getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $document = $dms->getDocument($_GET["documentid"]); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if (!isset($_GET["fileid"]) || !is_numeric($_GET["fileid"]) || intval($_GET["fileid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_file_id")); } $file = $document->getDocumentFile($_GET["fileid"]); if (!is_object($file)) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_file_id")); } if (($document->getAccessMode($user) < M_ALL)&&($user->getID()!=$file->getUserID())) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied")); } $folder = $document->getFolder(); /* Create object for checking access to certain operations */ $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user, 'folder'=>$folder, 'document'=>$document, 'file'=>$file)); if($view) { $view->setParam('accessobject', $accessop); $view->show(); exit; } ?>