3 * FusionForge Documentation Manager
5 * Copyright 2000, Quentin Cregan/Sourceforge
6 * Copyright 2002-2003, Tim Perdue/GForge, LLC
7 * Copyright 2010-2011, Franck Villaume - Capgemini
8 * Copyright 2011, Roland Mas
9 * Copyright (C) 2011 Alain Peyrat - Alcatel-Lucent
10 * Copyright 2012, Thorsten Glaser - tarent solutions GmbH
11 * Copyright 2012,2014-2015, Franck Villaume - TrivialDev
12 * http://fusionforge.org
14 * This file is part of FusionForge. FusionForge is free software;
15 * you can redistribute it and/or modify it under the terms of the
16 * GNU General Public License as published by the Free Software
17 * Foundation; either version 2 of the Licence, or (at your option)
20 * FusionForge is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
25 * You should have received a copy of the GNU General Public License along
26 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
27 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
30 /* please do not add require here : use www/docman/index.php to add require */
31 /* global variables used */
32 global $g; // Group object
33 global $group_id; // id of group
35 global $childgroup_id; // id of child group if any
40 $doc_group = getIntFromRequest('doc_group');
41 $title = trim(getStringFromRequest('title'));
42 $description = getStringFromRequest('description');
43 $vcomment = getStringFromRequest('vcomment');
44 $file_url = getStringFromRequest('file_url');
45 $uploaded_data = getUploadedFile('uploaded_data');
46 $manual_path = getStringFromRequest('manual_path');
47 $type = getStringFromRequest('type');
48 $name = getStringFromRequest('name');
49 $stateid = getIntFromRequest('stateid');
55 $baseurl = DOCMAN_BASEURL.$group_id;
56 $redirecturl = $baseurl.'&dirid='.$doc_group;
58 // plugin projects-hierarchy handler
60 $redirecturl .= '&childgroup_id='.$childgroup_id;
61 $g = group_get_object($childgroup_id);
64 if (!forge_check_perm('docman', $g->getID(), 'submit')) {
65 $warning_msg = _('Document Manager Action Denied.');
66 session_redirect($redirecturl);
70 //cannot add a doc unless an appropriate group is provided
71 $error_msg = _('No valid folder was selected.');
72 session_redirect($baseurl);
75 if (!$title || !$description || (!$uploaded_data && !$file_url && !$manual_path && (!$editor && !$name))) {
76 $missing_params = array();
78 $missing_params[] = 'title';
81 $missing_params[] = 'description';
83 exit_missing_param($_SERVER['HTTP_REFERER'], $missing_params, 'docman');
86 $d = new Document($g);
88 if (!$d || !is_object($d)) {
89 $error_msg = _('Error getting blank document.');
90 session_redirect($baseurl);
91 } elseif ($d->isError()) {
92 $error_msg = $d->getErrorMessage();
93 session_redirect($baseurl);
98 $filecontent = getStringFromRequest('details');
99 $uploaded_data_name = $name;
100 $sanitizer = new TextSanitizer();
101 $filecontent = $sanitizer->SanitizeHtml($filecontent);
102 if (strlen($filecontent) < 1) {
103 $error_msg = _('Error getting blank document.');
104 session_redirect($baseurl);
106 $data = tempnam("/tmp", "docman");
107 $fh = fopen($data, 'w');
108 fwrite($fh, $filecontent);
110 $uploaded_data_type = 'text/html';
115 $uploaded_data_name = $file_url;
116 $uploaded_data_type = 'URL';
119 case 'httpupload' : {
120 if (!is_uploaded_file($uploaded_data['tmp_name'])) {
121 $error_msg = _('Invalid file name.');
122 session_redirect($baseurl);
125 if (function_exists('finfo_open')) {
126 $finfo = finfo_open(FILEINFO_MIME_TYPE);
127 $uploaded_data_type = finfo_file($finfo, $uploaded_data['tmp_name']);
128 if( $uploaded_data_type === 'application/msword') {
129 $ext = pathinfo($uploaded_data['name'], PATHINFO_EXTENSION);
130 if ( $ext === 'ppt' ) {
131 $uploaded_data_type = 'application/vnd.ms-powerpoint';
132 } elseif ( $ext === 'xls' ) {
133 $uploaded_data_type = 'application/vnd.ms-excel';
137 $uploaded_data_type = $uploaded_data['type'];
139 if ($uploaded_data_type == 'application/octet-stream' && $uploaded_data_type != $uploaded_data['type']) {
140 $uploaded_data_type = $uploaded_data['type'];
142 $data = $uploaded_data['tmp_name'];
144 $uploaded_data_name = $uploaded_data['name'];
147 case 'manualupload' : {
148 if (!forge_get_config('use_manual_uploads')) {
149 $error_msg = _('Manual uploads disabled.');
150 session_redirect($baseurl);
153 $incoming = forge_get_config('groupdir_prefix').'/'.$g->getUnixName().'/incoming';
154 $filename = $incoming.'/'.$manual_path;
156 if (!util_is_valid_filename($manual_path) || !is_file($filename)) {
157 $error_msg = _('Invalid file name.');
158 session_redirect($baseurl);
161 if (function_exists('finfo_open')) {
162 $finfo = finfo_open(FILEINFO_MIME_TYPE);
163 $uploaded_data_type = finfo_file($finfo, $filename);
165 $uploaded_data_type = 'application/binary';
169 $uploaded_data_name = $manual_path;
173 $error_msg = _('Unknown type submission.');
174 session_redirect($baseurl);
178 if (!$d->create($uploaded_data_name, $uploaded_data_type, $data, $doc_group, $title, $description, $stateid, $vcomment)) {
179 $error_msg = $d->getErrorMessage();
180 if (forge_check_perm('docman', $group_id, 'approve')) {
181 session_redirect($redirecturl);
183 session_redirect($baseurl);
186 if ($type == 'editor') {
187 //release the cookie for the document contents (should expire at the end of the session anyway)
188 setcookie("gforgecurrentdocdata", "", time() - 3600);
190 if (forge_check_perm('docman', $group_id, 'approve')) {
191 $feedback = sprintf(_('Document %s submitted successfully.'), $d->getFileName());
192 session_redirect($redirecturl);
194 $feedback = sprintf(_('Document %s has been successfully uploaded and is waiting to be approved.'), $d->getFileName());
195 session_redirect($baseurl);