[3526] | 1 | <?php |
---|
| 2 | include("../inc/inc.Settings.php"); |
---|
| 3 | include("../inc/inc.Utils.php"); |
---|
| 4 | include("../inc/inc.AccessUtils.php"); |
---|
| 5 | include("../inc/inc.ClassAccess.php"); |
---|
| 6 | include("../inc/inc.ClassDocument.php"); |
---|
| 7 | include("../inc/inc.ClassFolder.php"); |
---|
| 8 | include("../inc/inc.ClassGroup.php"); |
---|
| 9 | include("../inc/inc.ClassUser.php"); |
---|
| 10 | include("../inc/inc.DBAccess.php"); |
---|
| 11 | include("../inc/inc.FileUtils.php"); |
---|
| 12 | include("../inc/inc.Language.php"); |
---|
| 13 | include("../inc/inc.OutUtils.php"); |
---|
| 14 | include("../inc/inc.Authentication.php"); |
---|
| 15 | |
---|
| 16 | $folderid = (isset($_POST['folderid'])) ? (int) $_POST['folderid'] : NULL; |
---|
| 17 | |
---|
| 18 | $folder = getFolder($folderid); |
---|
| 19 | |
---|
| 20 | // form data |
---|
| 21 | $userfile = $_FILES['userfile']['tmp_name']; |
---|
| 22 | $fname = (!empty($_POST['fname']) ? $_POST['fname'] : $_FILES['userfile']['name']); |
---|
| 23 | $comment = $_POST['comment']; |
---|
| 24 | $keywords = $_POST['keywords']; |
---|
| 25 | $expires = $_POST['expires']; |
---|
| 26 | $expday = $_POST['expday']; |
---|
| 27 | $expmonth = $_POST['expmonth']; |
---|
| 28 | $expyear = $_POST['expyear']; |
---|
| 29 | $sequence = $_POST['sequence']; |
---|
| 30 | |
---|
| 31 | printHTMLHead( getMLText("folder_title", array("foldername" => $folder->getName()) ) ); |
---|
| 32 | printTitleBar($folder); |
---|
| 33 | printCenterStart(); |
---|
| 34 | |
---|
| 35 | printStartBox(getMLText("add_document")); |
---|
| 36 | |
---|
| 37 | print "<div class=\"standardText\">"; |
---|
| 38 | |
---|
| 39 | |
---|
| 40 | if ($folder->getAccessMode($user) < M_READWRITE) |
---|
| 41 | { |
---|
| 42 | printMLText("operation_not_allowed"); |
---|
| 43 | printGoBack(); |
---|
| 44 | } |
---|
| 45 | else |
---|
| 46 | { |
---|
| 47 | if (!isset($userfile) || ($userfile == "none") || ($userfile == "")) |
---|
| 48 | { |
---|
| 49 | printMLText("uploading_failed"); |
---|
| 50 | printGoBack(); |
---|
| 51 | } |
---|
| 52 | else |
---|
| 53 | { |
---|
| 54 | printMLText("adding_document", array("documentname" => $fname, "foldername" => $folder->getName())); |
---|
| 55 | |
---|
| 56 | $fname = sanitizeString($fname); |
---|
| 57 | $comment = sanitizeString($comment); |
---|
| 58 | $keywords = sanitizeString($keywords); |
---|
| 59 | $userfile_type = sanitizeString($_FILES['userfile']['type']); |
---|
| 60 | $userfile_name = sanitizeString($_FILES['userfile']['name']); |
---|
| 61 | |
---|
| 62 | if (!is_numeric($sequence)) |
---|
| 63 | die ("invalid sequence value"); |
---|
| 64 | |
---|
| 65 | $lastDotIndex = strrpos(basename($userfile_name), "."); |
---|
| 66 | if (is_bool($lastDotIndex) && !$lastDotIndex) |
---|
| 67 | $fileType = "."; |
---|
| 68 | else |
---|
| 69 | $fileType = substr($userfile_name, $lastDotIndex); |
---|
| 70 | |
---|
| 71 | $expires = ($expires == "true") ? mktime(0,0,0, $expmonth, $expday, $expyear) : false; |
---|
| 72 | |
---|
| 73 | $newDocument = $folder->addDocument($fname, $comment, $expires, $user, $keywords, $userfile, basename($userfile_name), $fileType, $userfile_type, $sequence); |
---|
| 74 | |
---|
| 75 | if (is_bool($newDocument) && !$newDocument) |
---|
| 76 | { |
---|
| 77 | printMLText("error_occured"); |
---|
| 78 | printGoBack(); |
---|
| 79 | } |
---|
| 80 | else |
---|
| 81 | { |
---|
| 82 | printMLText("op_finished"); |
---|
| 83 | printGoto(array(array($folder->getName(), "../out/out.ViewFolder.php?folderid=".$folder->getID()), |
---|
| 84 | array($newDocument->getName(), "../out/out.ViewDocument.php?documentid=".$newDocument->getID()))); |
---|
| 85 | } |
---|
| 86 | } |
---|
| 87 | } |
---|
| 88 | |
---|
| 89 | |
---|
| 90 | |
---|
| 91 | print "</div>"; |
---|
| 92 | printEndBox(); |
---|
| 93 | printCenterEnd(); |
---|
| 94 | printHTMLFoot(); |
---|
| 95 | ?> |
---|