$dms, 'user'=>$user)); if (isset($_GET["version"])) { /* {{{ */ // document download if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_GET["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $folder = $document->getFolder(); $docPathHTML = getFolderPathHTML($folder, true). " / ".$document->getName().""; if ($document->getAccessMode($user) < M_READ) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } if (!is_numeric($_GET["version"]) || intval($_GET["version"])<1) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } $version = $_GET["version"]; $controller->setParam('document', $document); $controller->setParam('version', $version); $controller->setParam('type', 'version'); if(!$controller->run()) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } } /* }}} */ elseif (isset($_GET["file"])) { /* {{{ */ // file download if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_GET["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $folder = $document->getFolder(); $docPathHTML = getFolderPathHTML($folder, true). " / ".$document->getName().""; if ($document->getAccessMode($user) < M_READ) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } if (!is_numeric($_GET["file"]) || intval($_GET["file"])<1) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_file_id")); } $fileid = $_GET["file"]; $file = $document->getDocumentFile($fileid); if (!is_object($file)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_file_id")); } if(!file_exists($dms->contentDir . $file->getPath())) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("missing_file")); } header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($dms->contentDir . $file->getPath() )); $efilename = rawurlencode($file->getOriginalFileName()); header("Content-Disposition: attachment; filename=\"" . $efilename . "\"; filename*=UTF-8''".$efilename); header("Content-Type: " . $file->getMimeType()); header("Cache-Control: must-revalidate"); sendFile($dms->contentDir . $file->getPath()); } /* }}} */ elseif (isset($_GET["arkname"])) { /* {{{ */ $filename = basename($_GET["arkname"]); // backup download if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (!isset($filename)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); } $backupdir = addDirSep($settings->_backupDir); if (!file_exists($backupdir.$filename) ) { UI::exitError(getMLText("admin_tools"),getMLText("missing_file")); } header('Content-Description: File Transfer'); header("Content-Type: application/zip"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($backupdir . $filename )); $efilename = rawurlencode($filename); header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename); header("Cache-Control: must-revalidate"); sendFile($backupdir .$filename ); } /* }}} */ elseif (isset($_GET["logname"])) { /* {{{ */ $filename = basename($_GET["logname"]); // log download if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (!isset($filename)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); } if (!file_exists($settings->_contentDir.$filename) ) { UI::exitError(getMLText("admin_tools"),getMLText("missing_file")); } header("Content-Type: text/plain"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($settings->_contentDir . $filename )); $efilename = rawurlencode($filename); header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename); header("Cache-Control: must-revalidate"); sendFile($settings->_contentDir .$filename ); } /* }}} */ elseif (isset($_GET["vfile"])) { /* {{{ */ // versioning info download $documentid = $_GET["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } // update infos createVersionigFile($document); header("Content-Type: text/plain"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($dms->contentDir.$document->getDir().$settings->_versioningFileName )."\""); $efilename = rawurlencode($settings->_versioningFileName); header("Content-Disposition: attachment; filename=\"". $efilename . "\""); header("Cache-Control: must-revalidate"); sendFile($dms->contentDir . $document->getDir() .$settings->_versioningFileName); } /* }}} */ elseif (isset($_GET["dumpname"])) { /* {{{ */ $filename = basename($_GET["dumpname"]); // dump file download if (!$user->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (!isset($filename)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); } $backupdir = addDirSep($settings->_backupDir); if (!$backupdir) { UI::exitError(getMLText("admin_tools"),getMLText("no_backup_dir")); } if (!file_exists($backupdir.$filename) ) { UI::exitError(getMLText("admin_tools"),getMLText("missing_file")); } header("Content-Type: application/zip"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($backupdir . $filename )); $efilename = rawurlencode($filename); header("Content-Disposition: attachment; filename=\"" .$efilename . "\"; filename*=UTF-8''".$efilename); header("Cache-Control: must-revalidate"); sendFile($backupdir .$filename ); } elseif (isset($_GET["reviewlogid"])) { if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if (!isset($_GET["reviewlogid"]) || !is_numeric($_GET["reviewlogid"]) || intval($_GET["reviewlogid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_reviewlog_id")); } $documentid = $_GET["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_doc_id")); } if ($document->getAccessMode($user) < M_READ) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied")); } $filename = $dms->contentDir . $document->getDir().'r'.(int) $_GET['reviewlogid']; if (!file_exists($filename) ) { UI::exitError(getMLText("admin_tools"),getMLText("missing_file")); } $finfo = finfo_open(FILEINFO_MIME_TYPE); $mimetype = finfo_file($finfo, $filename); header("Content-Type: ".$mimetype); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($filename )); header("Content-Disposition: attachment; filename=\"review-" . $document->getID()."-".(int) $_GET['reviewlogid'] . get_extension($mimetype) . "\""); header("Cache-Control: must-revalidate"); sendFile($filename); } /* }}} */ elseif (isset($_GET["approvelogid"])) { /* {{{ */ if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if (!isset($_GET["approvelogid"]) || !is_numeric($_GET["approvelogid"]) || intval($_GET["approvelogid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approvelog_id")); } $documentid = $_GET["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_doc_id")); } if ($document->getAccessMode($user) < M_READ) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied")); } $filename = $dms->contentDir . $document->getDir().'a'.(int) $_GET['approvelogid']; if (!file_exists($filename) ) { UI::exitError(getMLText("admin_tools"),getMLText("missing_file")); } $finfo = finfo_open(FILEINFO_MIME_TYPE); $mimetype = finfo_file($finfo, $filename); header("Content-Type: ".$mimetype); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($filename )); header("Content-Disposition: attachment; filename=\"approval-" . $document->getID()."-".(int) $_GET['approvelogid'] . get_extension($mimetype) . "\""); header("Cache-Control: must-revalidate"); sendFile($filename); } /* }}} */ add_log_line(); exit();