seeddms-code/op/op.ReceiptDocument.php
2021-11-30 17:17:28 +01:00

127 lines
5.5 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
// MyDMS. Document Management System
// Copyright (C) 2002-2005 Markus Westphal
// Copyright (C) 2006-2008 Malcolm Cowe
// Copyright (C) 2010 Matteo Lucarelli
//
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
include("../inc/inc.Settings.php");
include("../inc/inc.LogInit.php");
include("../inc/inc.Utils.php");
include("../inc/inc.Language.php");
include("../inc/inc.Init.php");
include("../inc/inc.Extension.php");
include("../inc/inc.DBInit.php");
include("../inc/inc.ClassAccessOperation.php");
include("../inc/inc.Authentication.php");
include("../inc/inc.ClassUI.php");
include("../inc/inc.ClassController.php");
$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
$controller = Controller::factory($tmp[1], array('dms'=>$dms, 'user'=>$user));
$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
/* Check if the form data comes for a trusted request */
if(!checkFormKey('receiptdocument')) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_request_token"))),getMLText("invalid_request_token"));
}
if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
$documentid = $_POST["documentid"];
$document = $dms->getDocument($documentid);
if (!is_object($document)) {
UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id"));
}
// verify if document may be receіpted
if (!$accessop->mayReceipt($document)){
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied"));
}
$folder = $document->getFolder();
if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
$version = $_POST["version"];
$content = $document->getContentByVersion($version);
if (!is_object($content)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
// operation is only allowed for the last document version
$latestContent = $document->getLatestContent();
if ($latestContent->getVersion()!=$version) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version"));
}
if (!isset($_POST["receiptStatus"]) || !is_numeric($_POST["receiptStatus"]) ||
(intval($_POST["receiptStatus"])!=1 && intval($_POST["receiptStatus"])!=-1)) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_receipt_status"));
}
$controller->setParam('document', $document);
$controller->setParam('content', $latestContent);
$controller->setParam('receiptstatus', $_POST["receiptStatus"]);
$controller->setParam('receipttype', $_POST["receiptType"]);
if ($_POST["receiptType"] == "grp") {
$group = $dms->getGroup($_POST['receiptGroup']);
} else {
$group = null;
}
$controller->setParam('group', $group);
$controller->setParam('comment', $_POST["comment"]);
if(!$controller->run()) {
UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText($controller->getErrorMsg()));
}
if ($_POST["receiptType"] == "ind" || $_POST["receiptType"] == "grp") {
if($notifier) {
$nl=$document->getNotifyList();
$subject = "receipt_submit_email_subject";
$message = "receipt_submit_email_body";
$params = array();
$params['name'] = $document->getName();
$params['version'] = $version;
$params['folder_path'] = $folder->getFolderPathPlain();
$params['status'] = getReceiptStatusText($_POST["receiptStatus"]);
$params['comment'] = strip_tags($_POST['comment']);
$params['username'] = $user->getFullName();
$params['url'] = getBaseUrl().$settings->_httpRoot."out/out.ViewDocument.php?documentid=".$document->getID();
$params['sitename'] = $settings->_siteName;
$params['http_root'] = $settings->_httpRoot;
$notifier->toList($user, $nl["users"], $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
foreach ($nl["groups"] as $grp) {
$notifier->toGroup($user, $grp, $subject, $message, $params, SeedDMS_NotificationService::RECV_NOTIFICATION);
}
/* Send mail to owner only if the currently logged in user is not the
* owner and the owner is not already in the list of notifiers.
*/
// if($user->getID() != $document->getOwner()->getID() && false === SeedDMS_Core_DMS::inList($document->getOwner(), $nl['users']))
// $notifier->toIndividual($user, $content->getUser(), $subject, $message, $params, SeedDMS_NotificationService::RECV_OWNER);
}
}
header("Location:../out/out.ViewDocument.php?documentid=".$documentid."&currenttab=recipients");
?>