* Copyright 2002-2003, Tim Perdue/GForge, LLC
* Copyright 2010-2011, Franck Villaume - Capgemini
* Copyright (C) 2010 Alain Peyrat - Alcatel-Lucent
+ * Copyright 2012, Franck Villaume - TrivialDev
* http://fusionforge.org
*
* This file is part of FusionForge. FusionForge is free software;
$sysdebug_enable = false;
$arr = explode('/', getStringFromServer('REQUEST_URI'));
-$group_id = $arr[3];
-$docid = $arr[4];
+$group_id = (int) $arr[3];
+$docid = isset($arr[4])? $arr[4]: '';
$g = group_get_object($group_id);
if (!$g || !is_object($g)) {
exit_error($g->getErrorMessage(), 'docman');
}
-if ($docid != 'backup' && $docid != 'webdav' && $docid != 'zip') {
+if (is_numeric($docid)) {
session_require_perm('docman', $group_id, 'read');
$docname = urldecode($arr[5]);
* theses links may redirect to the same document with another
* name, this way a search engine may loop and stress the
* server.
- *
- * A workaround is to serve only the document if the given
- * name is correct.
*/
if ($d->getFileName() != $docname) {
- exit_error(_('No document to display - invalid or inactive document number'), 'docman');
+ session_redirect('/docman/view.php/'.$group_id.'/'.$docid.'/'.urlencode($d->getFileName()));
}
header('Content-disposition: attachment; filename="'.str_replace('"', '', $d->getFileName()) . '"');
$filename = 'docman-'.$g->getUnixName().'-'.$docid.'.zip';
$file = forge_get_config('data_path').'/'.$filename;
$zip = new ZipArchive;
- if ( !$zip->open($file, ZIPARCHIVE::OVERWRITE)) {
+ if ( !$zip->open($file, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE)) {
exit_error(_('Unable to open zip archive for backup'), 'docman');
}
$filename = 'docman-'.$g->getUnixName().'-'.$dg->getID().'.zip';
$file = forge_get_config('data_path').'/'.$filename;
$zip = new ZipArchive;
- if ( !$zip->open($file, ZIPARCHIVE::OVERWRITE))
+ if ( !$zip->open($file, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE))
exit_error(_('Unable to open zip archive for download as zip'), 'docman');
// ugly workaround to get the files at doc_group_id level
$docs = $df->getDocuments(1); // no caching
if (is_array($docs) && count($docs) > 0) { // this group has documents
foreach ($docs as $doc) {
- if ( !$zip->addFromString($doc->getFileName(),$doc->getFileData()))
- return false;
+ if (!$zip->addFromString($doc->getFileName(), $doc->getFileData()))
+ exit_error(_('Unable to fill zipfile.'), 'docman');
}
}
if ( !docman_fill_zip($zip, $nested_groups, $df, $dg->getID()))
$filename = 'docman-'.$g->getUnixName().'-selected-'.time().'.zip';
$file = forge_get_config('data_path').'/'.$filename;
$zip = new ZipArchive;
- if ( !$zip->open($file, ZIPARCHIVE::OVERWRITE))
+ if (!$zip->open($file, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE))
exit_error(_('Unable to open zip archive for download as zip'), 'docman');
foreach($arr_fileid as $docid) {
exit_error($d->getErrorMessage(), 'docman');
}
- if ( !$zip->addFromString($d->getFileName(),$d->getFileData()))
- return false;
+ if (!$zip->addFromString($d->getFileName(), $d->getFileData()))
+ exit_error(_('Unable to fill zipfile.'), 'docman');
} else {
$zip->close();
unlink($file);