getMLText("invalid_request_token"))),getMLText("invalid_request_token")); } if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_POST["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if (!$user->isAdmin() || $document->getAccessMode($user) < M_ALL) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } $version = $_POST["version"]; $content = $document->getContentByVersion($version); if (!is_object($content)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } // operation is only allowed for the last document version $latestContent = $document->getLatestContent(); if ($latestContent->getVersion()!=$version) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } if (!isset($_POST["approveid"]) || !is_numeric($_POST["approveid"]) || intval($_POST["approveid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); } $approveid = $_POST['approveid']; $approves = $latestContent->getApprovalStatus(); $approveStatus = null; foreach($approves as $approve) { if($approve['approveID'] == $approveid) { $approveStatus = $approve; break; } } if(!$approveStatus) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); } if($approveStatus['type'] == 0) { $ruser = $dms->getUser($approveStatus['required']); $msg = getMLText('ind_approval_removed', array('name'=>$ruser->getFullName())); } elseif($approveStatus['type'] == 1) { $rgroup = $dms->getGroup($approveStatus['required']); $msg = getMLText('group_approval_removed', array('name'=>$rgroup->getName())); } else UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); $comment = $_POST["comment"]; if(true === $latestContent->removeApproval($approveid, $user, $comment)) { $latestContent->verifyStatus(true, $user, $msg); } header("Location:../out/out.ViewDocument.php?documentid=".$documentid."¤ttab=revapp");