$dms, 'user'=>$user)); $accessop = new SeedDMS_AccessOperation($dms, $user, $settings); if (!isset($_GET["documentid"]) || !is_numeric($_GET["documentid"]) || intval($_GET["documentid"])<1) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } $document = $dms->getDocument($_GET["documentid"]); if (!is_object($document)) { UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); } if ($document->getAccessMode($user) < M_READWRITE) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied")); } if($document->isLocked()) { $lockingUser = $document->getLockingUser(); if (($lockingUser->getID() != $user->getID()) && ($document->getAccessMode($user) != M_ALL)) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("lock_message", array("email" => $lockingUser->getEmail(), "username" => htmlspecialchars($lockingUser->getFullName())))); } } if(isset($_GET['targetid']) && $_GET['targetid']) { $target = $dms->getFolder($_GET["targetid"]); if (!is_object($target)) { UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_target_folder")); } if ($target->getAccessMode($user) < M_READWRITE) { UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied")); } } else { $target = null; } $folder = $document->getFolder(); if($view) { $view->setParam('folder', $folder); $view->setParam('document', $document); $view->setParam('target', $target); $view->setParam('accessobject', $accessop); $view($_GET); exit; }