Peter M. Groen / knowledgetree

Commit a237965596f9a3016d0f858168fa2ac6d74f4ec6

Authored by michael
1 parent 31d3208c

commented and reformatted 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@29 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 722 additions and 723 deletions
dbmodify.php
  View file @a237965
1 <?php 1 <?php
2 2
3 -/* 3 +/**
4 * dbmodify.php 4 * dbmodify.php
5 * 5 *
  6 + * Performs all file (upload, update, modify, email) and folder (create, modify)
  7 + * maintenance and management.
  8 + *
6 * Copyright (c) 1999-2002 The Owl Project Team 9 * Copyright (c) 1999-2002 The Owl Project Team
7 * Licensed under the GNU GPL. For full terms see the file COPYING. 10 * Licensed under the GNU GPL. For full terms see the file COPYING.
8 * 11 *
9 * $Id$ 12 * $Id$
  13 + * @todo line 50- refactor
10 */ 14 */
11 15
12 require("./config/owl.php"); 16 require("./config/owl.php");
@@ -15,598 +19,591 @@ require(&quot;./config/html.php&quot;); @@ -15,598 +19,591 @@ require(&quot;./config/html.php&quot;);
15 require("./lib/security.lib.php"); 19 require("./lib/security.lib.php");
16 require("phpmailer/class.phpmailer.php"); 20 require("phpmailer/class.phpmailer.php");
17 21
18 -function find_path($parent) {  
19 - global $default;  
20 - $path = fid_to_name($parent);  
21 - $sql = new Owl_DB;  
22 - while($parent != 1) {  
23 - $sql->query("select parent from $default->owl_folders_table where id = '$parent'");  
24 - while($sql->next_record()) {  
25 - $path = fid_to_name($sql->f("parent"))."/".$path;  
26 - $parent = $sql->f("parent");  
27 - } 22 +/**
  23 + * Lookup the path to the parent of the passed folder.
  24 + *
  25 + * @param $folderID the id of the child folder
  26 + * @return string the name of the parent folder
  27 + */
  28 +function find_path($folderID) {
  29 + global $default;
  30 + $path = fid_to_name($folderID);
  31 + $sql = new Owl_DB;
  32 + while($folderID != 1) {
  33 + $sql->query("select parent from $default->owl_folders_table where id = '$folderID'");
  34 + while($sql->next_record()) {
  35 + $path = fid_to_name($sql->f("parent"))."/".$path;
  36 + $folderID = $sql->f("parent");
  37 + }
28 } 38 }
29 return $path; 39 return $path;
30 } 40 }
31 41
32 -function delTree($fid) { 42 +/**
  43 + * Recursively deletes a folder from the database
  44 + *
  45 + * @param $folderID the ID of the folder to delete
  46 + */
  47 +function delTree($folderID) {
33 global $fCount, $folderList, $default; 48 global $fCount, $folderList, $default;
34 //delete from database 49 //delete from database
35 $sql = new Owl_DB; 50 $sql = new Owl_DB;
36 - $sql->query("delete from $default->owl_folders_table where id = '$fid'");  
37 - $sql->query("delete from $default->owl_files_table where parent = '$fid'");  
38 - for ($c=0; $c < $fCount; $c++) {  
39 - if ($folderList[$c][2]==$fid) {  
40 - delTree($folderList[$c][0]);  
41 - }  
42 - } 51 + $sql->query("delete from $default->owl_folders_table where id = '$folderID'");
  52 + $sql->query("delete from $default->owl_files_table where parent = '$folderID'");
  53 + for ($c=0; $c < $fCount; $c++) {
  54 + if ($folderList[$c][2]==$folderID) {
  55 + delTree($folderList[$c][0]);
  56 + }
  57 + }
43 } 58 }
44 59
45 // Begin 496814 Column Sorts are not persistant 60 // Begin 496814 Column Sorts are not persistant
46 // + ADDED &order=$order&$sortorder=$sortname to 61 // + ADDED &order=$order&$sortorder=$sortname to
47 // all browse.php? header and HREF LINES 62 // all browse.php? header and HREF LINES
48 -  
49 switch ($order) { 63 switch ($order) {
50 - case "name":  
51 - $sortorder = 'sortname';  
52 - break;  
53 - case "major_revision":  
54 - $sortorder = 'sortver';  
55 - break;  
56 - case "filename" :  
57 - $sortorder = 'sortfilename';  
58 - break;  
59 - case "size" :  
60 - $sortorder = 'sortsize';  
61 - break;  
62 - case "creatorid" :  
63 - $sortorder = 'sortposted';  
64 - break;  
65 - case "smodified" :  
66 - $sortorder = 'sortmod';  
67 - break;  
68 - case "checked_out":  
69 - $sortorder = 'sortcheckedout';  
70 - break;  
71 - default:  
72 - break; 64 + case "name":
  65 + $sortorder = 'sortname';
  66 + break;
  67 + case "major_revision":
  68 + $sortorder = 'sortver';
  69 + break;
  70 + case "filename" :
  71 + $sortorder = 'sortfilename';
  72 + break;
  73 + case "size" :
  74 + $sortorder = 'sortsize';
  75 + break;
  76 + case "creatorid" :
  77 + $sortorder = 'sortposted';
  78 + break;
  79 + case "smodified" :
  80 + $sortorder = 'sortmod';
  81 + break;
  82 + case "checked_out":
  83 + $sortorder = 'sortcheckedout';
  84 + break;
  85 + default:
  86 + break;
73 } 87 }
74 -  
75 // END 496814 Column Sorts are not persistant 88 // END 496814 Column Sorts are not persistant
  89 +
76 // BEGIN BUG FIX: #433932 Fileupdate and Quotas 90 // BEGIN BUG FIX: #433932 Fileupdate and Quotas
77 if($action == "file_update") { 91 if($action == "file_update") {
78 - if(check_auth($parent, "folder_modify", $userid) == 1) {  
79 - //if($title == "") exit($lang_specifyname);  
80 - $userfile = uploadCompat("userfile");  
81 - $sql = new Owl_DB;  
82 - $sql->query("select * from $default->owl_users_table where id = '$userid'"); 92 + if(check_auth($parent, "folder_modify", $userid) == 1) {
  93 + //if($title == "") exit($lang_specifyname);
  94 + $userfile = uploadCompat("userfile");
  95 + $sql = new Owl_DB;
  96 + $sql->query("select * from $default->owl_users_table where id = '$userid'");
83 while($sql->next_record()) { 97 while($sql->next_record()) {
84 - $quota_max = $sql->f("quota_max");  
85 - $quota_current = $sql->f("quota_current");  
86 - //$new_quota = $quota_current + $userfile_size; 98 + $quota_max = $sql->f("quota_max");
  99 + $quota_current = $sql->f("quota_current");
  100 + //$new_quota = $quota_current + $userfile_size;
87 } 101 }
88 $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"]))); 102 $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"])));
89 $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name; 103 $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
90 104
91 - /* Begin Daphne Change - backups of files  
92 - * If user requests automatic backups of files  
93 - * get current details from db and save file state information  
94 - */  
95 - if ($default->owl_version_control == 1) {  
96 -  
97 - if ($default->owl_use_fs)  
98 - {  
99 - $sql->query("select * from $default->owl_files_table where filename='$new_name' and parent='$parent'");  
100 - }  
101 - else  
102 - {  
103 - // this is guaranteed to get the ID of the most recent revision, just in case we're updating a previous rev.  
104 - $sql->query("select distinct b.* from $default->owl_files_table as a, $default->owl_files_table as b where b.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc");  
105 - } 105 + /* Begin Daphne Change - backups of files
  106 + * If user requests automatic backups of files
  107 + * get current details from db and save file state information
  108 + */
  109 + if ($default->owl_version_control == 1) {
  110 + if ($default->owl_use_fs) {
  111 + $sql->query("select * from $default->owl_files_table where filename='$new_name' and parent='$parent'");
  112 + } else {
  113 + // this is guaranteed to get the ID of the most recent revision, just in case we're updating a previous rev.
  114 + $sql->query("select distinct b.* from $default->owl_files_table as a, $default->owl_files_table as b where b.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc");
  115 + }
106 //$query = "select b.* from $default->owl_files_table as a, $default->owl_files_table as b where a.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc"; 116 //$query = "select b.* from $default->owl_files_table as a, $default->owl_files_table as b where a.id='$id' AND a.name=b.name AND a.parent=b.parent order by major_revision, minor_revision desc";
107 //printError("QU: $query"); 117 //printError("QU: $query");
108 118
109 - while($sql->next_record()) {  
110 - // save state information  
111 - $major_revision = $backup_major = $sql->f("major_revision");  
112 - $minor_revision = $backup_minor = $sql->f("minor_revision");  
113 - $backup_filename = $sql->f("filename");  
114 - $backup_name = $sql->f("name");  
115 - $backup_size = $sql->f("size");  
116 - $backup_creatorid = $sql->f("creatorid");  
117 - $backup_modified = $sql->f("modified");  
118 - $backup_smodified = $sql->f("smodified");  
119 - $backup_description = $sql->f("description");  
120 - $backup_description = ereg_replace("'","\\'",$backup_description);  
121 - $backup_metadata = $sql->f("metadata");  
122 - $backup_parent = $sql->f("parent");  
123 - $backup_security = $sql->f("security");  
124 - $backup_groupid = $groupid = $sql->f("groupid");  
125 -  
126 - $new_quota = $quota_current - $backup_size + $userfile['size'];  
127 - $filename = $sql->f(filename);  
128 - $title = $sql->f(name);  
129 - $description = $sql->f(description);  
130 -  
131 - if ($default->owl_use_fs)  
132 - {  
133 - if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath)  
134 - printError("$lang_err_file_update","");  
135 - }  
136 -  
137 - } 119 + while($sql->next_record()) {
  120 + // save state information
  121 + $major_revision = $backup_major = $sql->f("major_revision");
  122 + $minor_revision = $backup_minor = $sql->f("minor_revision");
  123 + $backup_filename = $sql->f("filename");
  124 + $backup_name = $sql->f("name");
  125 + $backup_size = $sql->f("size");
  126 + $backup_creatorid = $sql->f("creatorid");
  127 + $backup_modified = $sql->f("modified");
  128 + $backup_smodified = $sql->f("smodified");
  129 + $backup_description = $sql->f("description");
  130 + $backup_description = ereg_replace("'","\\'",$backup_description);
  131 + $backup_metadata = $sql->f("metadata");
  132 + $backup_parent = $sql->f("parent");
  133 + $backup_security = $sql->f("security");
  134 + $backup_groupid = $groupid = $sql->f("groupid");
  135 +
  136 + $new_quota = $quota_current - $backup_size + $userfile['size'];
  137 + $filename = $sql->f(filename);
  138 + $title = $sql->f(name);
  139 + $description = $sql->f(description);
  140 +
  141 + if ($default->owl_use_fs) {
  142 + if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath) {
  143 + printError("$lang_err_file_update","");
  144 + }
138 } 145 }
139 -  
140 - // End Daphne Change  
141 - 146 + }
  147 + }
  148 + // End Daphne Change
  149 +
142 //$newpath = $default->owl_fs_root."/".find_path($parent)."/".$new_name; 150 //$newpath = $default->owl_fs_root."/".find_path($parent)."/".$new_name;
143 //$newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name; 151 //$newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
144 - //***neller: Read data from database  
145 - //$sql->query("select * from $default->owl_files_table where id='$id'");  
146 - //while($sql->next_record()) {  
147 - //if ($default->owl_fs_root."/".find_path($parent)."/".$sql->f(filename) != $newpath)  
148 - //if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath)  
149 - //printError("$lang_err_file_update","");  
150 - //$new_quota = $quota_current - $sql->f(size) + $userfile_size;  
151 - //$filename = $sql->f(filename);  
152 - //$title = $sql->f(name);  
153 - //$description = $sql->f(description);  
154 - //}  
155 - if (($new_quota > $quota_max) && ($quota_max != "0")) {  
156 - printError("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail","");  
157 - if(($quota_max - $quota_current) == "0")  
158 - printError("$lang_err_quota_exceed"); 152 + //***neller: Read data from database
  153 + //$sql->query("select * from $default->owl_files_table where id='$id'");
  154 + //while($sql->next_record()) {
  155 + //if ($default->owl_fs_root."/".find_path($parent)."/".$sql->f(filename) != $newpath) {
  156 + //if ($default->owl_FileDir."/".find_path($parent)."/".$sql->f(filename) != $newpath) {
  157 + //printError("$lang_err_file_update","");
  158 + //}
  159 + //$new_quota = $quota_current - $sql->f(size) + $userfile_size;
  160 + //$filename = $sql->f(filename);
  161 + //$title = $sql->f(name);
  162 + //$description = $sql->f(description);
  163 + //}
  164 + if (($new_quota > $quota_max) && ($quota_max != "0")) {
  165 + printError("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail","");
  166 + if(($quota_max - $quota_current) == "0") {
  167 + printError("$lang_err_quota_exceed");
  168 + }
  169 + }
  170 + // End neller
  171 +
  172 + // BEGIN wes change
  173 + if ($default->owl_use_fs) {
  174 + /* Begin Daphne Change
  175 + * copy old version to backup folder
  176 + * change version numbers,
  177 + * update database entries
  178 + * upload new file over the old
  179 + * backup filename will be 'name_majorrev-minorrev' e.g. 'testing_1-2.doc'
  180 + */
  181 + if ($default->owl_version_control == 1) {
  182 + if(!(file_exists($newpath)==1) || $backup_filename != $new_name){
  183 + printError("$lang_err_file_update","");
159 } 184 }
160 - // End neller  
161 -  
162 - /* Begin Daphne Change  
163 - * copy old version to backup folder  
164 - * change version numbers,  
165 - * update database entries  
166 - * upload new file over the old  
167 - * backup filename will be 'name_majorrev-minorrev' e.g. 'testing_1-2.doc'  
168 - */  
169 -  
170 - // BEGIN wes change  
171 - if ($default->owl_use_fs)  
172 - {  
173 - if ($default->owl_version_control == 1) {  
174 - if(!(file_exists($newpath)==1) || $backup_filename != $new_name) printError("$lang_err_file_update","");  
175 - // Get the file extension.  
176 - $extension = explode(".",$new_name);  
177 - // rename the new, backed up (versioned) filename  
178 - $version_name = $extension[0]."_$major_revision-$minor_revision.$extension[1]";  
179 - // specify path for new file in the /backup/ file of each directory.  
180 - $backuppath = $default->owl_FileDir."/".find_path($parent)."/backup/$version_name";  
181 -  
182 - // Danilo change  
183 -  
184 - if(!is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {  
185 - mkdir("$default->owl_FileDir/".find_path($parent)."/backup", 0777);  
186 -  
187 - // End Danilo change  
188 -  
189 -  
190 -  
191 - // is there already a backup directory for current dir?  
192 - if(is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {  
193 - $sql->query("INSERT into $default->owl_folders_table (name, parent, security, groupid, creatorid) values ('backup', '$parent', '50', '$groupid', '$userid')");  
194 - } else {  
195 - printError("$lang_err_backup_folder_create","");  
196 - }  
197 - }  
198 - copy($newpath,$backuppath); // copy existing file to backup folder 185 + // Get the file extension.
  186 + $extension = explode(".",$new_name);
  187 + // rename the new, backed up (versioned) filename
  188 + $version_name = $extension[0]."_$major_revision-$minor_revision.$extension[1]";
  189 + // specify path for new file in the /backup/ file of each directory.
  190 + $backuppath = $default->owl_FileDir."/".find_path($parent)."/backup/$version_name";
  191 +
  192 + if(!is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {
  193 + // Danilo change
  194 + mkdir("$default->owl_FileDir/".find_path($parent)."/backup", 0777);
  195 + // End Danilo change
  196 + // is there already a backup directory for current dir?
  197 + if(is_dir("$default->owl_FileDir/".find_path($parent)."/backup")) {
  198 + $sql->query("INSERT into $default->owl_folders_table (name, parent, security, groupid, creatorid) values ('backup', '$parent', '50', '$groupid', '$userid')");
  199 + } else {
  200 + printError("$lang_err_backup_folder_create","");
  201 + }
199 } 202 }
200 - // End Daphne Change  
201 -  
202 - if(!file_exists($newpath) == 1) printError("$lang_err_file_update","");  
203 - copy($userfile['tmp_name'], $newpath);  
204 - unlink($userfile['tmp_name']);  
205 - if(!file_exists($newpath))  
206 - if ($default->debug == true)  
207 - printError($lang_err_upload,$newpath);  
208 - else  
209 - printError($lang_err_upload,"");  
210 - // Begin Daphne Change  
211 - if ($default->owl_version_control == 1) {  
212 - if(!file_exists($backuppath)) die ("$lang_err_backup_file");  
213 -  
214 - // find id of the backup folder you are saving the old file to  
215 - $sql->query("Select id from $default->owl_folders_table where name='backup' and parent='$parent'");  
216 - while($sql->next_record()) {  
217 - $backup_parent = $sql->f("id");  
218 - }  
219 - }  
220 - }  
221 -  
222 - if($versionchange == 'major_revision') {  
223 - // if someone requested a major revision, must  
224 - // make the minor revision go back to 0  
225 - //$versionchange = "minor_revision='0', major_revision";  
226 - //$new_version_num = $major_revision + 1;  
227 - $new_major = $major_revision + 1;  
228 - $new_minor = 0;  
229 - $versionchange = "minor_revision='0', major_revision";  
230 - $new_version_num = $major_revision + 1;  
231 -  
232 - }  
233 - else {  
234 - // simply increment minor revision number  
235 - $new_version_num = $minor_revision + 1;  
236 - $new_minor = $minor_revision + 1;  
237 - $new_major = $major_revision;  
238 - }  
239 -  
240 - // printError("old: $minor_revision", "New: $new_minor");  
241 - // End Daphne Change  
242 -  
243 - $groupid = owlusergroup($userid);  
244 - $modified = date("M d, Y \a\\t h:i a");  
245 - $smodified = date("Y-m-d g:i:s"); 203 + copy($newpath,$backuppath); // copy existing file to backup folder
  204 + }
  205 + // End Daphne Change
246 206
  207 + if(!file_exists($newpath) == 1) {
  208 + printError("$lang_err_file_update","");
  209 + }
  210 + copy($userfile['tmp_name'], $newpath);
  211 + unlink($userfile['tmp_name']);
  212 + if(!file_exists($newpath)) {
  213 + if ($default->debug == true) {
  214 + printError($lang_err_upload,$newpath);
  215 + } else {
  216 + printError($lang_err_upload,"");
  217 + }
247 // Begin Daphne Change 218 // Begin Daphne Change
248 if ($default->owl_version_control == 1) { 219 if ($default->owl_version_control == 1) {
249 - if ($default->owl_use_fs)  
250 - {  
251 - // insert entry for backup file  
252 - // WORKING WORKING  
253 - $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','$version_name','$backup_size','$backup_creatorid','$backup_parent','$backup_modified', '$backup_smodified','$backup_groupid', '$backup_description','$backup_metadata','$backup_security','$backup_major','$backup_minor')") or unlink($backuppath);  
254 -  
255 - // update entry for existing file. Bozz's code is repeated underneath,  
256 - // without the versioning attribute included.  
257 -  
258 -  
259 - // BEGIN Bozz Change  
260 - // Added this check, if the policy is allow Read Write NO DELETE  
261 - // we have to make sure that the Creator is not changed.  
262 - // in the case of an updated, that would then allow a user to  
263 - // delete the file. Only the original Creator should be allowed  
264 - // to delete the file.  
265 - if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6)  
266 - {  
267 - // Daphne addition -- $versionchange = $new_version_num  
268 - $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified', $versionchange='$new_version_num', description='$newdesc' where id='$id'") or unlink($newpath);  
269 - }  
270 - else  
271 - {  
272 - // Daphne addition -- $versionchange = $new_version_num  
273 - $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified', $versionchange='$new_version_num',description='$newdesc' where id='$id'") or unlink($newpath);  
274 - }  
275 - } else {  
276 - // BEGIN wes change  
277 - // insert entry for current version of file  
278 - $compressed = '0';  
279 - $userfile = uploadCompat("userfile");  
280 - $fsize = filesize($userfile['tmp_name']);  
281 - $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','".$userfile['name']."','".$userfile['size']."','$backup_creatorid','$parent','$modified', '$smodified','$backup_groupid', '$newdesc', '$backup_metadata','$backup_security','$new_major','$new_minor')");  
282 - $id = $sql->insert_id();  
283 -  
284 -  
285 -  
286 -  
287 -  
288 - if ($default->owl_compressed_database && file_exists($default->gzip_path)) {  
289 - system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));  
290 - $fd = fopen($userfile['tmp_name'] . ".gz", 'rb');  
291 - $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";  
292 - $fsize = filesize($userfile['tmp_name']);  
293 - $compressed = '1';  
294 - } else {  
295 - $fd = fopen($userfile['tmp_name'], 'rb');  
296 - }  
297 - $filedata = addSlashes(fread($fd, $fsize));  
298 - fclose($fd);  
299 -  
300 - if ($id !== NULL && $filedata) {  
301 - $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata','$compressed')");  
302 - }  
303 - // END wes change  
304 - }  
305 - // END Bozz Change  
306 - 220 + if(!file_exists($backuppath)) {
  221 + die ("$lang_err_backup_file");
  222 + }
  223 + // find id of the backup folder you are saving the old file to
  224 + $sql->query("Select id from $default->owl_folders_table where name='backup' and parent='$parent'");
  225 + while($sql->next_record()) {
  226 + $backup_parent = $sql->f("id");
  227 + }
307 } 228 }
  229 + }
308 230
309 - else { // versioning not included in the DB update  
310 - if ($default->owl_use_fs)  
311 - {  
312 - // BEGIN Bozz Change  
313 - if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6)  
314 - {  
315 - $sql->query("update $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);  
316 - }  
317 - else  
318 - {  
319 - $sql->query("update $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath); 231 + if($versionchange == 'major_revision') {
  232 + // if someone requested a major revision, must
  233 + // make the minor revision go back to 0
  234 + //$versionchange = "minor_revision='0', major_revision";
  235 + //$new_version_num = $major_revision + 1;
  236 + $new_major = $major_revision + 1;
  237 + $new_minor = 0;
  238 + $versionchange = "minor_revision='0', major_revision";
  239 + $new_version_num = $major_revision + 1;
  240 + } else {
  241 + // simply increment minor revision number
  242 + $new_version_num = $minor_revision + 1;
  243 + $new_minor = $minor_revision + 1;
  244 + $new_major = $major_revision;
  245 + }
  246 + // printError("old: $minor_revision", "New: $new_minor");
  247 + // End Daphne Change
  248 +
  249 + $groupid = owlusergroup($userid);
  250 + $modified = date("M d, Y \a\\t h:i a");
  251 + $smodified = date("Y-m-d g:i:s");
  252 +
  253 + // Begin Daphne Change
  254 + if ($default->owl_version_control == 1) {
  255 + if ($default->owl_use_fs) {
  256 + // insert entry for backup file
  257 + // WORKING WORKING
  258 + $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','$version_name','$backup_size','$backup_creatorid','$backup_parent','$backup_modified', '$backup_smodified','$backup_groupid', '$backup_description','$backup_metadata','$backup_security','$backup_major','$backup_minor')") or unlink($backuppath);
  259 +
  260 + // update entry for existing file. Bozz's code is repeated underneath,
  261 + // without the versioning attribute included.
  262 +
  263 + // BEGIN Bozz Change
  264 + // Added this check, if the policy is allow Read Write NO DELETE
  265 + // we have to make sure that the Creator is not changed.
  266 + // in the case of an updated, that would then allow a user to
  267 + // delete the file. Only the original Creator should be allowed
  268 + // to delete the file.
  269 + if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6) {
  270 + // Daphne addition -- $versionchange = $new_version_num
  271 + $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified', $versionchange='$new_version_num', description='$newdesc' where id='$id'") or unlink($newpath);
  272 + } else {
  273 + // Daphne addition -- $versionchange = $new_version_num
  274 + $sql->query("UPDATE $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified', $versionchange='$new_version_num',description='$newdesc' where id='$id'") or unlink($newpath);
  275 + }
  276 + } else {
  277 + // BEGIN wes change
  278 + // insert entry for current version of file
  279 + $compressed = '0';
  280 + $userfile = uploadCompat("userfile");
  281 + $fsize = filesize($userfile['tmp_name']);
  282 + $sql->query("INSERT into $default->owl_files_table (name,filename,size,creatorid,parent,modified, smodified,groupid,description,metadata,security,major_revision,minor_revision) values ('$backup_name','".$userfile['name']."','".$userfile['size']."','$backup_creatorid','$parent','$modified', '$smodified','$backup_groupid', '$newdesc', '$backup_metadata','$backup_security','$new_major','$new_minor')");
  283 + $id = $sql->insert_id();
  284 +
  285 + if ($default->owl_compressed_database && file_exists($default->gzip_path)) {
  286 + system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));
  287 + $fd = fopen($userfile['tmp_name'] . ".gz", 'rb');
  288 + $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";
  289 + $fsize = filesize($userfile['tmp_name']);
  290 + $compressed = '1';
  291 + } else {
  292 + $fd = fopen($userfile['tmp_name'], 'rb');
  293 + }
  294 + $filedata = addSlashes(fread($fd, $fsize));
  295 + fclose($fd);
  296 +
  297 + if ($id !== NULL && $filedata) {
  298 + $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata','$compressed')");
  299 + }
  300 + // END wes change
  301 + }
  302 + // END Bozz Change
  303 + } else { // versioning not included in the DB update
  304 + if ($default->owl_use_fs) {
  305 + // BEGIN Bozz Change
  306 + if ( getfilepolicy($id) == 5 || getfilepolicy($id) == 6) {
  307 + $sql->query("update $default->owl_files_table set size='".$userfile['size']."',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);
  308 + } else {
  309 + $sql->query("update $default->owl_files_table set size='".$userfile['size']."',creatorid='$userid',modified='$modified',smodified='$smodified' where id='$id'") or unlink($newpath);
320 } 310 }
321 - // END Bozz Change  
322 - }  
323 - }  
324 -  
325 - // End Daphne Change 311 + // END Bozz Change
  312 + }
  313 + }
  314 + // End Daphne Change
326 315
327 - if ($quota_max != "0") $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'"); 316 + if ($quota_max != "0") {
  317 + $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'");
  318 + }
328 319
329 - //notify_users($groupid,1, find_path($parent),$filename, $title, $newdesc);  
330 - notify_users($groupid,1,$parent,$filename, $title, $newdesc, $type);  
331 - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");  
332 -// END BUG FIX: #433932 Fileupdate and Quotas  
333 - } else {  
334 - include("./lib/header.inc");  
335 - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");  
336 - ?>  
337 - <TR><TD ALIGN=LEFT>  
338 -<?php print("$lang_user: ");  
339 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
340 - print uid_to_name($userid);  
341 - print ("</A>");  
342 -?>  
343 -<FONT SIZE=-1>  
344 -  
345 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
346 - </FONT></TD>  
347 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
348 - </TD></TR></TABLE><BR><BR>  
349 - <?php  
350 - print($lang_noupload);  
351 - } 320 + //notify_users($groupid,1, find_path($parent),$filename, $title, $newdesc);
  321 + notify_users($groupid,1,$parent,$filename, $title, $newdesc, $type);
  322 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  323 + // END BUG FIX: #433932 Fileupdate and Quotas
  324 + } else {
  325 + include("./lib/header.inc");
  326 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>
  327 + <TR><TD ALIGN=LEFT>");
  328 + print("$lang_user: ");
  329 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  330 + print uid_to_name($userid);
  331 + print ("</A>");
  332 + print ("<FONT SIZE=-1>");
  333 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>
  334 + </FONT></TD>
  335 + <TD ALIGN=RIGHT>
  336 + <A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>
  337 + </TD></TR></TABLE><BR><BR>");
  338 + print($lang_noupload);
  339 + }
  340 + }
352 } 341 }
353 342
354 -  
355 if($action == "file_upload") { 343 if($action == "file_upload") {
356 - if(check_auth($parent, "folder_modify", $userid) == 1) {  
357 - //if($title == "") exit($lang_specifyname);  
358 - $groupid = owlusergroup($userid);  
359 - $sql = new Owl_DB;  
360 - $userfile = uploadCompat("userfile");  
361 - if ($type == "url") {  
362 - $modified = date("M d, Y \a\\t h:i a");  
363 - $smodified = date("Y-m-d g:i:s");  
364 - $new_name = $userfile["name"];  
365 - if ($title == "")  
366 - $title = $userfile["name"];  
367 - $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '".$userfile["name"]."', '".$userfile["size"]."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','1','1')");  
368 - }  
369 - else {  
370 - $sql->query("select * from $default->owl_users_table where id = '$userid'");  
371 - while($sql->next_record()) {  
372 - $quota_max = $sql->f("quota_max");  
373 - $quota_current = $sql->f("quota_current");  
374 - $new_quota = $quota_current + $userfile["size"];  
375 - }  
376 - if (($new_quota > $quota_max) && ($quota_max != "0")) {  
377 -  
378 - die("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail");  
379 - if(($quota_max - $quota_current) == "0")  
380 - die("$lang_err_quota_exceed");  
381 - }  
382 - $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"])));  
383 -  
384 - if ($default->owl_use_fs)  
385 - {  
386 - $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;  
387 - if(file_exists($newpath) == 1)  
388 - if ($default->debug == true)  
389 - printError($lang_fileexists,$newpath);  
390 - else  
391 - printError($lang_fileexists,"");  
392 -  
393 - copy($userfile["tmp_name"], $newpath);  
394 - unlink($userfile["tmp_name"]);  
395 - if(!file_exists($newpath))  
396 - if ($default->debug == true)  
397 - printError($lang_err_upload,$newpath);  
398 - else  
399 - printError($lang_err_upload,""); 344 + if(check_auth($parent, "folder_modify", $userid) == 1) {
  345 + //if($title == "") exit($lang_specifyname);
  346 + $groupid = owlusergroup($userid);
  347 + $sql = new Owl_DB;
  348 + $userfile = uploadCompat("userfile");
  349 + if ($type == "url") {
  350 + $modified = date("M d, Y \a\\t h:i a");
  351 + $smodified = date("Y-m-d g:i:s");
  352 + $new_name = $userfile["name"];
  353 + if ($title == "") {
  354 + $title = $userfile["name"];
  355 + }
  356 + $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '".$userfile["name"]."', '".$userfile["size"]."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','1','1')");
  357 + } else {
  358 + $sql->query("select * from $default->owl_users_table where id = '$userid'");
  359 + while($sql->next_record()) {
  360 + $quota_max = $sql->f("quota_max");
  361 + $quota_current = $sql->f("quota_current");
  362 + $new_quota = $quota_current + $userfile["size"];
  363 + }
  364 + if (($new_quota > $quota_max) && ($quota_max != "0")) {
  365 + die("$lang_err_quota".$new_quota."$lang_err_quota_needed".($quota_max - $quota_current)."$lang_err_quota_avail");
  366 + if(($quota_max - $quota_current) == "0") {
  367 + die("$lang_err_quota_exceed");
  368 + }
  369 + }
  370 + $new_name = ereg_replace("[^-A-Za-z0-9._]", "", ereg_replace(" ", "_", ereg_replace("%20|^-", "_", $userfile["name"])));
  371 +
  372 + if ($default->owl_use_fs) {
  373 + $newpath = $default->owl_FileDir."/".find_path($parent)."/".$new_name;
  374 + if(file_exists($newpath) == 1) {
  375 + if ($default->debug == true) {
  376 + printError($lang_fileexists,$newpath);
  377 + } else {
  378 + printError($lang_fileexists,"");
  379 + }
400 } 380 }
401 - else { 381 +
  382 + copy($userfile["tmp_name"], $newpath);
  383 + unlink($userfile["tmp_name"]);
  384 + if(!file_exists($newpath)) {
  385 + if ($default->debug == true) {
  386 + printError($lang_err_upload,$newpath);
  387 + } else {
  388 + printError($lang_err_upload,"");
  389 + }
  390 + } else {
402 // is name already used? 391 // is name already used?
403 - //printError("SQL", "select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'"); 392 + //printError("SQL", "select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'");
404 $sql->query("select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'"); 393 $sql->query("select filename from $default->owl_files_table where filename = '$new_name' and parent='$parent'");
405 - while($sql->next_record())  
406 - { 394 + while($sql->next_record()) {
407 if ($sql->f("filename")) { 395 if ($sql->f("filename")) {
408 // can't move... 396 // can't move...
409 printError("<b>File Exists:</b>","There is already a file with the name <i>$new_name</i> in this directory.",""); 397 printError("<b>File Exists:</b>","There is already a file with the name <i>$new_name</i> in this directory.","");
410 - // print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>"); 398 + // print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");
411 // needs to be internationalized 399 // needs to be internationalized
412 //exit("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory."); 400 //exit("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory.");
413 } 401 }
414 - }  
415 -  
416 - } 402 + }
  403 + }
417 /* BEGIN Bozz Change 404 /* BEGIN Bozz Change
418 If your not part of the Administartor Group 405 If your not part of the Administartor Group
419 the Folder will have your group ID assigned to it */ 406 the Folder will have your group ID assigned to it */
420 -  
421 - if ( owlusergroup($userid) != 0 )  
422 - {  
423 - $groupid = owlusergroup($userid); 407 + if ( owlusergroup($userid) != 0 ) {
  408 + $groupid = owlusergroup($userid);
424 } 409 }
425 // Bozz Change End 410 // Bozz Change End
426 411
427 - $modified = date("M d, Y \a\t h:i a"); 412 + $modified = date("M d, Y \a\t h:i a");
428 $smodified = date("Y-m-d g:i:s"); 413 $smodified = date("Y-m-d g:i:s");
429 - if($title == "") $title = $new_name;  
430 - if($major_revision == "") $major_revision = 0;  
431 - if($minor_revision == "") $minor_revision = 1;  
432 - if($checked_out == "") $checked_out = 0; 414 + if($title == "") {
  415 + $title = $new_name;
  416 + }
  417 + if($major_revision == "") {
  418 + $major_revision = 0;
  419 + }
  420 + if($minor_revision == "") {
  421 + $minor_revision = 1;
  422 + }
  423 + if($checked_out == "") {
  424 + $checked_out = 0;
  425 + }
433 // WORKING WORKING 426 // WORKING WORKING
434 427
435 - $compressed = '0';  
436 - $userfile = uploadCompat("userfile");  
437 - $fsize = $userfile['size']; 428 + $compressed = '0';
  429 + $userfile = uploadCompat("userfile");
  430 + $fsize = $userfile['size'];
438 if (!$default->owl_use_fs && $default->owl_compressed_database && file_exists($default->gzip_path)) { 431 if (!$default->owl_use_fs && $default->owl_compressed_database && file_exists($default->gzip_path)) {
439 - system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));  
440 - $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";  
441 - $fsize = filesize($userfile['tmp_name']);  
442 - $compressed = '1'; 432 + system($default->gzip_path . " " . escapeshellarg($userfile['tmp_name']));
  433 + $userfile['tmp_name'] = $userfile['tmp_name'] . ".gz";
  434 + $fsize = filesize($userfile['tmp_name']);
  435 + $compressed = '1';
443 } 436 }
444 $result = $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '$new_name', '".$userfile['size']."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','$minor_revision', '0')") or unlink($newpath); 437 $result = $sql->query("insert into $default->owl_files_table (name,filename,size,creatorid,parent,modified,description,metadata,security,groupid,smodified,checked_out, major_revision, minor_revision, url) values ('$title', '$new_name', '".$userfile['size']."', '$userid', '$parent', '$modified', '$description', '$metadata', '$security', '$groupid','$smodified','$checked_out','$major_revision','$minor_revision', '0')") or unlink($newpath);
445 438
446 - if (!$result && $default->owl_use_fs) unlink($newpath); 439 + if (!$result && $default->owl_use_fs) {
  440 + unlink($newpath);
  441 + }
447 // BEGIN wes change 442 // BEGIN wes change
448 if (!$default->owl_use_fs) { 443 if (!$default->owl_use_fs) {
449 - $id = $sql->insert_id();  
450 - $fd = fopen($userfile['tmp_name'], 'rb');  
451 - $filedata = addSlashes(fread($fd, $fsize));  
452 - fclose($fd);  
453 -  
454 - if ($id !== NULL && $filedata) {  
455 - $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata', '$compressed')");  
456 - } 444 + $id = $sql->insert_id();
  445 + $fd = fopen($userfile['tmp_name'], 'rb');
  446 + $filedata = addSlashes(fread($fd, $fsize));
  447 + fclose($fd);
  448 +
  449 + if ($id !== NULL && $filedata) {
  450 + $sql->query("insert into $default->owl_files_data_table (id, data, compressed) values ('$id', '$filedata', '$compressed')");
  451 + }
457 } 452 }
458 453
459 -  
460 - if ($quota_max != "0") $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'"); 454 + if ($quota_max != "0") {
  455 + $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$userid'");
461 } 456 }
  457 + }
462 458
463 - notify_users($groupid,0,$parent,$new_name, $title, $description, $type);  
464 -  
465 - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname"); 459 + notify_users($groupid,0,$parent,$new_name, $title, $description, $type);
  460 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
466 } else { 461 } else {
467 include("./lib/header.inc"); 462 include("./lib/header.inc");
468 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>"); 463 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
469 - ?> 464 +?>
470 <TR><TD ALIGN=LEFT> 465 <TR><TD ALIGN=LEFT>
471 - <?php print("$lang_user: ");  
472 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
473 - print uid_to_name($userid);  
474 - print ("</A>");  
475 - ?>  
476 -<FONT SIZE=-1>  
477 -  
478 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
479 - </FONT></TD>  
480 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
481 - </TD></TR></TABLE><BR><BR><CENTER>  
482 - <?php 466 +<?php
  467 + print("$lang_user: ");
  468 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  469 + print uid_to_name($userid);
  470 + print ("</A>");
  471 +?>
  472 + <FONT SIZE=-1>
  473 +<?php
  474 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  475 +?>
  476 + </FONT></TD>
  477 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  478 + </TD></TR></TABLE><BR><BR><CENTER>
  479 +<?php
483 print($lang_noupload); 480 print($lang_noupload);
484 } 481 }
485 } 482 }
486 483
487 if($action == "file_modify") { 484 if($action == "file_modify") {
488 - if(check_auth($id, "file_modify", $userid) == 1) {  
489 - $sql = new Owl_DB;  
490 - // Begin Bozz Change  
491 - if ( owlusergroup($userid) != 0 && $groupid == "" )  
492 - {  
493 - $groupid = owlusergroup($userid);  
494 - }  
495 -  
496 - 485 + if(check_auth($id, "file_modify", $userid) == 1) {
  486 + $sql = new Owl_DB;
  487 + // Begin Bozz Change
  488 + if ( owlusergroup($userid) != 0 && $groupid == "" ) {
  489 + $groupid = owlusergroup($userid);
  490 + }
497 // BEGIN WES change 491 // BEGIN WES change
498 - if (!$default->owl_use_fs)  
499 - {  
500 -  
501 - $name = flid_to_name($id);  
502 - if ($name != $title)  
503 - {  
504 - // we're changing the name ... need to roll this to other revisions  
505 - // is name already used?  
506 - $sql->query("select name from $default->owl_files_table where name = '$title' and parent='$parent'");  
507 - while($sql->next_record())  
508 - {  
509 - if ($sql->f("name")) {  
510 - // can't move...  
511 - //print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");  
512 - // needs to be internationalized  
513 - printError("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory.","");  
514 - } 492 + if (!$default->owl_use_fs) {
  493 + $name = flid_to_name($id);
  494 + if ($name != $title) {
  495 + // we're changing the name ... need to roll this to other revisions
  496 + // is name already used?
  497 + $sql->query("select name from $default->owl_files_table where name = '$title' and parent='$parent'");
  498 + while($sql->next_record()) {
  499 + if ($sql->f("name")) {
  500 + // can't move...
  501 + //print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'>$lang_return</A><P>");
  502 + // needs to be internationalized
  503 + printError("<b>File Exists:</b> There is already a file with the name <i>$title</i> in this directory.","");
  504 + }
515 } 505 }
516 - $sql->query("update $default->owl_files_table set name='$title' where parent='$parent' AND name = '$name'"); 506 + $sql->query("update $default->owl_files_table set name='$title' where parent='$parent' AND name = '$name'");
517 } 507 }
518 } 508 }
519 509
520 $sql->query("update $default->owl_files_table set name='$title', security='$security', metadata='$metadata', description='$description',groupid='$groupid', creatorid ='$file_owner' where id = '$id'"); 510 $sql->query("update $default->owl_files_table set name='$title', security='$security', metadata='$metadata', description='$description',groupid='$groupid', creatorid ='$file_owner' where id = '$id'");
521 - // End Bozz Change 511 + // End Bozz Change
522 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname"); 512 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
523 } else { 513 } else {
524 include("./lib/header.inc"); 514 include("./lib/header.inc");
525 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>"); 515 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
526 - ?> 516 +?>
527 <TR><TD ALIGN=LEFT> 517 <TR><TD ALIGN=LEFT>
528 - <?php print("$lang_user: ");  
529 - if(prefaccess($userid)) {  
530 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand&order=$order&$sortorder=$sortname'>");  
531 - }  
532 - print uid_to_name($userid);  
533 - print ("</A>");  
534 - ?>  
535 -<FONT SIZE=-1>  
536 -  
537 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
538 - </FONT></TD>  
539 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
540 - </TD></TR></TABLE><BR><BR><CENTER>  
541 - <?php 518 +<?php
  519 + print("$lang_user: ");
  520 + if(prefaccess($userid)) {
  521 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand&order=$order&$sortorder=$sortname'>");
  522 + }
  523 + print uid_to_name($userid);
  524 + print ("</A>");
  525 +?>
  526 + <FONT SIZE=-1>
  527 +
  528 +<?php
  529 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  530 +?>
  531 + </FONT></TD>
  532 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  533 + </TD></TR></TABLE><BR><BR><CENTER>
  534 +<?php
542 exit($lang_nofilemod); 535 exit($lang_nofilemod);
543 } 536 }
544 } 537 }
545 538
546 if($action == "file_delete") { 539 if($action == "file_delete") {
547 -if(check_auth($id, "file_delete", $userid) == 1) {  
548 - $sql = new Owl_DB;  
549 - if ($type == "url")  
550 - {  
551 - $sql->query("delete from $default->owl_files_table where id = '$id'");  
552 - }  
553 - else { 540 + if(check_auth($id, "file_delete", $userid) == 1) {
  541 + $sql = new Owl_DB;
  542 + if ($type == "url") {
  543 + $sql->query("delete from $default->owl_files_table where id = '$id'");
  544 + } else {
554 $sql->query("select * from $default->owl_files_table where id = '$id'"); 545 $sql->query("select * from $default->owl_files_table where id = '$id'");
555 while($sql->next_record()) { 546 while($sql->next_record()) {
556 - $path = find_path($sql->f("parent"));  
557 - $filename = $sql->f("filename");  
558 - $filesize = $sql->f("size");  
559 - $owner = $sql->f("creatorid"); 547 + $path = find_path($sql->f("parent"));
  548 + $filename = $sql->f("filename");
  549 + $filesize = $sql->f("size");
  550 + $owner = $sql->f("creatorid");
560 } 551 }
  552 +
561 $sql->query("select * from $default->owl_users_table where id = '$owner'"); 553 $sql->query("select * from $default->owl_users_table where id = '$owner'");
562 while($sql->next_record()) { 554 while($sql->next_record()) {
563 $quota_current = $sql->f("quota_current"); 555 $quota_current = $sql->f("quota_current");
564 $quota_max = $sql->f("quota_max"); 556 $quota_max = $sql->f("quota_max");
565 } 557 }
  558 +
566 $new_quota = $quota_current - $filesize; 559 $new_quota = $quota_current - $filesize;
567 - if($quota_max != "0") $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$owner'"); 560 + if($quota_max != "0") {
  561 + $sql->query("update $default->owl_users_table set quota_current = '$new_quota' where id = '$owner'");
  562 + }
568 563
569 - if($default->owl_use_fs) {  
570 - unlink($default->owl_FileDir."/".$path."/".$filename);  
571 - } else {  
572 - $sql->query("delete from $default->owl_files_data_table where id = '$id'");  
573 - } 564 + if($default->owl_use_fs) {
  565 + unlink($default->owl_FileDir."/".$path."/".$filename);
  566 + } else {
  567 + $sql->query("delete from $default->owl_files_data_table where id = '$id'");
  568 + }
574 569
575 $sql->query("delete from $default->owl_files_table where id = '$id'"); 570 $sql->query("delete from $default->owl_files_table where id = '$id'");
576 sleep(.5); 571 sleep(.5);
577 - } 572 + }
578 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname"); 573 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
579 } else { 574 } else {
580 include("./lib/header.inc"); 575 include("./lib/header.inc");
581 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>"); 576 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
582 - ?> 577 +?>
583 <TR><TD ALIGN=LEFT> 578 <TR><TD ALIGN=LEFT>
584 -<?php print("$lang_user: ");  
585 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
586 - print uid_to_name($userid);  
587 - print ("</A>"); 579 +<?php
  580 + print("$lang_user: ");
  581 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  582 + print uid_to_name($userid);
  583 + print ("</A>");
588 ?> 584 ?>
589 -<FONT SIZE=-1>  
590 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
591 - </FONT></TD>  
592 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
593 - </TD></TR></TABLE><BR><BR><CENTER>  
594 - <?php 585 + <FONT SIZE=-1>
  586 +<?php
  587 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  588 +?>
  589 + </FONT></TD>
  590 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  591 + </TD></TR></TABLE><BR><BR><CENTER>
  592 +<?php
595 exit($lang_nofiledelete); 593 exit($lang_nofiledelete);
596 } 594 }
597 } 595 }
  596 +
598 // Begin Daphne Change 597 // Begin Daphne Change
599 // the file policy authorisation has been taken from file_modify 598 // the file policy authorisation has been taken from file_modify
600 // (it's assumed that if you can't modify the file you can't check it out) 599 // (it's assumed that if you can't modify the file you can't check it out)
601 -  
602 if($action == "file_lock") { 600 if($action == "file_lock") {
603 - if(check_auth($id, "file_modify", $userid) == 1) {  
604 - $sql = new Owl_DB;  
605 - // Begin Bozz Change  
606 - if ( owlusergroup($userid) != 0 )  
607 - {  
608 - $groupid = owlusergroup($userid);  
609 - } 601 + if(check_auth($id, "file_modify", $userid) == 1) {
  602 + $sql = new Owl_DB;
  603 + // Begin Bozz Change
  604 + if ( owlusergroup($userid) != 0 ) {
  605 + $groupid = owlusergroup($userid);
  606 + }
610 // check that file hasn't been reserved while updates have gone through 607 // check that file hasn't been reserved while updates have gone through
611 $sql->query("select checked_out from $default->owl_files_table where id = '$id'"); 608 $sql->query("select checked_out from $default->owl_files_table where id = '$id'");
612 609
@@ -615,299 +612,301 @@ if($action == &quot;file_lock&quot;) { @@ -615,299 +612,301 @@ if($action == &quot;file_lock&quot;) {
615 } 612 }
616 613
617 if ($file_lock == 0) { 614 if ($file_lock == 0) {
618 - // reserve the file  
619 - $sql->query("update $default->owl_files_table set checked_out='$userid' where id='$id'");  
620 - }  
621 - else {  
622 - if ($file_lock == $userid) {  
623 - // check the file back in  
624 - $sql->query("update $default->owl_files_table set checked_out='0' where id='$id'");  
625 - }  
626 - else {  
627 - // throw error; someone else is trying to lock the file!  
628 - include("./lib/header.inc");  
629 - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");  
630 - ?>  
631 - <TR><TD ALIGN=LEFT>  
632 - <?php print("$lang_user: ");  
633 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
634 - print uid_to_name($userid);  
635 - print ("</A>");  
636 - ?>  
637 -<FONT SIZE=-1>  
638 -  
639 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
640 - </FONT></TD>  
641 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
642 - </TD></TR></TABLE><BR><BR><CENTER>  
643 - <?php  
644 - exit("$lang_err_file_lock ".uid_to_name($file_lock).".");  
645 - }  
646 - }  
647 -  
648 - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");  
649 -  
650 - 615 + // reserve the file
  616 + $sql->query("update $default->owl_files_table set checked_out='$userid' where id='$id'");
651 } else { 617 } else {
  618 + if ($file_lock == $userid) {
  619 + // check the file back in
  620 + $sql->query("update $default->owl_files_table set checked_out='0' where id='$id'");
  621 + } else {
  622 + // throw error; someone else is trying to lock the file!
652 include("./lib/header.inc"); 623 include("./lib/header.inc");
653 - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");  
654 - ?>  
655 - <TR><TD ALIGN=LEFT>  
656 - <?php print("$lang_user: ");  
657 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
658 - print uid_to_name($userid);  
659 - print ("</A>");  
660 - ?>  
661 -<FONT SIZE=-1>  
662 -  
663 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
664 - </FONT></TD>  
665 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?> 624 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>
  625 + <TR><TD ALIGN=LEFT>");
  626 + print("$lang_user: ");
  627 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  628 + print uid_to_name($userid);
  629 + print("</A>");
  630 + print("<FONT SIZE=-1>"
  631 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  632 +?>
  633 + </FONT></TD>
  634 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
666 </TD></TR></TABLE><BR><BR><CENTER> 635 </TD></TR></TABLE><BR><BR><CENTER>
667 - <?php  
668 - exit($lang_nofilemod); 636 +<?php
  637 + exit("$lang_err_file_lock ".uid_to_name($file_lock).".");
  638 + }
669 } 639 }
  640 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  641 + } else {
  642 + include("./lib/header.inc");
  643 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
  644 +?>
  645 + <TR><TD ALIGN=LEFT>
  646 +<?php
  647 + print("$lang_user: ");
  648 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  649 + print uid_to_name($userid);
  650 + print ("</A>");
  651 +?>
  652 + <FONT SIZE=-1>
  653 +<?php
  654 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  655 +?>
  656 + </FONT></TD>
  657 + <TD ALIGN=RIGHT>
  658 +<?php
  659 + print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>");
  660 +?>
  661 + </TD></TR></TABLE><BR><BR><CENTER>
  662 +<?php
  663 + exit($lang_nofilemod);
  664 + }
670 } 665 }
671 // End Daphne Change 666 // End Daphne Change
672 667
673 if($action == "file_email") { 668 if($action == "file_email") {
674 -  
675 - if(check_auth($parent, "folder_modify", $userid) == 1) {  
676 -  
677 - $sql = new Owl_DB; 669 + if(check_auth($parent, "folder_modify", $userid) == 1) {
  670 + $sql = new Owl_DB;
678 $path=""; 671 $path="";
679 - $filename= flid_to_filename($id); 672 + $filename= flid_to_filename($id);
680 if ($default->owl_use_fs) { 673 if ($default->owl_use_fs) {
681 - $fID=$parent;  
682 - do {  
683 - $sql->query("select name,parent from $default->owl_folders_table where id='$fID'");  
684 - while($sql->next_record()) {  
685 - $tName = $sql->f("name");  
686 - $fID = $sql->f("parent");  
687 - }  
688 - $path=$tName."/".$path;  
689 - } while ($fID != 0); 674 + $fID=$parent;
  675 + do {
  676 + $sql->query("select name,parent from $default->owl_folders_table where id='$fID'");
  677 + while($sql->next_record()) {
  678 + $tName = $sql->f("name");
  679 + $fID = $sql->f("parent");
  680 + }
  681 + $path=$tName."/".$path;
  682 + } while ($fID != 0);
690 } 683 }
691 - $sql->query("select name, filename, description from $default->owl_files_table where id='$id'");  
692 - $sql->next_record();  
693 - $name= $sql->f("name");  
694 - $desc= $sql->f("description"); 684 + $sql->query("select name, filename, description from $default->owl_files_table where id='$id'");
  685 + $sql->next_record();
  686 + $name= $sql->f("name");
  687 + $desc= $sql->f("description");
695 $filename = $sql->f("filename"); 688 $filename = $sql->f("filename");
696 689
697 $mail = new phpmailer(); 690 $mail = new phpmailer();
698 -  
699 $mail->IsSMTP(); // set mailer to use SMTP 691 $mail->IsSMTP(); // set mailer to use SMTP
700 $mail->Host = "$default->owl_email_server"; // specify main and backup server 692 $mail->Host = "$default->owl_email_server"; // specify main and backup server
701 $mail->From = "$default->owl_email_from"; 693 $mail->From = "$default->owl_email_from";
702 $mail->FromName = "$default->owl_email_fromname"; 694 $mail->FromName = "$default->owl_email_fromname";
703 695
704 - $r=preg_split("(\;|\,)",$mailto);  
705 - reset ($r);  
706 - while (list ($occ, $email) = each ($r)) 696 + $r=preg_split("(\;|\,)",$mailto);
  697 + reset ($r);
  698 + while (list ($occ, $email) = each ($r)) {
707 $mail->AddAddress($email); 699 $mail->AddAddress($email);
708 - if($replyto == "" ) 700 + }
  701 + if($replyto == "" ) {
709 $mail->AddReplyTo("$default->owl_email_replyto", "OWL Intranet"); 702 $mail->AddReplyTo("$default->owl_email_replyto", "OWL Intranet");
710 - else 703 + } else {
711 $mail->AddReplyTo("$replyto"); 704 $mail->AddReplyTo("$replyto");
  705 + }
712 706
713 - if($ccto != "")  
714 - $mail->AddCC("$ccto");  
715 - 707 + if($ccto != "") {
  708 + $mail->AddCC("$ccto");
  709 + }
716 710
717 $mail->WordWrap = 50; // set word wrap to 50 characters 711 $mail->WordWrap = 50; // set word wrap to 50 characters
718 $mail->IsHTML(true); // set email format to HTML 712 $mail->IsHTML(true); // set email format to HTML
719 713
720 $mail->Subject = "$lang_file: $name -- $subject"; 714 $mail->Subject = "$lang_file: $name -- $subject";
721 - if ($type != "url") {  
722 - $mail->Body = "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc";  
723 - $mail->altBody = "$mailbody" . "\n\n" . "$lang_description: \n\n $desc"; 715 + if ($type != "url") {
  716 + $mail->Body = "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc";
  717 + $mail->altBody = "$mailbody" . "\n\n" . "$lang_description: \n\n $desc";
724 // BEGIN wes change 718 // BEGIN wes change
725 - if (!$default->owl_use_fs) {  
726 - if (file_exists("$default->owl_FileDir/$path$filename")) {  
727 - unlink("$default->owl_FileDir/$path$filename");  
728 - }  
729 - $file = fopen("$default->owl_FileDir/$path$filename", 'wb');  
730 - $sql->query("select data,compressed from $default->owl_files_data_table where id='$id'");  
731 - while ($sql->next_record()) {  
732 - if ($sql->f("compressed")) {  
733 -  
734 - $tmpfile = $default->owl_FileDir . "owltmp.$id.gz";  
735 - $uncomptmpfile = $default->owl_FileDir . "owltmp.$id";  
736 - if (file_exists($tmpfile)) unlink($tmpfile);  
737 -  
738 - $fp=fopen($tmpfile,"w");  
739 - fwrite($fp, $sql->f("data"));  
740 - fclose($fp);  
741 -  
742 - system($default->gzip_path . " -df $tmpfile");  
743 -  
744 - $fsize = filesize($uncomptmpfile);  
745 - $fd = fopen($uncomptmpfile, 'rb');  
746 - $filedata = fread($fd, $fsize);  
747 - fclose($fd);  
748 -  
749 - fwrite($file, $filedata);  
750 - unlink($uncomptmpfile);  
751 - } else {  
752 - fwrite($file, $sql->f("data"));  
753 - } 719 + if (!$default->owl_use_fs) {
  720 + if (file_exists("$default->owl_FileDir/$path$filename")) {
  721 + unlink("$default->owl_FileDir/$path$filename");
  722 + }
  723 + $file = fopen("$default->owl_FileDir/$path$filename", 'wb');
  724 + $sql->query("select data,compressed from $default->owl_files_data_table where id='$id'");
  725 + while ($sql->next_record()) {
  726 + if ($sql->f("compressed")) {
  727 + $tmpfile = $default->owl_FileDir . "owltmp.$id.gz";
  728 + $uncomptmpfile = $default->owl_FileDir . "owltmp.$id";
  729 + if (file_exists($tmpfile)) {
  730 + unlink($tmpfile);
  731 + }
  732 +
  733 + $fp=fopen($tmpfile,"w");
  734 + fwrite($fp, $sql->f("data"));
  735 + fclose($fp);
  736 +
  737 + system($default->gzip_path . " -df $tmpfile");
  738 +
  739 + $fsize = filesize($uncomptmpfile);
  740 + $fd = fopen($uncomptmpfile, 'rb');
  741 + $filedata = fread($fd, $fsize);
  742 + fclose($fd);
  743 +
  744 + fwrite($file, $filedata);
  745 + unlink($uncomptmpfile);
  746 + } else {
  747 + fwrite($file, $sql->f("data"));
  748 + }
754 } 749 }
755 - fclose($file);  
756 - } 750 + fclose($file);
  751 + }
757 752
758 $mail->AddAttachment("$default->owl_FileDir/$path$filename"); 753 $mail->AddAttachment("$default->owl_FileDir/$path$filename");
759 - }  
760 - else { 754 + } else {
761 $mail->Body = "$filename" . "<BR><BR>" . "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc"; 755 $mail->Body = "$filename" . "<BR><BR>" . "$mailbody" . "<BR><BR>" . "$lang_description: <BR><BR>$desc";
762 $mail->altBody = "$filename" . "\n\n" ."$mailbody" . "\n\n" . "$lang_description: \n\n $desc"; 756 $mail->altBody = "$filename" . "\n\n" ."$mailbody" . "\n\n" . "$lang_description: \n\n $desc";
763 - } 757 + }
764 758
765 - if(!$mail->Send())  
766 - {  
767 - printError($lang_err_email, $mail->ErrorInfo);  
768 - //printError("Server:$default->owl_email_server<BR>File:$default->owl_FileDir/$path$filename ", $mail->ErrorInfo); 759 + if(!$mail->Send()) {
  760 + printError($lang_err_email, $mail->ErrorInfo);
  761 + //printError("Server:$default->owl_email_server<BR>File:$default->owl_FileDir/$path$filename ", $mail->ErrorInfo);
769 } 762 }
770 if (!$default->owl_use_fs) { 763 if (!$default->owl_use_fs) {
771 - unlink("$default->owl_FileDir/$path$filename");  
772 - }  
773 - 764 + unlink("$default->owl_FileDir/$path$filename");
  765 + }
774 } 766 }
775 } 767 }
776 768
777 -  
778 if($action == "folder_create") { 769 if($action == "folder_create") {
779 if(check_auth($parent, "folder_modify", $userid) == 1) { 770 if(check_auth($parent, "folder_modify", $userid) == 1) {
780 - $sql = new Owl_DB; 771 + $sql = new Owl_DB;
781 //we have to be careful with the name just like with the files 772 //we have to be careful with the name just like with the files
782 - //Comment this one out TRACKER : 603887, this was not done for renaming a folder  
783 - // So lets see if it causes problems while creating folders. 773 + //Comment this one out TRACKER : 603887, this was not done for renaming a folder
  774 + // So lets see if it causes problems while creating folders.
784 // Seems it causes a problem, so I put it back. 775 // Seems it causes a problem, so I put it back.
785 $name = ereg_replace("[^-A-Za-z0-9._[:space:]]", "", ereg_replace("%20|^-", " ", $name)); 776 $name = ereg_replace("[^-A-Za-z0-9._[:space:]]", "", ereg_replace("%20|^-", " ", $name));
786 $sql->query("select * from $default->owl_folders_table where name = '$name' and parent = '$parent'"); 777 $sql->query("select * from $default->owl_folders_table where name = '$name' and parent = '$parent'");
787 - if($sql->num_rows() > 0)  
788 - printError("$lang_err_folder_exist",""); 778 + if($sql->num_rows() > 0) {
  779 + printError("$lang_err_folder_exist","");
  780 + }
789 781
790 - if ( $name == '')  
791 - printError($lang_err_nameempty,""); 782 + if ( $name == '') {
  783 + printError($lang_err_nameempty,"");
  784 + }
792 785
793 if($default->owl_use_fs) { 786 if($default->owl_use_fs) {
794 $path = find_path($parent); 787 $path = find_path($parent);
795 mkdir($default->owl_FileDir."/".$path."/".$name, 0777); 788 mkdir($default->owl_FileDir."/".$path."/".$name, 0777);
796 if(!is_dir("$default->owl_FileDir/$path/$name")) { 789 if(!is_dir("$default->owl_FileDir/$path/$name")) {
797 - if ($default->debug == true)  
798 - printError($lang_err_folder_create,"$default->owl_FileDir/$path/$name");  
799 - else  
800 - printError($lang_err_folder_create,"");  
801 - }  
802 - } 790 + if ($default->debug == true) {
  791 + printError($lang_err_folder_create,"$default->owl_FileDir/$path/$name");
  792 + } else {
  793 + printError($lang_err_folder_create,"");
  794 + }
  795 + }
803 $sql->query("insert into $default->owl_folders_table (name,parent,security,groupid,creatorid) values ('$name', '$parent', '$policy', '$groupid', '$userid')"); 796 $sql->query("insert into $default->owl_folders_table (name,parent,security,groupid,creatorid) values ('$name', '$parent', '$policy', '$groupid', '$userid')");
804 - header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");  
805 - } else {  
806 - include("./lib/header.inc");  
807 - print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");  
808 - ?>  
809 - <TR><TD ALIGN=LEFT>  
810 - <?php print("$lang_user: ");  
811 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
812 - print uid_to_name($userid);  
813 - print ("</A>");  
814 - ?>  
815 -<FONT SIZE=-1>  
816 -  
817 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
818 - </FONT></TD>  
819 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
820 - </TD></TR></TABLE><BR><BR><CENTER>  
821 - <?php  
822 - exit($lang_nosubfolder);  
823 - } 797 + header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
  798 + }
  799 + } else {
  800 + include("./lib/header.inc");
  801 + print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
  802 +?>
  803 + <TR><TD ALIGN=LEFT>
  804 +<?php
  805 + print("$lang_user: ");
  806 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  807 + print uid_to_name($userid);
  808 + print ("</A>");
  809 +?>
  810 + <FONT SIZE=-1>
  811 +<?php
  812 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  813 +?>
  814 + </FONT></TD>
  815 + <TD ALIGN=RIGHT>
  816 +<?php
  817 + print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>");
  818 +?>
  819 + </TD></TR></TABLE><BR><BR><CENTER>
  820 +<?php
  821 + exit($lang_nosubfolder);
  822 + }
824 } 823 }
825 824
826 if($action == "folder_modify") { 825 if($action == "folder_modify") {
827 - if(check_auth($id, "folder_modify", $userid) == 1) {  
828 - $sql = new Owl_DB;  
829 - $origname = fid_to_name($id); 826 + if(check_auth($id, "folder_modify", $userid) == 1) {
  827 + $sql = new Owl_DB;
  828 + $origname = fid_to_name($id);
830 $sql->query("select parent from $default->owl_folders_table where id = '$id'"); 829 $sql->query("select parent from $default->owl_folders_table where id = '$id'");
831 - while($sql->next_record()) $parent = $sql->f("parent"); 830 + while($sql->next_record()) {
  831 + $parent = $sql->f("parent");
  832 + }
832 $path = $default->owl_FileDir."/".find_path($parent)."/"; 833 $path = $default->owl_FileDir."/".find_path($parent)."/";
833 - $source = $path . $origname; 834 + $source = $path . $origname;
834 $name = ereg_replace("[^-A-Za-z0-9._[:space:]]", "", ereg_replace("%20|^-", " ", $name)); 835 $name = ereg_replace("[^-A-Za-z0-9._[:space:]]", "", ereg_replace("%20|^-", " ", $name));
835 - $dest = $path . $name; 836 + $dest = $path . $name;
836 837
837 if ($default->owl_use_fs) { 838 if ($default->owl_use_fs) {
838 - if (!file_exists($path . $name) == 1 || $source == $dest) {  
839 - if (substr(php_uname(), 0, 7) != "Windows") {  
840 - if ($source != $dest) {  
841 - $cmd="mv \"$path$origname\" \"$path$name\" 2>&1";  
842 - $lines=array();$errco=0;  
843 - $result = myExec($cmd,$lines,$errco);  
844 - if ( $errco != 0 )  
845 - printError($lang_err_movecancel, $result);  
846 - }  
847 - }  
848 - else {  
849 - // IF Windows just do a rename and hope for the best  
850 - rename ("$path$origname", "$path$name");  
851 - }  
852 -  
853 - }  
854 - else  
855 - printError($lang_err_folderexists,"");  
856 - }  
857 - else {  
858 - $sql->query("select * from $default->owl_folders_table where parent = '$parent' and name = '$name'");  
859 - if ($sql->num_rows($sql) != 0)  
860 - printError($lang_err_folderexists,""); 839 + if (!file_exists($path . $name) == 1 || $source == $dest) {
  840 + if (substr(php_uname(), 0, 7) != "Windows") {
  841 + if ($source != $dest) {
  842 + $cmd="mv \"$path$origname\" \"$path$name\" 2>&1";
  843 + $lines=array();$errco=0;
  844 + $result = myExec($cmd,$lines,$errco);
  845 + if ( $errco != 0 ) {
  846 + printError($lang_err_movecancel, $result);
  847 + }
  848 + }
  849 + } else {
  850 + // IF Windows just do a rename and hope for the best
  851 + rename ("$path$origname", "$path$name");
861 } 852 }
862 - /* BEGIN Bozz Change  
863 - If your not part of the Administartor Group  
864 - the Folder will have your group ID assigned to it */  
865 - if ( owlusergroup($userid) != 0 )  
866 - { 853 + } else {
  854 + printError($lang_err_folderexists,"");
  855 + }
  856 + } else {
  857 + $sql->query("select * from $default->owl_folders_table where parent = '$parent' and name = '$name'");
  858 + if ($sql->num_rows($sql) != 0) {
  859 + printError($lang_err_folderexists,"");
  860 + }
  861 + }
  862 + /* BEGIN Bozz Change
  863 + If your not part of the Administartor Group
  864 + the Folder will have your group ID assigned to it */
  865 + if ( owlusergroup($userid) != 0 ) {
867 $sql->query("update $default->owl_folders_table set name='$name', security='$policy' where id = '$id'"); 866 $sql->query("update $default->owl_folders_table set name='$name', security='$policy' where id = '$id'");
868 - }  
869 - else  
870 - { 867 + } else {
871 $sql->query("update $default->owl_folders_table set name='$name', security='$policy', groupid='$groupid' where id = '$id'"); 868 $sql->query("update $default->owl_folders_table set name='$name', security='$policy', groupid='$groupid' where id = '$id'");
872 - }  
873 -  
874 -  
875 - // Bozz change End 869 + }
  870 + // Bozz change End
  871 +
876 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname"); 872 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
877 } else { 873 } else {
878 include("./lib/header.inc"); 874 include("./lib/header.inc");
879 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>"); 875 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
880 - ?> 876 +?>
881 <TR><TD ALIGN=LEFT> 877 <TR><TD ALIGN=LEFT>
882 - <?php print("$lang_user: ");  
883 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
884 - print uid_to_name($userid);  
885 - print ("</A>");  
886 - ?>  
887 -<FONT SIZE=-1>  
888 -  
889 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
890 - </FONT></TD>  
891 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
892 - </TD></TR></TABLE><BR><BR><CENTER>  
893 - <?php 878 +<?php
  879 + print("$lang_user: ");
  880 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  881 + print uid_to_name($userid);
  882 + print ("</A>");
  883 +?>
  884 + <FONT SIZE=-1>
  885 +<?php
  886 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  887 +?>
  888 + </FONT></TD>
  889 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  890 + </TD></TR></TABLE><BR><BR><CENTER>
  891 +<?php
894 exit($lang_nofoldermod); 892 exit($lang_nofoldermod);
895 } 893 }
896 } 894 }
897 895
898 if($action == "folder_delete") { 896 if($action == "folder_delete") {
899 - if(check_auth($id, "folder_delete", $userid) == 1) {  
900 - $sql = new Owl_DB;  
901 - $sql->query("select id,name,parent from $default->owl_folders_table order by name");  
902 - $fCount = ($sql->nf());  
903 - $i = 0;  
904 - while($sql->next_record()) {  
905 - $folderList[$i][0] = $sql->f("id");  
906 - $folderList[$i][2] = $sql->f("parent");  
907 - $i++; 897 + if(check_auth($id, "folder_delete", $userid) == 1) {
  898 + $sql = new Owl_DB;
  899 + $sql->query("select id,name,parent from $default->owl_folders_table order by name");
  900 + $fCount = ($sql->nf());
  901 + $i = 0;
  902 + while($sql->next_record()) {
  903 + $folderList[$i][0] = $sql->f("id");
  904 + $folderList[$i][2] = $sql->f("parent");
  905 + $i++;
908 } 906 }
909 - if ($default->owl_use_fs) 907 + if ($default->owl_use_fs) {
910 myDelete($default->owl_FileDir."/".find_path($id)); 908 myDelete($default->owl_FileDir."/".find_path($id));
  909 + }
911 910
912 delTree($id); 911 delTree($id);
913 sleep(.5); 912 sleep(.5);
@@ -915,50 +914,50 @@ if($action == &quot;folder_delete&quot;) { @@ -915,50 +914,50 @@ if($action == &quot;folder_delete&quot;) {
915 } else { 914 } else {
916 include("./lib/header.inc"); 915 include("./lib/header.inc");
917 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>"); 916 print("<TABLE WIDTH=$default->table_expand_width BGCOLOR=$default->main_header_bgcolor CELLSPACING=0 CELLPADDING=0 BORDER=$default->table_border HEIGHT=30>");
918 - ?> 917 +?>
919 <TR><TD ALIGN=LEFT> 918 <TR><TD ALIGN=LEFT>
920 - <?php print("$lang_user: ");  
921 - print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");  
922 - print uid_to_name($userid);  
923 - print ("</A>");  
924 - ?>  
925 -<FONT SIZE=-1>  
926 -  
927 - <?php print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");?>  
928 - </FONT></TD>  
929 - <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>  
930 - </TD></TR></TABLE><BR><BR><CENTER>  
931 - <?php 919 +<?php
  920 + print("$lang_user: ");
  921 + print("<A HREF='prefs.php?owluser=$userid&sess=$sess&expand=$expand'>");
  922 + print uid_to_name($userid);
  923 + print ("</A>");
  924 +?>
  925 + <FONT SIZE=-1>
  926 +
  927 +<?php
  928 + print("<A HREF='index.php?login=logout&sess=$sess'>$lang_logout</A>");
  929 +?>
  930 + </FONT></TD>
  931 + <TD ALIGN=RIGHT><?php print("<A HREF='browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname'><IMG SRC='$default->owl_root_url/locale/$language/graphics/btn_browse.gif' BORDER=0></A>"); ?>
  932 + </TD></TR></TABLE><BR><BR><CENTER>
  933 +<?php
932 exit($lang_nofolderdelete); 934 exit($lang_nofolderdelete);
933 } 935 }
934 } 936 }
935 937
936 if($action == "user") { 938 if($action == "user") {
937 - //  
938 - // the following should prevent users from changing others passwords.  
939 - // 939 + // the following should prevent users from changing others passwords.
  940 + $sql = new Owl_DB;
  941 + $sql->query("select * from $default->owl_sessions_table where uid = '$id' and sessid = '$sess'");
  942 + if($sql->num_rows() <> 1) {
  943 + die ("$lang_err_unauthorized");
  944 + }
  945 +
  946 + if ($newpassword <> '') {
940 $sql = new Owl_DB; 947 $sql = new Owl_DB;
941 - $sql->query("select * from $default->owl_sessions_table where uid = '$id' and sessid = '$sess'");  
942 - if($sql->num_rows() <> 1)  
943 - {  
944 - die ("$lang_err_unauthorized"); 948 + $sql->query("select * from $default->owl_users_table where id = '$id' and password = '" . md5($oldpassword) ."'");
  949 + if($sql->num_rows() == 0) {
  950 + die("$lang_err_pass_wrong");
945 } 951 }
946 -  
947 - if ($newpassword <> '')  
948 - {  
949 - $sql = new Owl_DB;  
950 - $sql->query("select * from $default->owl_users_table where id = '$id' and password = '" . md5($oldpassword) ."'");  
951 - if($sql->num_rows() == 0)  
952 - die("$lang_err_pass_wrong");  
953 - if ( $newpassword == $confpassword)  
954 - $sql->query("UPDATE $default->owl_users_table SET name='$name',password='" . md5("$newpassword") . "' where id = '$id'");  
955 - else  
956 - die ("$lang_err_pass_missmatch"); 952 + if ( $newpassword == $confpassword) {
  953 + $sql->query("UPDATE $default->owl_users_table SET name='$name',password='" . md5("$newpassword") . "' where id = '$id'");
  954 + } else {
  955 + die ("$lang_err_pass_missmatch");
957 } 956 }
958 - $sql->query("UPDATE $default->owl_users_table SET name='$name', email='$email', notify='$notify', attachfile='$attachfile', language='$newlanguage' where id = '$id'"); 957 + }
  958 + $sql->query("UPDATE $default->owl_users_table SET name='$name', email='$email', notify='$notify', attachfile='$attachfile', language='$newlanguage' where id = '$id'");
959 } 959 }
960 960
961 -  
962 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname"); 961 header("Location: browse.php?sess=$sess&parent=$parent&expand=$expand&order=$order&$sortorder=$sortname");
963 962
964 ?> 963 ?>