Commit a3249ee209db7f4301563eb3a19f0d368bee7a36
1 parent
d1f0c9fd
merged from branch BRANCH_1_2_0_12082003
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@2662 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
72 changed files
with
743 additions
and
376 deletions
.project
0 → 100644
config/siteMap.inc
| @@ -64,9 +64,9 @@ $default->siteMap->addPage("deleteFolder", "/presentation/lookAndFeel/knowledgeT | @@ -64,9 +64,9 @@ $default->siteMap->addPage("deleteFolder", "/presentation/lookAndFeel/knowledgeT | ||
| 64 | 64 | ||
| 65 | 65 | ||
| 66 | // folder access | 66 | // folder access |
| 67 | -$default->siteMap->addPage("addGroupFolderLink", "/presentation/lookAndFeel/knowledgeTree/foldermanagement/addGroupFolderLinkBL.php", "Manage Documents", UnitAdmin, "Add Folder Access", false); | ||
| 68 | -$default->siteMap->addPage("modifyGroupFolderLink", "/presentation/lookAndFeel/knowledgeTree/foldermanagement/editGroupFolderLinkBL.php", "Manage Documents", UnitAdmin, "Edit Folder Access", false); | ||
| 69 | -$default->siteMap->addPage("deleteGroupFolderLink", "/presentation/lookAndFeel/knowledgeTree/foldermanagement/deleteGroupFolderLinkBL.php", "Manage Documents", UnitAdmin, "Delete Folder Access", false); | 67 | +$default->siteMap->addPage("addGroupFolderLink", "/presentation/lookAndFeel/knowledgeTree/foldermanagement/addGroupFolderLinkBL.php", "Manage Documents", User, "Add Folder Access", false); |
| 68 | +$default->siteMap->addPage("modifyGroupFolderLink", "/presentation/lookAndFeel/knowledgeTree/foldermanagement/editGroupFolderLinkBL.php", "Manage Documents", User, "Edit Folder Access", false); | ||
| 69 | +$default->siteMap->addPage("deleteGroupFolderLink", "/presentation/lookAndFeel/knowledgeTree/foldermanagement/deleteGroupFolderLinkBL.php", "Manage Documents", User, "Delete Folder Access", false); | ||
| 70 | 70 | ||
| 71 | // document actions | 71 | // document actions |
| 72 | $default->siteMap->addPage("modifyDocumentTypeMetaData", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifySpecificMetaDataBL.php", "Manage Documents", User, ""); | 72 | $default->siteMap->addPage("modifyDocumentTypeMetaData", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/modifySpecificMetaDataBL.php", "Manage Documents", User, ""); |
| @@ -80,6 +80,7 @@ $default->siteMap->addPage("deleteDependantDocument", "/presentation/lookAndFeel | @@ -80,6 +80,7 @@ $default->siteMap->addPage("deleteDependantDocument", "/presentation/lookAndFeel | ||
| 80 | $default->siteMap->addPage("removeDocumentLink", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/removeDocumentLinkBL.php", "Manage Documents", User, "", false); | 80 | $default->siteMap->addPage("removeDocumentLink", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/removeDocumentLinkBL.php", "Manage Documents", User, "", false); |
| 81 | $default->siteMap->addPage("addDocumentLink", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentLinkBL.php", "Manage Documents", User, "", false); | 81 | $default->siteMap->addPage("addDocumentLink", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentLinkBL.php", "Manage Documents", User, "", false); |
| 82 | $default->siteMap->addPage("createDependantDocument", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/createDependantDocumentBL.php", "Manage Documents", User, "", false); | 82 | $default->siteMap->addPage("createDependantDocument", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/createDependantDocumentBL.php", "Manage Documents", User, "", false); |
| 83 | +$default->siteMap->addPage("escalateDependantDocument", "/presentation/lookAndFeel/knowledgeTree/documentmanagement/escalateDependantDocumentBL.php", "Manage Documents", User, "", false); | ||
| 83 | 84 | ||
| 84 | $default->siteMap->addPage("addSubscription", "/presentation/lookAndFeel/knowledgeTree/subscriptions/addSubscriptionBL.php", "Manage Documents", User, "Add Folder Subscription"); | 85 | $default->siteMap->addPage("addSubscription", "/presentation/lookAndFeel/knowledgeTree/subscriptions/addSubscriptionBL.php", "Manage Documents", User, "Add Folder Subscription"); |
| 85 | $default->siteMap->addPage("removeSubscription", "/presentation/lookAndFeel/knowledgeTree/subscriptions/removeSubscriptionBL.php", "Manage Documents", User, "Remove Folder Subscription"); | 86 | $default->siteMap->addPage("removeSubscription", "/presentation/lookAndFeel/knowledgeTree/subscriptions/removeSubscriptionBL.php", "Manage Documents", User, "Remove Folder Subscription"); |
config/tableMappings.inc
| @@ -30,8 +30,6 @@ $default->data_types_table ="data_types"; | @@ -30,8 +30,6 @@ $default->data_types_table ="data_types"; | ||
| 30 | $default->document_fields_table = "document_fields"; | 30 | $default->document_fields_table = "document_fields"; |
| 31 | // links document | 31 | // links document |
| 32 | $default->document_fields_link_table = "document_fields_link"; | 32 | $default->document_fields_link_table = "document_fields_link"; |
| 33 | -// meta data value lookup table | ||
| 34 | -$default->document_fields_lookup_tables = "metadata_lookup"; | ||
| 35 | // document subscriptions | 33 | // document subscriptions |
| 36 | $default->document_subscriptions_table = "document_subscriptions"; | 34 | $default->document_subscriptions_table = "document_subscriptions"; |
| 37 | // document transaction types | 35 | // document transaction types |
docs/ChangeLog.txt
| 1 | Version 1.2.0 | 1 | Version 1.2.0 |
| 2 | -* Mon Jul 28 2003 Michael Joseph <michael@jamwarehouse.com> | ||
| 3 | -- Administration menu simplification and consistency. | ||
| 4 | -- Segmented configuration files for ease of maintenance. | ||
| 5 | -- Updated install documentation. | ||
| 6 | -- Archiving- add the ability to search for archived documents and request their restoration. | 2 | +* Tue Aug 12 2003 Michael Joseph <michael@jamwarehouse.com> |
| 7 | - Document Details and Folder Properties- updated display- javascript content swapping. | 3 | - Document Details and Folder Properties- updated display- javascript content swapping. |
| 8 | - Improved display of Document actions- disabled buttons when action not available. | 4 | - Improved display of Document actions- disabled buttons when action not available. |
| 5 | +- Add Document- streamlined process by placing all details on one page. | ||
| 6 | +- Archiving- add the ability to search for archived documents and request their restoration. | ||
| 9 | - Deletion of documents is now soft, additional Administration option to expunge/restore deleted documents. | 7 | - Deletion of documents is now soft, additional Administration option to expunge/restore deleted documents. |
| 8 | +- Administration menu simplification and consistency. | ||
| 10 | - Administration - Cancel document checkout status functionality added. | 9 | - Administration - Cancel document checkout status functionality added. |
| 10 | +- Segmented configuration files for ease of maintenance. | ||
| 11 | +- Updated install documentation. | ||
| 11 | - Additional online help files. | 12 | - Additional online help files. |
| 12 | 13 | ||
| 13 | Version 1.1.2 | 14 | Version 1.1.2 |
docs/INSTALL.txt
| @@ -8,7 +8,9 @@ KnowledgeTree Installation Notes | @@ -8,7 +8,9 @@ KnowledgeTree Installation Notes | ||
| 8 | upload_tmp_dir = C:\PHP\uploadtemp | 8 | upload_tmp_dir = C:\PHP\uploadtemp |
| 9 | upload_max_filesize = 2M | 9 | upload_max_filesize = 2M |
| 10 | session.use_cookies = 1 | 10 | session.use_cookies = 1 |
| 11 | - | 11 | + magic_quotes_gpc = On |
| 12 | + magic_quotes_runtime = Off | ||
| 13 | + | ||
| 12 | * Move the knowledgeTree folder to the directory it is going to be served from: | 14 | * Move the knowledgeTree folder to the directory it is going to be served from: |
| 13 | $ mv knowledgeTree /path/to/your/html/directory/ | 15 | $ mv knowledgeTree /path/to/your/html/directory/ |
| 14 | 16 | ||
| @@ -19,14 +21,26 @@ KnowledgeTree Installation Notes | @@ -19,14 +21,26 @@ KnowledgeTree Installation Notes | ||
| 19 | $ mysql -p dms < sql/tables.sql | 21 | $ mysql -p dms < sql/tables.sql |
| 20 | 22 | ||
| 21 | * Configure your installation by changing the following attributes in config/environment.php: | 23 | * Configure your installation by changing the following attributes in config/environment.php: |
| 22 | - - $default->fileSystemRoot | ||
| 23 | - - $default->serverName | ||
| 24 | - - $default->sslEnabled | ||
| 25 | - - $default->authenticationClass | ||
| 26 | - - $default->dbUser | ||
| 27 | - - $default->dbPass | ||
| 28 | - - $default->dbHost | ||
| 29 | - - $default->dbName | 24 | + - The fileSystemRoot property should point to the directory you installed the KnowledgeTree in eg. |
| 25 | + $default->fileSystemRoot = "C:\Documents and Settings\michael\Desktop\php\knowledgeTree"; | ||
| 26 | + | ||
| 27 | + - The serverName property should be the name of the webserver you're accessing the KnowledgeTree from eg. | ||
| 28 | + $default->serverName = "localhost"; | ||
| 29 | + | ||
| 30 | + - If the KnowledgeTree is not install in the root of your webserver, ie. you access the KnowledgeTree via a URL like | ||
| 31 | + http://localhost/knowledgeTree, you must set the rootUrl property appropriately. | ||
| 32 | + Eg. If your webserver root is "c:\myWebServerRoot" and you install KnowledgeTree into that directory (ie. | ||
| 33 | + $default->fileSystemRoot = "c:\myWebServerRoot\knowledgeTree") then you must set your as follows: | ||
| 34 | + $default->rootUrl = "/knowledgeTree"; | ||
| 35 | + | ||
| 36 | + - If your webserver is SSL enabled then set this to true (in most cases this will be false) eg. | ||
| 37 | + $default->sslEnabled = false; | ||
| 38 | + | ||
| 39 | + - Set the database properties to point to your MySQL installation | ||
| 40 | + $default->dbUser = "root"; | ||
| 41 | + $default->dbPass = "pass123"; | ||
| 42 | + $default->dbHost = "localhost"; | ||
| 43 | + $default->dbName = "release112"; | ||
| 30 | 44 | ||
| 31 | * Check permissions on the Documents folder | 45 | * Check permissions on the Documents folder |
| 32 | - The "/Documents" folder MUST be able to be written to by your web server. | 46 | - The "/Documents" folder MUST be able to be written to by your web server. |
docs/TODO.txt
| @@ -2,9 +2,11 @@ KnowledgeTree DMS Development TODO List | @@ -2,9 +2,11 @@ KnowledgeTree DMS Development TODO List | ||
| 2 | --------------------------------------- | 2 | --------------------------------------- |
| 3 | 3 | ||
| 4 | (In no particular order after office integration) | 4 | (In no particular order after office integration) |
| 5 | - | ||
| 6 | - Microsoft Office integration- Open, Edit, Update documents in the KnowledgeTree | 5 | - Microsoft Office integration- Open, Edit, Update documents in the KnowledgeTree |
| 7 | from within Microsoft Office programs (IN PROGRESS) | 6 | from within Microsoft Office programs (IN PROGRESS) |
| 7 | + | ||
| 8 | +- Search- improve standard search hitrate | ||
| 9 | + - if there are no standard search results then try advanced search? | ||
| 8 | - WebDAV integration | 10 | - WebDAV integration |
| 9 | - Reporting- Simple usage and statistics report generator | 11 | - Reporting- Simple usage and statistics report generator |
| 10 | - Code Review and Refactoring | 12 | - Code Review and Refactoring |
| @@ -40,5 +42,8 @@ KnowledgeTree DMS Development TODO List | @@ -40,5 +42,8 @@ KnowledgeTree DMS Development TODO List | ||
| 40 | - Allow overrides on a per document basis | 42 | - Allow overrides on a per document basis |
| 41 | - Search | 43 | - Search |
| 42 | - Search for document creator and folder names | 44 | - Search for document creator and folder names |
| 45 | + - Accomodate custom search terms- $fCustomSearchxxx | ||
| 46 | +- Allow thumbnails for image types (API for any other filetype) | ||
| 47 | +- Permission model- allow breaking of permission inheritance (integrate with serving multiple organisations) | ||
| 43 | 48 | ||
| 44 | $Id$ | 49 | $Id$ |
| 45 | \ No newline at end of file | 50 | \ No newline at end of file |
graphics/logo.jpg
lib/DefaultLookup.inc
| @@ -82,7 +82,7 @@ class DefaultLookup { | @@ -82,7 +82,7 @@ class DefaultLookup { | ||
| 82 | //don't create the object if it's aready been created | 82 | //don't create the object if it's aready been created |
| 83 | if ($this->iId < 0) { | 83 | if ($this->iId < 0) { |
| 84 | $sql = $default->db; | 84 | $sql = $default->db; |
| 85 | - $result = $sql->query("INSERT INTO $this->sTableName (name) VALUES ( '". addslashes($this->sName) . "')"); | 85 | + $result = $sql->query("INSERT INTO $this->sTableName (name) VALUES ('$this->sName')"); |
| 86 | if ($result) { | 86 | if ($result) { |
| 87 | //set the primary key; | 87 | //set the primary key; |
| 88 | $this->iId = $sql->insert_id(); | 88 | $this->iId = $sql->insert_id(); |
| @@ -106,7 +106,7 @@ class DefaultLookup { | @@ -106,7 +106,7 @@ class DefaultLookup { | ||
| 106 | //can only update if the object has been stored | 106 | //can only update if the object has been stored |
| 107 | if ($this->iId >= 0) { | 107 | if ($this->iId >= 0) { |
| 108 | $sql = $default->db; | 108 | $sql = $default->db; |
| 109 | - $result = $sql->query("UPDATE $this->sTableName SET name = '" . addslashes($this->sName) . "' WHERE id = $this->iId"); | 109 | + $result = $sql->query("UPDATE $this->sTableName SET name = '$this->sName' WHERE id = $this->iId"); |
| 110 | if ($result) { | 110 | if ($result) { |
| 111 | return true; | 111 | return true; |
| 112 | } | 112 | } |
| @@ -156,7 +156,7 @@ class DefaultLookup { | @@ -156,7 +156,7 @@ class DefaultLookup { | ||
| 156 | $result = $sql->query("SELECT * FROM $sTableName WHERE id = $iId"); | 156 | $result = $sql->query("SELECT * FROM $sTableName WHERE id = $iId"); |
| 157 | if ($result) { | 157 | if ($result) { |
| 158 | if ($sql->next_record()) { | 158 | if ($sql->next_record()) { |
| 159 | - $oLookup = & new DefaultLookup($sTableName, stripslashes($sql->f("name"))); | 159 | + $oLookup = & new DefaultLookup($sTableName, $sql->f("name")); |
| 160 | $oLookup->iId = $iId; | 160 | $oLookup->iId = $iId; |
| 161 | return $oLookup; | 161 | return $oLookup; |
| 162 | } | 162 | } |
lib/archiving/ArchivingType.inc
| @@ -82,7 +82,7 @@ class ArchivingType { | @@ -82,7 +82,7 @@ class ArchivingType { | ||
| 82 | if ($this->iId < 0) { | 82 | if ($this->iId < 0) { |
| 83 | $sql = $default->db; | 83 | $sql = $default->db; |
| 84 | $result = $sql->query("INSERT INTO $default->archiving_type_lookup_table (name) " . | 84 | $result = $sql->query("INSERT INTO $default->archiving_type_lookup_table (name) " . |
| 85 | - "VALUES ('" . addslashes($this->sName) . "')"); | 85 | + "VALUES ('$this->sName')"); |
| 86 | if ($result) { | 86 | if ($result) { |
| 87 | //set the current primary key | 87 | //set the current primary key |
| 88 | $this->iId = $sql->insert_id(); | 88 | $this->iId = $sql->insert_id(); |
| @@ -103,7 +103,7 @@ class ArchivingType { | @@ -103,7 +103,7 @@ class ArchivingType { | ||
| 103 | if ($this->iId >= 0) { | 103 | if ($this->iId >= 0) { |
| 104 | $sql = $default->db; | 104 | $sql = $default->db; |
| 105 | $sQuery = "UPDATE $default->archiving_type_lookup_table SET " . | 105 | $sQuery = "UPDATE $default->archiving_type_lookup_table SET " . |
| 106 | - "name = '" . addslashes($this->sName) . "' " . | 106 | + "name = '$this->sName' " . |
| 107 | "WHERE id = $this->iId"; | 107 | "WHERE id = $this->iId"; |
| 108 | $result = $sql->query($sQuery); | 108 | $result = $sql->query($sQuery); |
| 109 | if ($result) { | 109 | if ($result) { |
lib/archiving/TimeUnit.inc
| @@ -82,7 +82,7 @@ class TimeUnit { | @@ -82,7 +82,7 @@ class TimeUnit { | ||
| 82 | if ($this->iId < 0) { | 82 | if ($this->iId < 0) { |
| 83 | $sql = $default->db; | 83 | $sql = $default->db; |
| 84 | $result = $sql->query("INSERT INTO $default->time_unit_lookup_table (name) " . | 84 | $result = $sql->query("INSERT INTO $default->time_unit_lookup_table (name) " . |
| 85 | - "VALUES ('" . addslashes($this->sName) . "')"); | 85 | + "VALUES ('$this->sName')"); |
| 86 | if ($result) { | 86 | if ($result) { |
| 87 | //set the current primary key | 87 | //set the current primary key |
| 88 | $this->iId = $sql->insert_id(); | 88 | $this->iId = $sql->insert_id(); |
| @@ -103,7 +103,7 @@ class TimeUnit { | @@ -103,7 +103,7 @@ class TimeUnit { | ||
| 103 | if ($this->iId >= 0) { | 103 | if ($this->iId >= 0) { |
| 104 | $sql = $default->db; | 104 | $sql = $default->db; |
| 105 | $sQuery = "UPDATE $default->time_unit_lookup_table SET " . | 105 | $sQuery = "UPDATE $default->time_unit_lookup_table SET " . |
| 106 | - "name = '" . addslashes($this->sName) . "' " . | 106 | + "name = '$this->sName' " . |
| 107 | "WHERE id = $this->iId"; | 107 | "WHERE id = $this->iId"; |
| 108 | $result = $sql->query($sQuery); | 108 | $result = $sql->query($sQuery); |
| 109 | if ($result) { | 109 | if ($result) { |
lib/authentication/Authenticator.inc
| @@ -76,12 +76,10 @@ class Authenticator { | @@ -76,12 +76,10 @@ class Authenticator { | ||
| 76 | } | 76 | } |
| 77 | else { | 77 | else { |
| 78 | // db access failed | 78 | // db access failed |
| 79 | - $_SESSION["errorMessage"] = $lang_err_database; | ||
| 80 | $aUserDetails["status"] = 0; | 79 | $aUserDetails["status"] = 0; |
| 81 | } | 80 | } |
| 82 | } else { | 81 | } else { |
| 83 | // db access failed | 82 | // db access failed |
| 84 | - $_SESSION["errorMessage"] = $lang_err_database; | ||
| 85 | $aUserDetails["status"] = 0; | 83 | $aUserDetails["status"] = 0; |
| 86 | } | 84 | } |
| 87 | } else { | 85 | } else { |
lib/dashboard/DashboardNews.inc
| @@ -306,8 +306,8 @@ class DashboardNews { | @@ -306,8 +306,8 @@ class DashboardNews { | ||
| 306 | if ($this->iId < 0) { | 306 | if ($this->iId < 0) { |
| 307 | $sql = $default->db; | 307 | $sql = $default->db; |
| 308 | $result = $sql->query("INSERT INTO $default->news_table (synopsis, body, rank, image, image_size, image_mime_type_id, active) " . | 308 | $result = $sql->query("INSERT INTO $default->news_table (synopsis, body, rank, image, image_size, image_mime_type_id, active) " . |
| 309 | - "VALUES ('" . addslashes($this->sSynopsis) . "', '" . addslashes($this->sBody) . "', $this->iRank, " . | ||
| 310 | - "'" . addslashes($this->sImage) . "', $this->iImageSize, $this->iImageMimeTypeID, " . ($this->bActive ? "1" : "0") . ")"); | 309 | + "VALUES ('$this->sSynopsis', '$this->sBody', $this->iRank, " . |
| 310 | + "'$this->sImage', $this->iImageSize, $this->iImageMimeTypeID, " . ($this->bActive ? "1" : "0") . ")"); | ||
| 311 | if ($result) { | 311 | if ($result) { |
| 312 | //set the current news item primary key | 312 | //set the current news item primary key |
| 313 | $this->iId = $sql->insert_id(); | 313 | $this->iId = $sql->insert_id(); |
| @@ -334,10 +334,10 @@ class DashboardNews { | @@ -334,10 +334,10 @@ class DashboardNews { | ||
| 334 | if ($this->iId >= 0) { | 334 | if ($this->iId >= 0) { |
| 335 | $sql = $default->db; | 335 | $sql = $default->db; |
| 336 | $sQuery = "UPDATE " . $default->news_table . " SET " . | 336 | $sQuery = "UPDATE " . $default->news_table . " SET " . |
| 337 | - "synopsis = '" . addslashes($this->sSynopsis) . "', " . | ||
| 338 | - "body = '" . addslashes($this->sBody) . "', " . | 337 | + "synopsis = '$this->sSynopsis', " . |
| 338 | + "body = '$this->sBody', " . | ||
| 339 | "rank = $this->iRank, " . | 339 | "rank = $this->iRank, " . |
| 340 | - "image = '" . addslashes($this->sImage) . "', " . | 340 | + "image = '$this->sImage', " . |
| 341 | "image_size = $this->iImageSize " . | 341 | "image_size = $this->iImageSize " . |
| 342 | ($this->iImageMimeTypeID ? ", image_mime_type_id = $this->iImageMimeTypeID " : " ") . | 342 | ($this->iImageMimeTypeID ? ", image_mime_type_id = $this->iImageMimeTypeID " : " ") . |
| 343 | "WHERE id = $this->iId"; | 343 | "WHERE id = $this->iId"; |
| @@ -395,7 +395,7 @@ class DashboardNews { | @@ -395,7 +395,7 @@ class DashboardNews { | ||
| 395 | $aImage = array( "image" => $sql->f("image"), | 395 | $aImage = array( "image" => $sql->f("image"), |
| 396 | "filesize" => $sql->f("image_size"), | 396 | "filesize" => $sql->f("image_size"), |
| 397 | "mimetypeid" => $sql->f("image_mime_type_id") ); | 397 | "mimetypeid" => $sql->f("image_mime_type_id") ); |
| 398 | - $oDashboardNews = & new DashboardNews(stripslashes($sql->f("synopsis")), stripslashes($sql->f("body")), $sql->f("rank"), $aImage); | 398 | + $oDashboardNews = & new DashboardNews($sql->f("synopsis"), $sql->f("body"), $sql->f("rank"), $aImage); |
| 399 | $oDashboardNews->iId = $iNewsID; | 399 | $oDashboardNews->iId = $iNewsID; |
| 400 | $oDashboardNews->setActive($sql->f("active")); | 400 | $oDashboardNews->setActive($sql->f("active")); |
| 401 | return $oDashboardNews; | 401 | return $oDashboardNews; |
lib/database/lookup.inc
| @@ -86,7 +86,7 @@ function lookupField($tableName, $selectFieldName, $whereFieldName, $whereFieldV | @@ -86,7 +86,7 @@ function lookupField($tableName, $selectFieldName, $whereFieldName, $whereFieldV | ||
| 86 | 86 | ||
| 87 | if ($sql->query($query)) { | 87 | if ($sql->query($query)) { |
| 88 | if ($sql->next_record()) { | 88 | if ($sql->next_record()) { |
| 89 | - return stripslashes($sql->f($selectFieldName)); | 89 | + return $sql->f($selectFieldName); |
| 90 | } else { | 90 | } else { |
| 91 | $_SESSION["errorMessage"] = "$selectFieldName field lookup retrieval failed ($query)."; | 91 | $_SESSION["errorMessage"] = "$selectFieldName field lookup retrieval failed ($query)."; |
| 92 | return false; | 92 | return false; |
lib/documentmanagement/DependantDocumentInstance.inc
| @@ -79,7 +79,7 @@ class DependantDocumentInstance { | @@ -79,7 +79,7 @@ class DependantDocumentInstance { | ||
| 79 | * | 79 | * |
| 80 | */ | 80 | */ |
| 81 | function setDocumentTitle($sNewValue) { | 81 | function setDocumentTitle($sNewValue) { |
| 82 | - $this -> sDocumentTitle = $sNewValue; | 82 | + $this->sDocumentTitle = $sNewValue; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | /** | 85 | /** |
| @@ -99,7 +99,7 @@ class DependantDocumentInstance { | @@ -99,7 +99,7 @@ class DependantDocumentInstance { | ||
| 99 | * | 99 | * |
| 100 | */ | 100 | */ |
| 101 | function getTemplateDocumentID() { | 101 | function getTemplateDocumentID() { |
| 102 | - return $this -> iTemplateDocumentID; | 102 | + return $this->iTemplateDocumentID; |
| 103 | } | 103 | } |
| 104 | 104 | ||
| 105 | /** | 105 | /** |
| @@ -109,7 +109,7 @@ class DependantDocumentInstance { | @@ -109,7 +109,7 @@ class DependantDocumentInstance { | ||
| 109 | * | 109 | * |
| 110 | */ | 110 | */ |
| 111 | function setHasLookup($sNewValue) { | 111 | function setHasLookup($sNewValue) { |
| 112 | - $this -> iTemplateDocumentID = $sNewValue; | 112 | + $this->iTemplateDocumentID = $sNewValue; |
| 113 | } | 113 | } |
| 114 | 114 | ||
| 115 | function getParentDocumentID() { | 115 | function getParentDocumentID() { |
| @@ -125,17 +125,17 @@ class DependantDocumentInstance { | @@ -125,17 +125,17 @@ class DependantDocumentInstance { | ||
| 125 | function create() { | 125 | function create() { |
| 126 | global $default, $lang_err_database, $lang_err_object_exists; | 126 | global $default, $lang_err_database, $lang_err_object_exists; |
| 127 | //if the object hasn't been created | 127 | //if the object hasn't been created |
| 128 | - if ($this -> iId < 0) { | ||
| 129 | - $sql = $default -> db; | ||
| 130 | - $result = $sql -> query("INSERT INTO $default->dependant_document_instance_table (document_title, user_id,template_document_id, parent_document_id) VALUES ('" . addslashes($this->sDocumentTitle) . "', $this->iUserID, " . (isset($this->iTemplateDocumentID) ? "$this->iTemplateDocumentID" : "NULL") . ", " . $this->iParentDocumentID . ")"); | 128 | + if ($this->iId < 0) { |
| 129 | + $sql = $default->db; | ||
| 130 | + $result = $sql->query("INSERT INTO $default->dependant_document_instance_table (document_title, user_id,template_document_id, parent_document_id) VALUES ('$this->sDocumentTitle', $this->iUserID, " . (isset($this->iTemplateDocumentID) ? "$this->iTemplateDocumentID" : "NULL") . ", " . $this->iParentDocumentID . ")"); | ||
| 131 | if ($result) { | 131 | if ($result) { |
| 132 | - $this -> iId = $sql -> insert_id(); | 132 | + $this->iId = $sql->insert_id(); |
| 133 | return true; | 133 | return true; |
| 134 | } | 134 | } |
| 135 | $_SESSION["errorMessage"] = $lang_err_database; | 135 | $_SESSION["errorMessage"] = $lang_err_database; |
| 136 | return false; | 136 | return false; |
| 137 | } | 137 | } |
| 138 | - $_SESSION["errorMessage"] = $lang_err_object_exists."id = ".$this -> iId." table = dependant_document_instance"; | 138 | + $_SESSION["errorMessage"] = $lang_err_object_exists."id = ".$this->iId." table = dependant_document_instance"; |
| 139 | return false; | 139 | return false; |
| 140 | } | 140 | } |
| 141 | 141 | ||
| @@ -148,9 +148,9 @@ class DependantDocumentInstance { | @@ -148,9 +148,9 @@ class DependantDocumentInstance { | ||
| 148 | function update() { | 148 | function update() { |
| 149 | global $default, $lang_err_database, $lang_err_object_key; | 149 | global $default, $lang_err_database, $lang_err_object_key; |
| 150 | //only update if the object has been stored | 150 | //only update if the object has been stored |
| 151 | - if ($this -> iId > 0) { | ||
| 152 | - $sql = $default -> db; | ||
| 153 | - $result = $sql -> query("UPDATE $default -> owl_dependant_documents SET document_title = '".addslashes($this -> sDocumentTitle)."', user_id = $this->iUserID, template_document_id = $this->iTemplateDocumentID, parent_document_id = $this->iParentDocumentID WHERE id = $this->iId"); | 151 | + if ($this->iId > 0) { |
| 152 | + $sql = $default->db; | ||
| 153 | + $result = $sql->query("UPDATE $default->dependant_document_instance_table SET document_title = '$this->sDocumentTitle', user_id = $this->iUserID, template_document_id = $this->iTemplateDocumentID, parent_document_id = $this->iParentDocumentID WHERE id = $this->iId"); | ||
| 154 | if ($result) { | 154 | if ($result) { |
| 155 | return true; | 155 | return true; |
| 156 | } | 156 | } |
| @@ -170,9 +170,9 @@ class DependantDocumentInstance { | @@ -170,9 +170,9 @@ class DependantDocumentInstance { | ||
| 170 | function delete() { | 170 | function delete() { |
| 171 | global $default, $lang_err_database, $lang_err_object_key; | 171 | global $default, $lang_err_database, $lang_err_object_key; |
| 172 | //only delete the object if it exists in the database | 172 | //only delete the object if it exists in the database |
| 173 | - if ($this -> iId >= 0) { | ||
| 174 | - $sql = $default -> db; | ||
| 175 | - $result = $sql -> query("DELETE FROM $default->dependant_document_instance_table WHERE id = $this->iId"); | 173 | + if ($this->iId >= 0) { |
| 174 | + $sql = $default->db; | ||
| 175 | + $result = $sql->query("DELETE FROM $default->dependant_document_instance_table WHERE id = $this->iId"); | ||
| 176 | if ($result) { | 176 | if ($result) { |
| 177 | return true; | 177 | return true; |
| 178 | } | 178 | } |
| @@ -193,12 +193,12 @@ class DependantDocumentInstance { | @@ -193,12 +193,12 @@ class DependantDocumentInstance { | ||
| 193 | */ | 193 | */ |
| 194 | function & get($iDependantDocumentID) { | 194 | function & get($iDependantDocumentID) { |
| 195 | global $default; | 195 | global $default; |
| 196 | - $sql = $default -> db; | ||
| 197 | - $result = $sql -> query("SELECT * FROM $default->dependant_document_instance_table WHERE id = $iDependantDocumentID"); | 196 | + $sql = $default->db; |
| 197 | + $result = $sql->query("SELECT * FROM $default->dependant_document_instance_table WHERE id = $iDependantDocumentID"); | ||
| 198 | if ($result) { | 198 | if ($result) { |
| 199 | - if ($sql -> next_record()) { | ||
| 200 | - $oDependantDocument = & new DependantDocumentInstance(stripslashes($sql -> f("document_title")), $sql -> f("user_id"), $sql -> f("template_document_id"), $sql->f("parent_document_id")); | ||
| 201 | - $oDependantDocument -> iId = $sql -> f("id"); | 199 | + if ($sql->next_record()) { |
| 200 | + $oDependantDocument = & new DependantDocumentInstance($sql->f("document_title"), $sql->f("user_id"), $sql->f("template_document_id"), $sql->f("parent_document_id")); | ||
| 201 | + $oDependantDocument->iId = $sql->f("id"); | ||
| 202 | return $oDependantDocument; | 202 | return $oDependantDocument; |
| 203 | } | 203 | } |
| 204 | $_SESSION["errorMessage"] = $lang_err_object_not_exist."id = ".$iDependantDocumentID." table = $default->dependant_document_instance_table"; | 204 | $_SESSION["errorMessage"] = $lang_err_object_not_exist."id = ".$iDependantDocumentID." table = $default->dependant_document_instance_table"; |
lib/documentmanagement/DependantDocumentTemplate.inc
| @@ -133,11 +133,11 @@ class DependantDocumentTemplate { | @@ -133,11 +133,11 @@ class DependantDocumentTemplate { | ||
| 133 | function create() { | 133 | function create() { |
| 134 | global $default, $lang_err_database, $lang_err_object_exists; | 134 | global $default, $lang_err_database, $lang_err_object_exists; |
| 135 | //if the object hasn't been created | 135 | //if the object hasn't been created |
| 136 | - if ($this -> iId < 0) { | ||
| 137 | - $sql = $default -> db; | ||
| 138 | - $result = $sql -> query("INSERT INTO $default->dependant_document_template_table (document_title, default_user_id,template_document_id, group_folder_approval_link_id) VALUES ('" . addslashes($this->sDocumentTitle) . "', $this->iDefaultUserID, " . (($this->iTemplateDocumentID == null) ? "NULL" : $this->iTemplateDocumentID) . ", $this->iGroupFolderApprovalLinkID)"); | 136 | + if ($this->iId < 0) { |
| 137 | + $sql = $default->db; | ||
| 138 | + $result = $sql->query("INSERT INTO $default->dependant_document_template_table (document_title, default_user_id,template_document_id, group_folder_approval_link_id) VALUES ('$this->sDocumentTitle', $this->iDefaultUserID, " . (($this->iTemplateDocumentID == null) ? "NULL" : $this->iTemplateDocumentID) . ", $this->iGroupFolderApprovalLinkID)"); | ||
| 139 | if ($result) { | 139 | if ($result) { |
| 140 | - $this -> iId = $sql -> insert_id(); | 140 | + $this->iId = $sql->insert_id(); |
| 141 | return true; | 141 | return true; |
| 142 | } | 142 | } |
| 143 | $_SESSION["errorMessage"] = $lang_err_database; | 143 | $_SESSION["errorMessage"] = $lang_err_database; |
| @@ -156,9 +156,9 @@ class DependantDocumentTemplate { | @@ -156,9 +156,9 @@ class DependantDocumentTemplate { | ||
| 156 | function update() { | 156 | function update() { |
| 157 | global $default, $lang_err_database, $lang_err_object_key; | 157 | global $default, $lang_err_database, $lang_err_object_key; |
| 158 | //only update if the object has been stored | 158 | //only update if the object has been stored |
| 159 | - if ($this -> iId > 0) { | ||
| 160 | - $sql = $default -> db; | ||
| 161 | - $result = $sql -> query("UPDATE $default->dependant_document_template_table SET document_title = '".addslashes($this -> sDocumentTitle)."', default_user_id = $this->iDefaultUserID, template_document_id = " . (($this->iTemplateDocumentID == null) ? "NULL" : $this->iTemplateDocumentID) . ", group_folder_approval_link_id = $this->iGroupFolderApprovalLinkID WHERE id = $this->iId"); | 159 | + if ($this->iId > 0) { |
| 160 | + $sql = $default->db; | ||
| 161 | + $result = $sql->query("UPDATE $default->dependant_document_template_table SET document_title = '$this->sDocumentTitle', default_user_id = $this->iDefaultUserID, template_document_id = " . (($this->iTemplateDocumentID == null) ? "NULL" : $this->iTemplateDocumentID) . ", group_folder_approval_link_id = $this->iGroupFolderApprovalLinkID WHERE id = $this->iId"); | ||
| 162 | if ($result) { | 162 | if ($result) { |
| 163 | return true; | 163 | return true; |
| 164 | } | 164 | } |
| @@ -178,9 +178,9 @@ class DependantDocumentTemplate { | @@ -178,9 +178,9 @@ class DependantDocumentTemplate { | ||
| 178 | function delete() { | 178 | function delete() { |
| 179 | global $default, $lang_err_database, $lang_err_object_key; | 179 | global $default, $lang_err_database, $lang_err_object_key; |
| 180 | //only delete the object if it exists in the database | 180 | //only delete the object if it exists in the database |
| 181 | - if ($this -> iId >= 0) { | ||
| 182 | - $sql = $default -> db; | ||
| 183 | - $result = $sql -> query("DELETE FROM $default->dependant_document_template_table WHERE id = $this->iId"); | 181 | + if ($this->iId >= 0) { |
| 182 | + $sql = $default->db; | ||
| 183 | + $result = $sql->query("DELETE FROM $default->dependant_document_template_table WHERE id = $this->iId"); | ||
| 184 | if ($result) { | 184 | if ($result) { |
| 185 | return true; | 185 | return true; |
| 186 | } | 186 | } |
| @@ -201,13 +201,13 @@ class DependantDocumentTemplate { | @@ -201,13 +201,13 @@ class DependantDocumentTemplate { | ||
| 201 | */ | 201 | */ |
| 202 | function & get($iDependantDocumentID) { | 202 | function & get($iDependantDocumentID) { |
| 203 | global $default; | 203 | global $default; |
| 204 | - $sql = $default -> db; | ||
| 205 | - $result = $sql -> query("SELECT * FROM $default->dependant_document_template_table WHERE id = $iDependantDocumentID"); | 204 | + $sql = $default->db; |
| 205 | + $result = $sql->query("SELECT * FROM $default->dependant_document_template_table WHERE id = $iDependantDocumentID"); | ||
| 206 | if ($result) { | 206 | if ($result) { |
| 207 | - if ($sql -> next_record()) { | ||
| 208 | - $DependantDocumentTemplate = & new DependantDocumentTemplate(stripslashes($sql -> f("document_title")), $sql -> f("default_user_id"), $sql->f("group_folder_approval_link_id"), $sql->f("template_document_id")); | ||
| 209 | - $DependantDocumentTemplate -> iId = $sql -> f("id"); | ||
| 210 | - /*if (!($sql -> f("template_document_id") == null)) { | 207 | + if ($sql->next_record()) { |
| 208 | + $DependantDocumentTemplate = & new DependantDocumentTemplate($sql->f("document_title"), $sql->f("default_user_id"), $sql->f("group_folder_approval_link_id"), $sql->f("template_document_id")); | ||
| 209 | + $DependantDocumentTemplate->iId = $sql->f("id"); | ||
| 210 | + /*if (!($sql->f("template_document_id") == null)) { | ||
| 211 | $DependantDocumentTemplate->setTemplateDocumentID($sql->f("template_document_id")); | 211 | $DependantDocumentTemplate->setTemplateDocumentID($sql->f("template_document_id")); |
| 212 | }*/ | 212 | }*/ |
| 213 | return $DependantDocumentTemplate; | 213 | return $DependantDocumentTemplate; |
lib/documentmanagement/Document.inc
| @@ -276,11 +276,11 @@ class Document { | @@ -276,11 +276,11 @@ class Document { | ||
| 276 | } | 276 | } |
| 277 | 277 | ||
| 278 | /** | 278 | /** |
| 279 | - * Generate a comma delimited string containing | ||
| 280 | - * the parent folder ids | ||
| 281 | - * | ||
| 282 | - * @return String comma delimited string containing the parent folder ids | ||
| 283 | - */ | 279 | + * Recursive function to generate a comma delimited string containing |
| 280 | + * the parent folder ids | ||
| 281 | + * | ||
| 282 | + * @return String comma delimited string containing the parent folder ids | ||
| 283 | + */ | ||
| 284 | function generateParentFolderIDS($iFolderID) { | 284 | function generateParentFolderIDS($iFolderID) { |
| 285 | global $default; | 285 | global $default; |
| 286 | //if the folder is not the root folder | 286 | //if the folder is not the root folder |
| @@ -295,10 +295,20 @@ class Document { | @@ -295,10 +295,20 @@ class Document { | ||
| 295 | } | 295 | } |
| 296 | 296 | ||
| 297 | /** | 297 | /** |
| 298 | - * Forward slash deliminated string giving full path of document | ||
| 299 | - * from file system root url | ||
| 300 | - * | ||
| 301 | - */ | 298 | + * Returns a comma delimited string containing the parent folder ids, strips leading / |
| 299 | + * | ||
| 300 | + * @return String comma delimited string containing the parent folder ids | ||
| 301 | + */ | ||
| 302 | + function generateFolderIDs($iFolderID) { | ||
| 303 | + $sFolderIDs = $this->generateParentFolderIDS($iFolderID); | ||
| 304 | + return substr($sFolderIDs, 1, strlen($sFolderIDs)); | ||
| 305 | + } | ||
| 306 | + | ||
| 307 | + | ||
| 308 | + /** | ||
| 309 | + * Recursively generates forward slash deliminated string giving full path of document | ||
| 310 | + * from file system root url | ||
| 311 | + */ | ||
| 302 | function generateFullFolderPath($iFolderID) { | 312 | function generateFullFolderPath($iFolderID) { |
| 303 | global $default; | 313 | global $default; |
| 304 | //if the folder is not the root folder | 314 | //if the folder is not the root folder |
| @@ -306,11 +316,23 @@ class Document { | @@ -306,11 +316,23 @@ class Document { | ||
| 306 | $sql = $default->db; | 316 | $sql = $default->db; |
| 307 | $sql->query("SELECT name, parent_id FROM $default->folders_table WHERE ID = $iFolderID"); | 317 | $sql->query("SELECT name, parent_id FROM $default->folders_table WHERE ID = $iFolderID"); |
| 308 | $sql->next_record(); | 318 | $sql->next_record(); |
| 309 | - return $this->generateFullFolderPath($sql->f("parent_id")) . "/" . stripslashes($sql->f("name")); | 319 | + return $this->generateFullFolderPath($sql->f("parent_id")) . "/" . $sql->f("name"); |
| 310 | } | 320 | } |
| 311 | return; | 321 | return; |
| 312 | } | 322 | } |
| 313 | 323 | ||
| 324 | + /** | ||
| 325 | + * Returns a forward slash deliminated string giving full path of document, strips leading / | ||
| 326 | + */ | ||
| 327 | + function generateFolderPath($iFolderID) { | ||
| 328 | + global $default; | ||
| 329 | + $sPath = $this->generateFullFolderPath($iFolderID); | ||
| 330 | + $sPath = substr($sPath, 1, strlen($sPath)); | ||
| 331 | + $sPath = addslashes($sPath); | ||
| 332 | + return $sPath; | ||
| 333 | + } | ||
| 334 | + | ||
| 335 | + | ||
| 314 | /** | 336 | /** |
| 315 | * Insert the current document into the database | 337 | * Insert the current document into the database |
| 316 | * | 338 | * |
| @@ -321,12 +343,10 @@ class Document { | @@ -321,12 +343,10 @@ class Document { | ||
| 321 | //if the id >= 0, then the object has already been created | 343 | //if the id >= 0, then the object has already been created |
| 322 | if ($this->iId < 0) { | 344 | if ($this->iId < 0) { |
| 323 | $sql = $default->db; | 345 | $sql = $default->db; |
| 324 | - $sFullPath = $this->generateFullFolderPath($this->iFolderID); | ||
| 325 | - $this->sFullPath = substr($sFullPath, 1, strlen($sFullPath)); | ||
| 326 | - $sParentFolderIDs = $this->generateParentFolderIDS($this->iFolderID); | ||
| 327 | - $this->sParentFolderIDs = substr($sParentFolderIDs, 1, strlen($sParentFolderIDs)); | 346 | + $this->sFullPath = $this->generateFolderPath($this->iFolderID); |
| 347 | + $this->sParentFolderIDs = $this->generateFolderIDs($this->iFolderID); | ||
| 328 | $result = $sql->query("INSERT INTO " . $default->documents_table . " (document_type_id, name, filename, size, creator_id, modified, description, mime_id, folder_id, major_version, minor_version, is_checked_out, checked_out_user_id, parent_folder_ids, full_path, status_id) " . | 348 | $result = $sql->query("INSERT INTO " . $default->documents_table . " (document_type_id, name, filename, size, creator_id, modified, description, mime_id, folder_id, major_version, minor_version, is_checked_out, checked_out_user_id, parent_folder_ids, full_path, status_id) " . |
| 329 | - "VALUES ($this->iDocumentTypeID, '" . addslashes($this->sName) . "', '" . addslashes($this->sFileName) . "', $this->iSize, $this->iCreatorID, '" . getCurrentDateTime() . "', '" . addslashes($this->sDescription) . "', $this->iMimeTypeID, $this->iFolderID, $this->iMajorVersion, $this->iMinorVersion, " . ($this->bIsCheckedOut ? 1 : 0) . ", $this->iCheckedOutUserID, '$this->sParentFolderIDs','" . addslashes($this->sFullPath) . "', $this->iStatusID)"); | 349 | + "VALUES ($this->iDocumentTypeID, '$this->sName', '$this->sFileName', $this->iSize, $this->iCreatorID, '" . getCurrentDateTime() . "', '$this->sDescription', $this->iMimeTypeID, $this->iFolderID, $this->iMajorVersion, $this->iMinorVersion, " . ($this->bIsCheckedOut ? 1 : 0) . ", $this->iCheckedOutUserID, '$this->sParentFolderIDs','$this->sFullPath', $this->iStatusID)"); |
| 330 | if ($result) { | 350 | if ($result) { |
| 331 | //set the current documents primary key | 351 | //set the current documents primary key |
| 332 | $this->iId = $sql->insert_id(); | 352 | $this->iId = $sql->insert_id(); |
| @@ -354,11 +374,11 @@ class Document { | @@ -354,11 +374,11 @@ class Document { | ||
| 354 | "INNER JOIN $default->groups_folders_table AS GFL ON GFL.folder_id = F.id " . | 374 | "INNER JOIN $default->groups_folders_table AS GFL ON GFL.folder_id = F.id " . |
| 355 | "INNER JOIN $default->users_groups_table AS UGL ON UGL.group_id = GFL.group_id " . | 375 | "INNER JOIN $default->users_groups_table AS UGL ON UGL.group_id = GFL.group_id " . |
| 356 | "WHERE D.id=$this->iId"; | 376 | "WHERE D.id=$this->iId"; |
| 357 | - $default->log->info("addDocument groupPerms=$sGroupPerms"); | 377 | + $default->log->debug("addDocument groupPerms=$sGroupPerms"); |
| 358 | if ($sql->query($sGroupPerms)) { | 378 | if ($sql->query($sGroupPerms)) { |
| 359 | - $default->log->info("groupPerms succeeded"); | 379 | + $default->log->debug("groupPerms succeeded"); |
| 360 | } else { | 380 | } else { |
| 361 | - $default->log->info("groupPerms failed"); | 381 | + $default->log->error("groupPerms failed"); |
| 362 | } | 382 | } |
| 363 | // role permissions | 383 | // role permissions |
| 364 | $sRolePerms = "INSERT INTO $default->search_permissions_table (user_id, document_id) " . | 384 | $sRolePerms = "INSERT INTO $default->search_permissions_table (user_id, document_id) " . |
| @@ -367,9 +387,9 @@ class Document { | @@ -367,9 +387,9 @@ class Document { | ||
| 367 | "WHERE document_id=$this->iId"; | 387 | "WHERE document_id=$this->iId"; |
| 368 | $default->log->info("addDocument rolePerms=$sRolePerms"); | 388 | $default->log->info("addDocument rolePerms=$sRolePerms"); |
| 369 | if ($sql->query($sRolePerms)) { | 389 | if ($sql->query($sRolePerms)) { |
| 370 | - $default->log->info("rolePerms succeeded"); | 390 | + $default->log->debug("rolePerms succeeded"); |
| 371 | } else { | 391 | } else { |
| 372 | - $default->log->info("rolePerms failed"); | 392 | + $default->log->error("rolePerms failed"); |
| 373 | } | 393 | } |
| 374 | 394 | ||
| 375 | // public folders | 395 | // public folders |
| @@ -378,11 +398,11 @@ class Document { | @@ -378,11 +398,11 @@ class Document { | ||
| 378 | "FROM $default->users_table AS U, $default->documents_table AS D INNER JOIN $default->folders_table AS F ON D.folder_id = F.id " . | 398 | "FROM $default->users_table AS U, $default->documents_table AS D INNER JOIN $default->folders_table AS F ON D.folder_id = F.id " . |
| 379 | "WHERE F.is_public = 1 " . | 399 | "WHERE F.is_public = 1 " . |
| 380 | "AND D.id=$this->iId"; | 400 | "AND D.id=$this->iId"; |
| 381 | - $default->log->info("addDocument publicFolder=$sPublicFolderPerms"); | 401 | + $default->log->debug("addDocument publicFolder=$sPublicFolderPerms"); |
| 382 | if ($sql->query($sPublicFolderPerms)) { | 402 | if ($sql->query($sPublicFolderPerms)) { |
| 383 | - $default->log->info("publicFolder succeeded"); | 403 | + $default->log->debug("publicFolder succeeded"); |
| 384 | } else { | 404 | } else { |
| 385 | - $default->log->info("publicFolder failed"); | 405 | + $default->log->error("publicFolder failed"); |
| 386 | } | 406 | } |
| 387 | 407 | ||
| 388 | // creator permissions | 408 | // creator permissions |
| @@ -390,11 +410,11 @@ class Document { | @@ -390,11 +410,11 @@ class Document { | ||
| 390 | "SELECT creator_id, id " . | 410 | "SELECT creator_id, id " . |
| 391 | "FROM $default->documents_table " . | 411 | "FROM $default->documents_table " . |
| 392 | "WHERE id=$this->iId"; | 412 | "WHERE id=$this->iId"; |
| 393 | - $default->log->info("addDocument creatorPerms=$sCreatorPerms"); | 413 | + $default->log->debug("addDocument creatorPerms=$sCreatorPerms"); |
| 394 | if ($sql->query($sCreatorPerms)) { | 414 | if ($sql->query($sCreatorPerms)) { |
| 395 | - $default->log->info("creatorPerms succeeded"); | 415 | + $default->log->debug("creatorPerms succeeded"); |
| 396 | } else { | 416 | } else { |
| 397 | - $default->log->info("creatorPerms failed"); | 417 | + $default->log->error("creatorPerms failed"); |
| 398 | } | 418 | } |
| 399 | } | 419 | } |
| 400 | 420 | ||
| @@ -409,29 +429,28 @@ class Document { | @@ -409,29 +429,28 @@ class Document { | ||
| 409 | $sql = $default->db; | 429 | $sql = $default->db; |
| 410 | $sQuery = "UPDATE " . $default->documents_table . " SET " . | 430 | $sQuery = "UPDATE " . $default->documents_table . " SET " . |
| 411 | "document_type_id = $this->iDocumentTypeID, " . | 431 | "document_type_id = $this->iDocumentTypeID, " . |
| 412 | - "name = '" . addslashes($this->sName) . "', " . | ||
| 413 | - "filename = '" . addslashes($this->sFileName) . "', " . | 432 | + "name = '$this->sName', " . |
| 433 | + "filename = '$this->sFileName', " . | ||
| 414 | "size = $this->iSize, " . | 434 | "size = $this->iSize, " . |
| 415 | "creator_id = $this->iCreatorID, " . | 435 | "creator_id = $this->iCreatorID, " . |
| 416 | "modified = '" . getCurrentDateTime() . "', " . | 436 | "modified = '" . getCurrentDateTime() . "', " . |
| 417 | - "description = '" . addslashes($this->sDescription) . "', " . | 437 | + "description = '$this->sDescription', " . |
| 418 | "mime_id = $this->iMimeTypeID, " . | 438 | "mime_id = $this->iMimeTypeID, " . |
| 419 | "folder_id = $this->iFolderID, " . | 439 | "folder_id = $this->iFolderID, " . |
| 420 | "major_version = $this->iMajorVersion, " . | 440 | "major_version = $this->iMajorVersion, " . |
| 421 | "minor_version = $this->iMinorVersion, "; | 441 | "minor_version = $this->iMinorVersion, "; |
| 422 | - if ($aForMove) { | ||
| 423 | - //only update these if the document is being moved | ||
| 424 | - $sFullPath = $this->generateFullFolderPath($this->iFolderID); | ||
| 425 | - $this->sFullPath = substr($sFullPath, 1, strlen($sFullPath)); | ||
| 426 | - $sParentFolderIDs = $this->generateParentFolderIDS($this->iFolderID); | ||
| 427 | - $this->sParentFolderIDs = substr($sParentFolderIDs, 1, strlen($sParentFolderIDs)); | ||
| 428 | - $sQuery .= "parent_folder_ids = '" . addslashes($this->sParentFolderIDs) . "'," . | ||
| 429 | - "full_path = '" . addslashes($this->sFullPath) . "', "; | ||
| 430 | - } | ||
| 431 | - $sQuery .= "is_checked_out = " . ($this->bIsCheckedOut ? "1" : "0") . ", " . | ||
| 432 | - "checked_out_user_id = $this->iCheckedOutUserID, " . | ||
| 433 | - "status_id = $this->iStatusID " . | ||
| 434 | - "WHERE id = $this->iId"; | 442 | + if ($aForMove) { |
| 443 | + //only update these if the document is being moved | ||
| 444 | + $this->sFullPath = $this->generateFolderPath($this->iFolderID); | ||
| 445 | + $this->sParentFolderIDs = $this->generateFolderIDs($this->iFolderID); | ||
| 446 | + | ||
| 447 | + $sQuery .= "parent_folder_ids = '$this->sParentFolderIDs'," . | ||
| 448 | + "full_path = '$this->sFullPath', "; | ||
| 449 | + } | ||
| 450 | + $sQuery .= "is_checked_out = " . ($this->bIsCheckedOut ? "1" : "0") . ", " . | ||
| 451 | + "checked_out_user_id = $this->iCheckedOutUserID, " . | ||
| 452 | + "status_id = $this->iStatusID " . | ||
| 453 | + "WHERE id = $this->iId"; | ||
| 435 | $result = $sql->query($sQuery); | 454 | $result = $sql->query($sQuery); |
| 436 | if ($result) { | 455 | if ($result) { |
| 437 | return true; | 456 | return true; |
| @@ -565,14 +584,14 @@ class Document { | @@ -565,14 +584,14 @@ class Document { | ||
| 565 | // TODO: join on sys_deleted | 584 | // TODO: join on sys_deleted |
| 566 | $sql->query("SELECT * FROM $default->documents_table WHERE id = $iDocumentID"); | 585 | $sql->query("SELECT * FROM $default->documents_table WHERE id = $iDocumentID"); |
| 567 | if ($sql->next_record()) { | 586 | if ($sql->next_record()) { |
| 568 | - $oDocument = & new Document(stripslashes($sql->f("name")), stripslashes($sql->f("filename")), $sql->f("size"), $sql->f("creator_id"), $sql->f("mime_id"), $sql->f("folder_id"), $sql->f("description")); | 587 | + $oDocument = & new Document($sql->f("name"), $sql->f("filename"), $sql->f("size"), $sql->f("creator_id"), $sql->f("mime_id"), $sql->f("folder_id"), $sql->f("description")); |
| 569 | $oDocument->setDocumentTypeID($sql->f("document_type_id")); | 588 | $oDocument->setDocumentTypeID($sql->f("document_type_id")); |
| 570 | $oDocument->setMajorVersionNumber($sql->f("major_version")); | 589 | $oDocument->setMajorVersionNumber($sql->f("major_version")); |
| 571 | $oDocument->setMinorVersionNumber($sql->f("minor_version")); | 590 | $oDocument->setMinorVersionNumber($sql->f("minor_version")); |
| 572 | $oDocument->setIsCheckedOut($sql->f("is_checked_out")); | 591 | $oDocument->setIsCheckedOut($sql->f("is_checked_out")); |
| 573 | $oDocument->setLastModifiedDate($sql->f("modified")); | 592 | $oDocument->setLastModifiedDate($sql->f("modified")); |
| 574 | - $oDocument->sParentFolderIDs = stripslashes($sql->f("parent_folder_ids")); | ||
| 575 | - $oDocument->sFullPath = stripslashes($sql->f("full_path")); | 593 | + $oDocument->sParentFolderIDs = $sql->f("parent_folder_ids"); |
| 594 | + $oDocument->sFullPath = $sql->f("full_path"); | ||
| 576 | $oDocument->setCheckedOutUserID($sql->f("checked_out_user_id")); | 595 | $oDocument->setCheckedOutUserID($sql->f("checked_out_user_id")); |
| 577 | // FIXME: nasty hack- paying the penalty for adding status_id late in phase 2 | 596 | // FIXME: nasty hack- paying the penalty for adding status_id late in phase 2 |
| 578 | $oDocument->setStatusID( ($sql->f("status_id") == "" ? LIVE : $sql->f("status_id")) ); | 597 | $oDocument->setStatusID( ($sql->f("status_id") == "" ? LIVE : $sql->f("status_id")) ); |
| @@ -731,7 +750,7 @@ class Document { | @@ -731,7 +750,7 @@ class Document { | ||
| 731 | global $default; | 750 | global $default; |
| 732 | $sql = $default->db; | 751 | $sql = $default->db; |
| 733 | $sQuery = "SELECT * FROM $default->documents_table " . | 752 | $sQuery = "SELECT * FROM $default->documents_table " . |
| 734 | - "WHERE filename = '" . addslashes($sFileName) . "' " . | 753 | + "WHERE filename = '$sFileName' " . |
| 735 | "AND folder_id = $iFolderID " . | 754 | "AND folder_id = $iFolderID " . |
| 736 | "AND status_id = " . LIVE; | 755 | "AND status_id = " . LIVE; |
| 737 | $sql->query($sQuery); | 756 | $sql->query($sQuery); |
lib/documentmanagement/DocumentField.inc
| @@ -161,7 +161,7 @@ class DocumentField { | @@ -161,7 +161,7 @@ class DocumentField { | ||
| 161 | //if the object hasn't been created | 161 | //if the object hasn't been created |
| 162 | if ($this->iId < 0) { | 162 | if ($this->iId < 0) { |
| 163 | $sql = $default->db; | 163 | $sql = $default->db; |
| 164 | - $result = $sql->query("INSERT INTO " . $default->document_fields_table . " (name, data_type,is_generic,has_lookup) VALUES ('" . addslashes($this->sName) . "', '" . addslashes($this->sDataType) . "', '" . $this->bIsGeneric . "', '" . $this->bHasLookup ."')"); | 164 | + $result = $sql->query("INSERT INTO " . $default->document_fields_table . " (name, data_type,is_generic,has_lookup) VALUES ('" . $this->sName . "', '" . $this->sDataType . "', '" . $this->bIsGeneric . "', '" . $this->bHasLookup ."')"); |
| 165 | if ($result) { | 165 | if ($result) { |
| 166 | $this->iId = $sql->insert_id(); | 166 | $this->iId = $sql->insert_id(); |
| 167 | return true; | 167 | return true; |
| @@ -184,7 +184,7 @@ class DocumentField { | @@ -184,7 +184,7 @@ class DocumentField { | ||
| 184 | //only update if the object has been stored | 184 | //only update if the object has been stored |
| 185 | if ($this->iId > 0) { | 185 | if ($this->iId > 0) { |
| 186 | $sql = $default->db; | 186 | $sql = $default->db; |
| 187 | - $result = $sql->query("UPDATE " . $default->document_fields_table . " SET name = '" . addslashes($this->sName) . "', data_type = '" . addslashes($this->sDataType) . "', is_generic = '" . $this->bIsGeneric . "', has_lookup = '" . $this->bHasLookup . "' WHERE id = $this->iId"); | 187 | + $result = $sql->query("UPDATE " . $default->document_fields_table . " SET name = '" . $this->sName . "', data_type = '" . $this->sDataType . "', is_generic = '" . $this->bIsGeneric . "', has_lookup = '" . $this->bHasLookup . "' WHERE id = $this->iId"); |
| 188 | if ($result) { | 188 | if ($result) { |
| 189 | return true; | 189 | return true; |
| 190 | } | 190 | } |
| @@ -231,7 +231,7 @@ class DocumentField { | @@ -231,7 +231,7 @@ class DocumentField { | ||
| 231 | $result = $sql->query("SELECT * FROM $default->document_fields_table WHERE id = $iDocumentFieldsID"); | 231 | $result = $sql->query("SELECT * FROM $default->document_fields_table WHERE id = $iDocumentFieldsID"); |
| 232 | if ($result) { | 232 | if ($result) { |
| 233 | if ($sql->next_record()) { | 233 | if ($sql->next_record()) { |
| 234 | - $oDocumentField = & new DocumentField(stripslashes($sql->f("name")), stripslashes($sql->f("data_type")), $sql->f("is_generic"), $sql->f("has_lookup")); | 234 | + $oDocumentField = & new DocumentField($sql->f("name"), $sql->f("data_type"), $sql->f("is_generic"), $sql->f("has_lookup")); |
| 235 | $oDocumentField->iId = $sql->f("id"); | 235 | $oDocumentField->iId = $sql->f("id"); |
| 236 | return $oDocumentField; | 236 | return $oDocumentField; |
| 237 | } | 237 | } |
lib/documentmanagement/DocumentFieldLink.inc
| @@ -133,7 +133,7 @@ class DocumentFieldLink { | @@ -133,7 +133,7 @@ class DocumentFieldLink { | ||
| 133 | if ($this->iId < 0) { | 133 | if ($this->iId < 0) { |
| 134 | $sql = $default->db; | 134 | $sql = $default->db; |
| 135 | $result = $sql->query("INSERT INTO " . $default->document_fields_link_table . " (document_id, document_field_id, value) " . | 135 | $result = $sql->query("INSERT INTO " . $default->document_fields_link_table . " (document_id, document_field_id, value) " . |
| 136 | - "VALUES ($this->iDocumentID, $this->iDocumentFieldID, '" . addslashes($this->sValue) . "')"); | 136 | + "VALUES ($this->iDocumentID, $this->iDocumentFieldID, '$this->sValue')"); |
| 137 | if ($result) { | 137 | if ($result) { |
| 138 | //set the current documents primary key | 138 | //set the current documents primary key |
| 139 | $this->iId = $sql->insert_id(); | 139 | $this->iId = $sql->insert_id(); |
| @@ -157,7 +157,7 @@ class DocumentFieldLink { | @@ -157,7 +157,7 @@ class DocumentFieldLink { | ||
| 157 | if ($this->iId >= 0) { | 157 | if ($this->iId >= 0) { |
| 158 | $sql = $default->db; | 158 | $sql = $default->db; |
| 159 | $result = $sql->query("UPDATE " . $default->document_fields_link_table . " SET " . | 159 | $result = $sql->query("UPDATE " . $default->document_fields_link_table . " SET " . |
| 160 | - "document_id = $this->iDocumentID, document_field_id = $this->iDocumentFieldID, value = '" . addslashes($this->sValue) . "'" . | 160 | + "document_id = $this->iDocumentID, document_field_id = $this->iDocumentFieldID, value = '$this->sValue'" . |
| 161 | "WHERE id = $this->iId"); | 161 | "WHERE id = $this->iId"); |
| 162 | if ($result) { | 162 | if ($result) { |
| 163 | return true; | 163 | return true; |
lib/documentmanagement/DocumentLink.inc
| @@ -75,7 +75,7 @@ class DocumentLink { | @@ -75,7 +75,7 @@ class DocumentLink { | ||
| 75 | * | 75 | * |
| 76 | */ | 76 | */ |
| 77 | function setParentDocumentID($iNewValue) { | 77 | function setParentDocumentID($iNewValue) { |
| 78 | - $this -> iParentDocumentID = $iNewValue; | 78 | + $this->iParentDocumentID = $iNewValue; |
| 79 | } | 79 | } |
| 80 | 80 | ||
| 81 | /** | 81 | /** |
| @@ -95,7 +95,7 @@ class DocumentLink { | @@ -95,7 +95,7 @@ class DocumentLink { | ||
| 95 | * | 95 | * |
| 96 | */ | 96 | */ |
| 97 | function setChildDocumentID($iNewValue) { | 97 | function setChildDocumentID($iNewValue) { |
| 98 | - $this -> iChildDocumentID = $iNewValue; | 98 | + $this->iChildDocumentID = $iNewValue; |
| 99 | } | 99 | } |
| 100 | 100 | ||
| 101 | /** | 101 | /** |
| @@ -107,17 +107,17 @@ class DocumentLink { | @@ -107,17 +107,17 @@ class DocumentLink { | ||
| 107 | function create() { | 107 | function create() { |
| 108 | global $default, $lang_err_database, $lang_err_object_exists; | 108 | global $default, $lang_err_database, $lang_err_object_exists; |
| 109 | //if the object hasn't been created | 109 | //if the object hasn't been created |
| 110 | - if ($this -> iId < 0) { | ||
| 111 | - $sql = $default -> db; | ||
| 112 | - $result = $sql -> query("INSERT INTO " . $default -> owl_document_link_table . " (parent_document_id, child_document_id) VALUES ($this->iParentDocumentID, $this->iChildDocumentID)"); | 110 | + if ($this->iId < 0) { |
| 111 | + $sql = $default->db; | ||
| 112 | + $result = $sql->query("INSERT INTO $default->document_link_table (parent_document_id, child_document_id) VALUES ($this->iParentDocumentID, $this->iChildDocumentID)"); | ||
| 113 | if ($result) { | 113 | if ($result) { |
| 114 | - $this -> iId = $sql -> insert_id(); | 114 | + $this->iId = $sql->insert_id(); |
| 115 | return true; | 115 | return true; |
| 116 | } | 116 | } |
| 117 | $_SESSION["errorMessage"] = $lang_err_database; | 117 | $_SESSION["errorMessage"] = $lang_err_database; |
| 118 | return false; | 118 | return false; |
| 119 | } | 119 | } |
| 120 | - $_SESSION["errorMessage"] = $lang_err_object_exists."id = ".$this -> iId." table = document_fields"; | 120 | + $_SESSION["errorMessage"] = $lang_err_object_exists."id = ".$this->iId." table = document_fields"; |
| 121 | return false; | 121 | return false; |
| 122 | } | 122 | } |
| 123 | 123 | ||
| @@ -130,9 +130,9 @@ class DocumentLink { | @@ -130,9 +130,9 @@ class DocumentLink { | ||
| 130 | function update() { | 130 | function update() { |
| 131 | global $default, $lang_err_database, $lang_err_object_key; | 131 | global $default, $lang_err_database, $lang_err_object_key; |
| 132 | //only update if the object has been stored | 132 | //only update if the object has been stored |
| 133 | - if ($this -> iId > 0) { | ||
| 134 | - $sql = $default -> db; | ||
| 135 | - $result = $sql -> query("UPDATE ".$default -> owl_document_link_table." SET parent_document_id = $this->iParentDocumentID, child_document_id = $this->iChildDocumentID WHERE id = $this->iId"); | 133 | + if ($this->iId > 0) { |
| 134 | + $sql = $default->db; | ||
| 135 | + $result = $sql->query("UPDATE $default->document_link_table SET parent_document_id = $this->iParentDocumentID, child_document_id = $this->iChildDocumentID WHERE id = $this->iId"); | ||
| 136 | if ($result) { | 136 | if ($result) { |
| 137 | return true; | 137 | return true; |
| 138 | } | 138 | } |
| @@ -152,9 +152,9 @@ class DocumentLink { | @@ -152,9 +152,9 @@ class DocumentLink { | ||
| 152 | function delete() { | 152 | function delete() { |
| 153 | global $default, $lang_err_database, $lang_err_object_key; | 153 | global $default, $lang_err_database, $lang_err_object_key; |
| 154 | //only delete the object if it exists in the database | 154 | //only delete the object if it exists in the database |
| 155 | - if ($this -> iId >= 0) { | ||
| 156 | - $sql = $default -> db; | ||
| 157 | - $result = $sql -> query("DELETE FROM $default->document_link_table WHERE id = $this->iId"); | 155 | + if ($this->iId >= 0) { |
| 156 | + $sql = $default->db; | ||
| 157 | + $result = $sql->query("DELETE FROM $default->document_link_table WHERE id = $this->iId"); | ||
| 158 | if ($result) { | 158 | if ($result) { |
| 159 | return true; | 159 | return true; |
| 160 | } | 160 | } |
| @@ -175,12 +175,12 @@ class DocumentLink { | @@ -175,12 +175,12 @@ class DocumentLink { | ||
| 175 | */ | 175 | */ |
| 176 | function & get($iDocumentLinkID) { | 176 | function & get($iDocumentLinkID) { |
| 177 | global $default; | 177 | global $default; |
| 178 | - $sql = $default -> db; | ||
| 179 | - $result = $sql -> query("SELECT * FROM $default->document_link_table WHERE id = $iDocumentLinkID"); | 178 | + $sql = $default->db; |
| 179 | + $result = $sql->query("SELECT * FROM $default->document_link_table WHERE id = $iDocumentLinkID"); | ||
| 180 | if ($result) { | 180 | if ($result) { |
| 181 | - if ($sql -> next_record()) { | ||
| 182 | - $oDocumentLink = & new DocumentLink($sql -> f("parent_document_id"), $sql -> f("parent_document_id")); | ||
| 183 | - $oDocumentLink -> iId = $sql -> f("id"); | 181 | + if ($sql->next_record()) { |
| 182 | + $oDocumentLink = & new DocumentLink($sql->f("parent_document_id"), $sql->f("parent_document_id")); | ||
| 183 | + $oDocumentLink->iId = $sql->f("id"); | ||
| 184 | return $oDocumentLink; | 184 | return $oDocumentLink; |
| 185 | } | 185 | } |
| 186 | $_SESSION["errorMessage"] = $lang_err_object_not_exist."id = ".$iDocumentLinkID." table = $default->document_link_table"; | 186 | $_SESSION["errorMessage"] = $lang_err_object_not_exist."id = ".$iDocumentLinkID." table = $default->document_link_table"; |
lib/documentmanagement/DocumentTransaction.inc
| @@ -79,7 +79,7 @@ class DocumentTransaction { | @@ -79,7 +79,7 @@ class DocumentTransaction { | ||
| 79 | $oDocument = & Document::get($iNewDocumentID); | 79 | $oDocument = & Document::get($iNewDocumentID); |
| 80 | if ($oDocument) { | 80 | if ($oDocument) { |
| 81 | $this->sVersion = $oDocument->getMajorVersionNumber() . "." . $oDocument->getMinorVersionNumber(); | 81 | $this->sVersion = $oDocument->getMajorVersionNumber() . "." . $oDocument->getMinorVersionNumber(); |
| 82 | - $this->sFileName = Folder::getFolderPath($oDocument->getFolderID()) . "/" . $oDocument->getName(); | 82 | + $this->sFileName = addslashes(Folder::getFolderPath($oDocument->getFolderID()) . "/" . $oDocument->getName()); |
| 83 | } | 83 | } |
| 84 | $this->iUserID = $_SESSION["userID"]; | 84 | $this->iUserID = $_SESSION["userID"]; |
| 85 | $this->dDateTime = getCurrentDateTime(); | 85 | $this->dDateTime = getCurrentDateTime(); |
| @@ -105,7 +105,7 @@ class DocumentTransaction { | @@ -105,7 +105,7 @@ class DocumentTransaction { | ||
| 105 | if ($this->iId < 0) { | 105 | if ($this->iId < 0) { |
| 106 | $sql = $default->db; | 106 | $sql = $default->db; |
| 107 | $result = $sql->query("INSERT INTO " . $default->document_transactions_table . " (document_id, version, user_id, datetime, ip, filename, comment, transaction_id) " . | 107 | $result = $sql->query("INSERT INTO " . $default->document_transactions_table . " (document_id, version, user_id, datetime, ip, filename, comment, transaction_id) " . |
| 108 | - "VALUES ($this->iDocumentID, '" . addslashes($this->sVersion) . "', $this->iUserID, '" . addslashes($this->dDateTime) . "', '" . addslashes($this->sIP) . "', '" . addslashes($this->sFileName) . "', '" . addslashes($this->sComment) . "', $this->iTransactionID)"); | 108 | + "VALUES ($this->iDocumentID, '$this->sVersion', $this->iUserID, '$this->dDateTime', '$this->sIP', '$this->sFileName', '$this->sComment', $this->iTransactionID)"); |
| 109 | if ($result) { | 109 | if ($result) { |
| 110 | //object has been stored, set the primary key | 110 | //object has been stored, set the primary key |
| 111 | $this->iId = $sql->insert_id(); | 111 | $this->iId = $sql->insert_id(); |
| @@ -150,7 +150,7 @@ class DocumentTransaction { | @@ -150,7 +150,7 @@ class DocumentTransaction { | ||
| 150 | $sql = $default->db; | 150 | $sql = $default->db; |
| 151 | $sql->query("SELECT * FROM $default->document_transactions_table WHERE id = $iDocumentTransactionID"); | 151 | $sql->query("SELECT * FROM $default->document_transactions_table WHERE id = $iDocumentTransactionID"); |
| 152 | if ($sql->next_record()) { | 152 | if ($sql->next_record()) { |
| 153 | - $oDocumentTransaction = & new DocumentTransaction($sql->f("document_id"), stripslashes($sql->f("comment")), $sql->f("transaction_id")); | 153 | + $oDocumentTransaction = & new DocumentTransaction($sql->f("document_id"), $sql->f("comment"), $sql->f("transaction_id")); |
| 154 | $oDocumentTransaction->iId = $sql->f("id"); | 154 | $oDocumentTransaction->iId = $sql->f("id"); |
| 155 | $oDocumentTransaction->sVersion = $sql->f("version"); | 155 | $oDocumentTransaction->sVersion = $sql->f("version"); |
| 156 | $oDocumentTransaction->iUserID = $sql->f("user_id"); | 156 | $oDocumentTransaction->iUserID = $sql->f("user_id"); |
lib/documentmanagement/DocumentType.inc
| @@ -98,7 +98,7 @@ class DocumentType { | @@ -98,7 +98,7 @@ class DocumentType { | ||
| 98 | 98 | ||
| 99 | }else{ | 99 | }else{ |
| 100 | $sql = $default->db; | 100 | $sql = $default->db; |
| 101 | - $result = $sql->query("INSERT INTO " . $default->document_types_table . " (name) VALUES ('" . addslashes($this->sName) . "')"); | 101 | + $result = $sql->query("INSERT INTO " . $default->document_types_table . " (name) VALUES ('$this->sName')"); |
| 102 | if ($result) { | 102 | if ($result) { |
| 103 | $this->iId = $sql->insert_id(); | 103 | $this->iId = $sql->insert_id(); |
| 104 | return true; | 104 | return true; |
| @@ -123,7 +123,7 @@ class DocumentType { | @@ -123,7 +123,7 @@ class DocumentType { | ||
| 123 | //only update if the object has been stored | 123 | //only update if the object has been stored |
| 124 | if ($this->iId > 0) { | 124 | if ($this->iId > 0) { |
| 125 | $sql = $default->db; | 125 | $sql = $default->db; |
| 126 | - $result = $sql->query("UPDATE " . $default->document_types_table . " SET name = '" . addslashes($this->sName) . "' WHERE id = $this->iId"); | 126 | + $result = $sql->query("UPDATE " . $default->document_types_table . " SET name = '$this->sName' WHERE id = $this->iId"); |
| 127 | if ($result) { | 127 | if ($result) { |
| 128 | return true; | 128 | return true; |
| 129 | } | 129 | } |
| @@ -204,7 +204,7 @@ class DocumentType { | @@ -204,7 +204,7 @@ class DocumentType { | ||
| 204 | $result = $sql->query("SELECT * FROM ". $default->document_types_table ." WHERE id = $iDocumentTypeID"); | 204 | $result = $sql->query("SELECT * FROM ". $default->document_types_table ." WHERE id = $iDocumentTypeID"); |
| 205 | if ($result) { | 205 | if ($result) { |
| 206 | if ($sql->next_record()) { | 206 | if ($sql->next_record()) { |
| 207 | - $oDocumentType = & new DocumentType(stripslashes($sql->f("name"))); | 207 | + $oDocumentType = & new DocumentType($sql->f("name")); |
| 208 | $oDocumentType->iId = $sql->f("id"); | 208 | $oDocumentType->iId = $sql->f("id"); |
| 209 | return $oDocumentType; | 209 | return $oDocumentType; |
| 210 | } | 210 | } |
lib/documentmanagement/MetaData.inc
| @@ -123,7 +123,7 @@ class MetaData { | @@ -123,7 +123,7 @@ class MetaData { | ||
| 123 | 123 | ||
| 124 | }else{ | 124 | }else{ |
| 125 | $sql = $default->db; | 125 | $sql = $default->db; |
| 126 | - $result = $sql->query("INSERT INTO " . $default->metadata_table . " (document_field_id,name) VALUES ('". $this->iDocFieldID . "','" . addslashes($this->sName) . "')"); | 126 | + $result = $sql->query("INSERT INTO " . $default->metadata_table . " (document_field_id,name) VALUES ('". $this->iDocFieldID . "','$this->sName')"); |
| 127 | if ($result) { | 127 | if ($result) { |
| 128 | $this->iId = $sql->insert_id(); | 128 | $this->iId = $sql->insert_id(); |
| 129 | return true; | 129 | return true; |
| @@ -148,7 +148,7 @@ class MetaData { | @@ -148,7 +148,7 @@ class MetaData { | ||
| 148 | //only update if the object has been stored | 148 | //only update if the object has been stored |
| 149 | if ($this->iId > 0) { | 149 | if ($this->iId > 0) { |
| 150 | $sql = $default->db; | 150 | $sql = $default->db; |
| 151 | - $result = $sql->query("UPDATE " . $default->metadata_table. " SET name = '" . addslashes($this->sName) . "' WHERE id = $this->iId"); | 151 | + $result = $sql->query("UPDATE " . $default->metadata_table. " SET name = '$this->sName' WHERE id = $this->iId"); |
| 152 | if ($result) { | 152 | if ($result) { |
| 153 | return true; | 153 | return true; |
| 154 | } | 154 | } |
| @@ -195,7 +195,7 @@ class MetaData { | @@ -195,7 +195,7 @@ class MetaData { | ||
| 195 | $result = $sql->query("SELECT * FROM ". $default->metadata_table." WHERE id = $iMetaDataID"); | 195 | $result = $sql->query("SELECT * FROM ". $default->metadata_table." WHERE id = $iMetaDataID"); |
| 196 | if ($result) { | 196 | if ($result) { |
| 197 | if ($sql->next_record()) { | 197 | if ($sql->next_record()) { |
| 198 | - $oDocumentType = & new MetaData($sql->f("document_field_id"),stripslashes($sql->f("name"))); | 198 | + $oDocumentType = & new MetaData($sql->f("document_field_id"),$sql->f("name")); |
| 199 | $oDocumentType->iId = $sql->f("id"); | 199 | $oDocumentType->iId = $sql->f("id"); |
| 200 | return $oDocumentType; | 200 | return $oDocumentType; |
| 201 | } | 201 | } |
lib/documentmanagement/PhysicalDocumentManager.inc
| @@ -387,7 +387,7 @@ class PhysicalDocumentManager { | @@ -387,7 +387,7 @@ class PhysicalDocumentManager { | ||
| 387 | */ | 387 | */ |
| 388 | function & createDocumentFromUploadedFile($aFileArray, $iFolderID) { | 388 | function & createDocumentFromUploadedFile($aFileArray, $iFolderID) { |
| 389 | //get the uploaded document information and put it into a document object | 389 | //get the uploaded document information and put it into a document object |
| 390 | - $oDocument = & new Document(stripslashes($aFileArray['name']), stripslashes($aFileArray['name']), $aFileArray['size'], $_SESSION["userID"], PhysicalDocumentManager::getMimeTypeID($aFileArray['type'], $aFileArray['name']), $iFolderID); | 390 | + $oDocument = & new Document($aFileArray['name'], $aFileArray['name'], $aFileArray['size'], $_SESSION["userID"], PhysicalDocumentManager::getMimeTypeID($aFileArray['type'], $aFileArray['name']), $iFolderID); |
| 391 | return $oDocument; | 391 | return $oDocument; |
| 392 | } | 392 | } |
| 393 | 393 |
lib/foldermanagement/Folder.inc
| @@ -206,11 +206,11 @@ class Folder { | @@ -206,11 +206,11 @@ class Folder { | ||
| 206 | } | 206 | } |
| 207 | 207 | ||
| 208 | /** | 208 | /** |
| 209 | - * Generate a comma delimited string containing | ||
| 210 | - * the parent folder ids | ||
| 211 | - * | ||
| 212 | - * @return String comma delimited string containing the parent folder ids | ||
| 213 | - */ | 209 | + * Recursive function to generate a comma delimited string containing |
| 210 | + * the parent folder ids | ||
| 211 | + * | ||
| 212 | + * @return String comma delimited string containing the parent folder ids | ||
| 213 | + */ | ||
| 214 | function generateParentFolderIDS($iFolderID) { | 214 | function generateParentFolderIDS($iFolderID) { |
| 215 | global $default; | 215 | global $default; |
| 216 | //if the folder is not the root folder | 216 | //if the folder is not the root folder |
| @@ -225,23 +225,43 @@ class Folder { | @@ -225,23 +225,43 @@ class Folder { | ||
| 225 | } | 225 | } |
| 226 | 226 | ||
| 227 | /** | 227 | /** |
| 228 | - * Forward slash deliminated string giving full path of document | ||
| 229 | - * from file system root url | ||
| 230 | - * | ||
| 231 | - */ | 228 | + * Returns a comma delimited string containing the parent folder ids, strips leading / |
| 229 | + * | ||
| 230 | + * @return String comma delimited string containing the parent folder ids | ||
| 231 | + */ | ||
| 232 | + function generateFolderIDs($iFolderID) { | ||
| 233 | + $sFolderIDs = $this->generateParentFolderIDS($iFolderID); | ||
| 234 | + return substr($sFolderIDs, 1, strlen($sFolderIDs)); | ||
| 235 | + } | ||
| 236 | + | ||
| 237 | + /** | ||
| 238 | + * Recursively generates forward slash deliminated string giving full path of document | ||
| 239 | + * from file system root url | ||
| 240 | + */ | ||
| 232 | function generateFullFolderPath($iFolderID) { | 241 | function generateFullFolderPath($iFolderID) { |
| 233 | global $default; | 242 | global $default; |
| 234 | //if the folder is not the root folder | 243 | //if the folder is not the root folder |
| 235 | if ($iFolderID != 0) { | 244 | if ($iFolderID != 0) { |
| 236 | $sql = $default->db; | 245 | $sql = $default->db; |
| 237 | $sql->query("SELECT name, parent_id FROM $default->folders_table WHERE ID = $iFolderID"); | 246 | $sql->query("SELECT name, parent_id FROM $default->folders_table WHERE ID = $iFolderID"); |
| 238 | - $sql->next_record(); | ||
| 239 | - return $this->generateFullFolderPath($sql->f("parent_id")) . "/" . stripslashes($sql->f("name")); | 247 | + $sql->next_record(); |
| 248 | + return $this->generateFullFolderPath($sql->f("parent_id")) . "/" . $sql->f("name"); | ||
| 240 | } | 249 | } |
| 241 | return; | 250 | return; |
| 242 | } | 251 | } |
| 243 | 252 | ||
| 244 | /** | 253 | /** |
| 254 | + * Returns a forward slash deliminated string giving full path of document, strips leading / | ||
| 255 | + */ | ||
| 256 | + function generateFolderPath($iFolderID) { | ||
| 257 | + global $default; | ||
| 258 | + $sPath = $this->generateFullFolderPath($iFolderID); | ||
| 259 | + $sPath = substr($sPath, 1, strlen($sPath)); | ||
| 260 | + $sPath = addslashes($sPath); | ||
| 261 | + return $sPath; | ||
| 262 | + } | ||
| 263 | + | ||
| 264 | + /** | ||
| 245 | * Create the current folder in the database | 265 | * Create the current folder in the database |
| 246 | * | 266 | * |
| 247 | * @return boolean true and set $this->iId with new primary key, false otherwise and set $_SESSION["errorMessage"] | 267 | * @return boolean true and set $this->iId with new primary key, false otherwise and set $_SESSION["errorMessage"] |
| @@ -250,13 +270,11 @@ class Folder { | @@ -250,13 +270,11 @@ class Folder { | ||
| 250 | global $default, $lang_err_database; $lang_err_object_exists; | 270 | global $default, $lang_err_database; $lang_err_object_exists; |
| 251 | //if the object has not already been stored | 271 | //if the object has not already been stored |
| 252 | if ($this->iId < 0) { | 272 | if ($this->iId < 0) { |
| 253 | - $this->sFullPath = $this->generateFullFolderPath($this->iParentID); | ||
| 254 | - $this->sFullPath = substr($this->sFullPath, 1, strlen($this->sFullPath)); | ||
| 255 | - $this->sParentFolderIDs = $this->generateParentFolderIDS($this->iParentID); | ||
| 256 | - $this->sParentFolderIDs = substr($this->sParentFolderIDs, 1, strlen($this->sParentFolderIDs)); | 273 | + $this->sFullPath = $this->generateFolderPath($this->iParentID); |
| 274 | + $this->sParentFolderIDs = $this->generateFolderIDs($this->iParentID); | ||
| 257 | $sql = $default->db; | 275 | $sql = $default->db; |
| 258 | $result = $sql->query("INSERT INTO " . $default->folders_table . " (name, description, parent_id, creator_id, unit_id, is_public, full_path, parent_folder_ids) " . | 276 | $result = $sql->query("INSERT INTO " . $default->folders_table . " (name, description, parent_id, creator_id, unit_id, is_public, full_path, parent_folder_ids) " . |
| 259 | - "VALUES ('" . addslashes($this->sName) . "', '" . addslashes($this->sDescription) . "', $this->iParentID, $this->iCreatorID, $this->iUnitID, " . ($this->bIsPublic ? 1 : 0) . ",'" . addslashes($this->sFullPath) . "','" . addslashes($this->sParentFolderIDs) . "')"); | 277 | + "VALUES ('$this->sName', '$this->sDescription', $this->iParentID, $this->iCreatorID, $this->iUnitID, " . ($this->bIsPublic ? 1 : 0) . ",'$this->sFullPath','$this->sParentFolderIDs')"); |
| 260 | if ($result) { | 278 | if ($result) { |
| 261 | $this->iId = $sql->insert_id(); | 279 | $this->iId = $sql->insert_id(); |
| 262 | return true; | 280 | return true; |
| @@ -280,19 +298,16 @@ class Folder { | @@ -280,19 +298,16 @@ class Folder { | ||
| 280 | if ($this->iId >= 0) { | 298 | if ($this->iId >= 0) { |
| 281 | $sql = $default->db; | 299 | $sql = $default->db; |
| 282 | $sQuery = "UPDATE " . $default->folders_table . " SET " . | 300 | $sQuery = "UPDATE " . $default->folders_table . " SET " . |
| 283 | - "name = '" . addslashes($this->sName) . "', " . | ||
| 284 | - "description = '" . addslashes($this->sDescription) . "', " . | 301 | + "name = '$this->sName', " . |
| 302 | + "description = '$this->sDescription', " . | ||
| 285 | "parent_id = $this->iParentID, " . | 303 | "parent_id = $this->iParentID, " . |
| 286 | "creator_id = $this->iCreatorID, " . | 304 | "creator_id = $this->iCreatorID, " . |
| 287 | "unit_id = $this->iUnitID, "; | 305 | "unit_id = $this->iUnitID, "; |
| 288 | if ($bPathChange) { | 306 | if ($bPathChange) { |
| 289 | - $sFullPath = $this->generateFullFolderPath($this->iParentID); | ||
| 290 | - $this->sFullPath = substr($sFullPath, 1, strlen($sFullPath)); | ||
| 291 | - $sParentFolderIDs = $this->generateParentFolderIDS($this->iParentID); | ||
| 292 | - $this->sParentFolderIDs = substr($sParentFolderIDs, 1, strlen($sParentFolderIDs)); | ||
| 293 | - | ||
| 294 | - $sQuery .= "parent_folder_ids = '" . addslashes($this->sParentFolderIDs) . "'," . | ||
| 295 | - "full_path = '" . addslashes($this->sFullPath) . "', "; | 307 | + $this->sFullPath = $this->generateFolderPath($this->iParentID); |
| 308 | + $this->sParentFolderIDs = $this->generateFolderIDs($this->iParentID); | ||
| 309 | + $sQuery .= "parent_folder_ids = '$this->sParentFolderIDs'," . | ||
| 310 | + "full_path = '$this->sFullPath', "; | ||
| 296 | } | 311 | } |
| 297 | $sQuery .= "is_public = " . ($this->bIsPublic ? 1 : 0) . " " . | 312 | $sQuery .= "is_public = " . ($this->bIsPublic ? 1 : 0) . " " . |
| 298 | "WHERE id = " . $this->iId; | 313 | "WHERE id = " . $this->iId; |
| @@ -345,9 +360,7 @@ class Folder { | @@ -345,9 +360,7 @@ class Folder { | ||
| 345 | while ($sql->next_record()) { | 360 | while ($sql->next_record()) { |
| 346 | $aChildren[count($aChildren)] = $sql->f("id"); | 361 | $aChildren[count($aChildren)] = $sql->f("id"); |
| 347 | Folder::getChildren($sql->f("id"), & $aChildren); | 362 | Folder::getChildren($sql->f("id"), & $aChildren); |
| 348 | - //$sChildString .= $sql->f("id") . "," . Folder::getChildren($sql->f("id")); | ||
| 349 | } | 363 | } |
| 350 | - //return $sChildString; | ||
| 351 | return $aChildren; | 364 | return $aChildren; |
| 352 | } | 365 | } |
| 353 | 366 | ||
| @@ -401,10 +414,10 @@ class Folder { | @@ -401,10 +414,10 @@ class Folder { | ||
| 401 | $sql = $default->db; | 414 | $sql = $default->db; |
| 402 | $sql->query("SELECT * FROM " . $default->folders_table . " WHERE id = " . $iFolderID); | 415 | $sql->query("SELECT * FROM " . $default->folders_table . " WHERE id = " . $iFolderID); |
| 403 | if ($sql->next_record()) { | 416 | if ($sql->next_record()) { |
| 404 | - $oFolder = & new Folder(stripslashes($sql->f("name")), stripslashes($sql->f("description")), $sql->f("parent_id"), $sql->f("creator_id"), $sql->f("unit_id"), $sql->f("is_public")); | 417 | + $oFolder = & new Folder($sql->f("name"), $sql->f("description"), $sql->f("parent_id"), $sql->f("creator_id"), $sql->f("unit_id"), $sql->f("is_public")); |
| 405 | $oFolder->iId = $iFolderID; | 418 | $oFolder->iId = $iFolderID; |
| 406 | - $oFolder->sFullPath = stripslashes($sql->f("full_path")); | ||
| 407 | - $oFolder->sParentFolderIDs = stripslashes($sql->f("parent_folder_ids")); | 419 | + $oFolder->sFullPath = $sql->f("full_path"); |
| 420 | + $oFolder->sParentFolderIDs = $sql->f("parent_folder_ids"); | ||
| 408 | return $oFolder; | 421 | return $oFolder; |
| 409 | } | 422 | } |
| 410 | $_SESSION["errorMessage"] = $lang_err_object_not_exist . "id = " . $iFolderID . " table = folders"; | 423 | $_SESSION["errorMessage"] = $lang_err_object_not_exist . "id = " . $iFolderID . " table = folders"; |
| @@ -439,7 +452,6 @@ class Folder { | @@ -439,7 +452,6 @@ class Folder { | ||
| 439 | $aFolderArray; | 452 | $aFolderArray; |
| 440 | settype($aFolderArray, "array"); | 453 | settype($aFolderArray, "array"); |
| 441 | $sql = $default->db; | 454 | $sql = $default->db; |
| 442 | - // TODO: join on sys_deleted | ||
| 443 | $result = $sql->query("SELECT * FROM " . $default->folders_table . (isset($sWhereClause) ? " WHERE " . $sWhereClause : "")); | 455 | $result = $sql->query("SELECT * FROM " . $default->folders_table . (isset($sWhereClause) ? " WHERE " . $sWhereClause : "")); |
| 444 | if ($result) { | 456 | if ($result) { |
| 445 | $iCount = 0; | 457 | $iCount = 0; |
| @@ -465,7 +477,8 @@ class Folder { | @@ -465,7 +477,8 @@ class Folder { | ||
| 465 | function getFolderPath($iFolderID) { | 477 | function getFolderPath($iFolderID) { |
| 466 | global $default; | 478 | global $default; |
| 467 | $oFolder = Folder::get($iFolderID); | 479 | $oFolder = Folder::get($iFolderID); |
| 468 | - return $default->documentRoot . "/" . $oFolder->sFullPath . "/" . $oFolder->getName() . "/"; | 480 | + $sPath = $default->documentRoot . "/" . $oFolder->sFullPath . "/" . $oFolder->getName() . "/"; |
| 481 | + return $sPath; | ||
| 469 | } | 482 | } |
| 470 | 483 | ||
| 471 | /** | 484 | /** |
| @@ -590,10 +603,9 @@ class Folder { | @@ -590,10 +603,9 @@ class Folder { | ||
| 590 | * @return true if the folder exists, false otherwise and set $_SESSION["errorMessage"] | 603 | * @return true if the folder exists, false otherwise and set $_SESSION["errorMessage"] |
| 591 | */ | 604 | */ |
| 592 | function folderExistsName($sName, $iParentID) { | 605 | function folderExistsName($sName, $iParentID) { |
| 593 | - $sName = addslashes($sName); | ||
| 594 | global $default, $lang_err_folder_exist; | 606 | global $default, $lang_err_folder_exist; |
| 595 | $sql = $default->db; | 607 | $sql = $default->db; |
| 596 | - $sql->query("SELECT * FROM " . $default->folders_table . " WHERE name = '" . $sName . "' AND parent_id = " . $iParentID); | 608 | + $sql->query("SELECT * FROM " . $default->folders_table . " WHERE name = '$sName' AND parent_id = $iParentID"); |
| 597 | if ($sql->next_record()) { | 609 | if ($sql->next_record()) { |
| 598 | return true; | 610 | return true; |
| 599 | } | 611 | } |
| @@ -631,7 +643,7 @@ class Folder { | @@ -631,7 +643,7 @@ class Folder { | ||
| 631 | $sql = $default->db; | 643 | $sql = $default->db; |
| 632 | $sql->query("SELECT name FROM " . $default->folders_table . " WHERE id = " . $iFolderID); | 644 | $sql->query("SELECT name FROM " . $default->folders_table . " WHERE id = " . $iFolderID); |
| 633 | if ($sql->next_record()) { | 645 | if ($sql->next_record()) { |
| 634 | - return stripslashes($sql->f("name")); | 646 | + return $sql->f("name"); |
| 635 | } | 647 | } |
| 636 | $_SESSION["errorMessage"] = $lang_err_database; | 648 | $_SESSION["errorMessage"] = $lang_err_database; |
| 637 | return false; | 649 | return false; |
| @@ -647,7 +659,7 @@ class Folder { | @@ -647,7 +659,7 @@ class Folder { | ||
| 647 | function getFolderID($sFolderName) { | 659 | function getFolderID($sFolderName) { |
| 648 | global $default, $lang_err_database; | 660 | global $default, $lang_err_database; |
| 649 | $sql = $default->db; | 661 | $sql = $default->db; |
| 650 | - $sql->query("SELECT id FROM " . $default->folders_table . " WHERE name = '" . addslashes($sFolderName) . "'"); | 662 | + $sql->query("SELECT id FROM " . $default->folders_table . " WHERE name = '$sFolderName'"); |
| 651 | if ($sql->next_record()) { | 663 | if ($sql->next_record()) { |
| 652 | return $sql->f("id"); | 664 | return $sql->f("id"); |
| 653 | } | 665 | } |
lib/foldermanagement/PhysicalFolderManagement.inc
| @@ -37,7 +37,7 @@ class PhysicalFolderManagement { | @@ -37,7 +37,7 @@ class PhysicalFolderManagement { | ||
| 37 | function createFolder($sPath) { | 37 | function createFolder($sPath) { |
| 38 | // check if a folder with this name exists before creating it | 38 | // check if a folder with this name exists before creating it |
| 39 | if (!file_exists($sPath)) { | 39 | if (!file_exists($sPath)) { |
| 40 | - return mkdir($sPath, 0755); | 40 | + return mkdir(rtrim($sPath), 0755); |
| 41 | } else { | 41 | } else { |
| 42 | return true; | 42 | return true; |
| 43 | } | 43 | } |
| @@ -51,11 +51,11 @@ class PhysicalFolderManagement { | @@ -51,11 +51,11 @@ class PhysicalFolderManagement { | ||
| 51 | * @return boolean true on successful delete, false otherwise | 51 | * @return boolean true on successful delete, false otherwise |
| 52 | */ | 52 | */ |
| 53 | function deleteFolder($sPath) { | 53 | function deleteFolder($sPath) { |
| 54 | - return rmdir($sPath); | 54 | + return rmdir(rtrim($sPath)); |
| 55 | } | 55 | } |
| 56 | 56 | ||
| 57 | function renameFolder($sOldPath, $sNewPath) { | 57 | function renameFolder($sOldPath, $sNewPath) { |
| 58 | - return rename($sOldPath, $sNewPath); | 58 | + return rename($sOldPath, rtrim($sNewPath)); |
| 59 | } | 59 | } |
| 60 | 60 | ||
| 61 | } | 61 | } |
lib/groups/Group.inc
| @@ -109,6 +109,23 @@ class Group { | @@ -109,6 +109,23 @@ class Group { | ||
| 109 | } | 109 | } |
| 110 | 110 | ||
| 111 | /** | 111 | /** |
| 112 | + * Checks if this group has users mapped to it or not | ||
| 113 | + */ | ||
| 114 | + function hasRoutingSteps() { | ||
| 115 | + global $default; | ||
| 116 | + | ||
| 117 | + $sql = $default->db; | ||
| 118 | + $query = "SELECT id FROM $default->groups_folders_approval_table WHERE group_id = $this->iId"; | ||
| 119 | + $sql->query($query); | ||
| 120 | + $rows = $sql->num_rows(); | ||
| 121 | + if ($rows > 0){ | ||
| 122 | + return true; | ||
| 123 | + } else { | ||
| 124 | + return false; | ||
| 125 | + } | ||
| 126 | + } | ||
| 127 | + | ||
| 128 | + /** | ||
| 112 | * Create the current object in the database | 129 | * Create the current object in the database |
| 113 | * | 130 | * |
| 114 | * @return boolean on successful store, false otherwise and set $_SESSION["errorMessage"] | 131 | * @return boolean on successful store, false otherwise and set $_SESSION["errorMessage"] |
| @@ -129,7 +146,7 @@ class Group { | @@ -129,7 +146,7 @@ class Group { | ||
| 129 | return false; | 146 | return false; |
| 130 | } else { | 147 | } else { |
| 131 | $sql = $default->db; | 148 | $sql = $default->db; |
| 132 | - $result = $sql->query("INSERT INTO " . $default->groups_table . " (name, is_sys_admin, is_unit_admin) VALUES ('" . addslashes($this->sName) . "', " . ($this->bIsSysAdmin ? 1 : 0) . ", " . ($this->bIsUnitAdmin ? 1 : 0) . ")"); | 149 | + $result = $sql->query("INSERT INTO " . $default->groups_table . " (name, is_sys_admin, is_unit_admin) VALUES ('$this->sName', " . ($this->bIsSysAdmin ? 1 : 0) . ", " . ($this->bIsUnitAdmin ? 1 : 0) . ")"); |
| 133 | if ($result) { | 150 | if ($result) { |
| 134 | $this->iId = $sql->insert_id(); | 151 | $this->iId = $sql->insert_id(); |
| 135 | return true; | 152 | return true; |
| @@ -153,7 +170,7 @@ class Group { | @@ -153,7 +170,7 @@ class Group { | ||
| 153 | //only update if the object has been stored | 170 | //only update if the object has been stored |
| 154 | if ($this->iId > 0) { | 171 | if ($this->iId > 0) { |
| 155 | $sql = $default->db; | 172 | $sql = $default->db; |
| 156 | - $result = $sql->query("UPDATE " . $default->groups_table . " SET name = '" . addslashes($this->sName) . "', is_sys_admin = " . ($this->bIsSysAdmin ? 1 : 0) . ", is_unit_admin = " . ($this->bIsUnitAdmin ? 1 : 0) . " WHERE id = $this->iId"); | 173 | + $result = $sql->query("UPDATE " . $default->groups_table . " SET name = '$this->sName', is_sys_admin = " . ($this->bIsSysAdmin ? 1 : 0) . ", is_unit_admin = " . ($this->bIsUnitAdmin ? 1 : 0) . " WHERE id = $this->iId"); |
| 157 | if ($result) { | 174 | if ($result) { |
| 158 | return true; | 175 | return true; |
| 159 | } | 176 | } |
| @@ -196,7 +213,7 @@ class Group { | @@ -196,7 +213,7 @@ class Group { | ||
| 196 | $result = $sql->query("SELECT * FROM $default->groups_table WHERE id = $iGroupID"); | 213 | $result = $sql->query("SELECT * FROM $default->groups_table WHERE id = $iGroupID"); |
| 197 | if ($result) { | 214 | if ($result) { |
| 198 | if ($sql->next_record()) { | 215 | if ($sql->next_record()) { |
| 199 | - $oGroup = & new Group(stripslashes($sql->f("name")), $sql->f("is_unit_admin"), $sql->f("is_sys_admin")); | 216 | + $oGroup = & new Group($sql->f("name"), $sql->f("is_unit_admin"), $sql->f("is_sys_admin")); |
| 200 | $oGroup->iId = $iGroupID; | 217 | $oGroup->iId = $iGroupID; |
| 201 | return $oGroup; | 218 | return $oGroup; |
| 202 | } | 219 | } |
lib/groups/GroupFolderApprovalLink.inc
| @@ -223,7 +223,7 @@ class GroupFolderApprovalLink { | @@ -223,7 +223,7 @@ class GroupFolderApprovalLink { | ||
| 223 | $oGroupFolderApprovalLink->iId = $iGroupFolderLinkID; | 223 | $oGroupFolderApprovalLink->iId = $iGroupFolderLinkID; |
| 224 | return $oGroupFolderApprovalLink; | 224 | return $oGroupFolderApprovalLink; |
| 225 | } | 225 | } |
| 226 | - $_SESSION["errorMessage"] = $lang_err_object_not_exist . "id = " . $iGroupFolderLinkID . " table = $default-owl_groups_folders_approval_table"; | 226 | + |
| 227 | return false; | 227 | return false; |
| 228 | } | 228 | } |
| 229 | $_SESSION["errorMessage"] = $lang_err_database; | 229 | $_SESSION["errorMessage"] = $lang_err_database; |
lib/links/Link.inc
| @@ -101,7 +101,7 @@ class Link { | @@ -101,7 +101,7 @@ class Link { | ||
| 101 | 101 | ||
| 102 | }else{ | 102 | }else{ |
| 103 | $sql = $default->db; | 103 | $sql = $default->db; |
| 104 | - $result = $sql->query("INSERT INTO " . $default->quicklinks_table . " (name, url, rank) VALUES ('" . addslashes($this->sName) . "', '" . ($this->sUrl) . "', " . ($this->iRank) . ")"); | 104 | + $result = $sql->query("INSERT INTO " . $default->quicklinks_table . " (name, url, rank) VALUES ('$this->sName', '$this->sUrl', $this->iRank)"); |
| 105 | if ($result) { | 105 | if ($result) { |
| 106 | $this->iId = $sql->insert_id(); | 106 | $this->iId = $sql->insert_id(); |
| 107 | return true; | 107 | return true; |
| @@ -126,7 +126,7 @@ class Link { | @@ -126,7 +126,7 @@ class Link { | ||
| 126 | //only update if the object has been stored | 126 | //only update if the object has been stored |
| 127 | if ($this->iId > 0) { | 127 | if ($this->iId > 0) { |
| 128 | $sql = $default->db; | 128 | $sql = $default->db; |
| 129 | - $result = $sql->query("UPDATE " . $default->quicklinks_table . " SET name = '" . addslashes($this->sName) . "', url = '" . ($this->sUrl) . "', rank = " . ($this->iRank) . " WHERE id = $this->iId"); | 129 | + $result = $sql->query("UPDATE " . $default->quicklinks_table . " SET name = '$this->sName', url = '$this->sUrl', rank = $this->iRank WHERE id = $this->iId"); |
| 130 | if ($result) { | 130 | if ($result) { |
| 131 | return true; | 131 | return true; |
| 132 | } | 132 | } |
| @@ -174,7 +174,7 @@ class Link { | @@ -174,7 +174,7 @@ class Link { | ||
| 174 | $result = $sql->query("SELECT * FROM $default->quicklinks_table WHERE id = $iLinkID"); | 174 | $result = $sql->query("SELECT * FROM $default->quicklinks_table WHERE id = $iLinkID"); |
| 175 | if ($result) { | 175 | if ($result) { |
| 176 | if ($sql->next_record()) { | 176 | if ($sql->next_record()) { |
| 177 | - $oLink = & new Link(stripslashes($sql->f("name")), $sql->f("url"), $sql->f("rank")); | 177 | + $oLink = & new Link($sql->f("name"), $sql->f("url"), $sql->f("rank")); |
| 178 | $oLink->iId = $iLinkID; | 178 | $oLink->iId = $iLinkID; |
| 179 | return $oLink; | 179 | return $oLink; |
| 180 | } | 180 | } |
lib/orgmanagement/Organisation.inc
| @@ -81,7 +81,7 @@ class Organisation { | @@ -81,7 +81,7 @@ class Organisation { | ||
| 81 | $_SESSION["errorMessage"] = "Organisation::The name " . $this->sName . " is already in use!"; | 81 | $_SESSION["errorMessage"] = "Organisation::The name " . $this->sName . " is already in use!"; |
| 82 | return false; | 82 | return false; |
| 83 | } else { | 83 | } else { |
| 84 | - $result = $sql->query("INSERT INTO " . $default->organisations_table . " (name) VALUES ('" . addslashes($this->sName) . "')"); | 84 | + $result = $sql->query("INSERT INTO " . $default->organisations_table . " (name) VALUES ('$this->sName')"); |
| 85 | if ($result) { | 85 | if ($result) { |
| 86 | $this->iId = $sql->insert_id(); | 86 | $this->iId = $sql->insert_id(); |
| 87 | return true; | 87 | return true; |
| @@ -104,7 +104,7 @@ class Organisation { | @@ -104,7 +104,7 @@ class Organisation { | ||
| 104 | //only update if the object has been stored | 104 | //only update if the object has been stored |
| 105 | if ($this->iId > 0) { | 105 | if ($this->iId > 0) { |
| 106 | $sql = $default->db; | 106 | $sql = $default->db; |
| 107 | - $result = $sql->query("UPDATE " . $default->organisations_table . " SET name = '" . addslashes($this->sName) . "' WHERE id = $this->iId"); | 107 | + $result = $sql->query("UPDATE " . $default->organisations_table . " SET name = '$this->sName' WHERE id = $this->iId"); |
| 108 | if ($result) { | 108 | if ($result) { |
| 109 | return true; | 109 | return true; |
| 110 | } | 110 | } |
| @@ -160,7 +160,7 @@ class Organisation { | @@ -160,7 +160,7 @@ class Organisation { | ||
| 160 | $result = $sql->query("SELECT * FROM $default->organisations_table WHERE id = $iOrgID"); | 160 | $result = $sql->query("SELECT * FROM $default->organisations_table WHERE id = $iOrgID"); |
| 161 | if ($result) { | 161 | if ($result) { |
| 162 | if ($sql->next_record()) { | 162 | if ($sql->next_record()) { |
| 163 | - $oOrg = & new Organisation(stripslashes($sql->f("name"))); | 163 | + $oOrg = & new Organisation($sql->f("name")); |
| 164 | $oOrg->iId = $iOrgID; | 164 | $oOrg->iId = $iOrgID; |
| 165 | return $oOrg; | 165 | return $oOrg; |
| 166 | } | 166 | } |
lib/roles/Role.inc
| @@ -113,7 +113,7 @@ class Role { | @@ -113,7 +113,7 @@ class Role { | ||
| 113 | }else | 113 | }else |
| 114 | { | 114 | { |
| 115 | $sql = $default->db; | 115 | $sql = $default->db; |
| 116 | - $result = $sql->query("INSERT INTO " . $default->roles_table . " (name, active, can_read, can_write) VALUES ('" . addslashes($this->sName) . "', " . ($this->bActive ? 1 : 0) . ", " . ($this->bCanRead ? 1 : 0) . ", " . ($this->bCanWrite ? 1 : 0) . ")"); | 116 | + $result = $sql->query("INSERT INTO " . $default->roles_table . " (name, active, can_read, can_write) VALUES ('$this->sName', " . ($this->bActive ? 1 : 0) . ", " . ($this->bCanRead ? 1 : 0) . ", " . ($this->bCanWrite ? 1 : 0) . ")"); |
| 117 | if ($result) { | 117 | if ($result) { |
| 118 | $this->iId = $sql->insert_id(); | 118 | $this->iId = $sql->insert_id(); |
| 119 | return true; | 119 | return true; |
| @@ -137,7 +137,7 @@ class Role { | @@ -137,7 +137,7 @@ class Role { | ||
| 137 | //only update if the object has been stored | 137 | //only update if the object has been stored |
| 138 | if ($this->iId > 0) { | 138 | if ($this->iId > 0) { |
| 139 | $sql = $default->db; | 139 | $sql = $default->db; |
| 140 | - $result = $sql->query("UPDATE " . $default->roles_table . " SET name = '" . addslashes($this->sName) . "', active = " . ($this->bActive ? 1 : 0) . ", can_read = " . ($this->bCanRead ? 1 : 0) . ", can_write = " . ($this->bCanWrite ? 1 : 0) . " WHERE id = $this->iId"); | 140 | + $result = $sql->query("UPDATE " . $default->roles_table . " SET name = '$this->sName', active = " . ($this->bActive ? 1 : 0) . ", can_read = " . ($this->bCanRead ? 1 : 0) . ", can_write = " . ($this->bCanWrite ? 1 : 0) . " WHERE id = $this->iId"); |
| 141 | if ($result) { | 141 | if ($result) { |
| 142 | return true; | 142 | return true; |
| 143 | } | 143 | } |
| @@ -197,7 +197,7 @@ class Role { | @@ -197,7 +197,7 @@ class Role { | ||
| 197 | $result = $sql->query("SELECT * FROM $default->roles_table WHERE id = $iRoleID"); | 197 | $result = $sql->query("SELECT * FROM $default->roles_table WHERE id = $iRoleID"); |
| 198 | if ($result) { | 198 | if ($result) { |
| 199 | if ($sql->next_record()) { | 199 | if ($sql->next_record()) { |
| 200 | - $oRole = & new Role(stripslashes($sql->f("name")), $sql->f("can_read"), $sql->f("can_write")); | 200 | + $oRole = & new Role($sql->f("name"), $sql->f("can_read"), $sql->f("can_write")); |
| 201 | $oRole->iId = $iRoleID; | 201 | $oRole->iId = $iRoleID; |
| 202 | $oRole->bActive = $sql->f("active"); | 202 | $oRole->bActive = $sql->f("active"); |
| 203 | return $oRole; | 203 | return $oRole; |
lib/session/control.inc
| @@ -61,9 +61,8 @@ function controllerRedirect($sAction, $sQueryString = "") { | @@ -61,9 +61,8 @@ function controllerRedirect($sAction, $sQueryString = "") { | ||
| 61 | function generateLink($sTargetPage, $sQueryString, $sLinkText = "") { | 61 | function generateLink($sTargetPage, $sQueryString, $sLinkText = "") { |
| 62 | global $default; | 62 | global $default; |
| 63 | 63 | ||
| 64 | - if (strlen($sQueryString) > 0) { | ||
| 65 | - $sQueryStringDelimiter = (strstr($sTargetPage, "?") ? "&" : "?"); | ||
| 66 | - } | 64 | + $sQueryStringDelimiter = strlen($sQueryString) > 0 ? (strstr($sTargetPage, "?") ? "&" : "?") : ""; |
| 65 | + | ||
| 67 | $sLink = "http" . ($default->sslEnabled ? "s" : "") . "://" . $default->serverName . | 66 | $sLink = "http" . ($default->sslEnabled ? "s" : "") . "://" . $default->serverName . |
| 68 | ((substr($sTargetPage, 0, strlen($default->rootUrl)) != $default->rootUrl) ? $default->rootUrl : "") . | 67 | ((substr($sTargetPage, 0, strlen($default->rootUrl)) != $default->rootUrl) ? $default->rootUrl : "") . |
| 69 | $sTargetPage . $sQueryStringDelimiter . $sQueryString; | 68 | $sTargetPage . $sQueryStringDelimiter . $sQueryString; |
| @@ -148,7 +147,7 @@ function checkSessionAndRedirect($bRedirect) { | @@ -148,7 +147,7 @@ function checkSessionAndRedirect($bRedirect) { | ||
| 148 | } else { | 147 | } else { |
| 149 | $url = generateControllerUrl("loginForm"); | 148 | $url = generateControllerUrl("loginForm"); |
| 150 | } | 149 | } |
| 151 | - $redirect = urlencode($_SERVER[PHP_SELF] . "?" . $_SERVER["QUERY_STRING"]); | 150 | + $redirect = urlencode($_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"]); |
| 152 | if ((strlen($redirect) > 1)) { | 151 | if ((strlen($redirect) > 1)) { |
| 153 | $default->log->debug("checkSession:: redirect url=$redirect"); | 152 | $default->log->debug("checkSession:: redirect url=$redirect"); |
| 154 | // this session verification failure represents either the first visit to | 153 | // this session verification failure represents either the first visit to |
lib/unitmanagement/Unit.inc
| @@ -89,7 +89,7 @@ class Unit { | @@ -89,7 +89,7 @@ class Unit { | ||
| 89 | $_SESSION["errorMessage"] = "Unit::The name " . $this->sName . " is already in use!"; | 89 | $_SESSION["errorMessage"] = "Unit::The name " . $this->sName . " is already in use!"; |
| 90 | return false; | 90 | return false; |
| 91 | } else { | 91 | } else { |
| 92 | - $result = $sql->query("INSERT INTO " . $default->units_table . " (name) VALUES ('" . addslashes($this->sName) . "')"); | 92 | + $result = $sql->query("INSERT INTO " . $default->units_table . " (name) VALUES ('$this->sName')"); |
| 93 | if ($result) { | 93 | if ($result) { |
| 94 | $this->iId = $sql->insert_id(); | 94 | $this->iId = $sql->insert_id(); |
| 95 | // create a new unit root folder | 95 | // create a new unit root folder |
| @@ -131,7 +131,7 @@ class Unit { | @@ -131,7 +131,7 @@ class Unit { | ||
| 131 | $sql = $default->db; | 131 | $sql = $default->db; |
| 132 | // lookup current name before updating | 132 | // lookup current name before updating |
| 133 | $sOldName = lookupField($default->units_table, "name", "id", $this->iId); | 133 | $sOldName = lookupField($default->units_table, "name", "id", $this->iId); |
| 134 | - $result = $sql->query("UPDATE " . $default->units_table . " SET name = '" . addslashes($this->sName) . "' WHERE id = $this->iId"); | 134 | + $result = $sql->query("UPDATE " . $default->units_table . " SET name = '$this->sName' WHERE id = $this->iId"); |
| 135 | if ($result) { | 135 | if ($result) { |
| 136 | // need to update the units root folder also | 136 | // need to update the units root folder also |
| 137 | $iFolderID = Folder::getFolderID($sOldName); | 137 | $iFolderID = Folder::getFolderID($sOldName); |
| @@ -202,7 +202,7 @@ class Unit { | @@ -202,7 +202,7 @@ class Unit { | ||
| 202 | $result = $sql->query("SELECT * FROM $default->units_table WHERE id = $iUnitID"); | 202 | $result = $sql->query("SELECT * FROM $default->units_table WHERE id = $iUnitID"); |
| 203 | if ($result) { | 203 | if ($result) { |
| 204 | if ($sql->next_record()) { | 204 | if ($sql->next_record()) { |
| 205 | - $oUnit = & new Unit(stripslashes($sql->f("name"))); | 205 | + $oUnit = & new Unit($sql->f("name")); |
| 206 | $oUnit->iId = $iUnitID; | 206 | $oUnit->iId = $iUnitID; |
| 207 | return $oUnit; | 207 | return $oUnit; |
| 208 | } | 208 | } |
lib/users/User.inc
| @@ -324,7 +324,7 @@ class User { | @@ -324,7 +324,7 @@ class User { | ||
| 324 | } | 324 | } |
| 325 | else { | 325 | else { |
| 326 | $result = $sql->query("INSERT INTO " . $default->users_table . " (username, name, password, quota_max, quota_current, email, mobile, email_notification, sms_notification, ldap_dn, max_sessions, language_id) " . | 326 | $result = $sql->query("INSERT INTO " . $default->users_table . " (username, name, password, quota_max, quota_current, email, mobile, email_notification, sms_notification, ldap_dn, max_sessions, language_id) " . |
| 327 | - "VALUES ('" . addslashes($this->sUserName) . "', '" . addslashes($this->sName) . "', '" . addslashes(md5($this->sPassword)) . "', $this->iQuotaMax, 0, '" . addslashes($this->sEmail) . "', '" . addslashes($this->sMobile) . "', " . ($this->bEmailNotification ? 1 : 0) . ", " . ($this->bSmsNotification ? 1 : 0) . ", '" . addslashes($this->sLdapDn) . "', $this->iMaxSessions, $this->iLanguageID)"); | 327 | + "VALUES ('$this->sUserName', '$this->sName', '" . md5($this->sPassword) . "', $this->iQuotaMax, 0, '$this->sEmail', '$this->sMobile', " . ($this->bEmailNotification ? 1 : 0) . ", " . ($this->bSmsNotification ? 1 : 0) . ", '$this->sLdapDn', $this->iMaxSessions, $this->iLanguageID)"); |
| 328 | if ($result) { | 328 | if ($result) { |
| 329 | $this->iId = $sql->insert_id(); | 329 | $this->iId = $sql->insert_id(); |
| 330 | return true; | 330 | return true; |
| @@ -360,7 +360,7 @@ class User { | @@ -360,7 +360,7 @@ class User { | ||
| 360 | } | 360 | } |
| 361 | else { | 361 | else { |
| 362 | $sql = $default->db; | 362 | $sql = $default->db; |
| 363 | - $result = $sql->query("UPDATE " . $default->users_table . " SET username = '" . addslashes($this->sUserName) . "', name = '" . addslashes($this->sName) . "', " . ($this->bPasswordChanged ? "password = '" . addslashes(md5($this->sPassword)) . "', " : " ") . " quota_max = $this->iQuotaMax, email = '" . addslashes($this->sEmail) . "', mobile = '" . addslashes($this->sMobile) . "', email_notification = " . ($this->bEmailNotification ? 1 : 0) . ", sms_notification = " . ($this->bSmsNotification ? 1 : 0) . ", ldap_dn = '" . addslashes($this->sLdapDn) . "', max_sessions = $this->iMaxSessions, language_id = $this->iLanguageID WHERE id = $this->iId"); | 363 | + $result = $sql->query("UPDATE " . $default->users_table . " SET username = '$this->sUserName', name = '$this->sName', " . ($this->bPasswordChanged ? "password = '" . md5($this->sPassword) . "', " : " ") . " quota_max = $this->iQuotaMax, email = '$this->sEmail', mobile = '$this->sMobile', email_notification = " . ($this->bEmailNotification ? 1 : 0) . ", sms_notification = " . ($this->bSmsNotification ? 1 : 0) . ", ldap_dn = '$this->sLdapDn', max_sessions = $this->iMaxSessions, language_id = $this->iLanguageID WHERE id = $this->iId"); |
| 364 | if ($result) { | 364 | if ($result) { |
| 365 | return true; | 365 | return true; |
| 366 | } | 366 | } |
| @@ -430,7 +430,7 @@ class User { | @@ -430,7 +430,7 @@ class User { | ||
| 430 | $result = $sql->query("SELECT * FROM $default->users_table WHERE id = $iUserID"); | 430 | $result = $sql->query("SELECT * FROM $default->users_table WHERE id = $iUserID"); |
| 431 | if ($result) { | 431 | if ($result) { |
| 432 | if ($sql->next_record()) { | 432 | if ($sql->next_record()) { |
| 433 | - $oUser = & new User(stripslashes($sql->f("username")), stripslashes($sql->f("name")), stripslashes($sql->f("password")), $sql->f("quota_max"), stripslashes($sql->f("email")), stripslashes($sql->f("mobile")), $sql->f("email_notification"), $sql->f("sms_notification"), $sql->f("ldap_dn"), $sql->f("max_sessions"), $sql->f("language_id")); | 433 | + $oUser = & new User($sql->f("username"), $sql->f("name"), $sql->f("password"), $sql->f("quota_max"), $sql->f("email"), $sql->f("mobile"), $sql->f("email_notification"), $sql->f("sms_notification"), $sql->f("ldap_dn"), $sql->f("max_sessions"), $sql->f("language_id")); |
| 434 | $oUser->iId = $iUserID; | 434 | $oUser->iId = $iUserID; |
| 435 | return $oUser; | 435 | return $oUser; |
| 436 | } | 436 | } |
lib/visualpatterns/PatternBrowsableSearchResults.inc
| @@ -50,6 +50,8 @@ class PatternBrowseableSearchResults { | @@ -50,6 +50,8 @@ class PatternBrowseableSearchResults { | ||
| 50 | var $sOrderDirection = "ASC"; | 50 | var $sOrderDirection = "ASC"; |
| 51 | /** New QueryString when submitting to self */ | 51 | /** New QueryString when submitting to self */ |
| 52 | var $sQueryString; | 52 | var $sQueryString; |
| 53 | + /** Search criteria **/ | ||
| 54 | + var $sSearchText; | ||
| 53 | 55 | ||
| 54 | function PatternBrowseableSearchResults($sTmpQuery, $iTmpResultsToDisplay, $aTmpColumns, $aTmpColumnTypes, $aTmpColumnHeaders, $aTmpLinkURLs = null, $aTmpDBQueryStringColumns = null, $aTmpQueryStringVariableNames = null) { | 56 | function PatternBrowseableSearchResults($sTmpQuery, $iTmpResultsToDisplay, $aTmpColumns, $aTmpColumnTypes, $aTmpColumnHeaders, $aTmpLinkURLs = null, $aTmpDBQueryStringColumns = null, $aTmpQueryStringVariableNames = null) { |
| 55 | $this->sQuery = $sTmpQuery; | 57 | $this->sQuery = $sTmpQuery; |
| @@ -82,6 +84,9 @@ class PatternBrowseableSearchResults { | @@ -82,6 +84,9 @@ class PatternBrowseableSearchResults { | ||
| 82 | function setOrderDirection($sNewValue) { | 84 | function setOrderDirection($sNewValue) { |
| 83 | $this->sOrderDirection = $sNewValue; | 85 | $this->sOrderDirection = $sNewValue; |
| 84 | } | 86 | } |
| 87 | + function setSearchText($sNewValue) { | ||
| 88 | + $this->sSearchText = $sNewValue; | ||
| 89 | + } | ||
| 85 | 90 | ||
| 86 | /** | 91 | /** |
| 87 | * Build the HTML string used to render the object | 92 | * Build the HTML string used to render the object |
| @@ -96,43 +101,53 @@ class PatternBrowseableSearchResults { | @@ -96,43 +101,53 @@ class PatternBrowseableSearchResults { | ||
| 96 | $sSectionName = $default->siteMap->getSectionName(substr($_SERVER["PHP_SELF"], strlen($default->rootUrl), strlen($_SERVER["PHP_SELF"]))); | 101 | $sSectionName = $default->siteMap->getSectionName(substr($_SERVER["PHP_SELF"], strlen($default->rootUrl), strlen($_SERVER["PHP_SELF"]))); |
| 97 | $sTHBGColour = $default->siteMap->getSectionColour($sSectionName, "th"); | 102 | $sTHBGColour = $default->siteMap->getSectionColour($sSectionName, "th"); |
| 98 | 103 | ||
| 99 | - //add the limit and offset stuff for cutting down result set | ||
| 100 | - $sLimitQuery = $this->sQuery . " LIMIT " . $this->iStartIndex . ", " . $this->iResultsToDisplay; | ||
| 101 | - $sql = & $default->db; | 104 | + // run the query first and get the number of rows |
| 105 | + $iTotalResults = $this->getResultCount(); | ||
| 106 | + | ||
| 107 | + // now add the limit and offset stuff for cutting down result set | ||
| 108 | + // decrement startIndex because LIMIT starts at zero and startIndex starts at 1 (for display purposes) | ||
| 109 | + $sLimitQuery = $this->sQuery . " LIMIT " . ($this->iStartIndex-1) . ", " . $this->iResultsToDisplay; | ||
| 110 | + | ||
| 111 | + $sql = & $default->db; | ||
| 102 | $sql->query($sLimitQuery); | 112 | $sql->query($sLimitQuery); |
| 103 | - $sToRender; | 113 | + |
| 104 | if ($sql->num_rows() == 0) { | 114 | if ($sql->num_rows() == 0) { |
| 105 | //no results | 115 | //no results |
| 106 | - $sToRender = "<table width=\"100%\" height=\"100%\">\n"; | 116 | + $sToRender .= "<table width=\"100%\" height=\"100%\">\n"; |
| 107 | $sToRender .= "<tr>\n"; | 117 | $sToRender .= "<tr>\n"; |
| 108 | $sToRender .= "<td><p class=\"errorText\">No results matched your criteria</p></td>\n"; | 118 | $sToRender .= "<td><p class=\"errorText\">No results matched your criteria</p></td>\n"; |
| 109 | $sToRender .= "</tr>\n"; | 119 | $sToRender .= "</tr>\n"; |
| 110 | $sToRender .= "</table>\n"; | 120 | $sToRender .= "</table>\n"; |
| 111 | } else { | 121 | } else { |
| 112 | 122 | ||
| 113 | - $sToRender = "<table width=\"100%\" height=\"100%\">\n"; | 123 | + $sToRender .= "<table width=\"100%\" height=\"100%\">\n"; |
| 124 | + | ||
| 125 | + // display the number of results | ||
| 126 | + $iEndIndex = $this->iStartIndex+$this->iResultsToDisplay-1 < $iTotalResults ? $this->iStartIndex+$this->iResultsToDisplay-1 : $iTotalResults; | ||
| 127 | + | ||
| 128 | + $sToRender .= "<tr><td colspan=\"3\">Searched the KnowledgeTree for '$this->sSearchText'.</td></tr>"; | ||
| 129 | + $sToRender .= "<tr><td colspan=\"3\" align=\"right\">Displaying results $this->iStartIndex - $iEndIndex of $iTotalResults</td></tr>\n"; | ||
| 130 | + | ||
| 114 | $sToRender .= "<tr>\n"; | 131 | $sToRender .= "<tr>\n"; |
| 115 | for ($i = 0; $i < count($this->aColumnHeadings); $i++) { | 132 | for ($i = 0; $i < count($this->aColumnHeadings); $i++) { |
| 116 | if (! (strcmp($this->sOrderByColumn, $this->aColumns[$i]) === false) && (strcmp($this->sOrderByColumn, $this->aColumns[$i]) == 0)) { | 133 | if (! (strcmp($this->sOrderByColumn, $this->aColumns[$i]) === false) && (strcmp($this->sOrderByColumn, $this->aColumns[$i]) == 0)) { |
| 117 | if (!(strcmp($this->sOrderDirection,"ASC") === false) && (strcmp($this->sOrderDirection,"ASC") == 0)) { | 134 | if (!(strcmp($this->sOrderDirection,"ASC") === false) && (strcmp($this->sOrderDirection,"ASC") == 0)) { |
| 118 | - //$sToRender .= "<th align=\"left\"><a href=\"" . $_SERVER["PHP_SELF"] . "?fOrderBy=" . $this->aColumns[$i] . "&fOrderDirection=DESC&fStartIndex=" . $this->iStartIndex . "\">" . $this->aColumnHeadings[$i]."</a></th>\n"; | ||
| 119 | $sToRender .= "<th align=\"left\" bgcolor=\"" . $sTHBGColour . "\">" . $this->aColumnHeadings[$i]. "</th>\n"; | 135 | $sToRender .= "<th align=\"left\" bgcolor=\"" . $sTHBGColour . "\">" . $this->aColumnHeadings[$i]. "</th>\n"; |
| 120 | } else { | 136 | } else { |
| 121 | - //$sToRender .= "<th align=\"left\"><a href=\"" . $_SERVER["PHP_SELF"] . "?fOrderBy=" . $this->aColumns[$i] . "&fOrderDirection=ASC&fStartIndex=" . $this->iStartIndex . "\">" . $this->aColumnHeadings[$i]."</a></th>\n"; | ||
| 122 | $sToRender .= "<th align=\"left\" bgcolor=\"" . $sTHBGColour . "\">" . $this->aColumnHeadings[$i]. "</th>\n"; | 137 | $sToRender .= "<th align=\"left\" bgcolor=\"" . $sTHBGColour . "\">" . $this->aColumnHeadings[$i]. "</th>\n"; |
| 123 | } | 138 | } |
| 124 | } else { | 139 | } else { |
| 125 | - //$sToRender .= "<th align=\"left\"><a href=\"" . $_SERVER["PHP_SELF"] . "?fOrderBy=" . $this->aColumns[$i] . "&fOrderDirection=ASC&fStartIndex=" . $this->iStartIndex . "\">" . $this->aColumnHeadings[$i]."</a></th>\n"; | ||
| 126 | $sToRender .= "<th align=\"left\" bgcolor=\"" . $sTHBGColour . "\">" . $this->aColumnHeadings[$i]. "</th>\n"; | 140 | $sToRender .= "<th align=\"left\" bgcolor=\"" . $sTHBGColour . "\">" . $this->aColumnHeadings[$i]. "</th>\n"; |
| 127 | } | 141 | } |
| 128 | } | 142 | } |
| 129 | $sToRender .= "</tr>\n"; | 143 | $sToRender .= "</tr>\n"; |
| 130 | $iColour = 0; | 144 | $iColour = 0; |
| 131 | $iDisplayed = 0; | 145 | $iDisplayed = 0; |
| 132 | - //limit the result set displayed | ||
| 133 | - while($sql->next_record() && ($iDisplayed < $this->iResultsToDisplay)) { | 146 | + |
| 147 | + //limit the result set displayed | ||
| 148 | + while($sql->next_record()) { | ||
| 134 | $sToRender .= "<tr bgcolor=\"" . getColour($iColour) . "\">"; | 149 | $sToRender .= "<tr bgcolor=\"" . getColour($iColour) . "\">"; |
| 135 | - $iColour++; | 150 | + $iColour++; $iDisplayed++; |
| 136 | 151 | ||
| 137 | for ($i = 0; $i < count($this->aColumns); $i++) { | 152 | for ($i = 0; $i < count($this->aColumns); $i++) { |
| 138 | switch ($this->aColumnTypes[$i]) { | 153 | switch ($this->aColumnTypes[$i]) { |
| @@ -141,7 +156,7 @@ class PatternBrowseableSearchResults { | @@ -141,7 +156,7 @@ class PatternBrowseableSearchResults { | ||
| 141 | $sToRender .= "<td>" . $sql->f($this->aColumns[$i]) . "</td>\n"; | 156 | $sToRender .= "<td>" . $sql->f($this->aColumns[$i]) . "</td>\n"; |
| 142 | break; | 157 | break; |
| 143 | case 2: | 158 | case 2: |
| 144 | - //diplay a checkbox | 159 | + //display a checkbox |
| 145 | $sToRender .= "<td>" . ($sql->f($this->aColumns[$i]) ? "Yes" : "No") . "</td>\n"; | 160 | $sToRender .= "<td>" . ($sql->f($this->aColumns[$i]) ? "Yes" : "No") . "</td>\n"; |
| 146 | break; | 161 | break; |
| 147 | case 3: | 162 | case 3: |
| @@ -176,43 +191,40 @@ class PatternBrowseableSearchResults { | @@ -176,43 +191,40 @@ class PatternBrowseableSearchResults { | ||
| 176 | } | 191 | } |
| 177 | } | 192 | } |
| 178 | $sToRender .= "</tr>\n"; | 193 | $sToRender .= "</tr>\n"; |
| 179 | - $iDisplayed++; | ||
| 180 | - } | 194 | + } |
| 181 | 195 | ||
| 182 | //if we displayed less results than the number to display | 196 | //if we displayed less results than the number to display |
| 183 | //simply pad the table | 197 | //simply pad the table |
| 184 | while ($iDisplayed < $this->iResultsToDisplay) { | 198 | while ($iDisplayed < $this->iResultsToDisplay) { |
| 185 | - $sToRender .= "<tr><td> </td></tr>\n"; | 199 | + $sToRender .= "<tr><td> </td></tr>\n"; |
| 186 | $iDisplayed++; | 200 | $iDisplayed++; |
| 187 | } | 201 | } |
| 188 | - | 202 | + $sToRender .= "</table>"; |
| 203 | + | ||
| 204 | + $sToRender .= "<table>"; | ||
| 189 | $sToRender .= "<tr>\n"; | 205 | $sToRender .= "<tr>\n"; |
| 190 | - | ||
| 191 | - $sToRender .= "<input type=\"hidden\" name=\"fStartIndex\" value=\"" . ($this->iStartIndex + $this->iResultsToDisplay) . "\" />\n"; | ||
| 192 | - /* Display only the next button */ | ||
| 193 | - if (($this->iStartIndex + $this->iResultsToDisplay) < $this->getResultCount($sql) && $this->iStartIndex == 0) { | ||
| 194 | - $sToRender .= "<td>"; | ||
| 195 | - //$sToRender .= ("<a href=\"" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex + $this->iResultsToDisplay) . "\">Next</a>"); | ||
| 196 | - $sToRender .= ("<input type=\"image\" src=\"$default->graphicsUrl/widgets/next.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex + $this->iResultsToDisplay) . $this->sQueryString . "')\" />"); | 206 | + $sToRender .= "<input type=\"hidden\" name=\"fStartIndex\" value=\"$iEndIndex\" />\n"; |
| 207 | + // Display only the next button | ||
| 208 | + if (($this->iStartIndex + $this->iResultsToDisplay) < $iTotalResults && $this->iStartIndex == 1) { | ||
| 209 | + $sToRender .= "<td> </td>"; | ||
| 210 | + $sToRender .= "<td align=\"left\">"; | ||
| 211 | + $sToRender .= "<input type=\"image\" src=\"$default->graphicsUrl/widgets/next.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex + $this->iResultsToDisplay) . $this->sQueryString . "')\" />"; | ||
| 197 | $sToRender .= "</td>\n"; | 212 | $sToRender .= "</td>\n"; |
| 198 | } | 213 | } |
| 199 | - /* Display both the next and the previous buttons */ | ||
| 200 | - else if (($this->iStartIndex + $this->iResultsToDisplay) < $this->getResultCount($sql) && $this->iStartIndex > 0) { | 214 | + // Display both the next and the previous buttons |
| 215 | + else if (($this->iStartIndex + $this->iResultsToDisplay) < $iTotalResults && $this->iStartIndex > 1) { | ||
| 201 | $sToRender .= "<td>"; | 216 | $sToRender .= "<td>"; |
| 202 | - $sToRender .= ("<input type=\"image\" src=\"$default->graphicsUrl/widgets/next.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex + $this->iResultsToDisplay) . $this->sQueryString . "')\" />"); | 217 | + $sToRender .= "<input type=\"image\" src=\"$default->graphicsUrl/widgets/previous.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex - $this->iResultsToDisplay) . $this->sQueryString . "')\" />"; |
| 203 | $sToRender .= "</td>"; | 218 | $sToRender .= "</td>"; |
| 204 | $sToRender .= "<td>"; | 219 | $sToRender .= "<td>"; |
| 205 | - $sToRender .= ("<input type=\"image\" src=\"$default->graphicsUrl/widgets/previous.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex - $this->iResultsToDisplay) . $this->sQueryString . "')\" />"); | 220 | + $sToRender .= "<input type=\"image\" src=\"$default->graphicsUrl/widgets/next.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex + $this->iResultsToDisplay) . $this->sQueryString . "')\" />"; |
| 206 | $sToRender .= "</td>\n"; | 221 | $sToRender .= "</td>\n"; |
| 207 | 222 | ||
| 208 | } | 223 | } |
| 209 | - /* Display only the previous button */ | ||
| 210 | - else if ($this->iStartIndex > 0) { | ||
| 211 | - $sToRender .= "<td>\n"; | ||
| 212 | - $sToRender .= (" "); | ||
| 213 | - $sToRender .= "</td>"; | ||
| 214 | - $sToRender .= "<td>\n"; | ||
| 215 | - $sToRender .= ("<input type=\"image\" src=\"$default->graphicsUrl/widgets/previous.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex - $this->iResultsToDisplay) . $this->sQueryString . "')\" />"); | 224 | + // Display only the previous button |
| 225 | + else if ($this->iStartIndex > 1) { | ||
| 226 | + $sToRender .= "<td align=\"left\">\n"; | ||
| 227 | + $sToRender .= "<input type=\"image\" src=\"$default->graphicsUrl/widgets/previous.gif\" onClick=\"setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fStartIndex=" . ($this->iStartIndex - $this->iResultsToDisplay) . $this->sQueryString . "')\" />"; | ||
| 216 | $sToRender .= "</td>"; | 228 | $sToRender .= "</td>"; |
| 217 | } | 229 | } |
| 218 | 230 | ||
| @@ -222,11 +234,14 @@ class PatternBrowseableSearchResults { | @@ -222,11 +234,14 @@ class PatternBrowseableSearchResults { | ||
| 222 | return $sToRender; | 234 | return $sToRender; |
| 223 | } | 235 | } |
| 224 | 236 | ||
| 225 | - function getResultCount($sql) { | 237 | + function getResultCount() { |
| 238 | + global $default; | ||
| 239 | + $sql = & $default->db; | ||
| 226 | if ($sql->query($this->sQuery)) { | 240 | if ($sql->query($this->sQuery)) { |
| 227 | return $sql->num_rows(); | 241 | return $sql->num_rows(); |
| 242 | + } else { | ||
| 243 | + return 0; | ||
| 228 | } | 244 | } |
| 229 | - return 0; | ||
| 230 | } | 245 | } |
| 231 | } | 246 | } |
| 232 | ?> | 247 | ?> |
| 233 | \ No newline at end of file | 248 | \ No newline at end of file |
lib/visualpatterns/PatternEditableListFromQuery.inc
| @@ -139,7 +139,7 @@ class PatternEditableListFromQuery { | @@ -139,7 +139,7 @@ class PatternEditableListFromQuery { | ||
| 139 | switch ($this->aDisplayColumnTypes[$i]) { | 139 | switch ($this->aDisplayColumnTypes[$i]) { |
| 140 | case 1: | 140 | case 1: |
| 141 | //plain text field | 141 | //plain text field |
| 142 | - $sToRender .= "\t<td bgcolor=\"" . getColour($i) . "\"><input type=\"text\" size = \"30\" name=\"" . $this->sUniqueName . "_" . $i . "_value\" value=\"" . stripslashes($sql->f($this->aDisplayColumns[$i])) . "\"</td>\n"; | 142 | + $sToRender .= "\t<td bgcolor=\"" . getColour($i) . "\"><input type=\"text\" size = \"30\" name=\"" . $this->sUniqueName . "_" . $i . "_value\" value=\"" . $sql->f($this->aDisplayColumns[$i]) . "\"</td>\n"; |
| 143 | break; | 143 | break; |
| 144 | case 2: | 144 | case 2: |
| 145 | //boolean value | 145 | //boolean value |
lib/visualpatterns/PatternEditableTableSqlQuery.inc
| @@ -172,9 +172,9 @@ class PatternEditableTableSqlQuery { | @@ -172,9 +172,9 @@ class PatternEditableTableSqlQuery { | ||
| 172 | //output the value | 172 | //output the value |
| 173 | if ($this->aColumnsVisible[$i]) { | 173 | if ($this->aColumnsVisible[$i]) { |
| 174 | if ($this->aColumnsEditable[$i]) { | 174 | if ($this->aColumnsEditable[$i]) { |
| 175 | - $sToRender .= "\t<input type=\"text\" name=\"" . $this->sUniqueName . "_" . $iRowCount . $i . "_value\" value=\"" . stripslashes($sql->f($this->aStoreColumnNames[$i])) . "\" />\n"; | 175 | + $sToRender .= "\t<input type=\"text\" name=\"" . $this->sUniqueName . "_" . $iRowCount . $i . "_value\" value=\"" . $sql->f($this->aStoreColumnNames[$i]) . "\" />\n"; |
| 176 | } else { | 176 | } else { |
| 177 | - $sToRender .= "\t<input type=\"hidden\" name=\"" . $this->sUniqueName . "_" . $iRowCount . $i . "_value\" value=\"" . $sql->f($this->aStoreColumnNames[$i]) . "\" />" . stripslashes($sql->f($this->aDisplayColumnNames[$i]))."\n"; | 177 | + $sToRender .= "\t<input type=\"hidden\" name=\"" . $this->sUniqueName . "_" . $iRowCount . $i . "_value\" value=\"" . $sql->f($this->aStoreColumnNames[$i]) . "\" />" . $sql->f($this->aDisplayColumnNames[$i])."\n"; |
| 178 | } | 178 | } |
| 179 | } else { | 179 | } else { |
| 180 | $sToRender .= "\t<input type=\"hidden\" name=\"" . $this->sUniqueName . "_" . $iRowCount . $i . "_value\" value=\"" . $sql->f($this->aStoreColumnNames[$i]) . "\" />\n"; | 180 | $sToRender .= "\t<input type=\"hidden\" name=\"" . $this->sUniqueName . "_" . $iRowCount . $i . "_value\" value=\"" . $sql->f($this->aStoreColumnNames[$i]) . "\" />\n"; |
lib/visualpatterns/PatternListBox.inc
| @@ -164,9 +164,9 @@ class PatternListBox { | @@ -164,9 +164,9 @@ class PatternListBox { | ||
| 164 | } | 164 | } |
| 165 | while ($sql->next_record()) { | 165 | while ($sql->next_record()) { |
| 166 | if ($this->selectedValue == $sql->f("value")) { | 166 | if ($this->selectedValue == $sql->f("value")) { |
| 167 | - $sToRender .= "<OPTION value=\"" . $sql->f("value") . "\" SELECTED>" . stripslashes($sql->f("display")) . "</OPTION>\n"; | 167 | + $sToRender .= "<OPTION value=\"" . $sql->f("value") . "\" SELECTED>" . $sql->f("display") . "</OPTION>\n"; |
| 168 | } else { | 168 | } else { |
| 169 | - $sToRender .= "<OPTION value=\"" . $sql->f("value") . "\">" . stripslashes($sql->f("display")) . "</OPTION>\n"; | 169 | + $sToRender .= "<OPTION value=\"" . $sql->f("value") . "\">" . $sql->f("display") . "</OPTION>\n"; |
| 170 | } | 170 | } |
| 171 | } | 171 | } |
| 172 | if (isset($this->aAdditionalEntries)) { | 172 | if (isset($this->aAdditionalEntries)) { |
| @@ -200,7 +200,7 @@ class PatternListBox { | @@ -200,7 +200,7 @@ class PatternListBox { | ||
| 200 | $aValues = array(); | 200 | $aValues = array(); |
| 201 | while ($sql->next_record()) { | 201 | while ($sql->next_record()) { |
| 202 | $aValues[] = array("value" => $sql->f("value"), | 202 | $aValues[] = array("value" => $sql->f("value"), |
| 203 | - "display" => stripslashes($sql->f("display"))); | 203 | + "display" => $sql->f("display")); |
| 204 | } | 204 | } |
| 205 | return $aValues; | 205 | return $aValues; |
| 206 | } | 206 | } |
lib/visualpatterns/PatternListFromQuery.inc
| @@ -127,7 +127,7 @@ class PatternListFromQuery { | @@ -127,7 +127,7 @@ class PatternListFromQuery { | ||
| 127 | 127 | ||
| 128 | $sToRender .= "<td nowrap bgcolor=\"$sTDBGColour\">" . $this->aColumnNames[$i] . "</td><td width=\"100%\" bgcolor=\"" . getColour($iColour) ."\">"; | 128 | $sToRender .= "<td nowrap bgcolor=\"$sTDBGColour\">" . $this->aColumnNames[$i] . "</td><td width=\"100%\" bgcolor=\"" . getColour($iColour) ."\">"; |
| 129 | if ($sql->f($this->aColumns[$i]) != null) { | 129 | if ($sql->f($this->aColumns[$i]) != null) { |
| 130 | - $sToRender .= stripslashes($sql->f($this->aColumns[$i])) . "</td>\n"; | 130 | + $sToRender .= $sql->f($this->aColumns[$i]) . "</td>\n"; |
| 131 | } else { | 131 | } else { |
| 132 | $sToRender .= " </td>"; | 132 | $sToRender .= " </td>"; |
| 133 | } | 133 | } |
| @@ -153,7 +153,7 @@ class PatternListFromQuery { | @@ -153,7 +153,7 @@ class PatternListFromQuery { | ||
| 153 | //$sToRender .= "<td bgcolor=\"$sTDBGColour\">" . $this->aColumnNames[$i] . "</td><td bgcolor=\"" . getColour($iColour) ."\"><textarea cols=$this->iTextAreaColumns rows=$this->iTextAreaRows READONLY>" . $sql->f($this->aColumns[$i]) . "</textarea></td>\n"; | 153 | //$sToRender .= "<td bgcolor=\"$sTDBGColour\">" . $this->aColumnNames[$i] . "</td><td bgcolor=\"" . getColour($iColour) ."\"><textarea cols=$this->iTextAreaColumns rows=$this->iTextAreaRows READONLY>" . $sql->f($this->aColumns[$i]) . "</textarea></td>\n"; |
| 154 | //break; | 154 | //break; |
| 155 | case 3: | 155 | case 3: |
| 156 | - $sToRender .= "<td bgcolor=\"$sTDBGColour\">" . $this->aColumnNames[$i] . "</b></td><td bgcolor=\"" . getColour($iColour) ."\"><a href=\"" . $this->aHyperLinkURL[$i] . "?" . $this->replaceValues($this->aQueryStringText[$i], $sql) . "\">" . stripslashes($sql->f($this->aColumns[$i])) . "</a></td>\n"; | 156 | + $sToRender .= "<td bgcolor=\"$sTDBGColour\">" . $this->aColumnNames[$i] . "</b></td><td bgcolor=\"" . getColour($iColour) ."\"><a href=\"" . $this->aHyperLinkURL[$i] . "?" . $this->replaceValues($this->aQueryStringText[$i], $sql) . "\">" . $sql->f($this->aColumns[$i]) . "</a></td>\n"; |
| 157 | break; | 157 | break; |
| 158 | default: | 158 | default: |
| 159 | break; | 159 | break; |
lib/visualpatterns/PatternMetaData.inc
| @@ -44,7 +44,7 @@ class PatternMetaData { | @@ -44,7 +44,7 @@ class PatternMetaData { | ||
| 44 | 44 | ||
| 45 | function render() { | 45 | function render() { |
| 46 | global $default; | 46 | global $default; |
| 47 | - $sQuery = "SELECT has_lookup FROM $default->document_fields_table WHERE name LIKE '" . $this->sMetaDataField . "'"; | 47 | + $sQuery = "SELECT has_lookup FROM $default->document_fields_table WHERE name LIKE '" . addslashes($this->sMetaDataField) . "'"; |
| 48 | 48 | ||
| 49 | $sql = $default->db; | 49 | $sql = $default->db; |
| 50 | $sql->query($sQuery); | 50 | $sql->query($sQuery); |
| @@ -53,7 +53,7 @@ class PatternMetaData { | @@ -53,7 +53,7 @@ class PatternMetaData { | ||
| 53 | //is a lookup, so display a drop down list | 53 | //is a lookup, so display a drop down list |
| 54 | $sWhereClause = "DF.name LIKE '" . $this->sMetaDataField . "'"; | 54 | $sWhereClause = "DF.name LIKE '" . $this->sMetaDataField . "'"; |
| 55 | $sFromClause = "INNER JOIN $default->document_fields_table AS DF ON ST.document_field_id = DF.id"; | 55 | $sFromClause = "INNER JOIN $default->document_fields_table AS DF ON ST.document_field_id = DF.id"; |
| 56 | - $oPatternListBox = & new PatternListBox("$default->document_fields_lookup_tables", "name", "name", $this->sFormName); | 56 | + $oPatternListBox = & new PatternListBox("$default->metadata_table", "name", "name", $this->sFormName); |
| 57 | if ($this->sValue != null) { | 57 | if ($this->sValue != null) { |
| 58 | $oPatternListBox->setSelectedValue($this->sValue); | 58 | $oPatternListBox->setSelectedValue($this->sValue); |
| 59 | } | 59 | } |
| @@ -63,7 +63,7 @@ class PatternMetaData { | @@ -63,7 +63,7 @@ class PatternMetaData { | ||
| 63 | } else { | 63 | } else { |
| 64 | $sToRender = "<input type=\"text\" name=\"" . $this->sFormName . "\" "; | 64 | $sToRender = "<input type=\"text\" name=\"" . $this->sFormName . "\" "; |
| 65 | if ($this->sValue != null) { | 65 | if ($this->sValue != null) { |
| 66 | - $sToRender .= "value=\"" . stripslashes($this->sValue) . "\" "; | 66 | + $sToRender .= "value=\"" . $this->sValue . "\" "; |
| 67 | } | 67 | } |
| 68 | $sToRender .= " />"; | 68 | $sToRender .= " />"; |
| 69 | return $sToRender; | 69 | return $sToRender; |
lib/visualpatterns/PatternTableSqlQuery.inc
| @@ -164,9 +164,9 @@ class PatternTableSqlQuery { | @@ -164,9 +164,9 @@ class PatternTableSqlQuery { | ||
| 164 | } | 164 | } |
| 165 | if ($sql->f($this->aColumns[$i]) != null) { | 165 | if ($sql->f($this->aColumns[$i]) != null) { |
| 166 | if ($this->bWordWrap) { | 166 | if ($this->bWordWrap) { |
| 167 | - $sToRender .= wordwrap(stripslashes($sql->f($this->aColumns[$i])), 25, " ", 1) . "</td>"; | 167 | + $sToRender .= wordwrap($sql->f($this->aColumns[$i]), 25, " ", 1) . "</td>"; |
| 168 | } else { | 168 | } else { |
| 169 | - $sToRender .= stripslashes($sql->f($this->aColumns[$i])) . "</td>"; | 169 | + $sToRender .= $sql->f($this->aColumns[$i]) . "</td>"; |
| 170 | } | 170 | } |
| 171 | } else { | 171 | } else { |
| 172 | $sToRender .= " </td>"; | 172 | $sToRender .= " </td>"; |
| @@ -205,7 +205,7 @@ class PatternTableSqlQuery { | @@ -205,7 +205,7 @@ class PatternTableSqlQuery { | ||
| 205 | } else if ($this->bUseImageURLFromQuery) { | 205 | } else if ($this->bUseImageURLFromQuery) { |
| 206 | $sToRender .= $this->generateImageURL($sql->f("image_url")); | 206 | $sToRender .= $this->generateImageURL($sql->f("image_url")); |
| 207 | } | 207 | } |
| 208 | - $sToRender .= stripslashes($sql->f($this->aColumns[$i])) . "</a></td>\n"; | 208 | + $sToRender .= $sql->f($this->aColumns[$i]) . "</a></td>\n"; |
| 209 | break; | 209 | break; |
| 210 | default: | 210 | default: |
| 211 | break; | 211 | break; |
lib/web/WebDocument.inc
| 1 | <?php | 1 | <?php |
| 2 | 2 | ||
| 3 | DEFINE("PENDING",1); | 3 | DEFINE("PENDING",1); |
| 4 | -DEFINE("PUBLISHED", 2); | 4 | +// FIXME: duplicate status in Document- need one class that defines all lookup constants |
| 5 | +if (!defined("PUBLISHED")) { | ||
| 6 | + DEFINE("PUBLISHED", 2); | ||
| 7 | +} | ||
| 5 | DEFINE("NOT_PUBLISHED",3); | 8 | DEFINE("NOT_PUBLISHED",3); |
| 6 | /** | 9 | /** |
| 7 | * $Id$ | 10 | * $Id$ |
lib/web/WebSite.inc
| @@ -146,7 +146,7 @@ class WebSite { | @@ -146,7 +146,7 @@ class WebSite { | ||
| 146 | } else { | 146 | } else { |
| 147 | 147 | ||
| 148 | $sql = $default->db; | 148 | $sql = $default->db; |
| 149 | - $result = $sql->query("INSERT INTO " . $default->web_sites_table . " (web_site_name, web_site_url, web_master_id) VALUES ('" . addslashes($this->sWebSiteName) . "', '" . addslashes($this->sWebSiteURL) . "', $this->iWebMasterID)"); | 149 | + $result = $sql->query("INSERT INTO " . $default->web_sites_table . " (web_site_name, web_site_url, web_master_id) VALUES ('$this->sWebSiteName', '$this->sWebSiteURL', $this->iWebMasterID)"); |
| 150 | if ($result) { | 150 | if ($result) { |
| 151 | $this->iId = $sql->insert_id(); | 151 | $this->iId = $sql->insert_id(); |
| 152 | return true; | 152 | return true; |
| @@ -170,7 +170,7 @@ class WebSite { | @@ -170,7 +170,7 @@ class WebSite { | ||
| 170 | //only update if the object has been stored | 170 | //only update if the object has been stored |
| 171 | if ($this->iId > 0) { | 171 | if ($this->iId > 0) { |
| 172 | $sql = $default->db; | 172 | $sql = $default->db; |
| 173 | - $result = $sql->query("UPDATE " . $default->web_sites_table . " SET web_site_name = '" . addslashes($this->sWebSiteName) . "', web_site_url = '" . addslashes($this->sWebSiteURL) . "', web_master_id = '" . $this->iWebMasterID . "' WHERE id = $this->iId"); | 173 | + $result = $sql->query("UPDATE " . $default->web_sites_table . " SET web_site_name = '$this->sWebSiteName', web_site_url = '$this->sWebSiteURL', web_master_id = '" . $this->iWebMasterID . "' WHERE id = $this->iId"); |
| 174 | if ($result) { | 174 | if ($result) { |
| 175 | return true; | 175 | return true; |
| 176 | } | 176 | } |
| @@ -217,7 +217,7 @@ class WebSite { | @@ -217,7 +217,7 @@ class WebSite { | ||
| 217 | $result = $sql->query("SELECT * FROM $default->web_sites_table WHERE id = $iWebSiteID"); | 217 | $result = $sql->query("SELECT * FROM $default->web_sites_table WHERE id = $iWebSiteID"); |
| 218 | if ($result) { | 218 | if ($result) { |
| 219 | if ($sql->next_record()) { | 219 | if ($sql->next_record()) { |
| 220 | - $oWebSite = & new WebSite(stripslashes($sql->f("web_site_name")), stripslashes($sql->f("web_site_url")), $sql->f("web_master_id")); | 220 | + $oWebSite = & new WebSite($sql->f("web_site_name"), $sql->f("web_site_url"), $sql->f("web_master_id")); |
| 221 | $oWebSite->iId = $iWebSiteID; | 221 | $oWebSite->iId = $iWebSiteID; |
| 222 | return $oWebSite; | 222 | return $oWebSite; |
| 223 | } | 223 | } |
presentation/login.php
| @@ -98,7 +98,7 @@ if ($loginAction == "loginForm") { | @@ -98,7 +98,7 @@ if ($loginAction == "loginForm") { | ||
| 98 | switch ($userDetails["status"]) { | 98 | switch ($userDetails["status"]) { |
| 99 | // bad credentials | 99 | // bad credentials |
| 100 | case 0: | 100 | case 0: |
| 101 | - $url = $url . "&errorMessage=" . urlencode($lang_loginfail); | 101 | + $url = $url . "&errorMessage=" . urlencode("Login failure"); |
| 102 | break; | 102 | break; |
| 103 | // successfully authenticated | 103 | // successfully authenticated |
| 104 | case 1: | 104 | case 1: |
| @@ -137,18 +137,18 @@ if ($loginAction == "loginForm") { | @@ -137,18 +137,18 @@ if ($loginAction == "loginForm") { | ||
| 137 | break; | 137 | break; |
| 138 | // login disabled | 138 | // login disabled |
| 139 | case 2: | 139 | case 2: |
| 140 | - $url = $url . "&errorMessage=" . urlencode($lang_logindisabled); | 140 | + $url = $url . "&errorMessage=" . urlencode("Account has been DISABLED, contact the System Adminstrator"); |
| 141 | break; | 141 | break; |
| 142 | // too many sessions | 142 | // too many sessions |
| 143 | case 3 : | 143 | case 3 : |
| 144 | - $url = $url . "&errorMessage=" . urlencode($lang_toomanysessions); | 144 | + $url = $url . "&errorMessage=" . urlencode("Maximum sessions for user reached.<br>Contact the System Administrator"); |
| 145 | break; | 145 | break; |
| 146 | // not a unit user | 146 | // not a unit user |
| 147 | case 4 : | 147 | case 4 : |
| 148 | $url = $url . "&errorMessage=" . urlencode("Not unit user- contact an Administrator"); | 148 | $url = $url . "&errorMessage=" . urlencode("Not unit user- contact an Administrator"); |
| 149 | break; | 149 | break; |
| 150 | default : | 150 | default : |
| 151 | - $url = $url . "&errorMessage=" . urlencode($lang_err_general); | 151 | + $url = $url . "&errorMessage=" . urlencode("Login failure"); |
| 152 | } | 152 | } |
| 153 | } else { | 153 | } else { |
| 154 | // didn't receive any login parameters, so redirect login form | 154 | // didn't receive any login parameters, so redirect login form |
presentation/lookAndFeel/knowledgeTree/administration/docfieldmanagement/editDocFieldLookupsUI.inc
| @@ -84,7 +84,7 @@ function getGroupPage($fDocFieldID) { | @@ -84,7 +84,7 @@ function getGroupPage($fDocFieldID) { | ||
| 84 | 84 | ||
| 85 | $LookupDisplay .= "<b>Current Lookups</b><br>\n"; | 85 | $LookupDisplay .= "<b>Current Lookups</b><br>\n"; |
| 86 | $sQuery = " Select * " . | 86 | $sQuery = " Select * " . |
| 87 | - " From " . $default->document_fields_lookup_tables . | 87 | + " From " . $default->metadata_table . |
| 88 | " WHERE document_field_id=" . $fDocFieldID; | 88 | " WHERE document_field_id=" . $fDocFieldID; |
| 89 | 89 | ||
| 90 | $aColumns = array("name"); | 90 | $aColumns = array("name"); |
presentation/lookAndFeel/knowledgeTree/administration/groupmanagement/assignGroupToUnitBL.php
| @@ -65,7 +65,7 @@ if (checkSession()) { | @@ -65,7 +65,7 @@ if (checkSession()) { | ||
| 65 | if($unitLink == false) { | 65 | if($unitLink == false) { |
| 66 | $oPatternCustom->setHtml(getPage($fGroupID,$fUnitID)); | 66 | $oPatternCustom->setHtml(getPage($fGroupID,$fUnitID)); |
| 67 | $main->setHasRequiredFields(true); | 67 | $main->setHasRequiredFields(true); |
| 68 | - $main->setFormAction($_SERVER["PHP_SELF"] . "?fGroupSet=1&fGroupAssign=1"); | 68 | + $main->setFormAction($_SERVER["PHP_SELF"] . "?fGroupAssign=1"); |
| 69 | } else { | 69 | } else { |
| 70 | //if it does...then go to failure page | 70 | //if it does...then go to failure page |
| 71 | $oPatternCustom->setHtml(getPageFail($fGroupID)); | 71 | $oPatternCustom->setHtml(getPageFail($fGroupID)); |
presentation/lookAndFeel/knowledgeTree/administration/groupmanagement/assignGroupToUnitUI.inc
| @@ -80,28 +80,25 @@ function getGotGroupPage($iGroupID,$iUnitID){ | @@ -80,28 +80,25 @@ function getGotGroupPage($iGroupID,$iUnitID){ | ||
| 80 | // gets main page | 80 | // gets main page |
| 81 | function getPage($iGroupID, $iUnitID) { | 81 | function getPage($iGroupID, $iUnitID) { |
| 82 | global $default; | 82 | global $default; |
| 83 | - $oGroup = null; | ||
| 84 | - $oUnit = null; | 83 | + |
| 84 | + $oGroup = Group::get($iGroupID); | ||
| 85 | + if (isset($iUnitID)) { | ||
| 86 | + $oUnit = Unit::get($iUnitID); | ||
| 87 | + } | ||
| 85 | 88 | ||
| 86 | - if (isset($iGroupID)) { | ||
| 87 | - $oGroup = Group::get($iGroupID); | ||
| 88 | - $heading = "<tr><td colspan=\"2\">Are you Sure you wish to assign the Group to the Unit?</td></tr>\n"; | 89 | + if ($oUnit) { |
| 90 | + $heading = "<tr><td colspan=\"2\">Are you sure you wish to assign the Group to the Unit?</td></tr>\n"; | ||
| 89 | } else { | 91 | } else { |
| 90 | - if (Permission::userIsUnitAdministrator()) { | 92 | + if (Permission::userIsUnitAdministrator() && !Permission::userIsSystemAdministrator()) { |
| 91 | $heading = "<tr><td colspan=\"2\">Please Assign a Group to your Unit:</td></tr>\n"; | 93 | $heading = "<tr><td colspan=\"2\">Please Assign a Group to your Unit:</td></tr>\n"; |
| 92 | } else { | 94 | } else { |
| 93 | $heading = "<tr><td colspan=\"2\">Please Assign a Group to a Unit:</td></tr>\n"; | 95 | $heading = "<tr><td colspan=\"2\">Please Assign a Group to a Unit:</td></tr>\n"; |
| 94 | } | 96 | } |
| 95 | } | 97 | } |
| 96 | - | ||
| 97 | - if (isset($iUnitID)) { | ||
| 98 | - $oUnit = Unit::get($iUnitID); | ||
| 99 | - } | ||
| 100 | 98 | ||
| 101 | $sToRender .= renderHeading("Assign Group to Unit"); | 99 | $sToRender .= renderHeading("Assign Group to Unit"); |
| 102 | $sToRender .= "<table>\n"; | 100 | $sToRender .= "<table>\n"; |
| 103 | $sToRender .= $heading; | 101 | $sToRender .= $heading; |
| 104 | - $sToRender .= "<br>\n"; | ||
| 105 | $sToRender .= "<tr>\n"; | 102 | $sToRender .= "<tr>\n"; |
| 106 | $sToRender .= "</tr>\n"; | 103 | $sToRender .= "</tr>\n"; |
| 107 | $sToRender .= "<td>Group Name: </td><td>" . getGroupDisplay($oGroup) . "</td>\n"; | 104 | $sToRender .= "<td>Group Name: </td><td>" . getGroupDisplay($oGroup) . "</td>\n"; |
| @@ -227,7 +224,7 @@ function getGroupDisplay($oGroup) { | @@ -227,7 +224,7 @@ function getGroupDisplay($oGroup) { | ||
| 227 | // display the listbox initially ..then just display the text | 224 | // display the listbox initially ..then just display the text |
| 228 | function getUnitDisplay($oUnit) { | 225 | function getUnitDisplay($oUnit) { |
| 229 | global $default; | 226 | global $default; |
| 230 | - if (Permission::userIsUnitAdministrator()) { | 227 | + if (Permission::userIsUnitAdministrator() && !Permission::userIsSystemAdministrator()) { |
| 231 | $oUnit = Unit::get(User::getUnitID($_SESSION["userID"])); | 228 | $oUnit = Unit::get(User::getUnitID($_SESSION["userID"])); |
| 232 | } | 229 | } |
| 233 | if (!isset($oUnit)) { | 230 | if (!isset($oUnit)) { |
presentation/lookAndFeel/knowledgeTree/administration/groupmanagement/listGroupsUI.inc
| @@ -42,22 +42,22 @@ function getUnitDisplay($iUnitID) { | @@ -42,22 +42,22 @@ function getUnitDisplay($iUnitID) { | ||
| 42 | 42 | ||
| 43 | function getGroups($fUnitID) { | 43 | function getGroups($fUnitID) { |
| 44 | global $default; | 44 | global $default; |
| 45 | - $sQuery = "SELECT groups_lookup.id as groupID, units_lookup.name as UnitNameB4, groups_lookup.name as name, 'Edit' , 'Delete', 'Edit Units', " . | 45 | + $sQuery = "SELECT groups_lookup.id as groupID, units_lookup.name as UnitNameB4, groups_lookup.name as name, 'Edit' , 'Delete', 'Edit Unit', " . |
| 46 | "CASE WHEN units_lookup.name Is Null THEN '<font color=darkgrey>No Unit Assigned</font>' ELSE units_lookup.name END AS UnitName " . | 46 | "CASE WHEN units_lookup.name Is Null THEN '<font color=darkgrey>No Unit Assigned</font>' ELSE units_lookup.name END AS UnitName " . |
| 47 | "FROM (groups_lookup LEFT join groups_units_link on groups_lookup.id = groups_units_link.group_id) " . | 47 | "FROM (groups_lookup LEFT join groups_units_link on groups_lookup.id = groups_units_link.group_id) " . |
| 48 | "LEft join units_lookup on units_lookup.id = groups_units_link.unit_id " . | 48 | "LEft join units_lookup on units_lookup.id = groups_units_link.unit_id " . |
| 49 | ($fUnitID ? "WHERE groups_units_link.unit_id =$fUnitID " : "") . | 49 | ($fUnitID ? "WHERE groups_units_link.unit_id =$fUnitID " : "") . |
| 50 | "ORDER BY groups_lookup.name "; | 50 | "ORDER BY groups_lookup.name "; |
| 51 | 51 | ||
| 52 | - $aColumns = array("name", "UnitName", "Edit", "Delete", "Edit Units"); | ||
| 53 | - $aColumnNames = array( "Name", "Unit Name", "Edit", "Delete", "Edit Units"); | 52 | + $aColumns = array("name", "UnitName", "Edit", "Delete", "Edit Unit"); |
| 53 | + $aColumnNames = array( "Name", "Unit Name", "Edit", "Delete", "Edit Unit"); | ||
| 54 | $aColumnTypes = array(1,1,3,3,3); | 54 | $aColumnTypes = array(1,1,3,3,3); |
| 55 | $aDBColumnArray = array("groupID"); | 55 | $aDBColumnArray = array("groupID"); |
| 56 | $aQueryStringVariableNames = array("fGroupID"); | 56 | $aQueryStringVariableNames = array("fGroupID"); |
| 57 | 57 | ||
| 58 | $aHyperLinkURL = array( 2=> "$default->rootUrl/control.php?action=editGroup", | 58 | $aHyperLinkURL = array( 2=> "$default->rootUrl/control.php?action=editGroup", |
| 59 | - 3=> "$default->rootUrl/control.php?action=removeGroup", | ||
| 60 | - 4=> "$default->rootUrl/control.php?action=editGroupUnit"); | 59 | + 3=> "$default->rootUrl/control.php?action=removeGroup", |
| 60 | + 4=> "$default->rootUrl/control.php?action=editGroupUnit"); | ||
| 61 | 61 | ||
| 62 | $oSearchResults = & new PatternTableSqlQuery($sQuery, $aColumns, $aColumnTypes, $aColumnNames, "100%", $aHyperLinkURL,$aDBColumnArray,$aQueryStringVariableNames); | 62 | $oSearchResults = & new PatternTableSqlQuery($sQuery, $aColumns, $aColumnTypes, $aColumnNames, "100%", $aHyperLinkURL,$aDBColumnArray,$aQueryStringVariableNames); |
| 63 | $oSearchResults->setDisplayColumnHeadings(true); | 63 | $oSearchResults->setDisplayColumnHeadings(true); |
presentation/lookAndFeel/knowledgeTree/administration/groupmanagement/removeGroupBL.php
| @@ -31,7 +31,6 @@ if (checkSession()) { | @@ -31,7 +31,6 @@ if (checkSession()) { | ||
| 31 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternListBox.inc"); | 31 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternListBox.inc"); |
| 32 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternEditableListFromQuery.inc"); | 32 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternEditableListFromQuery.inc"); |
| 33 | require_once("removeGroupUI.inc"); | 33 | require_once("removeGroupUI.inc"); |
| 34 | - //require_once("../adminUI.inc"); | ||
| 35 | require_once("$default->fileSystemRoot/lib/security/Permission.inc"); | 34 | require_once("$default->fileSystemRoot/lib/security/Permission.inc"); |
| 36 | require_once("$default->fileSystemRoot/lib/groups/Group.inc"); | 35 | require_once("$default->fileSystemRoot/lib/groups/Group.inc"); |
| 37 | require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); | 36 | require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); |
| @@ -46,16 +45,20 @@ if (checkSession()) { | @@ -46,16 +45,20 @@ if (checkSession()) { | ||
| 46 | $oGroup = Group::get($fGroupID); | 45 | $oGroup = Group::get($fGroupID); |
| 47 | if (!$oGroup->hasUsers()) { | 46 | if (!$oGroup->hasUsers()) { |
| 48 | if (!$oGroup->hasUnit()) { | 47 | if (!$oGroup->hasUnit()) { |
| 49 | - if (isset($fForDelete)) { | ||
| 50 | - if ($oGroup->delete()) { | ||
| 51 | - // FIXME: refactor getStatusPage in Html.inc | ||
| 52 | - $oPatternCustom->setHtml(statusPage("Remove Group", "Group successfully removed!", "", "listGroups")); | 48 | + if (!$oGroup->hasRoutingSteps()) { |
| 49 | + if (isset($fForDelete)) { | ||
| 50 | + if ($oGroup->delete()) { | ||
| 51 | + // FIXME: refactor getStatusPage in Html.inc | ||
| 52 | + $oPatternCustom->setHtml(statusPage("Remove Group", "Group successfully removed!", "", "listGroups")); | ||
| 53 | + } else { | ||
| 54 | + $oPatternCustom->setHtml(statusPage("Remove Group", "Group deletion failed!", "There was an error deleting this group. Please try again later.", "listGroups")); | ||
| 55 | + } | ||
| 53 | } else { | 56 | } else { |
| 54 | - $oPatternCustom->setHtml(statusPage("Remove Group", "Group deletion failed!", "There was an error deleting this group. Please try again later.", "listGroups")); | 57 | + $oPatternCustom->setHtml(getDeletePage($fGroupID)); |
| 58 | + $main->setFormAction($_SERVER["PHP_SELF"] . "?fForDelete=1"); | ||
| 55 | } | 59 | } |
| 56 | } else { | 60 | } else { |
| 57 | - $oPatternCustom->setHtml(getDeletePage($fGroupID)); | ||
| 58 | - $main->setFormAction($_SERVER["PHP_SELF"] . "?fForDelete=1"); | 61 | + $oPatternCustom->setHtml(statusPage("Remove Group", "This group is part of a document routing step!", "This group can not be deleted because it is involved in the document routing process.", "listGroups")); |
| 59 | } | 62 | } |
| 60 | } else { | 63 | } else { |
| 61 | $oPatternCustom->setHtml(statusPage("Remove Group", "This group is in a unit!", "This group can not be deleted because it belongs to a unit.", "listGroups")); | 64 | $oPatternCustom->setHtml(statusPage("Remove Group", "This group is in a unit!", "This group can not be deleted because it belongs to a unit.", "listGroups")); |
presentation/lookAndFeel/knowledgeTree/administration/news/addNewsBL.php
| @@ -6,6 +6,7 @@ require_once("$default->fileSystemRoot/lib/visualpatterns/PatternMainPage.inc"); | @@ -6,6 +6,7 @@ require_once("$default->fileSystemRoot/lib/visualpatterns/PatternMainPage.inc"); | ||
| 6 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); | 6 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); |
| 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternTableSqlQuery.inc"); | 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternTableSqlQuery.inc"); |
| 8 | require_once("$default->uiDirectory/administration/news/newsUI.inc"); | 8 | require_once("$default->uiDirectory/administration/news/newsUI.inc"); |
| 9 | +require_once("$default->uiDirectory/administration/adminUI.inc"); | ||
| 9 | require_once("$default->fileSystemRoot/presentation/Html.inc"); | 10 | require_once("$default->fileSystemRoot/presentation/Html.inc"); |
| 10 | /** | 11 | /** |
| 11 | * $Id$ | 12 | * $Id$ |
presentation/lookAndFeel/knowledgeTree/administration/news/editNewsBL.php
| @@ -6,6 +6,7 @@ require_once("$default->fileSystemRoot/lib/visualpatterns/PatternMainPage.inc"); | @@ -6,6 +6,7 @@ require_once("$default->fileSystemRoot/lib/visualpatterns/PatternMainPage.inc"); | ||
| 6 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); | 6 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); |
| 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternTableSqlQuery.inc"); | 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternTableSqlQuery.inc"); |
| 8 | require_once("$default->uiDirectory/administration/news/newsUI.inc"); | 8 | require_once("$default->uiDirectory/administration/news/newsUI.inc"); |
| 9 | +require_once("$default->uiDirectory/administration/adminUI.inc"); | ||
| 9 | require_once("$default->fileSystemRoot/presentation/Html.inc"); | 10 | require_once("$default->fileSystemRoot/presentation/Html.inc"); |
| 10 | /** | 11 | /** |
| 11 | * $Id$ | 12 | * $Id$ |
presentation/lookAndFeel/knowledgeTree/administration/news/removeNewsBL.php
| @@ -6,6 +6,7 @@ require_once("$default->fileSystemRoot/lib/visualpatterns/PatternMainPage.inc"); | @@ -6,6 +6,7 @@ require_once("$default->fileSystemRoot/lib/visualpatterns/PatternMainPage.inc"); | ||
| 6 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); | 6 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); |
| 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternTableSqlQuery.inc"); | 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternTableSqlQuery.inc"); |
| 8 | require_once("$default->uiDirectory/administration/news/newsUI.inc"); | 8 | require_once("$default->uiDirectory/administration/news/newsUI.inc"); |
| 9 | +require_once("$default->uiDirectory/administration/adminUI.inc"); | ||
| 9 | require_once("$default->fileSystemRoot/presentation/Html.inc"); | 10 | require_once("$default->fileSystemRoot/presentation/Html.inc"); |
| 10 | 11 | ||
| 11 | /** | 12 | /** |
presentation/lookAndFeel/knowledgeTree/administration/orgmanagement/addOrgSuccess.php
| @@ -33,7 +33,7 @@ if(checkSession()) { | @@ -33,7 +33,7 @@ if(checkSession()) { | ||
| 33 | // include the page template (with navbar) | 33 | // include the page template (with navbar) |
| 34 | require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); | 34 | require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); |
| 35 | 35 | ||
| 36 | - $sToRender .= renderHeading("Add Unit"); | 36 | + $sToRender .= renderHeading("Add Organisation"); |
| 37 | $sToRender .= "<table>\n"; | 37 | $sToRender .= "<table>\n"; |
| 38 | $sToRender .= "<tr>\n"; | 38 | $sToRender .= "<tr>\n"; |
| 39 | if($fSuccess) { | 39 | if($fSuccess) { |
presentation/lookAndFeel/knowledgeTree/administration/orgmanagement/listOrgUI.inc
| @@ -28,16 +28,20 @@ | @@ -28,16 +28,20 @@ | ||
| 28 | function getOrganisations() { | 28 | function getOrganisations() { |
| 29 | global $default; | 29 | global $default; |
| 30 | $sQuery = "SELECT org.id as orgID, org.name as name, " . | 30 | $sQuery = "SELECT org.id as orgID, org.name as name, " . |
| 31 | - "'Edit', 'Delete' " . | 31 | + //"'Edit', 'Delete' " . |
| 32 | + "'Edit'" . | ||
| 32 | "FROM organisations_lookup as org " . | 33 | "FROM organisations_lookup as org " . |
| 33 | "ORDER BY org.name"; | 34 | "ORDER BY org.name"; |
| 34 | - $aColumns = array("name", "Edit", "Delete"); | ||
| 35 | - $aColumnNames = array("Name", "Edit", "Delete"); | ||
| 36 | - $aColumnTypes = array(1,3,3); | 35 | + //$aColumns = array("name", "Edit", "Delete"); |
| 36 | + $aColumns = array("name", "Edit"); | ||
| 37 | + //$aColumnNames = array("Name", "Edit", "Delete"); | ||
| 38 | + $aColumnNames = array("Name", "Edit"); | ||
| 39 | + //$aColumnTypes = array(1,3,3); | ||
| 40 | + $aColumnTypes = array(1,3); | ||
| 37 | $aDBColumnArray = array("orgID"); | 41 | $aDBColumnArray = array("orgID"); |
| 38 | $aQueryStringVariableNames = array("fOrgID"); | 42 | $aQueryStringVariableNames = array("fOrgID"); |
| 39 | - $aHyperLinkURL = array( 1=> "$default->rootUrl/control.php?action=editOrg", | ||
| 40 | - 2=> "$default->rootUrl/control.php?action=removeOrg"); | 43 | + $aHyperLinkURL = array( 1=> "$default->rootUrl/control.php?action=editOrg"); |
| 44 | + //2=> "$default->rootUrl/control.php?action=removeOrg"); | ||
| 41 | $oSearchResults = & new PatternTableSqlQuery($sQuery, $aColumns, $aColumnTypes, $aColumnNames, "100%", $aHyperLinkURL,$aDBColumnArray,$aQueryStringVariableNames); | 45 | $oSearchResults = & new PatternTableSqlQuery($sQuery, $aColumns, $aColumnTypes, $aColumnNames, "100%", $aHyperLinkURL,$aDBColumnArray,$aQueryStringVariableNames); |
| 42 | $oSearchResults->setDisplayColumnHeadings(true); | 46 | $oSearchResults->setDisplayColumnHeadings(true); |
| 43 | return $oSearchResults->render() ; | 47 | return $oSearchResults->render() ; |
| @@ -48,7 +52,7 @@ function getPage() { | @@ -48,7 +52,7 @@ function getPage() { | ||
| 48 | $sToRender .= renderHeading("Organisation Management"); | 52 | $sToRender .= renderHeading("Organisation Management"); |
| 49 | 53 | ||
| 50 | // add user link | 54 | // add user link |
| 51 | - $sToRender .= getAddLink("addOrg", "Add An Organisation"); | 55 | + //$sToRender .= getAddLink("addOrg", "Add An Organisation"); |
| 52 | $sToRender .= getOrganisations(); | 56 | $sToRender .= getOrganisations(); |
| 53 | return $sToRender; | 57 | return $sToRender; |
| 54 | } | 58 | } |
presentation/lookAndFeel/knowledgeTree/administration/rolemanagement/editRoleSuccess.php
| @@ -43,7 +43,7 @@ if(checkSession()) { | @@ -43,7 +43,7 @@ if(checkSession()) { | ||
| 43 | $Center .= "<tr></tr>\n"; | 43 | $Center .= "<tr></tr>\n"; |
| 44 | $Center .= "<tr></tr>\n"; | 44 | $Center .= "<tr></tr>\n"; |
| 45 | $Center .= "<tr>\n"; | 45 | $Center .= "<tr>\n"; |
| 46 | - $Center .= "<td align = right><a href=\"$default->rootUrl/control.php?action=listRole\"><img src =\"$default->graphicsUrl/widgets/back.gif\" border = \"0\" /></a></td>\n"; | 46 | + $Center .= "<td align=\"right\"><a href=\"$default->rootUrl/control.php?action=listRoles\"><img src =\"$default->graphicsUrl/widgets/back.gif\" border = \"0\" /></a></td>\n"; |
| 47 | $Center .= "</tr>\n"; | 47 | $Center .= "</tr>\n"; |
| 48 | $Center .= "</table>\n"; | 48 | $Center .= "</table>\n"; |
| 49 | 49 |
presentation/lookAndFeel/knowledgeTree/administration/usermanagement/addUserUI.inc
| @@ -124,7 +124,7 @@ function getDetailsLDAPPage($sUserName, $aAttributes, $sUserIdentifier) { | @@ -124,7 +124,7 @@ function getDetailsLDAPPage($sUserName, $aAttributes, $sUserIdentifier) { | ||
| 124 | $sToRender .= "<tr>\n"; | 124 | $sToRender .= "<tr>\n"; |
| 125 | $sToRender .= "<td>Sms Notification: </td><td><input type=\"checkbox\" name=\"fSmsNotification\"/> </td>\n"; | 125 | $sToRender .= "<td>Sms Notification: </td><td><input type=\"checkbox\" name=\"fSmsNotification\"/> </td>\n"; |
| 126 | $sToRender .= "</tr>\n"; | 126 | $sToRender .= "</tr>\n"; |
| 127 | - $sToRender .= "<tr><td><b>Group</b></td><td>" . getGroupListBox() . "</td></tr>\n"; | 127 | + $sToRender .= "<tr><td><b>Initial Group</b></td><td>" . getGroupListBox() . "</td></tr>\n"; |
| 128 | $sToRender .= "<tr>\n"; | 128 | $sToRender .= "<tr>\n"; |
| 129 | $sToRender .= "<td colspan=\"2\" align=\"right\">" . getAddButton() . getCancelButton("listUsers") . "</td>"; | 129 | $sToRender .= "<td colspan=\"2\" align=\"right\">" . getAddButton() . getCancelButton("listUsers") . "</td>"; |
| 130 | $sToRender .= "</tr>\n"; | 130 | $sToRender .= "</tr>\n"; |
presentation/lookAndFeel/knowledgeTree/dashboardBL.php
| @@ -5,7 +5,7 @@ require_once("../../../config/dmsDefaults.php"); | @@ -5,7 +5,7 @@ require_once("../../../config/dmsDefaults.php"); | ||
| 5 | require_once("$default->fileSystemRoot/lib/dashboard/Dashboard.inc"); | 5 | require_once("$default->fileSystemRoot/lib/dashboard/Dashboard.inc"); |
| 6 | require_once("$default->fileSystemRoot/lib/dashboard/DashboardNews.inc"); | 6 | require_once("$default->fileSystemRoot/lib/dashboard/DashboardNews.inc"); |
| 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); | 7 | require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); |
| 8 | -require_once("$default->uiDirectory/dashboardUI.inc"); | 8 | +require_once("dashboardUI.inc"); |
| 9 | /** | 9 | /** |
| 10 | * $Id$ | 10 | * $Id$ |
| 11 | * | 11 | * |
presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentBL.php
| @@ -101,7 +101,7 @@ if (checkSession()) { | @@ -101,7 +101,7 @@ if (checkSession()) { | ||
| 101 | " are meant to be linked for collaboration purposes. As creator of the document, ' " . $oParentDocument->getName() . "', you are requested to " . | 101 | " are meant to be linked for collaboration purposes. As creator of the document, ' " . $oParentDocument->getName() . "', you are requested to " . |
| 102 | "please link them manually by browsing to the parent document, " . | 102 | "please link them manually by browsing to the parent document, " . |
| 103 | generateControllerLink("viewDocument","fDocumentID=" . $oParentDocument->getID(), $oParentDocument->getName()) . | 103 | generateControllerLink("viewDocument","fDocumentID=" . $oParentDocument->getID(), $oParentDocument->getName()) . |
| 104 | - " and selecting the link button. " . $oDocument->getName() . " can be found at " . $oDocument->generateFullFolderPath($oDocument->getFolderID()); | 104 | + " and selecting the link button. " . $oDocument->getName() . " can be found at " . $oDocument->getDisplayPath(); |
| 105 | 105 | ||
| 106 | $oEmail = & new Email(); | 106 | $oEmail = & new Email(); |
| 107 | $oEmail->send($oUserDocCreator->getEmail(), "Automatic document linking failed", $sBody); | 107 | $oEmail->send($oUserDocCreator->getEmail(), "Automatic document linking failed", $sBody); |
presentation/lookAndFeel/knowledgeTree/documentmanagement/addDocumentUI.inc
| @@ -32,8 +32,6 @@ function getDocumentType($iFolderID, $iDocumentTypeID, $iDependantDocumentID = n | @@ -32,8 +32,6 @@ function getDocumentType($iFolderID, $iDocumentTypeID, $iDependantDocumentID = n | ||
| 32 | $oPatternListBox = & new PatternListBox("$default->document_types_table", "name", "id", "fDocumentTypeID",$sWhereClause); | 32 | $oPatternListBox = & new PatternListBox("$default->document_types_table", "name", "id", "fDocumentTypeID",$sWhereClause); |
| 33 | $oPatternListBox->setIncludeDefaultValue(true); | 33 | $oPatternListBox->setIncludeDefaultValue(true); |
| 34 | $oPatternListBox->setFromClause("INNER JOIN $default->folder_doctypes_table AS FDL ON ST.id = FDL.document_type_id"); | 34 | $oPatternListBox->setFromClause("INNER JOIN $default->folder_doctypes_table AS FDL ON ST.id = FDL.document_type_id"); |
| 35 | - $oPatternListBox->setPostBackOnChange(true); | ||
| 36 | - $oPatternListBox->setOnChangeAction("setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fFolderID=$iFolderID" . (isset($iDependantDocumentID) ? "&fDependantDocumentID=$iDependantDocumentID" : "") . "')"); | ||
| 37 | 35 | ||
| 38 | if ($iDocumentTypeID) { | 36 | if ($iDocumentTypeID) { |
| 39 | $oPatternListBox->setSelectedValue($iDocumentTypeID); | 37 | $oPatternListBox->setSelectedValue($iDocumentTypeID); |
| @@ -41,8 +39,16 @@ function getDocumentType($iFolderID, $iDocumentTypeID, $iDependantDocumentID = n | @@ -41,8 +39,16 @@ function getDocumentType($iFolderID, $iDocumentTypeID, $iDependantDocumentID = n | ||
| 41 | } else { | 39 | } else { |
| 42 | $sHeading = "Please select the document type:"; | 40 | $sHeading = "Please select the document type:"; |
| 43 | } | 41 | } |
| 44 | - | ||
| 45 | - return "<table><tr><td><b>$sHeading<b></td></tr><tr><td>" . $oPatternListBox->render() . "</td></tr></table>"; | 42 | + |
| 43 | + $sToRender = "<table><tr><td><b>$sHeading<b></td></tr><tr><td>" . $oPatternListBox->render() . "</td></tr></table>"; | ||
| 44 | + | ||
| 45 | + $sToRender .= "\n\n<script language=\"javascript\">\n<!--\n"; | ||
| 46 | + $sToRender .= "function validateForm(theForm) {\n"; | ||
| 47 | + $sToRender .= "\tif (!(validRequired(theForm.fDocumentTypeID, 'Document Type'))) {\n"; | ||
| 48 | + $sToRender .= "\t\treturn false;\n\t}\n"; | ||
| 49 | + $sToRender .= "return true;\n}\n"; | ||
| 50 | + $sToRender .= "//-->\n</script>\n\n"; | ||
| 51 | + return $sToRender; | ||
| 46 | } | 52 | } |
| 47 | 53 | ||
| 48 | /** | 54 | /** |
| @@ -176,6 +182,7 @@ function getPage($iFolderID, $iDocumentTypeID, $iDependantDocumentID = null, $sM | @@ -176,6 +182,7 @@ function getPage($iFolderID, $iDocumentTypeID, $iDependantDocumentID = null, $sM | ||
| 176 | if (Permission::userHasFolderWritePermission($iFolderID)) { | 182 | if (Permission::userHasFolderWritePermission($iFolderID)) { |
| 177 | $sToRender .= getDocumentType($iFolderID, $iDocumentTypeID, $iDependantDocumentID); | 183 | $sToRender .= getDocumentType($iFolderID, $iDocumentTypeID, $iDependantDocumentID); |
| 178 | $sActionButtons .= generateControllerLink("browse", "fFolderID=$iFolderID", "<img src=\"$default->graphicsUrl/widgets/cancel.gif\" border=\"0\"/>"); | 184 | $sActionButtons .= generateControllerLink("browse", "fFolderID=$iFolderID", "<img src=\"$default->graphicsUrl/widgets/cancel.gif\" border=\"0\"/>"); |
| 185 | + $sActionButtons .= "<input type=\"image\" src=\"$default->graphicsUrl/widgets/next.gif\" border=\"0\"/>"; | ||
| 179 | 186 | ||
| 180 | $sToRender .= "<table border=\"0\" width=\"100%\" >\n"; | 187 | $sToRender .= "<table border=\"0\" width=\"100%\" >\n"; |
| 181 | $sToRender .= "<tr><td>$sActionButtons</td></tr>"; | 188 | $sToRender .= "<tr><td>$sActionButtons</td></tr>"; |
| @@ -189,7 +196,6 @@ function getPage($iFolderID, $iDocumentTypeID, $iDependantDocumentID = null, $sM | @@ -189,7 +196,6 @@ function getPage($iFolderID, $iDocumentTypeID, $iDependantDocumentID = null, $sM | ||
| 189 | $sToRender .= "<tr>\n"; | 196 | $sToRender .= "<tr>\n"; |
| 190 | $sToRender .= "</tr>"; | 197 | $sToRender .= "</tr>"; |
| 191 | $sToRender .= "</table><br>\n"; | 198 | $sToRender .= "</table><br>\n"; |
| 192 | - | ||
| 193 | } | 199 | } |
| 194 | 200 | ||
| 195 | return $sToRender; | 201 | return $sToRender; |
| @@ -197,7 +203,7 @@ function getPage($iFolderID, $iDocumentTypeID, $iDependantDocumentID = null, $sM | @@ -197,7 +203,7 @@ function getPage($iFolderID, $iDocumentTypeID, $iDependantDocumentID = null, $sM | ||
| 197 | 203 | ||
| 198 | function getStatusPage($iFolderID, $sMessage) { | 204 | function getStatusPage($iFolderID, $sMessage) { |
| 199 | $sToRender .= renderHeading("Add Document"); | 205 | $sToRender .= renderHeading("Add Document"); |
| 200 | - $sToRender .= renderFolderPath($iFolderID, generateControllerUrl("addDocument", "fFolderID=$iFolderID"), true); | 206 | + $sToRender .= renderFolderPath($iFolderID, generateControllerUrl("addDocument", "fFolderID=$iFolderID", false), true); |
| 201 | 207 | ||
| 202 | $sToRender .= "<table border=\"0\" width=\"100%\">\n"; | 208 | $sToRender .= "<table border=\"0\" width=\"100%\">\n"; |
| 203 | $sToRender .= "<tr>\n"; | 209 | $sToRender .= "<tr>\n"; |
presentation/lookAndFeel/knowledgeTree/documentmanagement/escalateDependantDocumentBL.php
0 → 100644
| 1 | +<?php | ||
| 2 | +/** | ||
| 3 | + * $Id$ | ||
| 4 | + * | ||
| 5 | + * Business logic for sending a reminder message to the user that was tasked with | ||
| 6 | + * creating a dependant document. | ||
| 7 | + * | ||
| 8 | + * Copyright (c) 2003 Jam Warehouse http://www.jamwarehouse.com | ||
| 9 | + * | ||
| 10 | + * This program is free software; you can redistribute it and/or modify | ||
| 11 | + * it under the terms of the GNU General Public License as published by | ||
| 12 | + * the Free Software Foundation; either version 2 of the License, or | ||
| 13 | + * (at your option) any later version. | ||
| 14 | + * | ||
| 15 | + * This program is distributed in the hope that it will be useful, | ||
| 16 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| 17 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
| 18 | + * GNU General Public License for more details. | ||
| 19 | + * | ||
| 20 | + * You should have received a copy of the GNU General Public License | ||
| 21 | + * along with this program; if not, write to the Free Software | ||
| 22 | + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | ||
| 23 | + * | ||
| 24 | + * @version $Revision$ | ||
| 25 | + * @author Michael Joseph, Jam Warehouse (Pty) Ltd, South Africa | ||
| 26 | + * @package documentmanagement | ||
| 27 | + */ | ||
| 28 | + | ||
| 29 | +require_once("../../../../config/dmsDefaults.php"); | ||
| 30 | + | ||
| 31 | +if (checkSession()) { | ||
| 32 | + require_once("escalateDependantDocumentUI.inc"); | ||
| 33 | + require_once("$default->fileSystemRoot/lib/visualpatterns/PatternCustom.inc"); | ||
| 34 | + require_once("$default->fileSystemRoot/lib/visualpatterns/PatternListBox.inc"); | ||
| 35 | + require_once("$default->fileSystemRoot/lib/foldermanagement/Folder.inc"); | ||
| 36 | + require_once("$default->fileSystemRoot/lib/documentmanagement/Document.inc"); | ||
| 37 | + require_once("$default->fileSystemRoot/lib/security/Permission.inc"); | ||
| 38 | + require_once("$default->fileSystemRoot/lib/email/Email.inc"); | ||
| 39 | + require_once("$default->fileSystemRoot/lib/documentmanagement/DependantDocumentInstance.inc"); | ||
| 40 | + require_once("$default->fileSystemRoot/presentation/Html.inc"); | ||
| 41 | + require_once("$default->fileSystemRoot/presentation/lookAndFeel/knowledgeTree/foldermanagement/folderUI.inc"); | ||
| 42 | + | ||
| 43 | + $oPatternCustom = & new PatternCustom(); | ||
| 44 | + $sTitle = "Dependant Document Send Escalation Message"; | ||
| 45 | + if ($fInstanceID) { | ||
| 46 | + $oDependantDocument = DependantDocumentInstance::get($fInstanceID); | ||
| 47 | + if ($oDependantDocument) { | ||
| 48 | + if ($fSendMessage) { | ||
| 49 | + $oUser = User::get($oDependantDocument->getUserID()); | ||
| 50 | + if ($oUser) { | ||
| 51 | + if ($oUser->getEmailNotification()) { | ||
| 52 | + $oTemplateDocument = & Document::get($oDependantDocument->getTemplateDocumentID()); | ||
| 53 | + | ||
| 54 | + $sMessage = "<font face=\"arial\" size=\"2\">"; | ||
| 55 | + $oOriginatingUser = User::get($_SESSION["userID"]); | ||
| 56 | + $oParentDocument = Document::get($oDependantDocument->getParentDocumentID()); | ||
| 57 | + $sMessage = $oUser->getName() . ", you have already received a request to create a new document for the document <br>" . $oParentDocument->getDisplayPath() . ".<br>" . | ||
| 58 | + $oOriginatingUser->getName() . " has sent you a reminder message to create and upload this document :<br>"; | ||
| 59 | + if (strlen($fReminderMessage) > 0) { | ||
| 60 | + $sMessage .= "<br>Comments:<br>$fReminderMessage<br><br>"; | ||
| 61 | + } | ||
| 62 | + $sMessage .= generateLink("/control.php","action=dashboard","Log onto KnowledgeTree") . " and select the relevant link under the 'Dependant Documents' heading on your dashboard when you are ready to upload it."; | ||
| 63 | + if ($oTemplateDocument) { | ||
| 64 | + $sMessage .= "The document entitled " . generateLink("/control.php", "action=viewDocument&fDocumentID=" . $oTemplateDocument->getID(), $oTemplateDocument->getName()) . " " . | ||
| 65 | + "can be used as a template"; | ||
| 66 | + } | ||
| 67 | + $sMessage .= "</font>"; | ||
| 68 | + | ||
| 69 | + $oEmail = & new Email(); | ||
| 70 | + if ($oEmail->send($oUser->getEmail(), "Dependant document creation reminder message", $sMessage)) { | ||
| 71 | + //go back to the document page you were viewing | ||
| 72 | + redirect(generateControllerUrl("viewDocument", "fDocumentID=" . $oDependantDocument->getParentDocumentID() . "&fShowSection=linkedDocuments")); | ||
| 73 | + } else { | ||
| 74 | + $default->log->error("escalateDependantDocumentBL.php email sending failed"); | ||
| 75 | + $oPatternCustom->setHtml(statusPage($sTitle, $sHeading, "The escalation message could not be sent due to a system error sending the notification.", "viewDocument", "fDocumentID=" . $oDependantDocument->getParentDocumentID() . "&fShowSection=linkedDocuments")); | ||
| 76 | + } | ||
| 77 | + } else { | ||
| 78 | + $default->log->info("escalateDependantDocumentBL.php user id (" . $oUser->getID() . ") doesn't have email notification on =" . arrayToString($oUser)); | ||
| 79 | + $oPatternCustom->setHtml(statusPage($sTitle, $sHeading, "The escalation message could not be sent because " . $oUser->getName() . " has disabled notification", "viewDocument", "fDocumentID=" . $oDependantDocument->getParentDocumentID() . "&fShowSection=linkedDocuments")); | ||
| 80 | + } | ||
| 81 | + } else { | ||
| 82 | + $default->log->info("escalateDependantDocumentBL.php couldn't instantiate user object for id=$fUserID"); | ||
| 83 | + $oPatternCustom->setHtml(statusPage($sTitle, "", "The dependant document user information could not be found.", "viewDocument", "fDocumentID=" . $oDependantDocument->getParentDocumentID() . "&fShowSection=linkedDocuments")); | ||
| 84 | + } | ||
| 85 | + } else { | ||
| 86 | + // display escalation form | ||
| 87 | + $oPatternCustom->setHtml(getPage($oDependantDocument)); | ||
| 88 | + } | ||
| 89 | + } else { | ||
| 90 | + //dependant document instantiation failed- generic error (statusPage) | ||
| 91 | + $oPatternCustom->setHtml(statusPage($sTitle, "", "The dependant document information could not be found.", "browse")); | ||
| 92 | + } | ||
| 93 | + } else { | ||
| 94 | + // error page, no instance id supplied- generic error | ||
| 95 | + $oPatternCustom->setHtml(statusPage($sTitle, "", "The dependant document information could not be found.", "browse")); | ||
| 96 | + } | ||
| 97 | + require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); | ||
| 98 | + $main->setCentralPayload($oPatternCustom); | ||
| 99 | + $main->setFormAction($_SERVER["PHP_SELF"]); // . "?fDocumentID=$fInstanceID&fForStore=1"); | ||
| 100 | + $main->render(); | ||
| 101 | +} | ||
| 102 | +?> | ||
| 0 | \ No newline at end of file | 103 | \ No newline at end of file |
presentation/lookAndFeel/knowledgeTree/documentmanagement/escalateDependantDocumentUI.inc
0 → 100644
| 1 | +<?php | ||
| 2 | +/** | ||
| 3 | + * $Id$ | ||
| 4 | + * | ||
| 5 | + * UI functions for sending a reminder message to the user that was tasked with | ||
| 6 | + * creating a dependant document. | ||
| 7 | + * | ||
| 8 | + * Copyright (c) 2003 Jam Warehouse http://www.jamwarehouse.com | ||
| 9 | + * | ||
| 10 | + * This program is free software; you can redistribute it and/or modify | ||
| 11 | + * it under the terms of the GNU General Public License as published by | ||
| 12 | + * the Free Software Foundation; either version 2 of the License, or | ||
| 13 | + * (at your option) any later version. | ||
| 14 | + * | ||
| 15 | + * This program is distributed in the hope that it will be useful, | ||
| 16 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| 17 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
| 18 | + * GNU General Public License for more details. | ||
| 19 | + * | ||
| 20 | + * You should have received a copy of the GNU General Public License | ||
| 21 | + * along with this program; if not, write to the Free Software | ||
| 22 | + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | ||
| 23 | + * | ||
| 24 | + * @version $Revision$ | ||
| 25 | + * @author Michael Joseph, Jam Warehouse (Pty) Ltd, South Africa | ||
| 26 | + * @package documentmanagement | ||
| 27 | + */ | ||
| 28 | + | ||
| 29 | +function getPage($oDependantDocument) { | ||
| 30 | + global $default; | ||
| 31 | + $sToRender = renderHeading("Dependant Document Send Escalation Message"); | ||
| 32 | + $oDocument = Document::get($oDependantDocument->getParentDocumentID()); | ||
| 33 | + $iFolderID = $oDocument->getFolderID(); | ||
| 34 | + $sToRender .= renderFolderPath($iFolderID, generateControllerUrl("browse", "fFolderID=$iFolderID"), false); | ||
| 35 | + $sToRender .= "<table border=\"0\" width=\"100%\">\n"; | ||
| 36 | + $sToRender .= "<tr><td colspan=\"2\"><strong>You have requested that the following document be created:</strong></td></tr>"; | ||
| 37 | + $sToRender .= "<tr>\n"; | ||
| 38 | + $sToRender .= "<td>Document title</td><td>" . $oDependantDocument->getDocumentTitle() . "</td>\n"; | ||
| 39 | + $sToRender .= "</tr>\n"; | ||
| 40 | + | ||
| 41 | + $oUser = User::get($oDependantDocument->getUserID()); | ||
| 42 | + $sToRender .= "<tr>\n"; | ||
| 43 | + $sToRender .= "<td>User</td><td>" . ($oUser ? $oUser->getName() : "<font color=\"red\">Error! No user specified</font>") . "</td>\n"; | ||
| 44 | + $sToRender .= "</tr>\n"; | ||
| 45 | + | ||
| 46 | + $oTemplateDocument = Document::get($oDependantDocument->getTemplateDocumentID()); | ||
| 47 | + $sToRender .= "<tr><td>Template document</td><td>" . ($oTemplateDocument ? $oTemplateDocument->getDisplayPath() : "No template document") . "</td></tr>\n"; | ||
| 48 | + $sToRender .= "<tr><td> </td></tr>"; | ||
| 49 | + | ||
| 50 | + $sToRender .= "<tr><td colspan=\"2\">To send the user a reminder message, fill in the text box below and click 'Done'</td></tr>"; | ||
| 51 | + $sToRender .= "<tr><td>Reminder Message</td><td><textarea rows=\"5\" cols=\"30\" name=\"fReminderMessage\"></textarea></td></tr>\n"; | ||
| 52 | + $sToRender .= "<tr>\n"; | ||
| 53 | + $sToRender .= "<td><table><tr><td><input type=\"image\" src=\"$default->graphicsUrl/widgets/done.gif\" onClick='return validateForm(document.MainForm);' border=\"0\"/></td>"; | ||
| 54 | + $sToRender .= "<td>" . generateControllerLink("viewDocument", "fDocumentID=" . $oDocument->getID() . "&fShowSection=linkedDocuments", "<img src=\"$default->graphicsUrl/widgets/cancel.gif\" border=\"0\"/>") . "</td></tr></table>\n"; | ||
| 55 | + $sToRender .= "</tr>\n"; | ||
| 56 | + $sToRender .= "</table>\n"; | ||
| 57 | + $sToRender .= "<input type=\"hidden\" name=\"fSendMessage\" value=\"1\" />\n"; | ||
| 58 | + $sToRender .= "<input type=\"hidden\" name=\"fInstanceID\" value=\"" . $oDependantDocument->getID() . "\" />\n"; | ||
| 59 | + | ||
| 60 | + return $sToRender . "\n\n" . getValidationJavaScript(); | ||
| 61 | +} | ||
| 62 | + | ||
| 63 | +function getValidationJavaScript() { | ||
| 64 | + $sToRender .= "\n\n<script language=\"javascript\">\n<!--\n"; | ||
| 65 | + $sToRender .= "function validateForm(theForm) {\n"; | ||
| 66 | + $sToRender .= "\tif (!(validRequired(theForm.fReminderMessage,'Reminder message'))) {\n"; | ||
| 67 | + $sToRender .= "\t\treturn false;\n\t}\n"; | ||
| 68 | + $sToRender .= "return true;\n}\n"; | ||
| 69 | + $sToRender .= "//-->\n</script>\n\n"; | ||
| 70 | + return $sToRender; | ||
| 71 | +} | ||
| 72 | +?> | ||
| 0 | \ No newline at end of file | 73 | \ No newline at end of file |
presentation/lookAndFeel/knowledgeTree/documentmanagement/viewUI.inc
| @@ -114,8 +114,8 @@ function renderTypeSpecificMetaData($oDocument, $bEditable) { | @@ -114,8 +114,8 @@ function renderTypeSpecificMetaData($oDocument, $bEditable) { | ||
| 114 | global $default; | 114 | global $default; |
| 115 | 115 | ||
| 116 | $sQuery = "SELECT DF.name AS name, DFL.value AS value " . | 116 | $sQuery = "SELECT DF.name AS name, DFL.value AS value " . |
| 117 | - "FROM documents AS D INNER JOIN document_fields_link AS DFL ON D.id = DFL.document_id " . | ||
| 118 | - "INNER JOIN document_fields AS DF ON DF.ID = DFL.document_field_id " . | 117 | + "FROM $default->documents_table AS D INNER JOIN document_fields_link AS DFL ON D.id = DFL.document_id " . |
| 118 | + "INNER JOIN $default->document_fields_table AS DF ON DF.ID = DFL.document_field_id " . | ||
| 119 | "WHERE D.id = " . $oDocument->getID() . " " . | 119 | "WHERE D.id = " . $oDocument->getID() . " " . |
| 120 | "AND DF.name NOT LIKE 'Author' " . | 120 | "AND DF.name NOT LIKE 'Author' " . |
| 121 | "AND DF.name NOT LIKE 'Category' " . | 121 | "AND DF.name NOT LIKE 'Category' " . |
| @@ -200,11 +200,12 @@ function renderDocumentArchiveSettings($oDocument, $bEditable) { | @@ -200,11 +200,12 @@ function renderDocumentArchiveSettings($oDocument, $bEditable) { | ||
| 200 | 200 | ||
| 201 | function renderEditableDocumentRouting($oDocument) { | 201 | function renderEditableDocumentRouting($oDocument) { |
| 202 | global $default; | 202 | global $default; |
| 203 | - $sQuery = "SELECT D.id as document_id, GFAL.id as id, R.name AS role_name, COALESCE(U.Name, 'Not assigned') AS name, GFAL.precedence AS precedence, COALESCE(FURL.active,0) AS active, COALESCE(FURL.done, 0) AS done, 'Edit' as edit " . | ||
| 204 | - "FROM documents AS D INNER JOIN $default->groups_folders_approval_table AS GFAL ON D.folder_id = GFAL.folder_id " . | ||
| 205 | - "INNER JOIN roles AS R ON GFAL.role_id = R.id " . | ||
| 206 | - "LEFT OUTER JOIN folders_users_roles_link AS FURL ON FURL.group_folder_approval_id = GFAL.id AND FURL.document_id = D.id " . | ||
| 207 | - "LEFT OUTER JOIN users AS U ON FURL.user_id = U.id " . | 203 | + $sQuery = "SELECT D.id as document_id, GFAL.id as id, R.name AS role_name, COALESCE(U.name, U2.name) AS name, GFAL.precedence AS precedence, COALESCE(FURL.active,0) AS active, COALESCE(FURL.done, 0) AS done, 'Edit User' as edit " . |
| 204 | + "FROM $default->documents_table AS D INNER JOIN $default->groups_folders_approval_table AS GFAL ON D.folder_id = GFAL.folder_id " . | ||
| 205 | + "INNER JOIN $default->roles_table AS R ON GFAL.role_id = R.id " . | ||
| 206 | + "LEFT OUTER JOIN $default->folders_user_roles_table AS FURL ON FURL.group_folder_approval_id = GFAL.id AND FURL.document_id = D.id " . | ||
| 207 | + "LEFT OUTER JOIN $default->users_table AS U ON FURL.user_id = U.id " . | ||
| 208 | + "LEFT OUTER JOIN $default->users_table AS U2 ON GFAL.user_id = U2.id " . | ||
| 208 | "WHERE D.id = " . $oDocument->getID() . " " . | 209 | "WHERE D.id = " . $oDocument->getID() . " " . |
| 209 | "ORDER BY GFAL.precedence, role_name ASC"; | 210 | "ORDER BY GFAL.precedence, role_name ASC"; |
| 210 | $aColumns = array("role_name", "name", "precedence", "active", "done", "edit"); | 211 | $aColumns = array("role_name", "name", "precedence", "active", "done", "edit"); |
| @@ -258,10 +259,10 @@ function renderEditableDocumentRouting($oDocument) { | @@ -258,10 +259,10 @@ function renderEditableDocumentRouting($oDocument) { | ||
| 258 | function renderNonEditableDocumentRouting($oDocument) { | 259 | function renderNonEditableDocumentRouting($oDocument) { |
| 259 | global $default; | 260 | global $default; |
| 260 | $sQuery = "SELECT D.id as document_id, GFAL.id as id, R.name AS role_name, COALESCE(U.Name, 'Not assigned') AS name, GFAL.precedence AS precedence, COALESCE(FURL.active,0) AS active, COALESCE(FURL.done, 0) AS done " . | 261 | $sQuery = "SELECT D.id as document_id, GFAL.id as id, R.name AS role_name, COALESCE(U.Name, 'Not assigned') AS name, GFAL.precedence AS precedence, COALESCE(FURL.active,0) AS active, COALESCE(FURL.done, 0) AS done " . |
| 261 | - "FROM documents AS D INNER JOIN $default->groups_folders_approval_table AS GFAL ON D.folder_id = GFAL.folder_id " . | ||
| 262 | - "INNER JOIN roles AS R ON GFAL.role_id = R.id " . | ||
| 263 | - "LEFT OUTER JOIN folders_users_roles_link AS FURL ON FURL.group_folder_approval_id = GFAL.id AND FURL.document_id = D.id " . | ||
| 264 | - "LEFT OUTER JOIN users AS U ON FURL.user_id = U.id " . | 262 | + "FROM $default->documents_table AS D INNER JOIN $default->groups_folders_approval_table AS GFAL ON D.folder_id = GFAL.folder_id " . |
| 263 | + "INNER JOIN $default->roles_table AS R ON GFAL.role_id = R.id " . | ||
| 264 | + "LEFT OUTER JOIN $default->folders_user_roles_table AS FURL ON FURL.group_folder_approval_id = GFAL.id AND FURL.document_id = D.id " . | ||
| 265 | + "LEFT OUTER JOIN $default->users_table AS U ON FURL.user_id = U.id " . | ||
| 265 | "WHERE D.id = " . $oDocument->getID() . " " . | 266 | "WHERE D.id = " . $oDocument->getID() . " " . |
| 266 | "ORDER BY GFAL.precedence, role_name ASC"; | 267 | "ORDER BY GFAL.precedence, role_name ASC"; |
| 267 | 268 | ||
| @@ -295,8 +296,8 @@ function renderEditableLinkedDocuments($oDocument) { | @@ -295,8 +296,8 @@ function renderEditableLinkedDocuments($oDocument) { | ||
| 295 | global $default; | 296 | global $default; |
| 296 | 297 | ||
| 297 | $sQuery = "SELECT D.id AS child_document_id, D.name, DL.id as document_link_id, DL.parent_document_id AS parent_document_id, 'Unlink' AS unlink " . | 298 | $sQuery = "SELECT D.id AS child_document_id, D.name, DL.id as document_link_id, DL.parent_document_id AS parent_document_id, 'Unlink' AS unlink " . |
| 298 | - "FROM documents AS D INNER JOIN document_link AS DL ON D.id = DL.child_document_id " . | ||
| 299 | - "WHERE DL.parent_document_id = " . $oDocument->getID(); | 299 | + "FROM $default->documents_table AS D INNER JOIN $default->document_link_table AS DL ON D.id = DL.child_document_id " . |
| 300 | + "WHERE DL.parent_document_id = " . $oDocument->getID(); | ||
| 300 | 301 | ||
| 301 | $aColumns = array("name", "unlink"); | 302 | $aColumns = array("name", "unlink"); |
| 302 | $aColumnHeaders = array("Document"); | 303 | $aColumnHeaders = array("Document"); |
| @@ -324,8 +325,8 @@ function renderNonEditableLinkedDocuments($oDocument) { | @@ -324,8 +325,8 @@ function renderNonEditableLinkedDocuments($oDocument) { | ||
| 324 | global $default; | 325 | global $default; |
| 325 | 326 | ||
| 326 | $sQuery = "SELECT D.id, D.name " . | 327 | $sQuery = "SELECT D.id, D.name " . |
| 327 | - "FROM documents AS D INNER JOIN document_link AS DL ON D.id = DL.child_document_id " . | ||
| 328 | - "WHERE DL.parent_document_id = " . $oDocument->getID(); | 328 | + "FROM $default->documents_table AS D INNER JOIN $default->document_link_table AS DL ON D.id = DL.child_document_id " . |
| 329 | + "WHERE DL.parent_document_id = " . $oDocument->getID(); | ||
| 329 | 330 | ||
| 330 | $aColumns = array("name"); | 331 | $aColumns = array("name"); |
| 331 | $aColumnHeaders = array("Document"); | 332 | $aColumnHeaders = array("Document"); |
| @@ -346,6 +347,37 @@ function renderNonEditableLinkedDocuments($oDocument) { | @@ -346,6 +347,37 @@ function renderNonEditableLinkedDocuments($oDocument) { | ||
| 346 | return $sToRender; | 347 | return $sToRender; |
| 347 | } | 348 | } |
| 348 | 349 | ||
| 350 | +function renderDependantDocuments($oDocument, $bEdit) { | ||
| 351 | + global $default; | ||
| 352 | + // FIXME: only allow escalation if you have write access and are the same user that requested the | ||
| 353 | + // dependant document? | ||
| 354 | + $sQuery = "SELECT DDI.id AS instance_id, DDI.document_title, U.name AS user_name, 'Escalate' AS escalate " . | ||
| 355 | + "FROM $default->dependant_document_instance_table DDI " . | ||
| 356 | + "INNER JOIN $default->users_table AS U ON DDI.user_id = U.id " . | ||
| 357 | + "WHERE DDI.parent_document_id = " . $oDocument->getID(); | ||
| 358 | + | ||
| 359 | + $aColumns = array("document_title", "user_name", "escalate"); | ||
| 360 | + $aColumnHeaders = array("Document Title", "User"); | ||
| 361 | + $aColumnTypes = array(1,1,3); | ||
| 362 | + $aDBColumnArray = array("instance_id"); | ||
| 363 | + $aQueryStringVariableNames = array("fInstanceID"); | ||
| 364 | + $aLinkURLs = array(2=>generateControllerUrl("escalateDependantDocument")); | ||
| 365 | + | ||
| 366 | + $oPatternTableSqlQuery = & new PatternTableSqlQuery($sQuery, $aColumns, $aColumnTypes, $aColumnHeaders, "500", $aLinkURLs, $aDBColumnArray, $aQueryStringVariableNames); | ||
| 367 | + $oPatternTableSqlQuery->setTableHeading("Dependant documents"); | ||
| 368 | + $oPatternTableSqlQuery->setDisplayColumnHeadings(true); | ||
| 369 | + | ||
| 370 | + $sToRender .= "\t<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\" width=\"100%\">\n"; | ||
| 371 | + $sToRender .= "\t<tr>\n"; | ||
| 372 | + $sToRender .= "\t\t<td>" . $oPatternTableSqlQuery->render() . "</td>\n"; | ||
| 373 | + $sToRender .= "\t</tr>"; | ||
| 374 | + $sToRender .= "\t<tr>\n"; | ||
| 375 | + $sToRender .= "<td><a href=\"$default->rootUrl/control.php?action=addDocumentLink&fDocumentID=" . $oDocument->getID() ."\"><img src=\"$default->graphicsUrl/widgets/add.gif\" border=\"0\"/></a></td>\n"; | ||
| 376 | + $sToRender .= "\t</tr>"; | ||
| 377 | + $sToRender .= "\t</table>\n"; | ||
| 378 | + return $sToRender; | ||
| 379 | +} | ||
| 380 | + | ||
| 349 | function displayButton($sAction, $sQueryString, $sImageName, $sDisabledText = "") { | 381 | function displayButton($sAction, $sQueryString, $sImageName, $sDisabledText = "") { |
| 350 | global $default; | 382 | global $default; |
| 351 | // the active is active if there is no disabled text | 383 | // the active is active if there is no disabled text |
| @@ -576,10 +608,10 @@ function getPage($oDocument, $bEdit, $sStatusMessage = "") { | @@ -576,10 +608,10 @@ function getPage($oDocument, $bEdit, $sStatusMessage = "") { | ||
| 576 | $sToRender .= renderSectionDiv("archiveSettings", renderDocumentArchiveSettings($oDocument, $bEdit)); | 608 | $sToRender .= renderSectionDiv("archiveSettings", renderDocumentArchiveSettings($oDocument, $bEdit)); |
| 577 | if ($bEdit) { | 609 | if ($bEdit) { |
| 578 | $sToRender .= renderSectionDiv("documentRouting", renderEditableDocumentRouting($oDocument)); | 610 | $sToRender .= renderSectionDiv("documentRouting", renderEditableDocumentRouting($oDocument)); |
| 579 | - $sToRender .= renderSectionDiv("linkedDocuments", renderEditableLinkedDocuments($oDocument)); | 611 | + $sToRender .= renderSectionDiv("linkedDocuments", renderEditableLinkedDocuments($oDocument) . renderDependantDocuments($oDocument, $bEdit)); |
| 580 | } else { | 612 | } else { |
| 581 | $sToRender .= renderSectionDiv("documentRouting", renderNonEditableDocumentRouting($oDocument)); | 613 | $sToRender .= renderSectionDiv("documentRouting", renderNonEditableDocumentRouting($oDocument)); |
| 582 | - $sToRender .= renderSectionDiv("linkedDocuments", renderNonEditableLinkedDocuments($oDocument, $bEdit)); | 614 | + $sToRender .= renderSectionDiv("linkedDocuments", renderNonEditableLinkedDocuments($oDocument, $bEdit) . renderDependantDocuments($oDocument, $bEdit)); |
| 583 | } | 615 | } |
| 584 | if (!$default->bNN4) { | 616 | if (!$default->bNN4) { |
| 585 | $sToRender .= "</div>"; | 617 | $sToRender .= "</div>"; |
presentation/lookAndFeel/knowledgeTree/foldermanagement/addFolderBL.php
| @@ -67,11 +67,14 @@ if (checkSession()) { | @@ -67,11 +67,14 @@ if (checkSession()) { | ||
| 67 | //have a folder name to store | 67 | //have a folder name to store |
| 68 | if (Permission::userHasFolderWritePermission($fFolderID)) { | 68 | if (Permission::userHasFolderWritePermission($fFolderID)) { |
| 69 | //check for illegal characters in the folder name | 69 | //check for illegal characters in the folder name |
| 70 | - if (strpos($fFolderName, "\\") === false && strpos($fFolderName, ">") === false && | ||
| 71 | - strpos($fFolderName, "<") === false && strpos($fFolderName, ":") === false && | ||
| 72 | - strpos($fFolderName, "*") === false && strpos($fFolderName, "?") === false && | ||
| 73 | - strpos($fFolderName, "|") === false && strpos($fFolderName, "/") === false && | ||
| 74 | - strpos($fFolderName, "\"") === false) { | 70 | + |
| 71 | + // strip slashes from the already EPGCS escaped form input | ||
| 72 | + $sCheckFolderName = stripslashes($fFolderName); | ||
| 73 | + if (strpos($sCheckFolderName, "\\") === false && strpos($sCheckFolderName, ">") === false && | ||
| 74 | + strpos($sCheckFolderName, "<") === false && strpos($sCheckFolderName, ":") === false && | ||
| 75 | + strpos($sCheckFolderName, "*") === false && strpos($sCheckFolderName, "?") === false && | ||
| 76 | + strpos($sCheckFolderName, "|") === false && strpos($sCheckFolderName, "/") === false && | ||
| 77 | + strpos($sCheckFolderName, "\"") === false) { | ||
| 75 | 78 | ||
| 76 | if (Folder::folderExistsName($fFolderName, $fFolderID)) { | 79 | if (Folder::folderExistsName($fFolderName, $fFolderID)) { |
| 77 | require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); | 80 | require_once("$default->fileSystemRoot/presentation/webpageTemplate.inc"); |
presentation/lookAndFeel/knowledgeTree/foldermanagement/addFolderCollaborationUI.inc
| @@ -70,6 +70,7 @@ function getFolderPath($iFolderID) { | @@ -70,6 +70,7 @@ function getFolderPath($iFolderID) { | ||
| 70 | function getGroupDropDown($iGroupID, $iFolderID) { | 70 | function getGroupDropDown($iGroupID, $iFolderID) { |
| 71 | global $default; | 71 | global $default; |
| 72 | $oPatternListBox = & new PatternListBox("$default->groups_table", "name", "id", "fGroupID"); | 72 | $oPatternListBox = & new PatternListBox("$default->groups_table", "name", "id", "fGroupID"); |
| 73 | + $oPatternListBox->setFromClause("INNER JOIN $default->users_groups_table UGL ON UGL.group_id=ST.id"); | ||
| 73 | $oPatternListBox->setPostBackOnChange(true); | 74 | $oPatternListBox->setPostBackOnChange(true); |
| 74 | $oPatternListBox->setOnChangeAction("setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fFolderID=$iFolderID');"); | 75 | $oPatternListBox->setOnChangeAction("setActionAndSubmit('" . $_SERVER["PHP_SELF"] . "?fFolderID=$iFolderID');"); |
| 75 | if (isset($iGroupID)) { | 76 | if (isset($iGroupID)) { |
presentation/lookAndFeel/knowledgeTree/foldermanagement/addFolderDocTypeUI.inc
| @@ -29,12 +29,8 @@ function getPage($iFolderID, $iDocumentTypeID) { | @@ -29,12 +29,8 @@ function getPage($iFolderID, $iDocumentTypeID) { | ||
| 29 | global $default; | 29 | global $default; |
| 30 | $sSectionName = $default->siteMap->getSectionName(substr($_SERVER["PHP_SELF"], strlen($default->rootUrl), strlen($_SERVER["PHP_SELF"]))); | 30 | $sSectionName = $default->siteMap->getSectionName(substr($_SERVER["PHP_SELF"], strlen($default->rootUrl), strlen($_SERVER["PHP_SELF"]))); |
| 31 | $sTDBGColour = $default->siteMap->getSectionColour($sSectionName, "td"); | 31 | $sTDBGColour = $default->siteMap->getSectionColour($sSectionName, "td"); |
| 32 | - $sToRender = renderHeading("Add Folder Document Type"); | ||
| 33 | - $sToRender .= "<table border=\"0\">\n"; | ||
| 34 | - $sToRender .= "<tr>\n"; | ||
| 35 | - $sToRender .= "\t<td width=\"100%\">" . renderFolderPath($iFolderID, "/control.php?action=browse ") . "</td>\n"; | ||
| 36 | - $sToRender .= "</tr>\n"; | ||
| 37 | - $sToRender .= "</table>\n"; | 32 | + $sToRender = renderHeading("Add Folder Document Type"); |
| 33 | + $sToRender .= renderFolderPath($iFolderID, "/control.php?action=browse"); | ||
| 38 | $sToRender .= "<table border=\"0\">\n"; | 34 | $sToRender .= "<table border=\"0\">\n"; |
| 39 | $sToRender .= "<tr>\n"; | 35 | $sToRender .= "<tr>\n"; |
| 40 | $sToRender .= "<td bgcolor=\"$sTDBGColour\">Document type</td>\n"; | 36 | $sToRender .= "<td bgcolor=\"$sTDBGColour\">Document type</td>\n"; |
presentation/lookAndFeel/knowledgeTree/foldermanagement/editUI.inc
| @@ -52,7 +52,7 @@ function getFolderData($iFolderID, $sDivName, $sStatusMessage = "") { | @@ -52,7 +52,7 @@ function getFolderData($iFolderID, $sDivName, $sStatusMessage = "") { | ||
| 52 | $oPatternListFromQuery->setTableWidth("610"); | 52 | $oPatternListFromQuery->setTableWidth("610"); |
| 53 | 53 | ||
| 54 | $sToRender .= "<table>"; | 54 | $sToRender .= "<table>"; |
| 55 | - if ($sStatusMessage) { | 55 | + if (strlen($sStatusMessage) > 0) { |
| 56 | $sToRender .= "<tr><td><font color=\"red\">$sStatusMessage</font></td></tr>"; | 56 | $sToRender .= "<tr><td><font color=\"red\">$sStatusMessage</font></td></tr>"; |
| 57 | } | 57 | } |
| 58 | $sToRender .= "<tr><td>" . $oPatternListFromQuery->render() . "</td></tr>"; | 58 | $sToRender .= "<tr><td>" . $oPatternListFromQuery->render() . "</td></tr>"; |
| @@ -70,12 +70,12 @@ function getFolderRouting($iFolderID, $sDivName, $bCollaboration) { | @@ -70,12 +70,12 @@ function getFolderRouting($iFolderID, $sDivName, $bCollaboration) { | ||
| 70 | global $default; | 70 | global $default; |
| 71 | //had to use coalesce and left outer join for user_id because this column was a new addition | 71 | //had to use coalesce and left outer join for user_id because this column was a new addition |
| 72 | //and the user_ids for existing documents before this change will be null | 72 | //and the user_ids for existing documents before this change will be null |
| 73 | - $sQuery = "SELECT GFAL.id as id, GFAL.folder_id AS folder_id, G.name AS group_name, G.id AS group_id, GFAL.role_id AS role_id, R.name AS role_name, GFAL.precedence AS precedence, COALESCE(U.id, -1) AS user_id, COALESCE(U.name, 'Not Assigned') AS user_name, 'Edit' as edit, 'Delete' as del, 'Dependant docs' as depn " . | ||
| 74 | - "FROM $default->groups_folders_approval_table AS GFAL INNER JOIN roles AS R ON GFAL.role_id = R.id " . | ||
| 75 | - "INNER JOIN $default->groups_table AS G ON G.id = GFAL.group_id " . | ||
| 76 | - "LEFT OUTER JOIN $default->users_table AS U ON U.id = GFAL.user_id " . | ||
| 77 | - "WHERE GFAL.folder_id = $iFolderID " . | ||
| 78 | - "ORDER BY GFAL.precedence, role_name ASC"; | 73 | + $sQuery = "SELECT GFAL.id as id, GFAL.folder_id AS folder_id, COALESCE(G.name, 'Not Assigned') AS group_name, G.id AS group_id, GFAL.role_id AS role_id, R.name AS role_name, GFAL.precedence AS precedence, COALESCE(U.id, -1) AS user_id, COALESCE(U.name, 'Not Assigned') AS user_name, 'Edit' as edit, 'Delete' as del, 'Dependant docs' as depn " . |
| 74 | + "FROM $default->groups_folders_approval_table AS GFAL INNER JOIN roles AS R ON GFAL.role_id = R.id " . | ||
| 75 | + "LEFT OUTER JOIN $default->groups_table AS G ON G.id = GFAL.group_id " . | ||
| 76 | + "LEFT OUTER JOIN $default->users_table AS U ON U.id = GFAL.user_id " . | ||
| 77 | + "WHERE GFAL.folder_id = $iFolderID " . | ||
| 78 | + "ORDER BY GFAL.precedence, role_name ASC"; | ||
| 79 | 79 | ||
| 80 | $aColumns = array("group_name", "role_name", "precedence", "user_name", "edit", "del", "depn"); | 80 | $aColumns = array("group_name", "role_name", "precedence", "user_name", "edit", "del", "depn"); |
| 81 | $aColumnHeaders = array("Group", "Role", "Seq", "User", "", ""); | 81 | $aColumnHeaders = array("Group", "Role", "Seq", "User", "", ""); |
| @@ -89,6 +89,9 @@ function getFolderRouting($iFolderID, $sDivName, $bCollaboration) { | @@ -89,6 +89,9 @@ function getFolderRouting($iFolderID, $sDivName, $bCollaboration) { | ||
| 89 | $oPatternTableSqlQuery->setDisplayColumnHeadings(true); | 89 | $oPatternTableSqlQuery->setDisplayColumnHeadings(true); |
| 90 | 90 | ||
| 91 | $sToRender .= "<table>"; | 91 | $sToRender .= "<table>"; |
| 92 | + if ($bCollaboration) { | ||
| 93 | + $sToRender .= "<tr><td><font color=\"red\">Documents in this folder are currently undergoing this collaboration process, so these steps can't be altered</font></td></tr>"; | ||
| 94 | + } | ||
| 92 | $sToRender .= "<tr><td>" . $oPatternTableSqlQuery->render() . "</td></tr>"; | 95 | $sToRender .= "<tr><td>" . $oPatternTableSqlQuery->render() . "</td></tr>"; |
| 93 | if (!$bCollaboration) { | 96 | if (!$bCollaboration) { |
| 94 | $sToRender .= "<tr>\n"; | 97 | $sToRender .= "<tr>\n"; |
| @@ -227,14 +230,7 @@ function getStatusPage($iFolderID, $sStatusMessage) { | @@ -227,14 +230,7 @@ function getStatusPage($iFolderID, $sStatusMessage) { | ||
| 227 | 230 | ||
| 228 | $sToRender .= "</table>"; | 231 | $sToRender .= "</table>"; |
| 229 | $sToRender .= "</div>"; | 232 | $sToRender .= "</div>"; |
| 230 | - // ugly netscape hacks | ||
| 231 | - if (!$default->bNN4) { | ||
| 232 | - $sToRender .= "<div id=\"contentDiv\" style=\"position:relative;visibility:hidden;top:10px;\">"; | ||
| 233 | - } | ||
| 234 | $sToRender .= getFolderData($iFolderID, "folderData", $sStatusMessage); | 233 | $sToRender .= getFolderData($iFolderID, "folderData", $sStatusMessage); |
| 235 | - if (!$default->bNN4) { | ||
| 236 | - $sToRender .= "</div>"; | ||
| 237 | - } | ||
| 238 | return $sToRender; | 234 | return $sToRender; |
| 239 | } | 235 | } |
| 240 | ?> | 236 | ?> |
| 241 | \ No newline at end of file | 237 | \ No newline at end of file |
presentation/lookAndFeel/knowledgeTree/js/misc.js
| @@ -73,11 +73,10 @@ function isBlank(formField) { | @@ -73,11 +73,10 @@ function isBlank(formField) { | ||
| 73 | function validRequired(formField,fieldLabel) | 73 | function validRequired(formField,fieldLabel) |
| 74 | { | 74 | { |
| 75 | var result = true; | 75 | var result = true; |
| 76 | - | ||
| 77 | if (formField){ | 76 | if (formField){ |
| 78 | switch(formField.type){ | 77 | switch(formField.type){ |
| 79 | case "select-one": | 78 | case "select-one": |
| 80 | - if (formField.selectedIndex == 0 || formField.options[formField.selectedIndex].text == "" || formField.options[formField.selectedIndex].text == "None"){ | 79 | + if (formField.options[formField.selectedIndex].text == "" || formField.options[formField.selectedIndex].text == "None"){ |
| 81 | result = false; | 80 | result = false; |
| 82 | } | 81 | } |
| 83 | break; | 82 | break; |
presentation/lookAndFeel/knowledgeTree/search/advancedSearchBL.php
| @@ -52,9 +52,9 @@ if (checkSession()) { | @@ -52,9 +52,9 @@ if (checkSession()) { | ||
| 52 | $sSQLSearchString = getSQLSearchString($fSearchString); | 52 | $sSQLSearchString = getSQLSearchString($fSearchString); |
| 53 | 53 | ||
| 54 | if (!isset($fStartIndex)) { | 54 | if (!isset($fStartIndex)) { |
| 55 | - $fStartIndex = 0; | 55 | + $fStartIndex = 1; |
| 56 | } | 56 | } |
| 57 | - $oPatternCustom->setHtml(getSearchResults($sMetaTagIDs,$sSQLSearchString, $fStartIndex, $fToSearch)); | 57 | + $oPatternCustom->setHtml(getSearchResults($sMetaTagIDs, $sSQLSearchString, $fStartIndex, $fSearchString, $fToSearch)); |
| 58 | $main->setCentralPayload($oPatternCustom); | 58 | $main->setCentralPayload($oPatternCustom); |
| 59 | $main->render(); | 59 | $main->render(); |
| 60 | } else { | 60 | } else { |
presentation/lookAndFeel/knowledgeTree/search/advancedSearchUI.inc
| @@ -39,7 +39,7 @@ function getMetaData($aMetaTagIDs) { | @@ -39,7 +39,7 @@ function getMetaData($aMetaTagIDs) { | ||
| 39 | $sCheckAllJavascript = ""; | 39 | $sCheckAllJavascript = ""; |
| 40 | while ($sql->next_record()) { | 40 | while ($sql->next_record()) { |
| 41 | $sCheckAllJavascript .= "document.MainForm.f_adv_$iRecordCount.checked=value;\n"; | 41 | $sCheckAllJavascript .= "document.MainForm.f_adv_$iRecordCount.checked=value;\n"; |
| 42 | - $sMetaDataCheckBox = "<input type=\"checkbox\" " . wasSelected($sql->f("id"), $aMetaTagIDs) . " name=\"f_adv_$iRecordCount\" value=\"" . $sql->f("id") . "\"></td><td>" . stripslashes($sql->f("name")); | 42 | + $sMetaDataCheckBox = "<input type=\"checkbox\" " . wasSelected($sql->f("id"), $aMetaTagIDs) . " name=\"f_adv_$iRecordCount\" value=\"" . $sql->f("id") . "\"></td><td>" . $sql->f("name"); |
| 43 | $iRecordCount++; | 43 | $iRecordCount++; |
| 44 | if (($iRecordCount % 3) == 1) { | 44 | if (($iRecordCount % 3) == 1) { |
| 45 | $sToRender .= "<tr><td>$sMetaDataCheckBox</td>\n"; | 45 | $sToRender .= "<tr><td>$sMetaDataCheckBox</td>\n"; |
| @@ -95,7 +95,7 @@ function getSearchPage($sSearchString = "", $aMetaTagIDs = array(), $sHeading = | @@ -95,7 +95,7 @@ function getSearchPage($sSearchString = "", $aMetaTagIDs = array(), $sHeading = | ||
| 95 | return $sToRender . getSearchValidationJavaScript(); | 95 | return $sToRender . getSearchValidationJavaScript(); |
| 96 | } | 96 | } |
| 97 | 97 | ||
| 98 | -function getSearchResults($sMetaTagIDs, $sSQLSearchString, $iStartIndex, $sStatus = "Live") { | 98 | +function getSearchResults($sMetaTagIDs, $sSQLSearchString, $iStartIndex, $sSearchString, $sStatus = "Live") { |
| 99 | global $default; | 99 | global $default; |
| 100 | 100 | ||
| 101 | $sQuery = "SELECT '" . "$default->graphicsUrl/widgets/dfolder.gif" . "' AS folder_image_url, F.id folder_id, D.id document_id, D.name AS document_name, COUNT(D.id) AS doc_count " . | 101 | $sQuery = "SELECT '" . "$default->graphicsUrl/widgets/dfolder.gif" . "' AS folder_image_url, F.id folder_id, D.id document_id, D.name AS document_name, COUNT(D.id) AS doc_count " . |
| @@ -108,7 +108,7 @@ function getSearchResults($sMetaTagIDs, $sSQLSearchString, $iStartIndex, $sStatu | @@ -108,7 +108,7 @@ function getSearchResults($sMetaTagIDs, $sSQLSearchString, $iStartIndex, $sStatu | ||
| 108 | "AND (" . $sSQLSearchString . ") " . | 108 | "AND (" . $sSQLSearchString . ") " . |
| 109 | "AND SDUL.user_id = " . $_SESSION["userID"] . " " . | 109 | "AND SDUL.user_id = " . $_SESSION["userID"] . " " . |
| 110 | "AND SL.name='$sStatus' " . | 110 | "AND SL.name='$sStatus' " . |
| 111 | - "GROUP BY D.id "; | 111 | + "GROUP BY D.id " . |
| 112 | "ORDER BY doc_count DESC "; | 112 | "ORDER BY doc_count DESC "; |
| 113 | $default->log->info("getSearchResults $sQuery"); | 113 | $default->log->info("getSearchResults $sQuery"); |
| 114 | $aColumns = array("folder_image_url", "document_name", "doc_count"); | 114 | $aColumns = array("folder_image_url", "document_name", "doc_count"); |
| @@ -120,9 +120,10 @@ function getSearchResults($sMetaTagIDs, $sSQLSearchString, $iStartIndex, $sStatu | @@ -120,9 +120,10 @@ function getSearchResults($sMetaTagIDs, $sSQLSearchString, $iStartIndex, $sStatu | ||
| 120 | 120 | ||
| 121 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); | 121 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); |
| 122 | $oPatternBrowse->setStartIndex($iStartIndex); | 122 | $oPatternBrowse->setStartIndex($iStartIndex); |
| 123 | + $oPatternBrowse->setSearchText($sSearchString); | ||
| 123 | 124 | ||
| 124 | $sRefreshMessage = "<table><tr><td align=\"center\">If your browser displays a 'Warning: Page has Expired' message when you attempt to return to these search results, please click your browser's 'Refresh' button</td></tr></table>"; | 125 | $sRefreshMessage = "<table><tr><td align=\"center\">If your browser displays a 'Warning: Page has Expired' message when you attempt to return to these search results, please click your browser's 'Refresh' button</td></tr></table>"; |
| 125 | - return renderHeading("Advanced Search") . $oPatternBrowse->render() . $sRefreshMessage . getSearchVariablesHtml($sSearchText, $sMetaTagIDs); | 126 | + return renderHeading("Advanced Search") . $oPatternBrowse->render() . $sRefreshMessage . getSearchVariablesHtml($sSearchString, $sStatus, $sMetaTagIDs); |
| 126 | } | 127 | } |
| 127 | 128 | ||
| 128 | function getSearchValidationJavaScript() { | 129 | function getSearchValidationJavaScript() { |
| @@ -145,9 +146,11 @@ function wasSelected($iID, $aMetaTagIDs) { | @@ -145,9 +146,11 @@ function wasSelected($iID, $aMetaTagIDs) { | ||
| 145 | return ""; | 146 | return ""; |
| 146 | } | 147 | } |
| 147 | 148 | ||
| 148 | -function getSearchVariablesHtml($sSearchText, $sMetaTagIDs) { | 149 | +function getSearchVariablesHtml($sSearchText, $sStatus, $sMetaTagIDs) { |
| 149 | $aMetaTagIDs = explode(",", $sMetaTagIDs); | 150 | $aMetaTagIDs = explode(",", $sMetaTagIDs); |
| 150 | - $sToRender = "\n\n<input type=\"hidden\" name=\"fSearchString\" value=\"$sSearchText\" />\n"; | 151 | + $sToRender = "\n\n<input type=\"hidden\" name=\"fForSearch\" value=\"1\" />\n"; |
| 152 | + $sToRender .= "\n\n<input type=\"hidden\" name=\"fSearchString\" value=\"$sSearchText\" />\n"; | ||
| 153 | + $sToRender .= "\n\n<input type=\"hidden\" name=\"fToSearch\" value=\"$sStatus\" />\n"; | ||
| 151 | $sToRender .= "<input type=\"hidden\" name=\"adv_search_start\" value=\"\" />\n"; | 154 | $sToRender .= "<input type=\"hidden\" name=\"adv_search_start\" value=\"\" />\n"; |
| 152 | for ($i = 0; $i < count($aMetaTagIDs); $i++) { | 155 | for ($i = 0; $i < count($aMetaTagIDs); $i++) { |
| 153 | $sToRender .= "<input type=\"hidden\" name=\"fMetaTag_$i\" value=\"" . $aMetaTagIDs[$i] . "\" />\n"; | 156 | $sToRender .= "<input type=\"hidden\" name=\"fMetaTag_$i\" value=\"" . $aMetaTagIDs[$i] . "\" />\n"; |
presentation/lookAndFeel/knowledgeTree/search/standardSearchBL.php
| @@ -41,12 +41,12 @@ if (checkSession()) { | @@ -41,12 +41,12 @@ if (checkSession()) { | ||
| 41 | require_once("$default->fileSystemRoot/lib/documentmanagement/Document.inc"); | 41 | require_once("$default->fileSystemRoot/lib/documentmanagement/Document.inc"); |
| 42 | require_once("$default->fileSystemRoot/presentation/Html.inc"); | 42 | require_once("$default->fileSystemRoot/presentation/Html.inc"); |
| 43 | require_once("standardSearchUI.inc"); | 43 | require_once("standardSearchUI.inc"); |
| 44 | - | 44 | + |
| 45 | if (!isset($fStartIndex)) { | 45 | if (!isset($fStartIndex)) { |
| 46 | - $fStartIndex = 0; | 46 | + $fStartIndex = 1; |
| 47 | } | 47 | } |
| 48 | 48 | ||
| 49 | - if (strlen($fBrowseType) > 0) { | 49 | + if (strlen($fBrowseType) > 0) { |
| 50 | //the user was browsing by a specific type | 50 | //the user was browsing by a specific type |
| 51 | switch ($fBrowseType) { | 51 | switch ($fBrowseType) { |
| 52 | case "folder" : | 52 | case "folder" : |
presentation/lookAndFeel/knowledgeTree/search/standardSearchUI.inc
| @@ -65,7 +65,8 @@ function getSearchResultsByCategory($iFolderID, $sKeywords, $iStartIndex, $sCate | @@ -65,7 +65,8 @@ function getSearchResultsByCategory($iFolderID, $sKeywords, $iStartIndex, $sCate | ||
| 65 | $aQueryStringVariableNames = array("fDocumentID", "fFolderID"); | 65 | $aQueryStringVariableNames = array("fDocumentID", "fFolderID"); |
| 66 | 66 | ||
| 67 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); | 67 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); |
| 68 | - $oPatternBrowse->setStartIndex($iStartIndex); | 68 | + $oPatternBrowse->setStartIndex($iStartIndex); |
| 69 | + $oPatternBrowse->setSearchText($sKeywords); | ||
| 69 | return getHeading() . $oPatternBrowse->render() . getSearchVariablesHtml($sKeywords, "category", $iFolderID, "", $sCategory, "") . getMessage(); | 70 | return getHeading() . $oPatternBrowse->render() . getSearchVariablesHtml($sKeywords, "category", $iFolderID, "", $sCategory, "") . getMessage(); |
| 70 | } | 71 | } |
| 71 | 72 | ||
| @@ -98,6 +99,7 @@ function getSearchResultsByDocumentType($iFolderID, $sKeywords, $iStartIndex, $i | @@ -98,6 +99,7 @@ function getSearchResultsByDocumentType($iFolderID, $sKeywords, $iStartIndex, $i | ||
| 98 | 99 | ||
| 99 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); | 100 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); |
| 100 | $oPatternBrowse->setStartIndex($iStartIndex); | 101 | $oPatternBrowse->setStartIndex($iStartIndex); |
| 102 | + $oPatternBrowse->setSearchText($sKeywords); | ||
| 101 | return getHeading() . $oPatternBrowse->render() . getSearchVariablesHtml($sKeywords, "documentType", $iFolderID, "", "", $iDocTypeID) . getMessage(); | 103 | return getHeading() . $oPatternBrowse->render() . getSearchVariablesHtml($sKeywords, "documentType", $iFolderID, "", "", $iDocTypeID) . getMessage(); |
| 102 | 104 | ||
| 103 | } | 105 | } |
| @@ -128,6 +130,7 @@ function getSeachResultsByFolder($iFolderID, $iStartIndex, $sKeywords) { | @@ -128,6 +130,7 @@ function getSeachResultsByFolder($iFolderID, $iStartIndex, $sKeywords) { | ||
| 128 | 130 | ||
| 129 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); | 131 | $oPatternBrowse = & new PatternBrowseableSearchResults($sQuery, 10, $aColumns, $aColumnTypes, $aColumnHeaders, $aLinkURLs, $aDBQueryStringColumns, $aQueryStringVariableNames); |
| 130 | $oPatternBrowse->setStartIndex($iStartIndex); | 132 | $oPatternBrowse->setStartIndex($iStartIndex); |
| 133 | + $oPatternBrowse->setSearchText($sKeywords); | ||
| 131 | return getHeading() . $oPatternBrowse->render() . getSearchVariablesHtml($sKeywords, "", $iFolderID, "", "", "") . getMessage(); | 134 | return getHeading() . $oPatternBrowse->render() . getSearchVariablesHtml($sKeywords, "", $iFolderID, "", "", "") . getMessage(); |
| 132 | } | 135 | } |
| 133 | 136 |
presentation/lookAndFeel/knowledgeTree/store.inc
| @@ -96,7 +96,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | @@ -96,7 +96,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | ||
| 96 | break; | 96 | break; |
| 97 | case 1: | 97 | case 1: |
| 98 | //text | 98 | //text |
| 99 | - $sQuery .= "'" . addslashes($aValues[$j]) . "', "; | 99 | + $sQuery .= "'" . $aValues[$j] . "', "; |
| 100 | break; | 100 | break; |
| 101 | case 2: | 101 | case 2: |
| 102 | //boolean | 102 | //boolean |
| @@ -121,7 +121,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | @@ -121,7 +121,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | ||
| 121 | break; | 121 | break; |
| 122 | case 1: | 122 | case 1: |
| 123 | //text | 123 | //text |
| 124 | - $sQuery .= "'" . addslashes($aValues[count($aColumns) - 1]) . "') "; | 124 | + $sQuery .= "'" . $aValues[count($aColumns) - 1] . "') "; |
| 125 | break; | 125 | break; |
| 126 | case 2: | 126 | case 2: |
| 127 | //boolean | 127 | //boolean |
| @@ -151,7 +151,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | @@ -151,7 +151,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | ||
| 151 | $sQuery .= $aValues[$j] . ", "; | 151 | $sQuery .= $aValues[$j] . ", "; |
| 152 | break; | 152 | break; |
| 153 | case 1: | 153 | case 1: |
| 154 | - $sQuery .= "'" . addslashes($aValues[$j]) . "', "; | 154 | + $sQuery .= "'" . $aValues[$j] . "', "; |
| 155 | break; | 155 | break; |
| 156 | case 2: | 156 | case 2: |
| 157 | $sQuery .= ($aValues[$j] ? 1 : 0) . ", "; | 157 | $sQuery .= ($aValues[$j] ? 1 : 0) . ", "; |
| @@ -171,7 +171,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | @@ -171,7 +171,7 @@ function constructQuery($aKeys, $aSuppliedValues = null) { | ||
| 171 | $sQuery .= $aValues[count($aTypes) -1] . " "; | 171 | $sQuery .= $aValues[count($aTypes) -1] . " "; |
| 172 | break; | 172 | break; |
| 173 | case 1: | 173 | case 1: |
| 174 | - $sQuery .= "'" . addslashes($aValues[count($aTypes) -1]) . "' "; | 174 | + $sQuery .= "'" . $aValues[count($aTypes) -1] . "' "; |
| 175 | break; | 175 | break; |
| 176 | case 2: | 176 | case 2: |
| 177 | $sQuery .= ($aValues[count($aTypes) -1] ? 1 : 0) . " "; | 177 | $sQuery .= ($aValues[count($aTypes) -1] ? 1 : 0) . " "; |
sync/sanitiseEscapedData.php
0 → 100644
| 1 | +<?php | ||
| 2 | +/** | ||
| 3 | + * Script to remove escape character from text fields | ||
| 4 | + */ | ||
| 5 | +require_once("../config/dmsDefaults.php"); | ||
| 6 | +$aFields = array( "news" => "synopsis,body", | ||
| 7 | + "dependant_document_instance" => "document_title", | ||
| 8 | + "dependant_document_template" => "document_title", | ||
| 9 | + "documents" => "name,filename,description,full_path", | ||
| 10 | + "discussion_comments" => "subject,body", | ||
| 11 | + "document_fields" => "name", | ||
| 12 | + "document_fields_link" => "value", | ||
| 13 | + "document_transactions" => "comment", | ||
| 14 | + "document_types_lookup" => "name", | ||
| 15 | + "metadata_lookup" => "name", | ||
| 16 | + "folders" => "name,description,full_path", | ||
| 17 | + "groups_lookup" => "name", | ||
| 18 | + "organisations_lookup" => "name", | ||
| 19 | + "roles" => "name", | ||
| 20 | + "units_lookup" => "name", | ||
| 21 | + "users" => "name", | ||
| 22 | + "web_sites" => "web_site_name"); | ||
| 23 | +echo "<pre>"; | ||
| 24 | +foreach ($aFields as $table => $fields) { | ||
| 25 | + $sql = $default->db; | ||
| 26 | + $aFields = explode(",", $fields); | ||
| 27 | + foreach ($aFields as $field) { | ||
| 28 | + // select all escaped fields and ids | ||
| 29 | + $query = "select id, $field from $table where $field like '%\\\\\\%'"; | ||
| 30 | + echo $query . "<br>"; | ||
| 31 | + $sql->query($query); | ||
| 32 | + while ($sql->next_record()) { | ||
| 33 | + // strip field | ||
| 34 | + //$cleanField = stripslashes($sql->f($field)); | ||
| 35 | + echo "found offending field=" . $sql->f($field). "<br>"; | ||
| 36 | + // update it | ||
| 37 | + updateField($table, $sql->f("id"), $field, $sql->f($field)); | ||
| 38 | + } | ||
| 39 | + } | ||
| 40 | +} | ||
| 41 | +echo "</pre>"; | ||
| 42 | + | ||
| 43 | +function updateField($table, $id, $fieldName, $value) { | ||
| 44 | + global $default; | ||
| 45 | + $sql = $default->db; | ||
| 46 | + $query = "update $table set $fieldName='$value' where id=$id"; | ||
| 47 | + if ($sql->query($query)) { | ||
| 48 | + echo "successful "; | ||
| 49 | + } else { | ||
| 50 | + echo "unsuccessful "; | ||
| 51 | + } | ||
| 52 | + echo "update query=$query<br>"; | ||
| 53 | +} | ||
| 54 | +?> | ||
| 0 | \ No newline at end of file | 55 | \ No newline at end of file |