual approvers
+	if (isset($_POST["grpIndApprovers"])) {
+		foreach ($_POST["grpIndApprovers"] as $grp) {
+			if($group = $dms->getGroup($grp)) {
+				$members = $group->getUsers();
+				foreach($members as $member)
+					$approvers["i"][] = $member->getID();
+			}
+		}
+	}
+
 	// add mandatory reviewers/approvers
 	if($settings->_workflowMode == 'traditional') {
 		$mreviewers = getMandatoryReviewers($folder, null, $user);
@@ -244,6 +269,35 @@ if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'tra
 	}
 }
 
+// Retrieve the list of individual recipients from the form.
+$recipients["i"] = array();
+if (isset($_POST["indRecipients"])) {
+	foreach ($_POST["indRecipients"] as $ind) {
+		$recipients["i"][] = $ind;
+	}
+}
+// Retrieve the list of recipient groups from the form.
+$recipients["g"] = array();
+if (isset($_POST["grpRecipients"])) {
+	foreach ($_POST["grpRecipients"] as $grp) {
+		$recipients["g"][] = $grp;
+	}
+}
+// Retrieve the list of recipient groups whose members become individual recipients
+if (isset($_POST["grpIndRecipients"])) {
+	foreach ($_POST["grpIndRecipients"] as $grp) {
+		if($group = $dms->getGroup($grp)) {
+			$members = $group->getUsers();
+			foreach($members as $member) {
+				/* Do not add the uploader itself and reviewers */
+				if(!$settings->_enableFilterReceipt || ($member->getID() != $user->getID() && !in_array($member->getID(), $reviewers['i'])))
+					if(!in_array($member->getID(), $recipients["i"]))
+						$recipients["i"][] = $member->getID();
+			}
+		}
+	}
+}
+
 function reArrayFiles(&$file_post) {
 	$file_ary = array();
 	$file_count = count($file_post['name']);
@@ -306,6 +360,31 @@ if(isset($_POST[$prefix.'-fine-uploader-uuids']) && $_POST[$prefix.'-fine-upload
 	}
 }
 
+if($settings->_libraryFolder) {
+	if(isset($_POST["librarydoc"]) && $_POST["librarydoc"]) {
+		if($clonedoc = $dms->getDocument($_POST["librarydoc"])) {
+			if($content = $clonedoc->getLatestContent()) {
+				$docsource = 'library';
+				$fullfile = tempnam(sys_get_temp_dir(), '');
+				if(SeedDMS_Core_File::copyFile($dms->contentDir . $content->getPath(), $fullfile)) {
+					if($_POST["name"]!="") {
+						$oext = pathinfo($content->getOriginalFileName(), PATHINFO_EXTENSION);
+						$origfilename = getFilenameByDocname(trim($_POST['name'])).".".$oext;
+					} else
+						$origfilename = $content->getOriginalFileName();
+					$file_ary[] = array(
+						'tmp_name' => $fullfile,
+						'type' => $content->getMimeType(),
+						'name' => $origfilename,
+						'size' => $content->getFileSize(),
+						'error' => 0,
+						'source' => 'library',
+					);
+				}
+			}
+		}
+	}
+}
 if($controller->hasHook('getDocument')) {
 	$file_ary = array_merge($file_ary, $controller->callHook('getDocument', $_POST));
 }
@@ -393,6 +472,7 @@ foreach($file_ary as $file) {
 	$controller->setParam('sequence', $sequence);
 	$controller->setParam('reviewers', $reviewers);
 	$controller->setParam('approvers', $approvers);
+	$controller->setParam('recipients', $recipients);
 	$controller->setParam('reqversion', $reqversion);
 	$controller->setParam('versioncomment', $version_comment);
 	$controller->setParam('attributes', $attributes);
@@ -400,6 +480,7 @@ foreach($file_ary as $file) {
 	$controller->setParam('workflow', $workflow);
 	$controller->setParam('notificationgroups', $notgroups);
 	$controller->setParam('notificationusers', $notusers);
+	$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
 	$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
 	$controller->setParam('defaultaccessdocs', $settings->_defaultAccessDocs);
 
@@ -417,9 +498,20 @@ foreach($file_ary as $file) {
 		if($controller->hasHook('cleanUpDocument')) {
 			$controller->callHook('cleanUpDocument', $document, $file);
 		}
-		// Send notification to subscribers of folder.
 		if($notifier) {
+			// Send notification to subscribers of folder.
 			$notifier->sendNewDocumentMail($document, $user);
+
+			// Send notifcation to recipients of document
+			$content = $document->getLatestContent();
+			$status = $content->getStatus();
+			if ($status["status"] == S_RELEASED) {
+				if ($settings->_enableNotificationAppRev) {
+					if ($notifier) {
+						$notifier->sendToAllReceiptMail($content, $user);
+					}
+				}
+			}
 		}
 		if($settings->_removeFromDropFolder) {
 			if(file_exists($userfiletmp)) {

op/op.AddDocumentLink.php

@@ -73,4 +73,5 @@ if (!$document->addDocumentLink($docid, $user->getID(), $public)){
 }
 
 header("Location:../out/out.ViewDocument.php?documentid=".$documentid."&currenttab=links");
+
 ?>

op/op.AddToTransmittal.php

@@ -0,0 +1,85 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+
+/* Check if the form data comes for a trusted request */
+if(!checkFormKey('addtotransmittal')) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
+}
+
+if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+$documentid = $_POST["documentid"];
+$document = $dms->getDocument($documentid);
+
+if (!is_object($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+if ($document->getAccessMode($user) < M_READ) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
+}
+
+if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+$version_num = $_POST["version"];
+$version = $document->getContentByVersion($version_num);
+
+if (!is_object($version)) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+if (!isset($_POST["assignTo"]) || !is_numeric($_POST["assignTo"]) || intval($_POST["assignTo"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+$transmittalid = $_POST["assignTo"];
+$transmittal = $dms->getTransmittal($transmittalid);
+
+if (!is_object($transmittal)) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
+}
+
+if ($transmittal->getUser()->getID() != $user->getID()) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_transmittal"));
+}
+
+if($transmittal->addContent($version)) {
+	$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_to_transmittal')));
+} else {
+	$session->setSplashMsg(array('type'=>'error', 'msg'=>getMLText('splash_error_add_to_transmittal')));
+}
+
+add_log_line("?documentid=".$documentid."&version".$version_num);
+
+header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
+
+?>

op/op.AddTransmittal.php

@@ -0,0 +1,49 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+
+/* Check if the form data comes for a trusted request */
+if(!checkFormKey('addtransmittal')) {
+	UI::exitError(getMLText("my_documents"), getMLText("invalid_request_token"));
+}
+
+$name = $_POST["name"];
+$comment = $_POST["comment"];
+
+$transmittal = $dms->addTransmittal($name, $comment, $user);
+
+if (!is_object($transmittal)) {
+	UI::exitError(getMLText("my_documents"), getMLText("error_occured"));
+}
+
+add_log_line("?name=".$name);
+
+header("Location:../out/out.MyDocuments.php");
+
+?>

op/op.Ajax.php

@@ -53,9 +53,12 @@ if (isset($_COOKIE["mydms_session"])) {
 		echo json_encode(array('error'=>1));
 		exit;
 	}
-	if($user->isAdmin()) {
+
-		if($resArr["su"]) {
+	if($resArr["su"] && $su = $dms->getUser($resArr["su"])) {
-			$user = $dms->getUser($resArr["su"]);
+		if($user->isAdmin() || $user->maySwitchToUser($su)) {
+			$user = $su;
+		} else {
+			$session->resetSu();
 		}
 	}
 	$dms->setUser($user);
@@ -63,6 +66,8 @@ if (isset($_COOKIE["mydms_session"])) {
 		$dms->checkWithinRootDir = true;
 		$dms->setRootFolderID($user->getHomeFolder());
 	}
+	$role = $user->getRole();
+	$dms->noReadForStatus = $role->getNoAccess();
 
 	include $settings->_rootDir . "languages/" . $resArr["language"] . "/lang.inc";
 } else {
@@ -105,11 +110,13 @@ switch($command) {
 		}	
 		break; /* }}} */
 
+		/* Used for document chooser */
 	case 'searchdocument': /* {{{ */
 		if($user) {
 			$query = $_GET['query'];
+			$status = isset($_GET['status']) ? (is_array($_GET['status']) ? $_GET['status'] : array($_GET['status'])) : array();
 
-			$hits = $dms->search($query, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$dms->getRootFolder(), $owner=null, $status = array(), $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x1, $expirationstartdate=array(), $expirationenddate=array());
+			$hits = $dms->search($query, $limit=0, $offset=0, $logicalmode='AND', $searchin=array(), $startFolder=$dms->getRootFolder(), $owner=null, $status, $creationstartdate=array(), $creationenddate=array(), $modificationstartdate=array(), $modificationenddate=array(), $categories=array(), $attributes=array(), $mode=0x1, $expirationstartdate=array(), $expirationenddate=array());
 			if($hits) {
 				$result = array();
 				foreach($hits['docs'] as $hit) {
@@ -896,6 +903,7 @@ switch($command) {
 				$controller->setParam('workflow', $workflow);
 				$controller->setParam('notificationgroups', array());
 				$controller->setParam('notificationusers', array());
+				$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
 				$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
 				$controller->setParam('defaultaccessdocs', $settings->_defaultAccessDocs);
 
@@ -927,6 +935,41 @@ switch($command) {
 		}
 		break; /* }}} */
 
+		/* Deprecated, has moved to op/op.TransmittalMgr.php */
+	case '___removetransmittalitem': /* {{{ */
+		if($user) {
+			if(!checkFormKey('removetransmittalitem', 'GET')) {
+				header('Content-Type: application/json');
+				echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
+			} else {
+				$item = SeedDMS_Core_TransmittalItem::getInstance((int) $_REQUEST['id'], $dms);
+				if($item) {
+					$transmittal = $item->getTransmittal();
+					if($transmittal) {
+						if ($transmittal->getUser()->getID() == $user->getID()) {
+							if($item->remove()) {
+								header('Content-Type: application/json');
+								echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
+							} else {
+								header('Content-Type: application/json');
+								echo json_encode(array('success'=>false, 'message'=>'Error removing transmittal item', 'data'=>''));
+							}
+						} else {
+							header('Content-Type: application/json');
+							echo json_encode(array('success'=>false, 'message'=>'No access', 'data'=>''));
+						}
+					} else {
+						header('Content-Type: application/json');
+						echo json_encode(array('success'=>false, 'message'=>'No transmittal', 'data'=>''));
+					}
+				} else {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>'No transmittal item', 'data'=>''));
+				}
+			}
+		}
+		break; /* }}} */
+
 	case 'updatedocument': /* {{{ */
 		if($user) {
 			if(checkFormKey('')) {
@@ -1083,6 +1126,41 @@ switch($command) {
 		}
 		break; /* }}} */
 
+		/* Deprecated, has moved to op/op.TransmittalMgr.php */
+	case '___updatetransmittalitem': /* {{{ */
+		if($user) {
+			if(!checkFormKey('updatetransmittalitem', 'GET')) {
+				header('Content-Type: application/json');
+				echo json_encode(array('success'=>false, 'message'=>getMLText('invalid_request_token'), 'data'=>''));
+			} else {
+				$item = SeedDMS_Core_TransmittalItem::getInstance((int) $_REQUEST['id'], $dms);
+				if($item) {
+					$transmittal = $item->getTransmittal();
+					if($transmittal) {
+						if ($transmittal->getUser()->getID() == $user->getID()) {
+							if($item->updateContent()) {
+								header('Content-Type: application/json');
+								echo json_encode(array('success'=>true, 'message'=>'', 'data'=>''));
+							} else {
+								header('Content-Type: application/json');
+								echo json_encode(array('success'=>false, 'message'=>'Error removing transmittal item', 'data'=>''));
+							}
+						} else {
+							header('Content-Type: application/json');
+							echo json_encode(array('success'=>false, 'message'=>'No access', 'data'=>''));
+						}
+					} else {
+						header('Content-Type: application/json');
+						echo json_encode(array('success'=>false, 'message'=>'No transmittal', 'data'=>''));
+					}
+				} else {
+					header('Content-Type: application/json');
+					echo json_encode(array('success'=>false, 'message'=>'No transmittal item', 'data'=>''));
+				}
+			}
+		}
+		break; /* }}} */
+
 	case 'addfolder': /* {{{ */
 		if($user) {
 			if(checkFormKey('')) {

op/op.ApproveDocument.php

@@ -32,6 +32,7 @@ include("../inc/inc.ClassController.php");
 
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
 $controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
 
 /* Check if the form data comes from a trusted request */
 if(!checkFormKey('approvedocument')) {
@@ -72,11 +73,8 @@ if ($latestContent->getVersion()!=$version) {
 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
 }
 
-/* Create object for checking access to certain operations */
-$accessop = new SeedDMS_AccessOperation($dms, $document, $user, $settings);
-
 // verify if document may be approved
-if (!$accessop->mayApprove()){
+if (!$accessop->mayApprove($document)){
 	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
 }
 
@@ -96,7 +94,7 @@ $controller->setParam('type', $_POST['approvalType']);
 $controller->setParam('status', $_POST['approvalStatus']);
 $controller->setParam('content', $latestContent);
 $controller->setParam('file', !empty($_FILES["approvalfile"]["tmp_name"]) ? $_FILES["approvalfile"]["tmp_name"] : '');
-$controller->setParam('group', !empty($_POST['approvalGroup']) ?	$dms->getGroup($_POST['approvalGroup']) : null);
+$controller->setParam('group', !empty($_POST['approvalGroup']) ? $dms->getGroup($_POST['approvalGroup']) : null);
 if(!$controller()) {
 	$err = $controller->getErrorMsg();
 	if(is_string($err))
@@ -113,6 +111,13 @@ if(!$controller()) {
 		$notifier->sendSubmittedApprovalMail($latestContent, $user, $approvelog ? $approvelog[0] : false);
 		if($controller->oldstatus != $controller->newstatus)
 			$notifier->sendChangedDocumentStatusMail($latestContent, $user, $controller->oldstatus);
+		if ($controller->newstatus == S_RELEASED) {
+			if ($settings->_enableNotificationAppRev) {
+				if ($notifier) {
+					$notifier->sendToAllReceiptMail($content, $user);
+				}
+			}
+		}
 	}
 }
 

op/op.CancelCheckOut.php

@@ -0,0 +1,56 @@
+<?php
+//    SeedDMS. Document Management System
+//    Copyright (C) 2015 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+
+/* Check if the form data comes from a trusted request */
+if(!checkFormKey('cancelcheckout')) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
+}
+
+if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+$documentid = $_POST["documentid"];
+$document = $dms->getDocument($documentid);
+
+$checkoutstatus = $document->checkOutStatus();
+/* Check out of files which has been changed, can only be canceled if allowed in the configuration */
+if($checkoutstatus == 0 && empty($settings->_enableCancelCheckout)) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("operation_disallowed"));
+}
+
+if(empty($_POST['confirm'])) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("operation_disallowed"));
+}
+
+if(!$document->cancelCheckOut()) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_cancel_checkout"));
+}
+$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_cancel_checkout')));
+add_log_line("?documentid=".$documentid);
+header("Location:../out/out.ViewDocument.php?documentid=".$documentid);

op/op.CheckInDocument.php

@@ -0,0 +1,343 @@
+<?php
+//    SeedDMS. Document Management System
+//    Copyright (C) 2015 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.Authentication.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.ClassController.php");
+
+$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
+$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+if (!$accessop->check_controller_access($controller, $_POST)) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
+}
+
+/* if post_max_size is to small, then $_POST will not be set and the content
+ * lenght will exceed post_max_size
+ */
+if(empty($_POST) && $_SERVER['CONTENT_LENGTH'] > SeedDMS_Core_File::parse_filesize(ini_get('post_max_size'))) {
+	UI::exitError(getMLText("folder_title", array("foldername" => '')),getMLText("uploading_postmaxsize"));
+}
+
+/* Check if the form data comes from a trusted request */
+if(!checkFormKey('checkindocument')) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
+}
+
+if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+$documentid = $_POST["documentid"];
+$document = $dms->getDocument($documentid);
+$folder = $document->getFolder();
+
+if (!is_object($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+if ($document->getAccessMode($user, 'checkinDocument') < M_READWRITE) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
+}
+
+if($settings->_quota > 0) {
+	$remain = checkQuota($user);
+	if ($remain < 0) {
+		UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("quota_exceeded", array('bytes'=>SeedDMS_Core_File::format_filesize(abs($remain)))));
+	}
+}
+
+if ($document->isLocked()) {
+	$lockingUser = $document->getLockingUser();
+	if (($lockingUser->getID() != $user->getID()) && ($document->getAccessMode($user) != M_ALL)) {
+		UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("no_update_cause_locked"));
+	}
+	else $document->setLocked(false);
+}
+
+if(!$accessop->mayCheckIn($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
+}
+
+if(isset($_POST["comment"]))
+	$comment  = $_POST["comment"];
+else
+	$comment = "";
+
+$oldexpires = $document->getExpires();
+switch($_POST["presetexpdate"]) {
+case "date":
+	$expires = makeTsFromDate($_POST["expdate"]);
+//	$tmp = explode('-', $_POST["expdate"]);
+//	$expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]);
+	break;
+case "1w":
+	$tmp = explode('-', date('Y-m-d'));
+	$expires = mktime(0,0,0, $tmp[1], $tmp[2]+7, $tmp[0]);
+	break;
+case "1m":
+	$tmp = explode('-', date('Y-m-d'));
+	$expires = mktime(0,0,0, $tmp[1]+1, $tmp[2], $tmp[0]);
+	break;
+case "1y":
+	$tmp = explode('-', date('Y-m-d'));
+	$expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]+1);
+	break;
+case "2y":
+	$tmp = explode('-', date('Y-m-d'));
+	$expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]+2);
+	break;
+case "never":
+default:
+	$expires = null;
+	break;
+}
+
+	// Get the list of reviewers and approvers for this document.
+	$reviewers = array();
+	$approvers = array();
+	$recipients = array();
+	$reviewers["i"] = array();
+	$reviewers["g"] = array();
+	$approvers["i"] = array();
+	$approvers["g"] = array();
+	$recipients["i"] = array();
+	$recipients["g"] = array();
+	$workflow = null;
+
+	if($settings->_workflowMode == 'traditional' || $settings->_workflowMode == 'traditional_only_approval') {
+		if($settings->_workflowMode == 'traditional') {
+			// Retrieve the list of individual reviewers from the form.
+			$reviewers["i"] = array();
+			if (isset($_POST["indReviewers"])) {
+				foreach ($_POST["indReviewers"] as $ind) {
+					$reviewers["i"][] = $ind;
+				}
+			}
+			// Retrieve the list of reviewer groups from the form.
+			$reviewers["g"] = array();
+			if (isset($_POST["grpReviewers"])) {
+				foreach ($_POST["grpReviewers"] as $grp) {
+					$reviewers["g"][] = $grp;
+				}
+			}
+			// Retrieve the list of reviewer groups whose members become individual reviewers
+			if (isset($_POST["grpIndReviewers"])) {
+				foreach ($_POST["grpIndReviewers"] as $grp) {
+					if($group = $dms->getGroup($grp)) {
+						$members = $group->getUsers();
+						foreach($members as $member)
+							$reviewers["i"][] = $member->getID();
+					}
+				}
+			}
+		}
+
+		// Retrieve the list of individual approvers from the form.
+		$approvers["i"] = array();
+		if (isset($_POST["indApprovers"])) {
+			foreach ($_POST["indApprovers"] as $ind) {
+				$approvers["i"][] = $ind;
+			}
+		}
+		// Retrieve the list of approver groups from the form.
+		$approvers["g"] = array();
+		if (isset($_POST["grpApprovers"])) {
+			foreach ($_POST["grpApprovers"] as $grp) {
+				$approvers["g"][] = $grp;
+			}
+		}
+		// Retrieve the list of reviewer groups whose members become individual approvers
+		if (isset($_POST["grpIndApprovers"])) {
+			foreach ($_POST["grpIndApprovers"] as $grp) {
+				if($group = $dms->getGroup($grp)) {
+					$members = $group->getUsers();
+					foreach($members as $member)
+						$approvers["i"][] = $member->getID();
+				}
+			}
+		}
+
+		// add mandatory reviewers/approvers
+		if($settings->_workflowMode == 'traditional') {
+			$mreviewers = getMandatoryReviewers($folder, $document, $user);
+			if($mreviewers['i'])
+				$reviewers['i'] = array_merge($reviewers['i'], $mreviewers['i']);
+			if($mreviewers['g'])
+				$reviewers['g'] = array_merge($reviewers['g'], $mreviewers['g']);
+		}
+		$mapprovers = getMandatoryApprovers($folder, $document, $user);
+		if($mapprovers['i'])
+			$approvers['i'] = array_merge($approvers['i'], $mapprovers['i']);
+		if($mapprovers['g'])
+			$approvers['g'] = array_merge($approvers['g'], $mapprovers['g']);
+
+		if($settings->_workflowMode == 'traditional' && !$settings->_allowReviewerOnly) {
+			/* Check if reviewers are send but no approvers */
+			if(($reviewers["i"] || $reviewers["g"]) && !$approvers["i"] && !$approvers["g"]) {
+				UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("error_uploading_reviewer_only"));
+			}
+		}
+	} elseif($settings->_workflowMode == 'advanced') {
+		if(!$workflows = $user->getMandatoryWorkflows()) {
+			if(isset($_POST["workflow"]))
+				$workflow = $dms->getWorkflow($_POST["workflow"]);
+			else
+				$workflow = null;
+		} else {
+			/* If there is excactly 1 mandatory workflow, then set no matter what has
+			 * been posted in 'workflow', otherwise check if the posted workflow is in the
+			 * list of mandatory workflows. If not, then take the first one.
+			 */
+			$workflow = array_shift($workflows);
+			foreach($workflows as $mw)
+				if($mw->getID() == $_POST['workflow']) {$workflow = $mw; break;}
+		}
+	}
+
+	// Retrieve the list of individual recipients from the form.
+	$recipients["i"] = array();
+	if (isset($_POST["indRecipients"])) {
+		foreach ($_POST["indRecipients"] as $ind) {
+			$recipients["i"][] = $ind;
+		}
+	}
+	// Retrieve the list of recipient groups from the form.
+	$recipients["g"] = array();
+	if (isset($_POST["grpRecipients"])) {
+		foreach ($_POST["grpRecipients"] as $grp) {
+			$recipients["g"][] = $grp;
+		}
+	}
+	// Retrieve the list of recipient groups whose members become individual recipients
+	if (isset($_POST["grpIndRecipients"])) {
+		foreach ($_POST["grpIndRecipients"] as $grp) {
+			if($group = $dms->getGroup($grp)) {
+				$members = $group->getUsers();
+				foreach($members as $member) {
+					/* Do not add the uploader itself as recipient */
+					if(!$settings->_enableFilterReceipt || ($member->getID() != $user->getID() && !in_array($member->getID(), $reviewers['i'])))
+						if(!in_array($member->getID(), $recipients["i"]))
+							$recipients["i"][] = $member->getID();
+				}
+			}
+		}
+	}
+
+	if(isset($_POST["attributes_version"]) && $_POST["attributes_version"]) {
+		$attributes = $_POST["attributes_version"];
+		foreach($attributes as $attrdefid=>$attribute) {
+			$attrdef = $dms->getAttributeDefinition($attrdefid);
+			if(null === ($ret = $controller->callHook('validateAttribute', $attrdef, $attribute))) {
+			if($attribute) {
+				switch($attrdef->getType()) {
+				case SeedDMS_Core_AttributeDefinition::type_date:
+					if(is_array($attribute))
+						$attribute = array_map(fn($value): string => date('Y-m-d', makeTsFromDate($value)), $attribute);
+					else
+						$attribute = date('Y-m-d', makeTsFromDate($attribute));
+					break;
+				case SeedDMS_Core_AttributeDefinition::type_folder:
+					if(is_array($attribute))
+						$attribute = array_map(fn($value): object => $dms->getFolder((int) $value), $attribute);
+					else
+						$attribute = $dms->getFolder((int) $attribute);
+					break;
+				case SeedDMS_Core_AttributeDefinition::type_document:
+					if(is_array($attribute))
+						$attribute = array_map(fn($value): object => $dms->getDocument((int) $value), $attribute);
+					else
+						$attribute = $dms->getDocument((int) $attribute);
+					break;
+				case SeedDMS_Core_AttributeDefinition::type_user:
+					if(is_array($attribute))
+						$attribute = array_map(fn($value): object => $dms->getUser((int) $value), $attribute);
+					else
+						$attribute = $dms->getUser((int) $attribute);
+					break;
+				case SeedDMS_Core_AttributeDefinition::type_group:
+					if(is_array($attribute))
+						$attribute = array_map(fn($value): object => $dms->getGroup((int) $value), $attribute);
+					else
+						$attribute = $dms->getGroup((int) $attribute);
+					break;
+				}
+				if(!$attrdef->validate($attribute, null, true)) {
+					$errmsg = getAttributeValidationText($attrdef->getValidationError(), $attrdef->getName(), $attribute);
+					UI::exitError(getMLText("document_title", array("documentname" => $document->getName())), $errmsg);
+				}
+			} elseif($attrdef->getMinValues() > 0) {
+				UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("attr_min_values", array("attrname"=>$attrdef->getName())));
+			}
+			} else {
+				if($ret === false)
+					return false;
+			}
+		}
+	} else {
+		$attributes = array();
+	}
+
+	$controller->setParam('documentsource', 'checkin');
+	$controller->setParam('folder', $folder);
+	$controller->setParam('document', $document);
+	$controller->setParam('fulltextservice', $fulltextservice);
+	$controller->setParam('comment', $comment);
+	if($oldexpires != $expires)
+		$controller->setParam('expires', $expires);
+	$controller->setParam('reviewers', $reviewers);
+	$controller->setParam('approvers', $approvers);
+	$controller->setParam('recipients', $recipients);
+	$controller->setParam('attributes', $attributes);
+	$controller->setParam('workflow', $workflow);
+	$controller->setParam('initialdocumentstatus', $settings->_initialDocumentStatus);
+	$controller->setParam('maxsizeforfulltext', $settings->_maxSizeForFullText);
+
+	if(!$content = $controller()) {
+		$err = $controller->getErrorMsg();
+		if(is_string($err))
+			$errmsg = getMLText($err);
+		elseif(is_array($err)) {
+			$errmsg = getMLText($err[0], $err[1]);
+		} else {
+			$errmsg = $err;
+		}
+		UI::exitError(getMLText("document_title", array("documentname" => $document->getName())), $errmsg);
+	} else {
+		if($controller->hasHook('cleanUpDocument')) {
+			$controller->callHook('cleanUpDocument', $document, $file);
+		}
+		// Send notification to subscribers.
+		if($notifier) {
+			$notifier->sendNewDocumentVersionMail($document, $user);
+
+			$notifier->sendChangedExpiryMail($document, $user, $oldexpires);
+		}
+
+	}
+
+add_log_line("checkin document ".$documentid." with version ".$content->getVersion());
+header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
+

op/op.CheckOutDocument.php

@@ -0,0 +1,77 @@
+<?php
+//    SeedDMS. Document Management System
+//    Copyright (C) 2015 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+include("../inc/inc.Settings.php");
+include("../inc/inc.Utils.php");
+include("../inc/inc.LogInit.php");
+include("../inc/inc.Language.php");
+include("../inc/inc.Init.php");
+include("../inc/inc.Extension.php");
+include("../inc/inc.DBInit.php");
+include("../inc/inc.ClassUI.php");
+include("../inc/inc.Authentication.php");
+
+if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+$documentid = $_GET["documentid"];
+$document = $dms->getDocument($documentid);
+
+if (!is_object($document)) {
+	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
+}
+
+if(!$settings->_checkOutDir) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("checkout_is_disabled"));
+}
+
+if ($document->getAccessMode($user) < M_READWRITE) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
+}
+
+if ($document->isLocked()) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("document_already_locked"));
+}
+
+if ($document->isCheckedOut()) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("document_already_checkedout"));
+}
+
+if($session->getSu()) {
+	$origuser = $dms->getUser($session->getUser());
+	$checkoutpath = sprintf($settings->_checkOutDir.'/', preg_replace('/[^A-Za-z0-9_-]/', '', $origuser->getLogin()));
+} else {
+	$checkoutpath = sprintf($settings->_checkOutDir.'/', preg_replace('/[^A-Za-z0-9_-]/', '', $user->getLogin()));
+}
+if(!file_exists($checkoutpath) && $settings->_createCheckOutDir) {
+	SeedDMS_Core_File::makeDir($checkoutpath);
+}
+if(!file_exists($checkoutpath)) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("checkoutpath_does_not_exist"));
+}
+
+if (!$document->checkOut($user, $checkoutpath)) {
+	UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured"));
+}
+
+$session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_document_checkedout')));
+
+add_log_line();
+header("Location:../out/out.ViewDocument.php?documentid=".$documentid);
+

op/op.Cron.php

@@ -0,0 +1,60 @@
+<?php
+//    MyDMS. Document Management System
+//    Copyright (C) 2002-2005  Markus Westphal
+//    Copyright (C) 2006-2008 Malcolm Cowe
+//    Copyright (C) 2010 Matteo Lucarelli
+//    Copyright (C) 2010-2016 Uwe Steinmann
+//
+//    This program is free software; you can redistribute it and/or modify
+//    it under the terms of the GNU General Public License as published by
+//    the Free Software Foundation; either version 2 of the License, or
+//    (at your option) any later version.
+//
+//    This program is distributed in the hope that it will be useful,
+//    but WITHOUT ANY WARRANTY; without even the implied warranty of
+//    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//    GNU General Public License for more details.
+//
+//    You should have received a copy of the GNU General Public License
+//    along with this program; if not, write to the Free Software
+//    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+require_once("../inc/inc.Settings.php");
+require_once("../inc/inc.Utils.php");
+require_once("../inc/inc.LogInit.php");
+require_once("../inc/inc.Language.php");
+require_once("../inc/inc.Init.php");
+require_once("../inc/inc.Extension.php");
+require_once("../inc/inc.DBInit.php");
+require_once("../inc/inc.ClassController.php");
+require_once("../inc/inc.Scheduler.php");
+require_once("../inc/inc.BasicAuthentication.php");
+
+$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
+$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
+
+if($user->getLogin() != 'cli_scheduler') {
+	header('WWW-Authenticate: Basic realm="'.$settings->_siteName.'"');
+	header('HTTP/1.0 401 Unauthorized');
+	echo "Wrong user";
+	exit;
+}
+$mode = 'list';
+if(!empty($_GET['mode']) && in_array($_GET['mode'], array('list', 'run', 'dryrun', 'check')))
+	$mode = $_GET['mode'];
+$task = '';
+if(!empty($_GET['task']))
+	$task = $_GET['task'];
+
+$controller->setParam('settings', $settings);
+$controller->setParam('logger', $logger);
+$controller->setParam('mode', $mode);
+$controller->setParam('task', $task);
+if(!$controller->run()) {
+	echo getMLText("error_occured");
+	exit;
+}
+
+add_log_line();
+exit();
+

op/op.Download.php

@@ -32,6 +32,10 @@ include("../inc/inc.Authentication.php");
 
 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
 $controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+if (!$accessop->check_controller_access($controller, $_POST)) {
+	UI::exitError(getMLText("document_title", array("documentname" => "")),getMLText("access_denied"));
+}
 
 if (isset($_GET["version"])) { /* {{{ */
 
@@ -98,19 +102,9 @@ elseif (isset($_GET["file"])) { /* {{{ */
 		UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_file_id"));
 	}
 
-	if(!file_exists($dms->contentDir . $file->getPath())) {
+	$controller->setParam('file', $file);
-		UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("missing_file"));
+	$controller->setParam('type', 'file');
-	}
+	$controller->run();
-
-	header("Content-Transfer-Encoding: binary");
-	header("Content-Length: " . filesize($dms->contentDir . $file->getPath() ));
-	$efilename = rawurlencode($file->getOriginalFileName());
-	header("Content-Disposition: attachment; filename=\"" . $efilename . "\"; filename*=UTF-8''".$efilename);
-	header("Content-Type: " . $file->getMimeType());
-	header("Cache-Control: must-revalidate");
-
-	sendFile($dms->contentDir . $file->getPath());
-
 } /* }}} */
 elseif (isset($_GET["arkname"])) { /* {{{ */
 	$filename = basename($_GET["arkname"]);
@@ -130,16 +124,9 @@ elseif (isset($_GET["arkname"])) { /* {{{ */
 		UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
 	}
 
-	header('Content-Description: File Transfer');
+	$controller->setParam('basedir', $backupdir);
-	header("Content-Type: application/zip");
+	$controller->setParam('file', $filename);
-	header("Content-Transfer-Encoding: binary");
+	$controller->archive();
-	header("Content-Length: " . filesize($backupdir . $filename ));
-	$efilename = rawurlencode($filename);
-	header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
-	header("Cache-Control: must-revalidate");
-	
-	sendFile($backupdir .$filename );
-	
 } /* }}} */
 elseif (isset($_GET["logname"])) { /* {{{ */
 	$filename = basename($_GET["logname"], '.log').'.log';
@@ -158,15 +145,10 @@ elseif (isset($_GET["logname"])) { /* {{{ */
 		UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
 	}
 
-	header("Content-Type: text/plain");
+	$controller->setParam('file', $filename);
-	header("Content-Transfer-Encoding: binary");
+	$controller->setParam('basedir', $settings->_contentDir . 'log/');
-	header("Content-Length: " . filesize($settings->_contentDir.'log/' . $filename ));
+	$controller->log();
-	$efilename = rawurlencode($filename);
-	header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
-	header("Cache-Control: must-revalidate");
 
-	sendFile($settings->_contentDir . 'log/' . $filename );
-	
 } /* }}} */
 elseif (isset($_GET["vfile"])) { /* {{{ */
 
@@ -215,14 +197,9 @@ elseif (isset($_GET["dumpname"])) { /* {{{ */
 		UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
 	}
 
-	header("Content-Type: application/zip");
+	$controller->setParam('basedir', $backupdir);
-	header("Content-Transfer-Encoding: binary");
+	$controller->setParam('file', $filename);
-	header("Content-Length: " . filesize($backupdir . $filename ));
+	$controller->sqldump();
-	$efilename = rawurlencode($filename);
-	header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename);
-	header("Cache-Control: must-revalidate");
-	
-	sendFile($backupdir .$filename );
 } /* }}} */
 elseif (isset($_GET["reviewlogid"])) { /* {{{ */
 	if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
@@ -243,22 +220,15 @@ elseif (isset($_GET["reviewlogid"])) { /* {{{ */
 		UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
 	}
 
-	$filename = $dms->contentDir . $document->getDir().'r'.(int) $_GET['reviewlogid'];
+	$controller->setParam('document', $document);
-	if (!file_exists($filename) ) {
+	$controller->setParam('reviewlogid', (int) $_GET['reviewlogid']);
+	$controller->setParam('type', 'review');
+	$controller->run();
+	switch($controller->getErrorNo()) {
+	case 1:
 		UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
+		break;
 	}
-
-	$finfo = finfo_open(FILEINFO_MIME_TYPE);
-	$mimetype = finfo_file($finfo, $filename);
-
-	header("Content-Type: ".$mimetype);
-	header("Content-Transfer-Encoding: binary");
-	header("Content-Length: " . filesize($filename ));
-	header("Content-Disposition: attachment; filename=\"review-" . $document->getID()."-".(int) $_GET['reviewlogid'] . get_extension($mimetype) . "\"");
-	header("Cache-Control: must-revalidate");
-
-	sendFile($filename);
-
 } /* }}} */
 elseif (isset($_GET["approvelogid"])) { /* {{{ */
 	if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) {
@@ -279,21 +249,15 @@ elseif (isset($_GET["approvelogid"])) { /* {{{ */
 		UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied"));
 	}
 
-	$filename = $dms->contentDir . $document->getDir().'a'.(int) $_GET['approvelogid'];
+	$controller->setParam('document', $document);
-	if (!file_exists($filename) ) {
+	$controller->setParam('approvelogid', (int) $_GET['approvelogid']);
+	$controller->setParam('type', 'approval');
+	$controller->run();
+	switch($controller->getErrorNo()) {
+	case 1:
 		UI::exitError(getMLText("admin_tools"),getMLText("missing_file"));
+		break;
 	}
-
-	$finfo = finfo_open(FILEINFO_MIME_TYPE);
-	$mimetype = finfo_file($finfo, $filename);
-
-	header("Content-Type: ".$mimetype);
-	header("Content-Transfer-Encoding: binary");
-	header("Content-Length: " . filesize($filename ));
-	header("Content-Disposition: attachment; filename=\"approval-" . $document->getID()."-".(int) $_GET['approvelogid'] . get_extension($mimetype) . "\"");
-	header("Cache-Control: must-revalidate");
-
-	sendFile($filename);
 } /* }}} */
 
 add_log_line();

op/op.EditAttributes.php

@@ -34,6 +34,11 @@ if(!checkFormKey('editattributes')) {
 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
 }
 
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+if (!$accessop->check_controller_access('EditAttributes', $_POST)) {
+	UI::exitError(getMLText("folder_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
+}
+
 if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
 }

op/op.EditComment.php

@@ -34,6 +34,11 @@ if(!checkFormKey('editcomment')) {
 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
 }
 
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+if (!$accessop->check_controller_access('EditComment', $_POST)) {
+	UI::exitError(getMLText("folder_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied"));
+}
+
 if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
 	UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
 }