$dms, 'user'=>$user)); /* Check if the form data comes from a trusted request */ if(!checkFormKey('editdocument')) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); } if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_POST["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $folder = $document->getFolder(); $docPathHTML = getFolderPathHTML($folder, true). " / ".$document->getName().""; if ($document->getAccessMode($user, 'editDocument') < M_READWRITE) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } if($document->isLocked()) { $lockingUser = $document->getLockingUser(); if (($lockingUser->getID() != $user->getID()) && ($document->getAccessMode($user, 'editDocument') != M_ALL)) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("lock_message", array("email" => $lockingUser->getEmail(), "username" => htmlspecialchars($lockingUser->getFullName())))); } } $name = isset($_POST['name']) ? trim($_POST["name"]) : ""; $comment = isset($_POST['comment']) ? trim($_POST["comment"]) : ""; $keywords = isset($_POST["keywords"]) ? trim($_POST["keywords"]) : ""; if(isset($_POST['categoryidform1'])) { $categories = explode(',', preg_replace('/[^0-9,]+/', '', $_POST["categoryidform1"])); } elseif(isset($_POST["categories"])) { $categories = $_POST["categories"]; } else { $categories = array(); } $sequence = isset($_POST["sequence"]) ? str_replace(',', '.', $_POST["sequence"]) : "keep"; if (!is_numeric($sequence)) { $sequence="keep"; } if(isset($_POST["attributes"])) $attributes = $_POST["attributes"]; else $attributes = array(); if(isset($_POST['presetexpdate'])) { switch($_POST["presetexpdate"]) { case "date": $expires = makeTsFromDate($_POST["expdate"]); // $tmp = explode('-', $_POST["expdate"]); // $expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]); break; case "1w": $tmp = explode('-', date('Y-m-d')); $expires = mktime(0,0,0, $tmp[1], $tmp[2]+7, $tmp[0]); break; case "1m": $tmp = explode('-', date('Y-m-d')); $expires = mktime(0,0,0, $tmp[1]+1, $tmp[2], $tmp[0]); break; case "1y": $tmp = explode('-', date('Y-m-d')); $expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]+1); break; case "2y": $tmp = explode('-', date('Y-m-d')); $expires = mktime(0,0,0, $tmp[1], $tmp[2], $tmp[0]+2); break; case "never": default: $expires = null; break; } } else { $expires = null; } $oldname = $document->getName(); $oldcomment = $document->getComment(); $oldcategories = $document->getCategories(); $oldkeywords = $document->getKeywords(); $oldexpires = $document->getExpires(); /* Make a real copy of each attribute because setting a new attribute value * will just update the old attribute object in array attributes[] and hence * also update the old value */ $oldattributes = array(); foreach($document->getAttributes() as $ai=>$aa) $oldattributes[$ai] = clone $aa; //$oldattributes = $document->getAttributes(); $controller->setParam('fulltextservice', $fulltextservice); $controller->setParam('document', $document); $controller->setParam('name', $name); $controller->setParam('comment', $comment); $controller->setParam('keywords', $keywords); $controller->setParam('categories', $categories); $controller->setParam('expires', $expires); $controller->setParam('sequence', $sequence); $controller->setParam('attributes', $attributes); if(!$controller()) { $err = $controller->getErrorMsg(); if(is_string($err)) $errmsg = getMLText($err); elseif(is_array($err)) { $errmsg = getMLText($err[0], $err[1]); } else { $errmsg = $err; } UI::exitError(getMLText("document_title", array("documentname" => $document->getName())), $errmsg); } if($notifier) { $notifier->sendChangedNameMail($document, $user, $oldname); $notifier->sendChangedCommentMail($document, $user, $oldcomment); $notifier->sendChangedExpiryMail($document, $user, $oldexpires); $notifier->sendChangedAttributesMail($document, $user, $oldattributes); } $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_document_edited'))); add_log_line("?documentid=".$documentid); header("Location:../out/out.ViewDocument.php?documentid=".$documentid); ?>