isError()) { exit_error($g->getErrorMessage(),'docman'); } if ($docid != 'backup' && $docid != 'webdav' ) { session_require_perm ('docman', $group_id, 'read') ; $docname=urldecode($arr[5]); $d = new Document($g,$docid); if (!$d || !is_object($d)) { exit_error(_('Document is not available.'),'docman'); } elseif ($d->isError()) { exit_error($d->getErrorMessage(),'docman'); } /** * If the served document has wrong relative links, then * theses links may redirect to the same document with another * name, this way a search engine may loop and stress the * server. * * A workaround is to serve only the document if the given * name is correct. */ if ($d->getFileName() != $docname) { exit_error(_('No document to display - invalid or inactive document number'),'docman'); } Header ('Content-disposition: filename="'.str_replace('"', '', $d->getFileName()).'"'); if (strstr($d->getFileType(),'app')) { Header ("Content-type: application/binary"); } else { Header ("Content-type: ".$d->getFileType()); } echo $d->getFileData(); } else if ( $docid == 'backup' ) { session_require_perm ('docman', $group_id, 'admin') ; $df = new DocumentFactory($g); if ($df->isError()) exit_error($df->getErrorMessage(),'docman'); $dgf = new DocumentGroupFactory($g); if ($dgf->isError()) exit_error($dgf->getErrorMessage(),'docman'); $nested_groups = $dgf->getNested(); $d_arr =& $df->getDocuments(); if (!$d_arr || count($d_arr) <1) $d_arr = &$df->getDocuments(); if ( $nested_groups != NULL ) { $filename = 'docman-'.$g->getUnixName().'-'.$docid.'.zip'; $file = forge_get_config('data_path').'/'.$filename; $zip = new ZipArchive; if ( !$zip->open($file, ZIPARCHIVE::OVERWRITE)) { exit_error(_('Unable to open zip archive for backup'),'docman'); } docman_fill_zip($zip,$nested_groups,$df); if ( !$zip->close()) { exit_error(_('Unable to close zip archive for backup'),'docman'); } Header ('Content-disposition: filename="'.$filename.'"'); Header ('Content-type: application/binary'); readfile($file); unlink($file); } else { $warning_msg = _('No documents to backup.'); session_redirect('/docman/?group_id='.$group_id.'&view=admin&warning_msg='.urlencode($warning_msg)); } } else if ( $docid == 'webdav' ) { $_SERVER['SCRIPT_NAME'] = ''; $server = new HTTP_WebDAV_Server_Docman; $server->ServeRequest(); } else { exit_error(_('No document to display - invalid or inactive document number.'),'docman'); } // Local Variables: // mode: php // c-file-style: "bsd" // End: ?>