3 * FusionForge Documentation Manager
5 * Copyright 2000, Quentin Cregan/Sourceforge
6 * Copyright 2002-2003, Tim Perdue/GForge, LLC
7 * Copyright 2010-2011, Franck Villaume - Capgemini
8 * Copyright 2012, Franck Villaume - TrivialDev
9 * http://fusionforge.org
11 * This file is part of FusionForge. FusionForge is free software;
12 * you can redistribute it and/or modify it under the terms of the
13 * GNU General Public License as published by the Free Software
14 * Foundation; either version 2 of the Licence, or (at your option)
17 * FusionForge is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License along
23 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
24 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27 /* please do not add require here : use www/docman/index.php to add require */
28 /* global variables used */
29 global $g; //group object
30 global $dirid; //id of doc_group
31 global $group_id; // id of group
33 $urlparam = '/docman/?group_id='.$group_id;
34 if (isset($childgroup_id) && $childgroup_id) {
35 $g = group_get_object($childgroup_id);
36 $urlparam .= '&childgroup_id='.$childgroup_id;
39 $doc_group = getIntFromRequest('doc_group');
40 $fromview = getStringFromRequest('fromview');
43 case 'listrashfile': {
44 $urlparam .= '&view='.$fromview;
48 $urlparam .= '&view=listfile&dirid='.$doc_group;
53 if (!forge_check_perm('docman', $g->getID(), 'approve')) {
54 $return_msg = _('Document Manager Action Denied.');
55 session_redirect($urlparam.'&warning_msg='.urlencode($return_msg));
58 $docid = getIntFromRequest('docid');
59 $title = getStringFromRequest('title');
60 $description = getStringFromRequest('description');
61 $details = getStringFromRequest('details');
62 $file_url = getStringFromRequest('file_url');
63 $uploaded_data = getUploadedFile('uploaded_data');
64 $stateid = getIntFromRequest('stateid');
65 $filetype = getStringFromRequest('filetype');
66 $editor = getStringFromRequest('editor');
69 session_redirect($urlparam.'&warning_msg='.urlencode(_('No document found to update')));
71 $d= new Document($g, $docid);
73 session_redirect($urlparam.'&error_msg='.urlencode($d->getErrorMessage()));
75 $sanitizer = new TextSanitizer();
76 $details = $sanitizer->SanitizeHtml($details);
77 if (($editor) && ($d->getFileData() != $details) && (!$uploaded_data['name'])) {
78 $filename = $d->getFileName();
79 $datafile = tempnam("/tmp", "docman");
80 $fh = fopen($datafile, 'w');
81 fwrite($fh, $details);
85 $filetype = $d->getFileType();
87 } elseif (!empty($uploaded_data) && $uploaded_data['name']) {
88 if (!is_uploaded_file($uploaded_data['tmp_name'])) {
89 $return_msg = sprintf(_('Invalid file attack attempt %s.'), $uploaded_data['name']);
90 session_redirect($urlparam.'&error_msg='.urlencode($return_msg));
92 $data = $uploaded_data['tmp_name'];
93 $filename = $uploaded_data['name'];
94 if (function_exists('finfo_open')) {
95 $finfo = finfo_open(FILEINFO_MIME_TYPE);
96 $filetype = finfo_file($finfo, $uploaded_data['tmp_name']);
98 $filetype = $uploaded_data['type'];
100 } elseif ($file_url) {
102 $filename = $file_url;
105 $filename = $d->getFileName();
106 $filetype = $d->getFileType();
109 if (!$d->update($filename, $filetype, $data, $doc_group, $title, $description, $stateid))
110 session_redirect($urlparam.'&error_msg='.urlencode($d->getErrorMessage()));
112 $return_msg = sprintf(_('Document %s updated successfully.'), $filename);
113 session_redirect($urlparam.'&feedback='.urlencode($return_msg));