$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); /* Check if the form data comes for a trusted request */ if(!checkFormKey('receiptdocument')) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); } if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_POST["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } // verify if document may be receіpted if (!$accessop->mayReceipt($document)){ UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); } $folder = $document->getFolder(); if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } $version = $_POST["version"]; $content = $document->getContentByVersion($version); if (!is_object($content)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } // operation is only allowed for the last document version $latestContent = $document->getLatestContent(); if ($latestContent->getVersion()!=$version) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); } if (!isset($_POST["receiptStatus"]) || !is_numeric($_POST["receiptStatus"]) || (intval($_POST["receiptStatus"])!=1 && intval($_POST["receiptStatus"])!=-1)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_receipt_status")); } $controller->setParam('document', $document); $controller->setParam('content', $latestContent); $controller->setParam('receiptstatus', $_POST["receiptStatus"]); $controller->setParam('receipttype', $_POST["receiptType"]); if ($_POST["receiptType"] == "grp") { $group = $dms->getGroup($_POST['receiptGroup']); } else { $group = null; } $controller->setParam('group', $group); $controller->setParam('comment', $_POST["comment"]); if(!$controller->run()) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText($controller->getErrorMsg())); } header("Location:../out/out.ViewDocument.php?documentid=".$documentid."¤ttab=recipients"); ?>