$dms, 'user'=>$user)); /* Check if the form data comes from a trusted request */ if(!checkFormKey('transferdocument')) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token")); } if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $documentid = $_POST["documentid"]; $document = $dms->getDocument($documentid); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if (!isset($_POST["userid"]) || !is_numeric($_POST["userid"]) || intval($_POST["userid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $userid = $_POST["userid"]; $newuser = $dms->getUser($userid); if (!is_object($newuser)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $folder = $document->getFolder(); $oldowner = $document->getOwner(); $controller->setParam('document', $document); $controller->setParam('newuser', $newuser); if(!$controller->run()) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("error_transfer_document")); } if ($notifier){ /* Get the notify list before removing the document */ $notifier->sendTransferDocumentMail($document, $user, $oldowner); } $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_transfer_document'))); add_log_line("?documentid=".$documentid); header("Location:../out/out.ViewFolder.php?folderid=".$folder->getID()); ?>