$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); if(!$accessop->check_controller_access($tmp[1] /*$controller*/)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("access_denied")); } /* Check if the form data comes from a trusted request */ if(!checkFormKey('overridecontentstatus')) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); } if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_POST["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if ($document->getAccessMode($user) < M_ALL) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } $version = $_POST["version"]; $content = $document->getContentByVersion($version); if (!is_object($content)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } if (!isset($_POST["overrideStatus"]) || !is_numeric($_POST["overrideStatus"]) || (intval($_POST["overrideStatus"]) != S_RELEASED && intval($_POST["overrideStatus"]) != S_OBSOLETE && intval($_POST["overrideStatus"]) != S_DRAFT && intval($_POST["overrideStatus"]) != S_NEEDS_CORRECTION)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_status")); } $overallStatus = $content->getStatus(); // status change control, setting a status to obsolete is alwasy allowed if(intval($_POST["overrideStatus"]) != S_OBSOLETE) if ($overallStatus["status"] == S_REJECTED || $overallStatus["status"] == S_EXPIRED || $overallStatus["status"] == S_DRAFT_REV || $overallStatus["status"] == S_DRAFT_APP || $overallStatus["status"] == S_IN_WORKFLOW) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("cannot_change_final_states")); } $overrideStatus = $_POST["overrideStatus"]; $comment = $_POST["comment"]; if ($overrideStatus != $overallStatus["status"]) { if (!$content->setStatus($overrideStatus, $comment, $user)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("error_occured")); } else { // Send notification to subscribers. if($notifier) { $notifier->sendChangedDocumentStatusMail($content, $user, $overallStatus["status"]); } } } add_log_line("?documentid=".$documentid); header("Location:../out/out.DocumentVersionDetail.php?documentid=".$documentid."&version=".$version); ?>