Peter M. Groen / knowledgetree

Commit a237965596f9a3016d0f858168fa2ac6d74f4ec6

Authored by michael
1 parent 31d3208c

commented and reformatted 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@29 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 722 additions and 723 deletions
dbmodify.php
  View file @a237965
1 1 <?php
2 2  
3   -/*
  3 +/**
4 4 * dbmodify.php
5 5 *
  6 + * Performs all file (upload, update, modify, email) and folder (create, modify)
  7 + * maintenance and management.
  8 + *
6 9 * Copyright (c) 1999-2002 The Owl Project Team
7 10 * Licensed under the GNU GPL. For full terms see the file COPYING.
8 11 *
9 12 * $Id$
  13 + * @todo line 50- refactor
10 14 */
11 15  
12 16 require("./config/owl.php");
... ... @@ -15,598 +19,591 @@ require(&quot;./config/html.php&quot;);
15 19 require("./lib/security.lib.php");
16 20 require("phpmailer/class.phpmailer.php");
17 21  
18   -function find_path($parent) {
19   - global $default;
20   - $path = fid_to_name($parent);
21   - $sql = new Owl_DB;
22   - while($parent != 1) {
23   - $sql->query("select parent from $default->owl_folders_table where id = '$parent'");
24   - while($sql->next_record()) {
25   - $path = fid_to_name($sql->f("parent"))."/".$path;
26   - $parent = $sql->f("parent");
27   - }
  22 +/**
  23 + * Lookup the path to the parent of the passed folder.
  24 + *
  25 + * @param $folderID the id of the child folder
  26 + * @return string the name of the parent folder
  27 + */
  28 +function find_path($folderID) {
  29 + global $default;
  30 + $path = fid_to_name($folderID);
  31 + $sql = new Owl_DB;
  32 + while($folderID != 1) {
  33 + $sql->query("select parent from $default->owl_folders_table where id = '$folderID'");
  34 + while($sql->next_record()) {
  35 + $path = fid_to_name($sql->f("parent"))."/".$path;
  36 + $folderID = $sql->f("parent");
  37 + }
28 38 }
29 39 return $path;
30 40 }
31 41  
32   -function delTree($fid) {
  42 +/**
  43 + * Recursively deletes a folder from the database
  44 + *
  45 + * @param $folderID the ID of the folder to delete
  46 + */
  47 +function delTree($folderID) {
33 48 global $fCount, $folderList, $default;
34 49 //delete from database
35 50 $sql = new Owl_DB;
36   - $sql->query("delete from $default->owl_folders_table where id = '$fid'");
37   - $sql->query("delete from $default->owl_files_table where parent = '$fid'");
38   - for ($c=0; $c < $fCount; $c++) {
39   - if ($folderList[$c][2]==$fid) {
40   - delTree($folderList[$c][0]);
41   - }
42   - }
  51 + $sql->query("delete from $default->owl_folders_table where id = '$folderID'");
  52 + $sql->query("delete from $default->owl_files_table where parent = '$folderID'");
  53 + for ($c=0; $c < $fCount; $c++) {
  54 + if ($folderList[$c][2]==$folderID) {
  55 + delTree($folderList[$c][0]);
  56 + }
  57 + }
43 58 }
44 59  
45 60 // Begin 496814 Column Sorts are not persistant
46 61 // + ADDED &order=$order&$sortorder=$sortname to
47 62 // all browse.php? header and HREF LINES
48   -
49 63 switch ($order) {
50   - case "name":
51   - $sortorder = 'sortname';
52   - break;
53   - case "major_revision":
54   - $sortorder = 'sortver';
55   - break;
56   - case "filename" :
57   - $sortorder = 'sortfilename';
58   - break;
59   - case "size" :
60   - $sortorder = 'sortsize';
61   - break;
62   - case "creatorid" :
63   - $sortorder = 'sortposted';
64   - break;
65   - case "smodified" :
66   - $sortorder = 'sortmod';
67   - break;
68   - case "checked_out":
69   - $sortorder = 'sortcheckedout';
70   - break;
71   - default:
72   - break;
  64 + case "name":
  65 + $sortorder = 'sortname';
  66 + break;
  67 + case "major_revision":
  68 + $sortorder = 'sortver';
  69 + break;
  70 + case "filename" :
  71 + $sortorder = 'sortfilename';
  72 + break;
  73 + case "size" :
  74 + $sortorder = 'sortsize';
  75 + break;
  76 + case "creatorid" :
  77 + $sortorder = 'sortposted';
  78 + break;
  79 + case "smodified" :
  80 + $sortorder = 'sortmod';
  81 + break;
  82 + case "checked_out":
  83 + $sortorder = 'sortcheckedout';
  84 + break;
  85 + default:
  86 + break;
73 87 }
74   -
75 88 // END 496814 Column Sorts are not persistant
  89 +
76 90 // BEGIN BUG FIX: #433932 Fileupdate and Quotas
77 91 if($action == "file_update") {
78   - if(check_auth($parent, "folder_modify", $userid) == 1) {
79   - //if($title == "") exit($lang_specifyname);
80   - $userfile = uploadCompat("userfile");
81   - $sql = new Owl_DB;
82   - $sql->query("select * from $default->owl_users_table where id = '$userid'");
  92 + if(check_auth($parent, "folder_modify", $userid) == 1) {
  93 + //if($title == "") exit($lang_specifyname);
  94 + $userfile = uploadCompat("userfile");
  95 + $sql = new Owl_DB;
  96 + $sql->query("select * from $default->owl_users_table where id = '$userid'");
83 97 while($sql->next_record()) {
84   - $quota_max = $sql->f("quota_max");
85   - $quota_current = $sql->f("quota_current");
86   - //$new_quota = $quota_current + $userfile_size;
  98 + $quota_max = $sql->f("quota_max");
  99 + $quota_current = $sql->f("quota_current");
  100 + //$new_quota = $quota_current + $userfile_size;
87 101 }
88 102 $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"])));
89 103 $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
90 104  
91   - /* Begin Daphne Change - backups of files
92   - * If user requests automatic backups of files
93   - * get current details from db and save file state information
94   - */
95   - if ($default->owl_version_control == 1) {
96   -
97   - if ($default->owl_use_fs)
98   - {
99   - $sql->query("select * from $default->owl_files_table where filename='$new_name' and parent='$parent'");
100   - }
101   - else
102   - {
103   - // this is guaranteed to get the ID of the most recent revision, just in case we're updating a previous rev.
104   - $sql->query("select distinct b.* from $default->owl_files_table as a, $default->owl_files_table as b where b.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc");
105   - }
  105 + /* Begin Daphne Change - backups of files
  106 + * If user requests automatic backups of files
  107 + * get current details from db and save file state information
  108 + */
  109 + if ($default->owl_version_control == 1) {
  110 + if ($default->owl_use_fs) {
  111 + $sql->query("select * from $default->owl_files_table where filename='$new_name' and parent='$parent'");
  112 + } else {
  113 + // this is guaranteed to get the ID of the most recent revision, just in case we're updating a previous rev.
  114 + $sql->query("select distinct b.* from $default->owl_files_table as a, $default->owl_files_table as b where b.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc");
  115 + }
106 116 //$query = "select b.* from $default->owl_files_table as a, $default->owl_files_table as b where a.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc";
107 117 //printError("QU: $query");
108 118  
109   - while($sql->next_record()) {
110   - // save state information
111   - $major_revision = $backup_major = $sql->f("major_revision");
112   - $minor_revision = $backup_minor = $sql->f("minor_revision");
113   - $backup_filename = $sql->f("filename");
114   - $backup_name = $sql->f("name");
115   - $backup_size = $sql->f("size");
116   - $backup_creatorid = $sql->f("creatorid");
117   - $backup_modified = $sql->f("modified");
118   - $backup_smodified = $sql->f("smodified");
119   - $backup_description = $sql->f("description");
120   - $backup_description = ereg_replace("'","\\'",$backup_description);
121   - $backup_metadata = $sql->f("metadata");
122   - $backup_parent = $sql->f("parent");
123   - $backup_security = $sql->f("security");
124   - $backup_groupid = $groupid = $sql->f("groupid");
125   -
126   - $new_quota = $quota_current - $backup_size + $userfile['size'];
127   - $filename = $sql->f(filename);
128   - $title = $sql->f(name);
129   - $description = $sql->f(description);
130   -
131   - if ($default->owl_use_fs)
132   - {
133   - if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath)
134   - printError("$lang_err_file_update","");
135   - }
136   -
137   - }
  119 + while($sql->next_record()) {
  120 + // save state information
  121 + $major_revision = $backup_major = $sql->f("major_revision");
  122 + $minor_revision = $backup_minor = $sql->f("minor_revision");
  123 + $backup_filename = $sql->f("filename");
  124 + $backup_name = $sql->f("name");
  125 + $backup_size = $sql->f("size");
  126 + $backup_creatorid = $sql->f("creatorid");
  127 + $backup_modified = $sql->f("modified");
  128 + $backup_smodified = $sql->f("smodified");
  129 + $backup_description = $sql->f("description");
  130 + $backup_description = ereg_replace("'","\\'",$backup_description);
  131 + $backup_metadata = $sql->f("metadata");
  132 + $backup_parent = $sql->f("parent");
  133 + $backup_security = $sql->f("security");
  134 + $backup_groupid = $groupid = $sql->f("groupid");
  135 +
  136 + $new_quota = $quota_current - $backup_size + $userfile['size'];
  137 + $filename = $sql->f(filename);
  138 + $title = $sql->f(name);
  139 + $description = $sql->f(description);
  140 +
  141 + if ($default->owl_use_fs) {
  142 + if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath) {
  143 + printError("$lang_err_file_update","");
  144 + }
138 145 }
139   -
140   - // End Daphne Change
141   -
  146 + }
  147 + }
  148 + // End Daphne Change
  149 +
142 150 //$newpath = $default->owl_fs_root."/".find_path($parent)."/".$new_name;
143 151 //$newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
144   - //***neller: Read data from database
145   - //$sql->query("select * from $default->owl_files_table where id='$id'");
146   - //while($sql->next_record()) {
147   - //if ($default->owl_fs_root."/".find_path($parent)."/".$sql->f(filename) != $newpath)
148   - //if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath)
149   - //printError("$lang_err_file_update","");
150   - //$new_quota = $quota_current - $sql->f(size) + $userfile_size;
151   - //$filename = $sql->f(filename);
152   - //$title = $sql->f(name);
153   - //$description = $sql->f(description);
154   - //}
155   - if (($new_quota > $quota_max) && ($quota_max != "0")) {
156   - printError("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail","");
157   - if(($quota_max - $quota_current) == "0")
158   - printError("$lang_err_quota_exceed");
  152 + //***neller: Read data from database
  153 + //$sql->query("select * from $default->owl_files_table where id='$id'");
  154 + //while($sql->next_record()) {
  155 + //if ($default->owl_fs_root."/".find_path($parent)."/".$sql->f(filename) != $newpath) {
  156 + //if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath) {
  157 + //printError("$lang_err_file_update","");
  158 + //}
  159 + //$new_quota = $quota_current - $sql->f(size) + $userfile_size;
  160 + //$filename = $sql->f(filename);
  161 + //$title = $sql->f(name);
  162 + //$description = $sql->f(description);
  163 + //}
  164 + if (($new_quota > $quota_max) && ($quota_max != "0")) {
  165 + printError("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail","");
  166 + if(($quota_max - $quota_current) == "0") {
  167 + printError("$lang_err_quota_exceed");
  168 + }
  169 + }
  170 + // End neller
  171 +
  172 + // BEGIN wes change
  173 + if ($default->owl_use_fs) {
  174 + /* Begin Daphne Change
  175 + * copy old version to backup folder
  176 + * change version numbers,
  177 + * update database entries
  178 + * upload new file over the old
  179 + * backup filename will be 'name_majorrev-minorrev' e.g. 'testing_1-2.doc'
  180 + */
  181 + if ($default->owl_version_control == 1) {
  182 + if(!(file_exists($newpath)==1) || $backup_filename != $new_name){
  183 + printError("$lang_err_file_update","");
159 184 }
160   - // End neller
161   -
162   - /* Begin Daphne Change
163   - * copy old version to backup folder
164   - * change version numbers,
165   - * update database entries
166   - * upload new file over the old
167   - * backup filename will be 'name_majorrev-minorrev' e.g. 'testing_1-2.doc'
168   - */
169   -
170   - // BEGIN wes change
171   - if ($default->owl_use_fs)
172   - {
173   - if ($default->owl_version_control == 1) {
174   - if(!(file_exists($newpath)==1) || $backup_filename != $new_name) printError("$lang_err_file_update","");
175   - // Get the file extension.
176   - $extension = explode(".",$new_name);
177   - // rename the new, backed up (versioned) filename
178   - $version_name = $extension[0]."_$major_revision-$minor_revision.$extension[1]";
179   - // specify path for new file in the /backup/ file of each directory.
180   - $backuppath = $default->owl_FileDir."/".find_path($parent)."/backup/$version_name";
181   -
182   - // Danilo change
183   -
184   - if(!is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {
185   - mkdir("$default->owl_FileDir/".find_path($parent)."/backup", 0777);
186   -
187   - // End Danilo change
188   -
189   -
190   -
191   - // is there already a backup directory for current dir?
192   - if(is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {
193   - $sql->query("INSERT into $default->owl_folders_table (name, parent, security, groupid, creatorid) values ('backup', '$parent', '50', '$groupid', '$userid')");
194   - } else {
195   - printError("$lang_err_backup_folder_create","");
196   - }
197   - }
198   - copy($newpath,$backuppath); // copy existing file to backup folder
  185 + // Get the file extension.
  186 + $extension = explode(".",$new_name);
  187 + // rename the new, backed up (versioned) filename
  188 + $version_name = $extension[0]."_$major_revision-$minor_revision.$extension[1]";
  189 + // specify path for new file in the /backup/ file of each directory.
  190 + $backuppath = $default->owl_FileDir."/".find_path($parent)."/backup/$version_name";
  191 +
  192 + if(!is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {
  193 + // Danilo change
  194 + mkdir("$default->owl_FileDir/".find_path($parent)."/backup", 0777);
  195 + // End Danilo change
  196 + // is there already a backup directory for current dir?
  197 + if(is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {
  198 + $sql->query("INSERT into $default->owl_folders_table (name, parent, security, groupid, creatorid) values ('backup', '$parent', '50', '$groupid', '$userid')");
  199 + } else {
  200 + printError("$lang_err_backup_folder_create","");
  201 + }
199 202 }
200   - // End Daphne Change
201   -
202   - if(!file_exists($newpath) == 1) printError("$lang_err_file_update","");
203   - copy($userfile['tmp_name'], $newpath);
204   - unlink($userfile['tmp_name']);
205   - if(!file_exists($newpath))
206   - if ($default->debug == true)
207   - printError($lang_err_upload,$newpath);
208   - else
209   - printError($lang_err_upload,"");
210   - // Begin Daphne Change
211   - if ($default->owl_version_control == 1) {
212   - if(!file_exists($backuppath)) die ("$lang_err_backup_file");
213   -
214   - // find id of the backup folder you are saving the old file to
215   - $sql->query("Select id from $default->owl_folders_table where name='backup' and parent='$parent'");
216   - while($sql->next_record()) {
217   - $backup_parent = $sql->f("id");
218   - }
219   - }
220   - }
221   -
222   - if($versionchange == 'major_revision') {
223   - // if someone requested a major revision, must
224   - // make the minor revision go back to 0
225   - //$versionchange = "minor_revision='0', major_revision";
226   - //$new_version_num = $major_revision + 1;
227   - $new_major = $major_revision + 1;
228   - $new_minor = 0;
229   - $versionchange = "minor_revision='0', major_revision";
230   - $new_version_num = $major_revision + 1;
231   -
232   - }
233   - else {
234   - // simply increment minor revision number
235   - $new_version_num = $minor_revision + 1;
236   - $new_minor = $minor_revision + 1;
237   - $new_major = $major_revision;
238   - }
239   -
240   - // printError("old: $minor_revision", "New: $new_minor");
241   - // End Daphne Change
242   -
243   - $groupid = owlusergroup($userid);
244   - $modified = date("M d, Y \a\\t h:i a");
245   - $smodified = date("Y-m-d g:i:s");
  203 + copy($newpath,$backuppath); // copy existing file to backup folder
  204 + }
  205 + // End Daphne Change
246 206  
  207 + if(!file_exists($newpath) == 1) {
  208 + printError("$lang_err_file_update","");
  209 + }
  210 + copy($userfile['tmp_name'], $newpath);
  211 + unlink($userfile['tmp_name']);
  212 + if(!file_exists($newpath)) {
  213 + if ($default->debug == true) {
  214 + printError($lang_err_upload,$newpath);
  215 + } else {
  216 + printError($lang_err_upload,"");
  217 + }
247 218 // Begin Daphne Change
248 219 if ($default->owl_version_control == 1) {
249   - if ($default->owl_use_fs)
250   - {
251   - // insert entry for backup file
252   - // WORKING WORKING
253   - $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','$version_name','$backup_size','$backup_creatorid','$backup_parent','$backup_modified', '$backup_smodified','$backup_groupid', '$backup_description','$backup_metadata','$backup_security','$backup_major','$backup_minor')") or unlink($backuppath);
254   -
255   - // update entry for existing file. Bozz's code is repeated underneath,
256   - // without the versioning attribute included.
257   -
258   -
259   - // BEGIN Bozz Change
260   - // Added this check, if the policy is allow Read Write NO DELETE
261   - // we have to make sure that the Creator is not changed.
262   - // in the case of an updated, that would then allow a user to
263   - // delete the file. Only the original Creator should be allowed
264   - // to delete the file.
265   - if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6)
266   - {
267   - // Daphne addition -- $versionchange = $new_version_num
268   - $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified', $versionchange='$new_version_num', description='$newdesc' where id='$id'") or unlink($newpath);
269   - }
270   - else
271   - {
272   - // Daphne addition -- $versionchange = $new_version_num
273   - $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified', $versionchange='$new_version_num',description='$newdesc' where id='$id'") or unlink($newpath);
274   - }
275   - } else {
276   - // BEGIN wes change
277   - // insert entry for current version of file
278   - $compressed = '0';
279   - $userfile = uploadCompat("userfile");
280   - $fsize = filesize($userfile['tmp_name']);
281   - $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','".$userfile['name']."','".$userfile['size']."','$backup_creatorid','$parent','$modified', '$smodified','$backup_groupid', '$newdesc', '$backup_metadata','$backup_security','$new_major','$new_minor')");
282   - $id = $sql->insert_id();
283   -
284   -
285   -
286   -
287   -
288   - if ($default->owl_compressed_database && file_exists($default->gzip_path)) {
289   - system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));
290   - $fd = fopen($userfile['tmp_name'] . ".gz", 'rb');
291   - $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";
292   - $fsize = filesize($userfile['tmp_name']);
293   - $compressed = '1';
294   - } else {
295   - $fd = fopen($userfile['tmp_name'], 'rb');
296   - }
297   - $filedata = addSlashes(fread($fd, $fsize));
298   - fclose($fd);
299   -
300   - if ($id !== NULL && $filedata) {
301   - $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata','$compressed')");
302   - }
303   - // END wes change
304   - }
305   - // END Bozz Change
306   -
  220 + if(!file_exists($backuppath)) {
  221 + die ("$lang_err_backup_file");
  222 + }
  223 + // find id of the backup folder you are saving the old file to
  224 + $sql->query("Select id from $default->owl_folders_table where name='backup' and parent='$parent'");
  225 + while($sql->next_record()) {
  226 + $backup_parent = $sql->f("id");
  227 + }
307 228 }
  229 + }
308 230  
309   - else { // versioning not included in the DB update
310   - if ($default->owl_use_fs)
311   - {
312   - // BEGIN Bozz Change
313   - if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6)
314   - {
315   - $sql->query("update $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);
316   - }
317   - else
318   - {
319   - $sql->query("update $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);
  231 + if($versionchange == 'major_revision') {
  232 + // if someone requested a major revision, must
  233 + // make the minor revision go back to 0
  234 + //$versionchange = "minor_revision='0', major_revision";
  235 + //$new_version_num = $major_revision + 1;
  236 + $new_major = $major_revision + 1;
  237 + $new_minor = 0;
  238 + $versionchange = "minor_revision='0', major_revision";
  239 + $new_version_num = $major_revision + 1;
  240 + } else {
  241 + // simply increment minor revision number
  242 + $new_version_num = $minor_revision + 1;
  243 + $new_minor = $minor_revision + 1;
  244 + $new_major = $major_revision;
  245 + }
  246 + // printError("old: $minor_revision", "New: $new_minor");
  247 + // End Daphne Change
  248 +
  249 + $groupid = owlusergroup($userid);
  250 + $modified = date("M d, Y \a\\t h:i a");
  251 + $smodified = date("Y-m-d g:i:s");
  252 +
  253 + // Begin Daphne Change
  254 + if ($default->owl_version_control == 1) {
  255 + if ($default->owl_use_fs) {
  256 + // insert entry for backup file
  257 + // WORKING WORKING
  258 + $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','$version_name','$backup_size','$backup_creatorid','$backup_parent','$backup_modified', '$backup_smodified','$backup_groupid', '$backup_description','$backup_metadata','$backup_security','$backup_major','$backup_minor')") or unlink($backuppath);
  259 +
  260 + // update entry for existing file. Bozz's code is repeated underneath,
  261 + // without the versioning attribute included.
  262 +
  263 + // BEGIN Bozz Change
  264 + // Added this check, if the policy is allow Read Write NO DELETE
  265 + // we have to make sure that the Creator is not changed.
  266 + // in the case of an updated, that would then allow a user to
  267 + // delete the file. Only the original Creator should be allowed
  268 + // to delete the file.
  269 + if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6) {
  270 + // Daphne addition -- $versionchange = $new_version_num
  271 + $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified', $versionchange='$new_version_num', description='$newdesc' where id='$id'") or unlink($newpath);
  272 + } else {
  273 + // Daphne addition -- $versionchange = $new_version_num
  274 + $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified', $versionchange='$new_version_num',description='$newdesc' where id='$id'") or unlink($newpath);
  275 + }
  276 + } else {
  277 + // BEGIN wes change
  278 + // insert entry for current version of file
  279 + $compressed = '0';
  280 + $userfile = uploadCompat("userfile");
  281 + $fsize = filesize($userfile['tmp_name']);
  282 + $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','".$userfile['name']."','".$userfile['size']."','$backup_creatorid','$parent','$modified', '$smodified','$backup_groupid', '$newdesc', '$backup_metadata','$backup_security','$new_major','$new_minor')");
  283 + $id = $sql->insert_id();
  284 +
  285 + if ($default->owl_compressed_database && file_exists($default->gzip_path)) {
  286 + system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));
  287 + $fd = fopen($userfile['tmp_name'] . ".gz", 'rb');
  288 + $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";
  289 + $fsize = filesize($userfile['tmp_name']);
  290 + $compressed = '1';
  291 + } else {
  292 + $fd = fopen($userfile['tmp_name'], 'rb');
  293 + }
  294 + $filedata = addSlashes(fread($fd, $fsize));
  295 + fclose($fd);
  296 +
  297 + if ($id !== NULL && $filedata) {
  298 + $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata','$compressed')");
  299 + }
  300 + // END wes change
  301 + }
  302 + // END Bozz Change
  303 + } else { // versioning not included in the DB update
  304 + if ($default->owl_use_fs) {
  305 + // BEGIN Bozz Change
  306 + if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6) {
  307 + $sql->query("update $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);
  308 + } else {
  309 + $sql->query("update $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);
320 310 }
321   - // END Bozz Change
322   - }
323   - }
324   -
325   - // End Daphne Change
  311 + // END Bozz Change
  312 + }
  313 + }
  314 + // End Daphne Change
326 315  
327   - if ($quota_max != "0") $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'");
  316 + if ($quota_max != "0") {
  317 + $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'");
  318 + }
328 319  
329   - //notify_users($groupid,1, find_path($parent),$filename, $title, $newdesc);
330   - notify_users($groupid,1,$parent,$filename, $title, $newdesc, $type);
331   - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
332   -// END BUG FIX: #433932 Fileupdate and Quotas
333   - } else {
334   - include("./lib/header.inc");
335   - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
336   - ?>
337   - <TR><TD ALIGN=LEFT>
338   -<?php print("$lang_user: ");
339   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
340   - print uid_to_name($userid);
341   - print ("</A>");
342   -?>
343   -<FONT SIZE=-1>
344   -
345   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
346   - </FONT></TD>
347   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
348   - </TD></TR></TABLE><BR><BR>
349   - <?php
350   - print($lang_noupload);
351   - }
  320 + //notify_users($groupid,1, find_path($parent),$filename, $title, $newdesc);
  321 + notify_users($groupid,1,$parent,$filename, $title, $newdesc, $type);
  322 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  323 + // END BUG FIX: #433932 Fileupdate and Quotas
  324 + } else {
  325 + include("./lib/header.inc");
  326 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>
  327 + <TR><TD ALIGN=LEFT>");
  328 + print("$lang_user: ");
  329 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  330 + print uid_to_name($userid);
  331 + print ("</A>");
  332 + print ("<FONT SIZE=-1>");
  333 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>
  334 + </FONT></TD>
  335 + <TD ALIGN=RIGHT>
  336 + <A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>
  337 + </TD></TR></TABLE><BR><BR>");
  338 + print($lang_noupload);
  339 + }
  340 + }
352 341 }
353 342  
354   -
355 343 if($action == "file_upload") {
356   - if(check_auth($parent, "folder_modify", $userid) == 1) {
357   - //if($title == "") exit($lang_specifyname);
358   - $groupid = owlusergroup($userid);
359   - $sql = new Owl_DB;
360   - $userfile = uploadCompat("userfile");
361   - if ($type == "url") {
362   - $modified = date("M d, Y \a\\t h:i a");
363   - $smodified = date("Y-m-d g:i:s");
364   - $new_name = $userfile["name"];
365   - if ($title == "")
366   - $title = $userfile["name"];
367   - $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '".$userfile["name"]."', '".$userfile["size"]."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','1','1')");
368   - }
369   - else {
370   - $sql->query("select * from $default->owl_users_table where id = '$userid'");
371   - while($sql->next_record()) {
372   - $quota_max = $sql->f("quota_max");
373   - $quota_current = $sql->f("quota_current");
374   - $new_quota = $quota_current + $userfile["size"];
375   - }
376   - if (($new_quota > $quota_max) && ($quota_max != "0")) {
377   -
378   - die("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail");
379   - if(($quota_max - $quota_current) == "0")
380   - die("$lang_err_quota_exceed");
381   - }
382   - $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"])));
383   -
384   - if ($default->owl_use_fs)
385   - {
386   - $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
387   - if(file_exists($newpath) == 1)
388   - if ($default->debug == true)
389   - printError($lang_fileexists,$newpath);
390   - else
391   - printError($lang_fileexists,"");
392   -
393   - copy($userfile["tmp_name"], $newpath);
394   - unlink($userfile["tmp_name"]);
395   - if(!file_exists($newpath))
396   - if ($default->debug == true)
397   - printError($lang_err_upload,$newpath);
398   - else
399   - printError($lang_err_upload,"");
  344 + if(check_auth($parent, "folder_modify", $userid) == 1) {
  345 + //if($title == "") exit($lang_specifyname);
  346 + $groupid = owlusergroup($userid);
  347 + $sql = new Owl_DB;
  348 + $userfile = uploadCompat("userfile");
  349 + if ($type == "url") {
  350 + $modified = date("M d, Y \a\\t h:i a");
  351 + $smodified = date("Y-m-d g:i:s");
  352 + $new_name = $userfile["name"];
  353 + if ($title == "") {
  354 + $title = $userfile["name"];
  355 + }
  356 + $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '".$userfile["name"]."', '".$userfile["size"]."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','1','1')");
  357 + } else {
  358 + $sql->query("select * from $default->owl_users_table where id = '$userid'");
  359 + while($sql->next_record()) {
  360 + $quota_max = $sql->f("quota_max");
  361 + $quota_current = $sql->f("quota_current");
  362 + $new_quota = $quota_current + $userfile["size"];
  363 + }
  364 + if (($new_quota > $quota_max) && ($quota_max != "0")) {
  365 + die("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail");
  366 + if(($quota_max - $quota_current) == "0") {
  367 + die("$lang_err_quota_exceed");
  368 + }
  369 + }
  370 + $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"])));
  371 +
  372 + if ($default->owl_use_fs) {
  373 + $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
  374 + if(file_exists($newpath) == 1) {
  375 + if ($default->debug == true) {
  376 + printError($lang_fileexists,$newpath);
  377 + } else {
  378 + printError($lang_fileexists,"");
  379 + }
400 380 }
401   - else {
  381 +
  382 + copy($userfile["tmp_name"], $newpath);
  383 + unlink($userfile["tmp_name"]);
  384 + if(!file_exists($newpath)) {
  385 + if ($default->debug == true) {
  386 + printError($lang_err_upload,$newpath);
  387 + } else {
  388 + printError($lang_err_upload,"");
  389 + }
  390 + } else {
402 391 // is name already used?
403   - //printError("SQL", "select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'");
  392 + //printError("SQL", "select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'");
404 393 $sql->query("select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'");
405   - while($sql->next_record())
406   - {
  394 + while($sql->next_record()) {
407 395 if ($sql->f("filename")) {
408 396 // can't move...
409 397 printError("<b>File Exists:</b>","There is already a file with the name <i>$new_name</i> in this directory.","");
410   - // print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");
  398 + // print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");
411 399 // needs to be internationalized
412 400 //exit("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory.");
413 401 }
414   - }
415   -
416   - }
  402 + }
  403 + }
417 404 /* BEGIN Bozz Change
418 405 If your not part of the Administartor Group
419 406 the Folder will have your group ID assigned to it */
420   -
421   - if ( owlusergroup($userid) != 0 )
422   - {
423   - $groupid = owlusergroup($userid);
  407 + if ( owlusergroup($userid) != 0 ) {
  408 + $groupid = owlusergroup($userid);
424 409 }
425 410 // Bozz Change End
426 411  
427   - $modified = date("M d, Y \a\t h:i a");
  412 + $modified = date("M d, Y \a\t h:i a");
428 413 $smodified = date("Y-m-d g:i:s");
429   - if($title == "") $title = $new_name;
430   - if($major_revision == "") $major_revision = 0;
431   - if($minor_revision == "") $minor_revision = 1;
432   - if($checked_out == "") $checked_out = 0;
  414 + if($title == "") {
  415 + $title = $new_name;
  416 + }
  417 + if($major_revision == "") {
  418 + $major_revision = 0;
  419 + }
  420 + if($minor_revision == "") {
  421 + $minor_revision = 1;
  422 + }
  423 + if($checked_out == "") {
  424 + $checked_out = 0;
  425 + }
433 426 // WORKING WORKING
434 427  
435   - $compressed = '0';
436   - $userfile = uploadCompat("userfile");
437   - $fsize = $userfile['size'];
  428 + $compressed = '0';
  429 + $userfile = uploadCompat("userfile");
  430 + $fsize = $userfile['size'];
438 431 if (!$default->owl_use_fs && $default->owl_compressed_database && file_exists($default->gzip_path)) {
439   - system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));
440   - $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";
441   - $fsize = filesize($userfile['tmp_name']);
442   - $compressed = '1';
  432 + system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));
  433 + $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";
  434 + $fsize = filesize($userfile['tmp_name']);
  435 + $compressed = '1';
443 436 }
444 437 $result = $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '$new_name', '".$userfile['size']."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','$minor_revision', '0')") or unlink($newpath);
445 438  
446   - if (!$result && $default->owl_use_fs) unlink($newpath);
  439 + if (!$result && $default->owl_use_fs) {
  440 + unlink($newpath);
  441 + }
447 442 // BEGIN wes change
448 443 if (!$default->owl_use_fs) {
449   - $id = $sql->insert_id();
450   - $fd = fopen($userfile['tmp_name'], 'rb');
451   - $filedata = addSlashes(fread($fd, $fsize));
452   - fclose($fd);
453   -
454   - if ($id !== NULL && $filedata) {
455   - $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata', '$compressed')");
456   - }
  444 + $id = $sql->insert_id();
  445 + $fd = fopen($userfile['tmp_name'], 'rb');
  446 + $filedata = addSlashes(fread($fd, $fsize));
  447 + fclose($fd);
  448 +
  449 + if ($id !== NULL && $filedata) {
  450 + $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata', '$compressed')");
  451 + }
457 452 }
458 453  
459   -
460   - if ($quota_max != "0") $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'");
  454 + if ($quota_max != "0") {
  455 + $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'");
461 456 }
  457 + }
462 458  
463   - notify_users($groupid,0,$parent,$new_name, $title, $description, $type);
464   -
465   - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  459 + notify_users($groupid,0,$parent,$new_name, $title, $description, $type);
  460 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
466 461 } else {
467 462 include("./lib/header.inc");
468 463 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
469   - ?>
  464 +?>
470 465 <TR><TD ALIGN=LEFT>
471   - <?php print("$lang_user: ");
472   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
473   - print uid_to_name($userid);
474   - print ("</A>");
475   - ?>
476   -<FONT SIZE=-1>
477   -
478   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
479   - </FONT></TD>
480   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
481   - </TD></TR></TABLE><BR><BR><CENTER>
482   - <?php
  466 +<?php
  467 + print("$lang_user: ");
  468 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  469 + print uid_to_name($userid);
  470 + print ("</A>");
  471 +?>
  472 + <FONT SIZE=-1>
  473 +<?php
  474 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  475 +?>
  476 + </FONT></TD>
  477 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  478 + </TD></TR></TABLE><BR><BR><CENTER>
  479 +<?php
483 480 print($lang_noupload);
484 481 }
485 482 }
486 483  
487 484 if($action == "file_modify") {
488   - if(check_auth($id, "file_modify", $userid) == 1) {
489   - $sql = new Owl_DB;
490   - // Begin Bozz Change
491   - if ( owlusergroup($userid) != 0 && $groupid == "" )
492   - {
493   - $groupid = owlusergroup($userid);
494   - }
495   -
496   -
  485 + if(check_auth($id, "file_modify", $userid) == 1) {
  486 + $sql = new Owl_DB;
  487 + // Begin Bozz Change
  488 + if ( owlusergroup($userid) != 0 && $groupid == "" ) {
  489 + $groupid = owlusergroup($userid);
  490 + }
497 491 // BEGIN WES change
498   - if (!$default->owl_use_fs)
499   - {
500   -
501   - $name = flid_to_name($id);
502   - if ($name != $title)
503   - {
504   - // we're changing the name ... need to roll this to other revisions
505   - // is name already used?
506   - $sql->query("select name from $default->owl_files_table where name = '$title' and parent='$parent'");
507   - while($sql->next_record())
508   - {
509   - if ($sql->f("name")) {
510   - // can't move...
511   - //print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");
512   - // needs to be internationalized
513   - printError("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory.","");
514   - }
  492 + if (!$default->owl_use_fs) {
  493 + $name = flid_to_name($id);
  494 + if ($name != $title) {
  495 + // we're changing the name ... need to roll this to other revisions
  496 + // is name already used?
  497 + $sql->query("select name from $default->owl_files_table where name = '$title' and parent='$parent'");
  498 + while($sql->next_record()) {
  499 + if ($sql->f("name")) {
  500 + // can't move...
  501 + //print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");
  502 + // needs to be internationalized
  503 + printError("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory.","");
  504 + }
515 505 }
516   - $sql->query("update $default->owl_files_table set name='$title' where parent='$parent' AND name = '$name'");
  506 + $sql->query("update $default->owl_files_table set name='$title' where parent='$parent' AND name = '$name'");
517 507 }
518 508 }
519 509  
520 510 $sql->query("update $default->owl_files_table set name='$title', security='$security', metadata='$metadata', description='$description',groupid='$groupid', creatorid ='$file_owner' where id = '$id'");
521   - // End Bozz Change
  511 + // End Bozz Change
522 512 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
523 513 } else {
524 514 include("./lib/header.inc");
525 515 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
526   - ?>
  516 +?>
527 517 <TR><TD ALIGN=LEFT>
528   - <?php print("$lang_user: ");
529   - if(prefaccess($userid)) {
530   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand&order=$order&$sortorder=$sortname'>");
531   - }
532   - print uid_to_name($userid);
533   - print ("</A>");
534   - ?>
535   -<FONT SIZE=-1>
536   -
537   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
538   - </FONT></TD>
539   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
540   - </TD></TR></TABLE><BR><BR><CENTER>
541   - <?php
  518 +<?php
  519 + print("$lang_user: ");
  520 + if(prefaccess($userid)) {
  521 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand&order=$order&$sortorder=$sortname'>");
  522 + }
  523 + print uid_to_name($userid);
  524 + print ("</A>");
  525 +?>
  526 + <FONT SIZE=-1>
  527 +
  528 +<?php
  529 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  530 +?>
  531 + </FONT></TD>
  532 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  533 + </TD></TR></TABLE><BR><BR><CENTER>
  534 +<?php
542 535 exit($lang_nofilemod);
543 536 }
544 537 }
545 538  
546 539 if($action == "file_delete") {
547   -if(check_auth($id, "file_delete", $userid) == 1) {
548   - $sql = new Owl_DB;
549   - if ($type == "url")
550   - {
551   - $sql->query("delete from $default->owl_files_table where id = '$id'");
552   - }
553   - else {
  540 + if(check_auth($id, "file_delete", $userid) == 1) {
  541 + $sql = new Owl_DB;
  542 + if ($type == "url") {
  543 + $sql->query("delete from $default->owl_files_table where id = '$id'");
  544 + } else {
554 545 $sql->query("select * from $default->owl_files_table where id = '$id'");
555 546 while($sql->next_record()) {
556   - $path = find_path($sql->f("parent"));
557   - $filename = $sql->f("filename");
558   - $filesize = $sql->f("size");
559   - $owner = $sql->f("creatorid");
  547 + $path = find_path($sql->f("parent"));
  548 + $filename = $sql->f("filename");
  549 + $filesize = $sql->f("size");
  550 + $owner = $sql->f("creatorid");
560 551 }
  552 +
561 553 $sql->query("select * from $default->owl_users_table where id = '$owner'");
562 554 while($sql->next_record()) {
563 555 $quota_current = $sql->f("quota_current");
564 556 $quota_max = $sql->f("quota_max");
565 557 }
  558 +
566 559 $new_quota = $quota_current - $filesize;
567   - if($quota_max != "0") $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$owner'");
  560 + if($quota_max != "0") {
  561 + $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$owner'");
  562 + }
568 563  
569   - if($default->owl_use_fs) {
570   - unlink($default->owl_FileDir."/".$path."/".$filename);
571   - } else {
572   - $sql->query("delete from $default->owl_files_data_table where id = '$id'");
573   - }
  564 + if($default->owl_use_fs) {
  565 + unlink($default->owl_FileDir."/".$path."/".$filename);
  566 + } else {
  567 + $sql->query("delete from $default->owl_files_data_table where id = '$id'");
  568 + }
574 569  
575 570 $sql->query("delete from $default->owl_files_table where id = '$id'");
576 571 sleep(.5);
577   - }
  572 + }
578 573 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
579 574 } else {
580 575 include("./lib/header.inc");
581 576 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
582   - ?>
  577 +?>
583 578 <TR><TD ALIGN=LEFT>
584   -<?php print("$lang_user: ");
585   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
586   - print uid_to_name($userid);
587   - print ("</A>");
  579 +<?php
  580 + print("$lang_user: ");
  581 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  582 + print uid_to_name($userid);
  583 + print ("</A>");
588 584 ?>
589   -<FONT SIZE=-1>
590   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
591   - </FONT></TD>
592   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
593   - </TD></TR></TABLE><BR><BR><CENTER>
594   - <?php
  585 + <FONT SIZE=-1>
  586 +<?php
  587 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  588 +?>
  589 + </FONT></TD>
  590 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  591 + </TD></TR></TABLE><BR><BR><CENTER>
  592 +<?php
595 593 exit($lang_nofiledelete);
596 594 }
597 595 }
  596 +
598 597 // Begin Daphne Change
599 598 // the file policy authorisation has been taken from file_modify
600 599 // (it's assumed that if you can't modify the file you can't check it out)
601   -
602 600 if($action == "file_lock") {
603   - if(check_auth($id, "file_modify", $userid) == 1) {
604   - $sql = new Owl_DB;
605   - // Begin Bozz Change
606   - if ( owlusergroup($userid) != 0 )
607   - {
608   - $groupid = owlusergroup($userid);
609   - }
  601 + if(check_auth($id, "file_modify", $userid) == 1) {
  602 + $sql = new Owl_DB;
  603 + // Begin Bozz Change
  604 + if ( owlusergroup($userid) != 0 ) {
  605 + $groupid = owlusergroup($userid);
  606 + }
610 607 // check that file hasn't been reserved while updates have gone through
611 608 $sql->query("select checked_out from $default->owl_files_table where id = '$id'");
612 609  
... ... @@ -615,299 +612,301 @@ if($action == &quot;file_lock&quot;) {
615 612 }
616 613  
617 614 if ($file_lock == 0) {
618   - // reserve the file
619   - $sql->query("update $default->owl_files_table set checked_out='$userid' where id='$id'");
620   - }
621   - else {
622   - if ($file_lock == $userid) {
623   - // check the file back in
624   - $sql->query("update $default->owl_files_table set checked_out='0' where id='$id'");
625   - }
626   - else {
627   - // throw error; someone else is trying to lock the file!
628   - include("./lib/header.inc");
629   - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
630   - ?>
631   - <TR><TD ALIGN=LEFT>
632   - <?php print("$lang_user: ");
633   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
634   - print uid_to_name($userid);
635   - print ("</A>");
636   - ?>
637   -<FONT SIZE=-1>
638   -
639   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
640   - </FONT></TD>
641   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
642   - </TD></TR></TABLE><BR><BR><CENTER>
643   - <?php
644   - exit("$lang_err_file_lock ".uid_to_name($file_lock).".");
645   - }
646   - }
647   -
648   - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
649   -
650   -
  615 + // reserve the file
  616 + $sql->query("update $default->owl_files_table set checked_out='$userid' where id='$id'");
651 617 } else {
  618 + if ($file_lock == $userid) {
  619 + // check the file back in
  620 + $sql->query("update $default->owl_files_table set checked_out='0' where id='$id'");
  621 + } else {
  622 + // throw error; someone else is trying to lock the file!
652 623 include("./lib/header.inc");
653   - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
654   - ?>
655   - <TR><TD ALIGN=LEFT>
656   - <?php print("$lang_user: ");
657   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
658   - print uid_to_name($userid);
659   - print ("</A>");
660   - ?>
661   -<FONT SIZE=-1>
662   -
663   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
664   - </FONT></TD>
665   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  624 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>
  625 + <TR><TD ALIGN=LEFT>");
  626 + print("$lang_user: ");
  627 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  628 + print uid_to_name($userid);
  629 + print("</A>");
  630 + print("<FONT SIZE=-1>"
  631 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  632 +?>
  633 + </FONT></TD>
  634 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
666 635 </TD></TR></TABLE><BR><BR><CENTER>
667   - <?php
668   - exit($lang_nofilemod);
  636 +<?php
  637 + exit("$lang_err_file_lock ".uid_to_name($file_lock).".");
  638 + }
669 639 }
  640 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  641 + } else {
  642 + include("./lib/header.inc");
  643 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
  644 +?>
  645 + <TR><TD ALIGN=LEFT>
  646 +<?php
  647 + print("$lang_user: ");
  648 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  649 + print uid_to_name($userid);
  650 + print ("</A>");
  651 +?>
  652 + <FONT SIZE=-1>
  653 +<?php
  654 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  655 +?>
  656 + </FONT></TD>
  657 + <TD ALIGN=RIGHT>
  658 +<?php
  659 + print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>");
  660 +?>
  661 + </TD></TR></TABLE><BR><BR><CENTER>
  662 +<?php
  663 + exit($lang_nofilemod);
  664 + }
670 665 }
671 666 // End Daphne Change
672 667  
673 668 if($action == "file_email") {
674   -
675   - if(check_auth($parent, "folder_modify", $userid) == 1) {
676   -
677   - $sql = new Owl_DB;
  669 + if(check_auth($parent, "folder_modify", $userid) == 1) {
  670 + $sql = new Owl_DB;
678 671 $path="";
679   - $filename= flid_to_filename($id);
  672 + $filename= flid_to_filename($id);
680 673 if ($default->owl_use_fs) {
681   - $fID=$parent;
682   - do {
683   - $sql->query("select name,parent from $default->owl_folders_table where id='$fID'");
684   - while($sql->next_record()) {
685   - $tName = $sql->f("name");
686   - $fID = $sql->f("parent");
687   - }
688   - $path=$tName."/".$path;
689   - } while ($fID != 0);
  674 + $fID=$parent;
  675 + do {
  676 + $sql->query("select name,parent from $default->owl_folders_table where id='$fID'");
  677 + while($sql->next_record()) {
  678 + $tName = $sql->f("name");
  679 + $fID = $sql->f("parent");
  680 + }
  681 + $path=$tName."/".$path;
  682 + } while ($fID != 0);
690 683 }
691   - $sql->query("select name, filename, description from $default->owl_files_table where id='$id'");
692   - $sql->next_record();
693   - $name= $sql->f("name");
694   - $desc= $sql->f("description");
  684 + $sql->query("select name, filename, description from $default->owl_files_table where id='$id'");
  685 + $sql->next_record();
  686 + $name= $sql->f("name");
  687 + $desc= $sql->f("description");
695 688 $filename = $sql->f("filename");
696 689  
697 690 $mail = new phpmailer();
698   -
699 691 $mail->IsSMTP(); // set mailer to use SMTP
700 692 $mail->Host = "$default->owl_email_server"; // specify main and backup server
701 693 $mail->From = "$default->owl_email_from";
702 694 $mail->FromName = "$default->owl_email_fromname";
703 695  
704   - $r=preg_split("(\;|\,)",$mailto);
705   - reset ($r);
706   - while (list ($occ, $email) = each ($r))
  696 + $r=preg_split("(\;|\,)",$mailto);
  697 + reset ($r);
  698 + while (list ($occ, $email) = each ($r)) {
707 699 $mail->AddAddress($email);
708   - if($replyto == "" )
  700 + }
  701 + if($replyto == "" ) {
709 702 $mail->AddReplyTo("$default->owl_email_replyto", "OWL Intranet");
710   - else
  703 + } else {
711 704 $mail->AddReplyTo("$replyto");
  705 + }
712 706  
713   - if($ccto != "")
714   - $mail->AddCC("$ccto");
715   -
  707 + if($ccto != "") {
  708 + $mail->AddCC("$ccto");
  709 + }
716 710  
717 711 $mail->WordWrap = 50; // set word wrap to 50 characters
718 712 $mail->IsHTML(true); // set email format to HTML
719 713  
720 714 $mail->Subject = "$lang_file: $name -- $subject";
721   - if ($type != "url") {
722   - $mail->Body = "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc";
723   - $mail->altBody = "$mailbody" . "\n\n" . "$lang_description: \n\n $desc";
  715 + if ($type != "url") {
  716 + $mail->Body = "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc";
  717 + $mail->altBody = "$mailbody" . "\n\n" . "$lang_description: \n\n $desc";
724 718 // BEGIN wes change
725   - if (!$default->owl_use_fs) {
726   - if (file_exists("$default->owl_FileDir/$path$filename")) {
727   - unlink("$default->owl_FileDir/$path$filename");
728   - }
729   - $file = fopen("$default->owl_FileDir/$path$filename", 'wb');
730   - $sql->query("select data,compressed from $default->owl_files_data_table where id='$id'");
731   - while ($sql->next_record()) {
732   - if ($sql->f("compressed")) {
733   -
734   - $tmpfile = $default->owl_FileDir . "owltmp.$id.gz";
735   - $uncomptmpfile = $default->owl_FileDir . "owltmp.$id";
736   - if (file_exists($tmpfile)) unlink($tmpfile);
737   -
738   - $fp=fopen($tmpfile,"w");
739   - fwrite($fp, $sql->f("data"));
740   - fclose($fp);
741   -
742   - system($default->gzip_path . " -df $tmpfile");
743   -
744   - $fsize = filesize($uncomptmpfile);
745   - $fd = fopen($uncomptmpfile, 'rb');
746   - $filedata = fread($fd, $fsize);
747   - fclose($fd);
748   -
749   - fwrite($file, $filedata);
750   - unlink($uncomptmpfile);
751   - } else {
752   - fwrite($file, $sql->f("data"));
753   - }
  719 + if (!$default->owl_use_fs) {
  720 + if (file_exists("$default->owl_FileDir/$path$filename")) {
  721 + unlink("$default->owl_FileDir/$path$filename");
  722 + }
  723 + $file = fopen("$default->owl_FileDir/$path$filename", 'wb');
  724 + $sql->query("select data,compressed from $default->owl_files_data_table where id='$id'");
  725 + while ($sql->next_record()) {
  726 + if ($sql->f("compressed")) {
  727 + $tmpfile = $default->owl_FileDir . "owltmp.$id.gz";
  728 + $uncomptmpfile = $default->owl_FileDir . "owltmp.$id";
  729 + if (file_exists($tmpfile)) {
  730 + unlink($tmpfile);
  731 + }
  732 +
  733 + $fp=fopen($tmpfile,"w");
  734 + fwrite($fp, $sql->f("data"));
  735 + fclose($fp);
  736 +
  737 + system($default->gzip_path . " -df $tmpfile");
  738 +
  739 + $fsize = filesize($uncomptmpfile);
  740 + $fd = fopen($uncomptmpfile, 'rb');
  741 + $filedata = fread($fd, $fsize);
  742 + fclose($fd);
  743 +
  744 + fwrite($file, $filedata);
  745 + unlink($uncomptmpfile);
  746 + } else {
  747 + fwrite($file, $sql->f("data"));
  748 + }
754 749 }
755   - fclose($file);
756   - }
  750 + fclose($file);
  751 + }
757 752  
758 753 $mail->AddAttachment("$default->owl_FileDir/$path$filename");
759   - }
760   - else {
  754 + } else {
761 755 $mail->Body = "$filename" . "<BR><BR>" . "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc";
762 756 $mail->altBody = "$filename" . "\n\n" ."$mailbody" . "\n\n" . "$lang_description: \n\n $desc";
763   - }
  757 + }
764 758  
765   - if(!$mail->Send())
766   - {
767   - printError($lang_err_email, $mail->ErrorInfo);
768   - //printError("Server:$default->owl_email_server<BR>File:$default->owl_FileDir/$path$filename ", $mail->ErrorInfo);
  759 + if(!$mail->Send()) {
  760 + printError($lang_err_email, $mail->ErrorInfo);
  761 + //printError("Server:$default->owl_email_server<BR>File:$default->owl_FileDir/$path$filename ", $mail->ErrorInfo);
769 762 }
770 763 if (!$default->owl_use_fs) {
771   - unlink("$default->owl_FileDir/$path$filename");
772   - }
773   -
  764 + unlink("$default->owl_FileDir/$path$filename");
  765 + }
774 766 }
775 767 }
776 768  
777   -
778 769 if($action == "folder_create") {
779 770 if(check_auth($parent, "folder_modify", $userid) == 1) {
780   - $sql = new Owl_DB;
  771 + $sql = new Owl_DB;
781 772 //we have to be careful with the name just like with the files
782   - //Comment this one out TRACKER : 603887, this was not done for renaming a folder
783   - // So lets see if it causes problems while creating folders.
  773 + //Comment this one out TRACKER : 603887, this was not done for renaming a folder
  774 + // So lets see if it causes problems while creating folders.
784 775 // Seems it causes a problem, so I put it back.
785 776 $name = ereg_replace("[^-A-Za-z0-9._[:space:]]", "", ereg_replace("%20|^-", " ", $name));
786 777 $sql->query("select * from $default->owl_folders_table where name = '$name' and parent = '$parent'");
787   - if($sql->num_rows() > 0)
788   - printError("$lang_err_folder_exist","");
  778 + if($sql->num_rows() > 0) {
  779 + printError("$lang_err_folder_exist","");
  780 + }
789 781  
790   - if ( $name == '')
791   - printError($lang_err_nameempty,"");
  782 + if ( $name == '') {
  783 + printError($lang_err_nameempty,"");
  784 + }
792 785  
793 786 if($default->owl_use_fs) {
794 787 $path = find_path($parent);
795 788 mkdir($default->owl_FileDir."/".$path."/".$name, 0777);
796 789 if(!is_dir("$default->owl_FileDir/$path/$name")) {
797   - if ($default->debug == true)
798   - printError($lang_err_folder_create,"$default->owl_FileDir/$path/$name");
799   - else
800   - printError($lang_err_folder_create,"");
801   - }
802   - }
  790 + if ($default->debug == true) {
  791 + printError($lang_err_folder_create,"$default->owl_FileDir/$path/$name");
  792 + } else {
  793 + printError($lang_err_folder_create,"");
  794 + }
  795 + }
803 796 $sql->query("insert into $default->owl_folders_table (name,parent,security,groupid,creatorid) values ('$name', '$parent', '$policy', '$groupid', '$userid')");
804   - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
805   - } else {
806   - include("./lib/header.inc");
807   - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
808   - ?>
809   - <TR><TD ALIGN=LEFT>
810   - <?php print("$lang_user: ");
811   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
812   - print uid_to_name($userid);
813   - print ("</A>");
814   - ?>
815   -<FONT SIZE=-1>
816   -
817   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
818   - </FONT></TD>
819   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
820   - </TD></TR></TABLE><BR><BR><CENTER>
821   - <?php
822   - exit($lang_nosubfolder);
823   - }
  797 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  798 + }
  799 + } else {
  800 + include("./lib/header.inc");
  801 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
  802 +?>
  803 + <TR><TD ALIGN=LEFT>
  804 +<?php
  805 + print("$lang_user: ");
  806 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  807 + print uid_to_name($userid);
  808 + print ("</A>");
  809 +?>
  810 + <FONT SIZE=-1>
  811 +<?php
  812 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  813 +?>
  814 + </FONT></TD>
  815 + <TD ALIGN=RIGHT>
  816 +<?php
  817 + print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>");
  818 +?>
  819 + </TD></TR></TABLE><BR><BR><CENTER>
  820 +<?php
  821 + exit($lang_nosubfolder);
  822 + }
824 823 }
825 824  
826 825 if($action == "folder_modify") {
827   - if(check_auth($id, "folder_modify", $userid) == 1) {
828   - $sql = new Owl_DB;
829   - $origname = fid_to_name($id);
  826 + if(check_auth($id, "folder_modify", $userid) == 1) {
  827 + $sql = new Owl_DB;
  828 + $origname = fid_to_name($id);
830 829 $sql->query("select parent from $default->owl_folders_table where id = '$id'");
831   - while($sql->next_record()) $parent = $sql->f("parent");
  830 + while($sql->next_record()) {
  831 + $parent = $sql->f("parent");
  832 + }
832 833 $path = $default->owl_FileDir."/".find_path($parent)."/";
833   - $source = $path . $origname;
  834 + $source = $path . $origname;
834 835 $name = ereg_replace("[^-A-Za-z0-9._[:space:]]", "", ereg_replace("%20|^-", " ", $name));
835   - $dest = $path . $name;
  836 + $dest = $path . $name;
836 837  
837 838 if ($default->owl_use_fs) {
838   - if (!file_exists($path . $name) == 1 || $source == $dest) {
839   - if (substr(php_uname(), 0, 7) != "Windows") {
840   - if ($source != $dest) {
841   - $cmd="mv \"$path$origname\" \"$path$name\" 2>&1";
842   - $lines=array();$errco=0;
843   - $result = myExec($cmd,$lines,$errco);
844   - if ( $errco != 0 )
845   - printError($lang_err_movecancel, $result);
846   - }
847   - }
848   - else {
849   - // IF Windows just do a rename and hope for the best
850   - rename ("$path$origname", "$path$name");
851   - }
852   -
853   - }
854   - else
855   - printError($lang_err_folderexists,"");
856   - }
857   - else {
858   - $sql->query("select * from $default->owl_folders_table where parent = '$parent' and name = '$name'");
859   - if ($sql->num_rows($sql) != 0)
860   - printError($lang_err_folderexists,"");
  839 + if (!file_exists($path . $name) == 1 || $source == $dest) {
  840 + if (substr(php_uname(), 0, 7) != "Windows") {
  841 + if ($source != $dest) {
  842 + $cmd="mv \"$path$origname\" \"$path$name\" 2>&1";
  843 + $lines=array();$errco=0;
  844 + $result = myExec($cmd,$lines,$errco);
  845 + if ( $errco != 0 ) {
  846 + printError($lang_err_movecancel, $result);
  847 + }
  848 + }
  849 + } else {
  850 + // IF Windows just do a rename and hope for the best
  851 + rename ("$path$origname", "$path$name");
861 852 }
862   - /* BEGIN Bozz Change
863   - If your not part of the Administartor Group
864   - the Folder will have your group ID assigned to it */
865   - if ( owlusergroup($userid) != 0 )
866   - {
  853 + } else {
  854 + printError($lang_err_folderexists,"");
  855 + }
  856 + } else {
  857 + $sql->query("select * from $default->owl_folders_table where parent = '$parent' and name = '$name'");
  858 + if ($sql->num_rows($sql) != 0) {
  859 + printError($lang_err_folderexists,"");
  860 + }
  861 + }
  862 + /* BEGIN Bozz Change
  863 + If your not part of the Administartor Group
  864 + the Folder will have your group ID assigned to it */
  865 + if ( owlusergroup($userid) != 0 ) {
867 866 $sql->query("update $default->owl_folders_table set name='$name', security='$policy' where id = '$id'");
868   - }
869   - else
870   - {
  867 + } else {
871 868 $sql->query("update $default->owl_folders_table set name='$name', security='$policy', groupid='$groupid' where id = '$id'");
872   - }
873   -
874   -
875   - // Bozz change End
  869 + }
  870 + // Bozz change End
  871 +
876 872 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
877 873 } else {
878 874 include("./lib/header.inc");
879 875 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
880   - ?>
  876 +?>
881 877 <TR><TD ALIGN=LEFT>
882   - <?php print("$lang_user: ");
883   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
884   - print uid_to_name($userid);
885   - print ("</A>");
886   - ?>
887   -<FONT SIZE=-1>
888   -
889   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
890   - </FONT></TD>
891   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
892   - </TD></TR></TABLE><BR><BR><CENTER>
893   - <?php
  878 +<?php
  879 + print("$lang_user: ");
  880 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  881 + print uid_to_name($userid);
  882 + print ("</A>");
  883 +?>
  884 + <FONT SIZE=-1>
  885 +<?php
  886 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  887 +?>
  888 + </FONT></TD>
  889 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  890 + </TD></TR></TABLE><BR><BR><CENTER>
  891 +<?php
894 892 exit($lang_nofoldermod);
895 893 }
896 894 }
897 895  
898 896 if($action == "folder_delete") {
899   - if(check_auth($id, "folder_delete", $userid) == 1) {
900   - $sql = new Owl_DB;
901   - $sql->query("select id,name,parent from $default->owl_folders_table order by name");
902   - $fCount = ($sql->nf());
903   - $i = 0;
904   - while($sql->next_record()) {
905   - $folderList[$i][0] = $sql->f("id");
906   - $folderList[$i][2] = $sql->f("parent");
907   - $i++;
  897 + if(check_auth($id, "folder_delete", $userid) == 1) {
  898 + $sql = new Owl_DB;
  899 + $sql->query("select id,name,parent from $default->owl_folders_table order by name");
  900 + $fCount = ($sql->nf());
  901 + $i = 0;
  902 + while($sql->next_record()) {
  903 + $folderList[$i][0] = $sql->f("id");
  904 + $folderList[$i][2] = $sql->f("parent");
  905 + $i++;
908 906 }
909   - if ($default->owl_use_fs)
  907 + if ($default->owl_use_fs) {
910 908 myDelete($default->owl_FileDir."/".find_path($id));
  909 + }
911 910  
912 911 delTree($id);
913 912 sleep(.5);
... ... @@ -915,50 +914,50 @@ if($action == &quot;folder_delete&quot;) {
915 914 } else {
916 915 include("./lib/header.inc");
917 916 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
918   - ?>
  917 +?>
919 918 <TR><TD ALIGN=LEFT>
920   - <?php print("$lang_user: ");
921   - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
922   - print uid_to_name($userid);
923   - print ("</A>");
924   - ?>
925   -<FONT SIZE=-1>
926   -
927   - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>
928   - </FONT></TD>
929   - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
930   - </TD></TR></TABLE><BR><BR><CENTER>
931   - <?php
  919 +<?php
  920 + print("$lang_user: ");
  921 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  922 + print uid_to_name($userid);
  923 + print ("</A>");
  924 +?>
  925 + <FONT SIZE=-1>
  926 +
  927 +<?php
  928 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  929 +?>
  930 + </FONT></TD>
  931 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  932 + </TD></TR></TABLE><BR><BR><CENTER>
  933 +<?php
932 934 exit($lang_nofolderdelete);
933 935 }
934 936 }
935 937  
936 938 if($action == "user") {
937   - //
938   - // the following should prevent users from changing others passwords.
939   - //
  939 + // the following should prevent users from changing others passwords.
  940 + $sql = new Owl_DB;
  941 + $sql->query("select * from $default->owl_sessions_table where uid = '$id' and sessid = '$sess'");
  942 + if($sql->num_rows() <> 1) {
  943 + die ("$lang_err_unauthorized");
  944 + }
  945 +
  946 + if ($newpassword <> '') {
940 947 $sql = new Owl_DB;
941   - $sql->query("select * from $default->owl_sessions_table where uid = '$id' and sessid = '$sess'");
942   - if($sql->num_rows() <> 1)
943   - {
944   - die ("$lang_err_unauthorized");
  948 + $sql->query("select * from $default->owl_users_table where id = '$id' and password = '" . md5($oldpassword) ."'");
  949 + if($sql->num_rows() == 0) {
  950 + die("$lang_err_pass_wrong");
945 951 }
946   -
947   - if ($newpassword <> '')
948   - {
949   - $sql = new Owl_DB;
950   - $sql->query("select * from $default->owl_users_table where id = '$id' and password = '" . md5($oldpassword) ."'");
951   - if($sql->num_rows() == 0)
952   - die("$lang_err_pass_wrong");
953   - if ( $newpassword == $confpassword)
954   - $sql->query("UPDATE $default->owl_users_table SET name='$name',password='" . md5("$newpassword") . "' where id = '$id'");
955   - else
956   - die ("$lang_err_pass_missmatch");
  952 + if ( $newpassword == $confpassword) {
  953 + $sql->query("UPDATE $default->owl_users_table SET name='$name',password='" . md5("$newpassword") . "' where id = '$id'");
  954 + } else {
  955 + die ("$lang_err_pass_missmatch");
957 956 }
958   - $sql->query("UPDATE $default->owl_users_table SET name='$name', email='$email', notify='$notify', attachfile='$attachfile', language='$newlanguage' where id = '$id'");
  957 + }
  958 + $sql->query("UPDATE $default->owl_users_table SET name='$name', email='$email', notify='$notify', attachfile='$attachfile', language='$newlanguage' where id = '$id'");
959 959 }
960 960  
961   -
962 961 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
963 962  
964 963 ?>
... ...