From 94662b4a39a860f595e672a98ec2f146b99270d8 Mon Sep 17 00:00:00 2001 From: kevin_fourie Date: Wed, 27 Feb 2008 16:04:11 +0000 Subject: [PATCH] Merged in from DEV trunk... --- bin/checkopenoffice.php | 13 ++++++------- lib/documentmanagement/DocumentField.inc | 26 +++++++++++++------------- lib/documentmanagement/MDTree.inc | 5 +++-- lib/groups/GroupUtil.php | 38 +++++++++++++++++++++++++++++--------- lib/metadata/fieldset.inc.php | 82 +++++++++++++++++++++++++++++++++++++++++----------------------------------------- lib/workflow/workflow.inc.php | 28 ++++++++++++++-------------- lib/workflow/workflowstate.inc.php | 32 ++++++++++++++++---------------- lib/workflow/workflowtransition.inc.php | 36 ++++++++++++++++++------------------ plugins/housekeeper/DiskUsageDashlet.inc.php | 21 ++++++++++++++++++++- plugins/ktcore/KTBulkActions.php | 22 +++++++++++++++++----- plugins/ktcore/admin/expungeList.php | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++---- plugins/ktcore/folder/Permissions.php | 26 ++++++++++++++++++++++---- plugins/ktstandard/ImmutableActionPlugin.php | 14 +++++++++++--- resources/js/expungeList.js | 2 +- search2/search/fieldRegistry.inc.php | 4 ++-- search2/search/search.inc.php | 22 +++++++++++----------- templates/ktcore/document/admin/deletedlist.smarty | 2 ++ 17 files changed, 276 insertions(+), 151 deletions(-) diff --git a/bin/checkopenoffice.php b/bin/checkopenoffice.php index c3e6ba7..95dad29 100644 --- a/bin/checkopenoffice.php +++ b/bin/checkopenoffice.php @@ -42,24 +42,23 @@ require_once('../config/dmsDefaults.php'); // Check if open office is running $sCheckOO = SearchHelper::checkOpenOfficeAvailablity(); - // If it is running - exit, we don't need to do anything otherwise start it if(!empty($sCheckOO)){ - + $default->log->debug('Check Open Office Task: Open office service is not running... trying to start it.'); - + if(OS_WINDOWS){ - + // Check the path first - $sPath = realpath('../../winserv.exe'); + $sPath = realpath('../../bin/winserv.exe'); if(file_exists($sPath)){ - $sCmd = "\"$sPath\" start kt_openoffice"; + $sCmd = "\"$sPath\" start ktopenoffice"; KTUtil::pexec($sCmd); exit; } // If that doesn't work, check for the all start - $sPath = realpath('../../bin/allctl.bat'); + $sPath = realpath('../../bin/dmsctl.bat'); if(file_exists($sPath)){ $sCmd = "\"$sPath\" start"; KTUtil::pexec($sCmd); diff --git a/lib/documentmanagement/DocumentField.inc b/lib/documentmanagement/DocumentField.inc index 6b2e829..f6de02e 100644 --- a/lib/documentmanagement/DocumentField.inc +++ b/lib/documentmanagement/DocumentField.inc @@ -7,32 +7,32 @@ * KnowledgeTree Open Source Edition * Document Management Made Simple * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited - * + * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. - * + * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. - * + * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * + * * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. - * + * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. - * + * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the + * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. + * must display the words "Powered by KnowledgeTree" and retain the original + * copyright notice. * Contributor( s): ______________________________________ */ @@ -79,10 +79,10 @@ class DocumentField extends KTEntity { } function getID() { return $this->iId; } - function getName() { return sanitizeForSQLtoHTML($this->sName); } - function setName($sNewValue) { $this->sName = sanitizeForSQL($sNewValue); } - function setDescription($sNewValue) { $this->sDescription = sanitizeForSQL($sNewValue); } - function getDescription() { return sanitizeForSQLtoHTML($this->sDescription); } + function getName() { return $this->sName; } + function setName($sNewValue) { $this->sName = $sNewValue; } + function setDescription($sNewValue) { $this->sDescription = $sNewValue; } + function getDescription() { return $this->sDescription; } function getDataType() { return $this->sDataType; } function setDataType($sNewValue) { $this->sDataType = $sNewValue; } function getIsGeneric() { return $this->bIsGeneric; } diff --git a/lib/documentmanagement/MDTree.inc b/lib/documentmanagement/MDTree.inc index 7477be9..0fbf66e 100644 --- a/lib/documentmanagement/MDTree.inc +++ b/lib/documentmanagement/MDTree.inc @@ -289,7 +289,7 @@ class MDTree { $extraclass = ' inactive'; } - $treeStr .= '
  • ' . $treeToRender->mapnodes[$subnode_val]->getName() . ''; + $treeStr .= '
  • ' . htmlentities($treeToRender->mapnodes[$subnode_val]->getName()) . ''; $treeStr .= $this->_evilTreeRecursion($subnode_val, $treeToRender, $inputname); $treeStr .= '
    • '; } @@ -301,7 +301,8 @@ class MDTree { if ($leaf === $this->activevalue) { $is_selected=' checked="checked"'; } - $treeStr .= '
  • ' . $treeToRender->lookups[$leaf]->getName() .''; + $sValue = htmlentities($treeToRender->lookups[$leaf]->getName()); + $treeStr .= '
  • ' . $sValue .''; $treeStr .= '
    • '; } } } diff --git a/lib/groups/GroupUtil.php b/lib/groups/GroupUtil.php index 39b21ac..42b9aeb 100644 --- a/lib/groups/GroupUtil.php +++ b/lib/groups/GroupUtil.php @@ -7,32 +7,32 @@ * KnowledgeTree Open Source Edition * Document Management Made Simple * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited - * + * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. - * + * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. - * + * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * + * * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. - * + * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. - * + * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the + * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. + * must display the words "Powered by KnowledgeTree" and retain the original + * copyright notice. * Contributor( s): ______________________________________ */ @@ -304,6 +304,26 @@ class GroupUtil { } // }}} + function checkUserInGroups($iUserId, $aGroupIds) { + $sGroupIds = implode(', ', $aGroupIds); + + global $default; + $sTable = $default->users_groups_table; + $sQuery = "SELECT count(*) AS cnt FROM $sTable WHERE user_id = ? AND group_id IN (?)"; + $aParams = array($iUserId, $sGroupIds); + + $res = DBUtil::getOneResult(array($sQuery, $aParams)); + + if(PEAR::isError($res) || empty($res)){ + return false; + } + + if($res['cnt'] > 0){ + return true; + } + return false; + } + // {{{ function buildGroupArray() { global $default; diff --git a/lib/metadata/fieldset.inc.php b/lib/metadata/fieldset.inc.php index e2db4db..0d426ef 100644 --- a/lib/metadata/fieldset.inc.php +++ b/lib/metadata/fieldset.inc.php @@ -5,32 +5,32 @@ * KnowledgeTree Open Source Edition * Document Management Made Simple * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited - * + * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. - * + * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. - * + * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * + * * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. - * + * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. - * + * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the + * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. + * must display the words "Powered by KnowledgeTree" and retain the original + * copyright notice. * Contributor( s): ______________________________________ * */ @@ -45,7 +45,7 @@ require_once(KT_LIB_DIR . "/util/sanitize.inc"); * Represents the basic grouping of fields into a fieldset. */ class KTFieldset extends KTEntity { - + /** primary key value */ var $iId = -1; /** document fieldset name */ @@ -54,7 +54,7 @@ class KTFieldset extends KTEntity { var $sDescription; /** document fieldset namespace */ var $sNamespace; - + /** document fieldset mandatory flag */ var $bMandatory = false; var $iMasterFieldId; @@ -70,30 +70,30 @@ class KTFieldset extends KTEntity { * is used only by the document management system. */ var $bIsSystem = false; - + var $_bUsePearError = true; - + function getId() { return $this->iId; } - function getName() { return sanitizeForSQLtoHTML($this->sName); } - function setDescription($sNewValue) { $this->sDescription = sanitizeForSQL($sNewValue); } - function getDescription() { return sanitizeForSQLtoHTML($this->sDescription); } - function setName($sNewValue) { $this->sName = sanitizeForSQL($sNewValue); } + function getName() { return $this->sName; } + function setDescription($sNewValue) { $this->sDescription = $sNewValue; } + function getDescription() { return $this->sDescription; } + function setName($sNewValue) { $this->sName = $sNewValue; } function getNamespace() { return $this->sNamespace; } function setNamespace($sNewValue) { $this->sNamespace = $sNewValue; } function getMandatory() { return $this->bMandatory; } - function setMandatory($bNewValue) { $this->bMandatory = $bNewValue; } + function setMandatory($bNewValue) { $this->bMandatory = $bNewValue; } function getIsConditional () { return $this->bIsConditional; } - function setIsConditional ($bNewValue) { $this->bIsConditional = $bNewValue; } + function setIsConditional ($bNewValue) { $this->bIsConditional = $bNewValue; } function getMasterFieldId () { return $this->iMasterFieldId; } - function setMasterFieldId ($iNewValue) { $this->iMasterFieldId = $iNewValue; } + function setMasterFieldId ($iNewValue) { $this->iMasterFieldId = $iNewValue; } function getIsGeneric () { return $this->bIsGeneric; } - function setIsGeneric ($bNewValue) { $this->bIsGeneric = $bNewValue; } + function setIsGeneric ($bNewValue) { $this->bIsGeneric = $bNewValue; } function getIsComplete () { return $this->bIsComplete; } - function setIsComplete ($bNewValue) { $this->bIsComplete = $bNewValue; } + function setIsComplete ($bNewValue) { $this->bIsComplete = $bNewValue; } function getIsComplex () { return $this->bIsComplex; } - function setIsComplex ($bNewValue) { $this->bIsComplex = $bNewValue; } + function setIsComplex ($bNewValue) { $this->bIsComplex = $bNewValue; } function getIsSystem () { return $this->bIsSystem; } - function setIsSystem ($bNewValue) { $this->bIsSystem = $bNewValue; } + function setIsSystem ($bNewValue) { $this->bIsSystem = $bNewValue; } var $_aFieldToSelect = array( "iId" => "id", @@ -108,17 +108,17 @@ class KTFieldset extends KTEntity { "bIsComplex" => "is_complex", "bIsSystem" => "is_system", ); - + // returns TRUE if all children are lookup enabled, false otherwise. function canBeMadeConditional() { if ($this->getIsConditional()) { return false; } - + // DEBUG return false; } - + function _table () { return KTUtil::getTableName('fieldsets'); } @@ -127,13 +127,13 @@ class KTFieldset extends KTEntity { - /* + /* * get document types using this field - * for listing displays + * for listing displays */ function &getDocumentTypesUsing($aOptions = null) { $bIds = KTUtil::arrayGet($aOptions, 'ids'); - + $sTable = KTUtil::getTableName('document_type_fieldsets'); $aQuery = array( @@ -161,7 +161,7 @@ class KTFieldset extends KTEntity { // Static function function &get($iId) { return KTEntityUtil::get('KTFieldset', $iId); } - function &getList($sWhereClause = null) { return KTEntityUtil::getList2('KTFieldset', $sWhereClause); } + function &getList($sWhereClause = null) { return KTEntityUtil::getList2('KTFieldset', $sWhereClause); } function &createFromArray($aOptions) { return KTEntityUtil::createFromArray('KTFieldset', $aOptions); } function &getNonGenericFieldsets($aOptions = null) { @@ -172,18 +172,18 @@ class KTFieldset extends KTEntity { 'is_generic' => false, 'disabled' => false, ), $aOptions); - } + } function &getGenericFieldsets($aOptions = null) { $aOptions = KTUtil::meldOptions( - $aOptions, + $aOptions, array('multi' => true,) ); return KTEntityUtil::getByDict('KTFieldset', array( 'is_generic' => true, 'disabled' => false, ), $aOptions); - } + } function &getForDocumentType($oDocumentType, $aOptions = null) { $bIds = KTUtil::arrayGet($aOptions, 'ids'); @@ -192,7 +192,7 @@ class KTFieldset extends KTEntity { } else { $iDocumentTypeId = $oDocumentType; } - + $sTable = KTUtil::getTableName('document_type_fieldsets'); $aQuery = array( "SELECT fieldset_id FROM $sTable WHERE document_type_id = ?", @@ -210,22 +210,22 @@ class KTFieldset extends KTEntity { } return $aRet; } - + function &getAssociatedTypes() { // NOTE: this returns null if we are generic (all is the wrong answer) if ($this->getIsGeneric()) { return array(); } - + $sTable = KTUtil::getTableName('document_type_fieldsets'); $aQuery = array( "SELECT document_type_id FROM $sTable WHERE fieldset_id = ?", array($this->getId()), ); $aIds = DBUtil::getResultArrayKey($aQuery, 'document_type_id'); - + $aRet = array(); foreach ($aIds as $iID) { $oType = DocumentType::get($iID); - if (!PEAR::isError($oType)) { + if (!PEAR::isError($oType)) { $aRet[] = $oType; } } @@ -248,13 +248,13 @@ class KTFieldset extends KTEntity { 'disabled' => false, )); } - + function &getByName($sName) { return KTEntityUtil::getByDict('KTFieldset', array( 'name' => $sName, 'disabled' => false, )); - } + } } ?> diff --git a/lib/workflow/workflow.inc.php b/lib/workflow/workflow.inc.php index 9325066..18ee8b3 100644 --- a/lib/workflow/workflow.inc.php +++ b/lib/workflow/workflow.inc.php @@ -9,32 +9,32 @@ * KnowledgeTree Open Source Edition * Document Management Made Simple * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited - * + * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. - * + * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. - * + * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * + * * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. - * + * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. - * + * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the + * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. + * must display the words "Powered by KnowledgeTree" and retain the original + * copyright notice. * Contributor( s): ______________________________________ */ @@ -59,13 +59,13 @@ class KTWorkflow extends KTEntity { var $_bUsePearError = true; function getID() { return $this->iId; } - function getName() { return sanitizeForSQLtoHTML($this->sName); } - function getHumanName() { return sanitizeForSQLtoHTML($this->sHumanName); } + function getName() { return ($this->sName); } + function getHumanName() { return ($this->sHumanName); } function getStartStateId() { return $this->iStartStateId; } function getIsEnabled() { return ($this->bEnabled == true); } function setID($iId) { $this->iId = $iId; } - function setName($sName) { $this->sName = sanitizeForSQL($sName); } - function setHumanName($sHumanName) { $this->sHumanName = sanitizeForSQL($sHumanName); } + function setName($sName) { $this->sName = ($sName); } + function setHumanName($sHumanName) { $this->sHumanName = ($sHumanName); } function setStartStateId($iStartStateId) { $this->iStartStateId = $iStartStateId; } function setIsEnabled($mValue) { $this->bEnabled = ($mValue == true); } @@ -98,7 +98,7 @@ class KTWorkflow extends KTEntity { function &getByName($sName) { return KTEntityUtil::getBy('KTWorkflow', 'name', $sName); } - + function getIsFunctional() { return (($this->getStartStateId() != false) && ($this->getIsEnabled())); } diff --git a/lib/workflow/workflowstate.inc.php b/lib/workflow/workflowstate.inc.php index 3f4f8cd..d67ce30 100644 --- a/lib/workflow/workflowstate.inc.php +++ b/lib/workflow/workflowstate.inc.php @@ -8,32 +8,32 @@ * KnowledgeTree Open Source Edition * Document Management Made Simple * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited - * + * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. - * + * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. - * + * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * + * * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. - * + * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. - * + * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the + * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. + * must display the words "Powered by KnowledgeTree" and retain the original + * copyright notice. * Contributor( s): ______________________________________ */ @@ -57,20 +57,20 @@ class KTWorkflowState extends KTEntity { var $_bUsePearError = true; function getId() { return $this->iId; } - function getName() { return sanitizeForSQLtoHTML($this->sName); } - function getHumanName() { return sanitizeForSQLtoHTML($this->sHumanName); } + function getName() { return ($this->sName); } + function getHumanName() { return ($this->sHumanName); } function getWorkflowId() { return $this->iWorkflowId; } function getInformDescriptorId() { return $this->iInformDescriptorId; } function setId($iId) { $this->iId = $iId; } - function setName($sName) { $this->sName = sanitizeForSQL($sName); } - function setHumanName($sHumanName) { $this->sHumanName = sanitizeForSQL($sHumanName); } + function setName($sName) { $this->sName = ($sName); } + function setHumanName($sHumanName) { $this->sHumanName = ($sHumanName); } function setWorkflowId($iWorkflowId) { $this->iWorkflowId = $iWorkflowId; } function setInformDescriptorId($iInformDescriptorId) { $this->iInformDescriptorId = $iInformDescriptorId; } function _table () { return KTUtil::getTableName('workflow_states'); } - + function _ktentityOptions() { return array( 'orderby' => 'human_name', @@ -128,13 +128,13 @@ class KTWorkflowState extends KTEntity { 'KTWorkflowState', array( 'name' => $sName, 'workflow_id' => $iWorkflowId - ) + ) ); // expect KTEntityNoObjects if (PEAR::isError($res)) { return false; } - + return true; } diff --git a/lib/workflow/workflowtransition.inc.php b/lib/workflow/workflowtransition.inc.php index d370fb0..23131ad 100644 --- a/lib/workflow/workflowtransition.inc.php +++ b/lib/workflow/workflowtransition.inc.php @@ -8,32 +8,32 @@ * KnowledgeTree Open Source Edition * Document Management Made Simple * Copyright (C) 2004 - 2008 The Jam Warehouse Software (Pty) Limited - * + * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. - * + * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. - * + * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * + * * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. - * + * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. - * + * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the + * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. + * must display the words "Powered by KnowledgeTree" and retain the original + * copyright notice. * Contributor( s): ______________________________________ */ @@ -67,8 +67,8 @@ class KTWorkflowTransition extends KTEntity { var $_bUsePearError = true; function getId() { return $this->iId; } - function getName() { return sanitizeForSQLtoHTML($this->sName); } - function getHumanName() { return sanitizeForSQLtoHTML($this->sHumanName); } + function getName() { return ($this->sName); } + function getHumanName() { return ($this->sHumanName); } function getWorkflowId() { return $this->iWorkflowId; } function getTargetStateId() { return $this->iTargetStateId; } function getGuardPermissionId() { return $this->iGuardPermissionId; } @@ -77,8 +77,8 @@ class KTWorkflowTransition extends KTEntity { function getGuardConditionId() { return $this->iGuardConditionId; } function setId($iId) { $this->iId = $iId; } - function setName($sName) { $this->sName = sanitizeForSQL($sName); } - function setHumanName($sHumanName) { $this->sHumanName = sanitizeForSQL($sHumanName); } + function setName($sName) { $this->sName = ($sName); } + function setHumanName($sHumanName) { $this->sHumanName = ($sHumanName); } function setWorkflowId($iWorkflowId) { $this->iWorkflowId = $iWorkflowId; } function setTargetStateId($iTargetStateId) { $this->iTargetStateId = $iTargetStateId; } function setGuardPermissionId($iGuardPermissionId) { $this->iGuardPermissionId = $iGuardPermissionId; } @@ -89,7 +89,7 @@ class KTWorkflowTransition extends KTEntity { function _table () { return KTUtil::getTableName('workflow_transitions'); } - + // STATIC function _ktentityOptions() { return array( @@ -146,7 +146,7 @@ class KTWorkflowTransition extends KTEntity { $oWorkflowState =& KTWorkflowState::get($this->getTargetStateId()); return sprintf(_kt("%s (to state %s)"), $this->getName(), $oWorkflowState->getName()); } - + // STATIC function nameExists($sName, $oWorkflow) { $iWorkflowId = KTUtil::getId($oWorkflow); @@ -154,16 +154,16 @@ class KTWorkflowTransition extends KTEntity { 'KTWorkflowTransition', array( 'name' => $sName, 'workflow_id' => $iWorkflowId - ) + ) ); // expect KTEntityNoObjects if (PEAR::isError($res)) { return false; } - + return true; } - + } ?> diff --git a/plugins/housekeeper/DiskUsageDashlet.inc.php b/plugins/housekeeper/DiskUsageDashlet.inc.php index db80a7e..5193b62 100644 --- a/plugins/housekeeper/DiskUsageDashlet.inc.php +++ b/plugins/housekeeper/DiskUsageDashlet.inc.php @@ -61,13 +61,23 @@ class DiskUsageDashlet extends KTBaseDashlet $this->warningPercent = $config->get('DiskUsage/warningThreshold', 15); $this->urgentPercent = $config->get('DiskUsage/urgentThreshold', 5); - $this->getUsage(); + $got_usage = $this->getUsage(); + + if ($got_usage == false) + { + return false; + } return Permission::userIsSystemAdministrator(); } function getUsage($refresh=false) { + if (isset($_SESSION['DiskUsage']['problem'])) + { + return false; + } + $check = true; // check if we have a cached result if (isset($_SESSION['DiskUsage'])) @@ -96,6 +106,13 @@ class DiskUsageDashlet extends KTBaseDashlet $result = shell_exec($cmd." 2>&1"); } + if (strpos($result, 'cannot read table of mounted file systems') !== false) + { + $_SESSION['DiskUsage']['problem'] = true; + return false; + } + + $result = explode("\n", $result); unset($result[0]); // gets rid of headings @@ -135,6 +152,8 @@ class DiskUsageDashlet extends KTBaseDashlet $_SESSION['DiskUsage']['time'] = time(); $_SESSION['DiskUsage']['usage'] = $this->usage; } + + return true; } function render() diff --git a/plugins/ktcore/KTBulkActions.php b/plugins/ktcore/KTBulkActions.php index ba957ac..e0e3800 100644 --- a/plugins/ktcore/KTBulkActions.php +++ b/plugins/ktcore/KTBulkActions.php @@ -49,13 +49,13 @@ class KTBulkDeleteAction extends KTBulkAction { function getDisplayName() { return _kt('Delete'); } - + function check_entity($oEntity) { if(is_a($oEntity, 'Document')) { if($oEntity->getImmutable()) { return PEAR::raiseError(_kt('Document cannot be deleted as it is immutable')); - } + } } return parent::check_entity($oEntity); } @@ -894,11 +894,23 @@ class KTBrowseBulkCheckoutAction extends KTBulkAction { $sReason = $this->sReason; if(is_a($oEntity, 'Document')) { - $res = KTDocumentUtil::checkout($oEntity, $sReason, $this->oUser); - if(PEAR::isError($res)) { - return PEAR::raiseError($oEntity->getName().': '.$res->getMessage()); + if($oEntity->getIsCheckedOut()){ + $checkedOutUser = $oEntity->getCheckedOutUserID(); + $sUserId = $_SESSION['userID']; + + if($checkedOutUser != $sUserId){ + $oCheckedOutUser = User::get($checkedOutUser); + return PEAR::raiseError($oEntity->getName().': '._kt('Document has already been checked out by ').$oCheckedOutUser->getName()); + } + }else{ + $res = KTDocumentUtil::checkout($oEntity, $sReason, $this->oUser); + + if(PEAR::isError($res)) { + return PEAR::raiseError($oEntity->getName().': '.$res->getMessage()); + } } + if($this->bDownload){ if ($this->bNoisy) { $oDocumentTransaction = new DocumentTransaction($oEntity, "Document part of bulk checkout", 'ktstandard.transactions.check_out', array()); diff --git a/plugins/ktcore/admin/expungeList.php b/plugins/ktcore/admin/expungeList.php index 229f292..7d23fc3 100644 --- a/plugins/ktcore/admin/expungeList.php +++ b/plugins/ktcore/admin/expungeList.php @@ -39,8 +39,9 @@ require_once(KT_LIB_DIR . '/browse/browseutil.inc.php'); require_once(KT_LIB_DIR . '/documentmanagement/Document.inc'); require_once(KT_LIB_DIR . '/documentmanagement/DocumentTransaction.inc'); - -$aDocuments =& Document::getList("status_id=" . DELETED); + +$sWhere = "status_id=" . DELETED; +$aDocuments =& Document::getList($sWhere); $pageNum = $_REQUEST['page']; @@ -50,6 +51,11 @@ if(fmod($items, 10) > 0){ }else{ $pages = ($items/10); } + +for($i=1; $i<=$pages; $i++){ + $aPages[] = $i; +} + if($pageNum == 1){ $listStart = 0; $listEnd = 9; @@ -60,13 +66,53 @@ if($pageNum == 1){ $listStart = (10*($pageNum-1)); $listEnd = $listStart+9; } + + + +$output = " + + + + + + + + + '; + + for($i = $listStart; $i <= $listEnd; $i++){ - $output .= " - + $output .= " + + "; + } + + +$output .= ' + + + + + + + +
    "._kt('Document Name').''._kt('Last Modification').''._kt('Deletion Comment').'
    getId()."\"/> ".$aDocuments[$i]->getName()." ".$aDocuments[$i]->getLastModifiedDate()." ".$aDocuments[$i]->getLastDeletionComment()."
    + '.$items.' '._kt('items, 10 per page').' +
    +
    '; + + foreach($aPages as $page){ + $output .= ''.$page.' '; + } + +$output .= '
    +
    + '; + echo $output; ?> diff --git a/plugins/ktcore/folder/Permissions.php b/plugins/ktcore/folder/Permissions.php index 5a44c3e..6ec4063 100644 --- a/plugins/ktcore/folder/Permissions.php +++ b/plugins/ktcore/folder/Permissions.php @@ -453,11 +453,29 @@ class KTFolderPermissionsAction extends KTFolderAction { if (!KTBrowseUtil::inAdminMode($this->oUser, $this->oFolder)) { $this->oValidator->userHasPermissionOnItem($this->oUser, $this->_sEditShowPermission, $this->oFolder, $aOptions); } + + $aFoo = $_REQUEST['foo']; + $aPermissions = KTPermission::getList(); + + // Check which groups have permission to manage security + $aNewGroups = $aFoo[4]['group']; + $aNewRoles = (isset($aFoo[4]['role']) ? $aFoo[4]['role'] : array()); + + // Ensure the user is not removing his/her own permission to update the folder permissions (manage security) + if(!in_array(-3, $aNewRoles)){ + $iUserId = $this->oUser->getId(); + if(!GroupUtil::checkUserInGroups($iUserId, $aNewGroups)){ + // If user no longer has permission, return an error. + $this->addErrorMessage(_kt('The selected permissions cannot be updated. You will no longer have permission to manage security on this folder.')); + $this->redirectTo('edit', 'fFolderId=' . $this->oFolder->getId()); + exit(0); + } + } + + require_once(KT_LIB_DIR . '/documentmanagement/observers.inc.php'); $oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectId()); - $aFoo = $_REQUEST['foo']; - $aPermissions = KTPermission::getList(); foreach ($aPermissions as $oPermission) { $iPermId = $oPermission->getId(); @@ -471,11 +489,11 @@ class KTFolderPermissionsAction extends KTFolderAction { 'transactionNS' => 'ktcore.transactions.permissions_change', 'userid' => $_SESSION['userID'], 'ip' => Session::getClientIP(), - )); + )); $aOptions = array( 'defaultmessage' => _kt('Error updating permissions'), 'redirect_to' => array('edit', sprintf('fFolderId=%d', $this->oFolder->getId())), - ); + ); $this->oValidator->notErrorFalse($oTransaction, $aOptions); $po =& new JavascriptObserver($this); diff --git a/plugins/ktstandard/ImmutableActionPlugin.php b/plugins/ktstandard/ImmutableActionPlugin.php index da77b37..d9a1c4b 100644 --- a/plugins/ktstandard/ImmutableActionPlugin.php +++ b/plugins/ktstandard/ImmutableActionPlugin.php @@ -65,9 +65,17 @@ class KTDocumentImmutableAction extends KTDocumentAction { } function do_main() { - $this->oDocument->setImmutable(true); - $this->oDocument->update(); - controllerRedirect('viewDocument', 'fDocumentId=' . $this->oDocument->getId()); + if(!$this->oDocument->getIsCheckedOut()) + { + $this->oDocument->setImmutable(true); + $this->oDocument->update(); + controllerRedirect('viewDocument', 'fDocumentId=' . $this->oDocument->getId()); + } + else + { + $this->addErrorMessage(_kt('Document is checked out and cannot be made immutable')); + controllerRedirect('viewDocument', 'fDocumentId=' . $this->oDocument->getId()); + } } } diff --git a/resources/js/expungeList.js b/resources/js/expungeList.js index 3abebce..b7e06f9 100644 --- a/resources/js/expungeList.js +++ b/resources/js/expungeList.js @@ -16,7 +16,7 @@ function buildList(value){ function stateChanged(){ if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete"){ - document.getElementById("output").innerHTML=xmlHttp.responseText; + document.getElementById("tableoutput").innerHTML=xmlHttp.responseText; } } diff --git a/search2/search/fieldRegistry.inc.php b/search2/search/fieldRegistry.inc.php index 805cac2..46a4117 100644 --- a/search2/search/fieldRegistry.inc.php +++ b/search2/search/fieldRegistry.inc.php @@ -259,8 +259,8 @@ class ExprFieldRegistry foreach($result as $record) { - $fieldset = $record['fieldset']; - $field = $record['field']; + $fieldset = addslashes($record['fieldset']); + $field = addslashes($record['field']); $fieldsetid = $record['fsid']; $fieldid = $record['fid']; $classname = "MetadataField$fieldid"; diff --git a/search2/search/search.inc.php b/search2/search/search.inc.php index 7b05c80..95810fe 100644 --- a/search2/search/search.inc.php +++ b/search2/search/search.inc.php @@ -96,7 +96,7 @@ class SearchHelper { if ($dt++ > 0) $documenttypes_str .= ','; $id=$user['id']; - $name=$user['name']; + $name=(addslashes($user['name'])); $documenttypes_str .= "\n\t{id: \"$id\", name: \"$name\"}"; } @@ -139,7 +139,7 @@ class SearchHelper { if ($uo++ > 0) $users_str .= ','; $id=$user['id']; - $name=$user['name']; + $name=(addslashes($user['name'])); $users_str .= "\n\t{id: \"$id\", name: \"$name\"}"; } @@ -159,8 +159,8 @@ class SearchHelper foreach($fields as $field) { if ($fo++ > 0) $fields_str .= ','; - $alias = $field['alias']; - $display = $field['display']; + $alias = (addslashes($field['alias'])); + $display = (addslashes($field['display'])); $type = $field['type']; $fields_str .= "\n\t{alias: \"$alias\", name: \"$display\", type:\"$type\"}"; } @@ -182,7 +182,7 @@ class SearchHelper { if ($wo++ > 0) $workflow_str .= ','; $wid = $workflow['id']; - $name = $workflow['name']; + $name = (addslashes($workflow['name'])); $workflow_str .= "\n\t{id:\"$wid\", name: \"$name\", states: [ "; @@ -194,7 +194,7 @@ class SearchHelper { if ($so++>0) $workflow_str .= ','; $sid = $state['id']; - $name=$state['name']; + $name=(addslashes($state['name'])); $result['workflows'][$wid]['states'][$sid] = $state; $workflow_str .= "\n\t\t{id:\"$wid\", name: \"$name\"}"; } @@ -217,8 +217,8 @@ class SearchHelper foreach($fieldsets as $fieldset) { $fsid=$fieldset['id']; - $name = $fieldset['name']; - $desc = $fieldset['description']; + $name = (addslashes($fieldset['name'])); + $desc = (addslashes($fieldset['description'])); if ($fso++>0) $fieldset_str .= ','; $fieldset_str .= "\n\t{id:\"$fsid\",name:\"$name\",description:\"$desc\", fields: ["; @@ -231,8 +231,8 @@ class SearchHelper { if ($fo++ >0) $fieldset_str .= ','; $fid = $field['id']; - $name= $field['name']; - $desc = $field['description']; + $name= (addslashes($field['name'])); + $desc = (addslashes($field['description'])); $datatype=$field['datatype']; $control=$field['control']; $fieldset_str .= "\n\t\t{id:\"$fid\", name:\"$name\", description:\"$desc\", datatype:\"$datatype\", control:\"$control\", options: ["; @@ -246,7 +246,7 @@ class SearchHelper { if ($oo++ > 0) $fieldset_str .= ','; $oid = $option['id']; - $name= $option['name']; + $name= (addslashes($option['name'])); $fieldset_str .= "\n\t\t\t{id: \"$oid\", name: \"$name\"}"; } $fieldset_str .= ']}'; diff --git a/templates/ktcore/document/admin/deletedlist.smarty b/templates/ktcore/document/admin/deletedlist.smarty index e80a6ac..a509af2 100644 --- a/templates/ktcore/document/admin/deletedlist.smarty +++ b/templates/ktcore/document/admin/deletedlist.smarty @@ -17,6 +17,7 @@ can restore them as necessary.{/i18n}

    {foreach item=oFDoc from=$fullList} {/foreach} +
    @@ -55,6 +56,7 @@ can restore them as necessary.{/i18n}

    +
    -- libgit2 0.21.4