-
This commit is contained in:
Michael Wesemann
parent
bccef860dd
commit
b7c82845da
@ -8,6 +8,9 @@ RewriteRule ^/activate/(.*)$ /activate.php?key=$1
|
||||
|
||||
RewriteRule ^/search/(\d+)$ /search.php?pid=$1
|
||||
RewriteRule ^/search$ /search.php
|
||||
|
||||
RewriteRule ^/([A-Z,a-z]\d+)/print$ /index.php?mode=print&id=$1
|
||||
|
||||
RewriteRule ^/([A-Z,a-z]\d+)/edit/do/(\d+)$ /edit.php?mode=edit&id=$1&docoff=$2
|
||||
RewriteRule ^/([A-Z,a-z]\d+)/edit$ /edit.php?mode=edit&id=$1
|
||||
RewriteRule ^/([A-Z,a-z]\d+)/clone$ /edit.php?mode=clone&id=$1
|
||||
@ -49,5 +52,7 @@ RewriteRule ^/clrcopy /edit.php?mode=clrcopy
|
||||
RewriteRule ^/uploadcopy /uploadcopy.php
|
||||
RewriteRule ^/maintenance /maintenance.php
|
||||
|
||||
RewriteRule ^/settings /settings.php
|
||||
|
||||
RewriteRule ^/scan/([^/]*) /scan.php?catid=$1
|
||||
RewriteRule ^/v1/(.*) /rest.php?cmd=$1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
<?
|
||||
function setaccess($name,$type) { //////////////////////////////////////////////////////// set access for user
|
||||
global $DB,$USER,$USERTYPE,$ROLE,$ACCESSQL,$USERPROJECTS,$ROLENAMES;
|
||||
global $DB,$USER,$USERTYPE,$ROLE,$ACCESSQL,$LACCESSQL,$USERPROJECTS,$ROLENAMES;
|
||||
|
||||
$q = mysqli_query($DB,"SELECT * FROM role");
|
||||
while($row = mysqli_fetch_assoc($q)) {
|
||||
@ -40,6 +40,7 @@
|
||||
"FROM projects,projectmember;");
|
||||
while($row = mysqli_fetch_assoc($res)) $USERPROJECTS[$row['pid']]=$row['name'];
|
||||
$ACCESSQL="";
|
||||
$LACCESSQL="";
|
||||
|
||||
} elseif ($ROLE==1 || $ROLE==2) { // ---------------------------------------------------------- admin/user
|
||||
|
||||
@ -55,6 +56,7 @@
|
||||
$pl="";foreach($USERPROJECTS as $pid => $pname) $pl.="$pid,"; // build ACCESSQL
|
||||
$pl=PR("/(^.*),\s*$/","($1)",$pl);
|
||||
$ACCESSQL="(cat.user='$USER' OR access='public' OR (access='project' AND project IN $pl)) AND cat.rm=0";
|
||||
$LACCESSQL="(luser='$USER' OR laccess='public' OR (laccess='project' AND lproject IN $pl))";
|
||||
|
||||
} elseif ($ROLE==3) { // -------------------------------------------------------------------- limited user
|
||||
|
||||
@ -66,6 +68,7 @@
|
||||
$pl=PR("/(^.*),\s*$/","($1)",$pl);
|
||||
$ACCESSQL="(cat.user='$USER' OR cat.access='public' OR (cat.access='project' AND cat.project IN $pl)) ".
|
||||
"AND cat.rm=0";
|
||||
$LACCESSQL="(luser='$USER' OR laccess='public' OR (laccess='project' AND lproject IN $pl))";
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
||||
@ -93,7 +93,6 @@
|
||||
|
||||
<TD ALIGN=left style="white-space:nowrap">
|
||||
<? if ($row['type']==='local') { ?>
|
||||
|
||||
<A HREF="/admin/deluser/<?=$row['uid']?>"
|
||||
onclick="return confirm('Delete user \'<?=$row['name']?>\' ?')" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Delete' SRC="/img/trash.png"></A>
|
||||
@ -102,8 +101,13 @@
|
||||
onclick="return confirm('Invite user \'<?=$row['name']?>\' again?')" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Invite Again' SRC="/img/mail.png"></A>
|
||||
<? } ?>
|
||||
</TD>
|
||||
<? } else { ?>
|
||||
<A HREF="/admin/deluser/<?=$row['uid']?>"
|
||||
onclick="return confirm('Lock user \'<?=$row['name']?>\' ?')" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Lock User' SRC="/img/lock.png"></A>
|
||||
|
||||
<? } ?>
|
||||
</TD>
|
||||
</TR>
|
||||
<? } ?>
|
||||
</TABLE></CENTER>
|
||||
|
||||
@ -258,7 +258,7 @@
|
||||
}
|
||||
|
||||
if (PM("/^\d+$/",$catid) && $mode==='copy') { // copy id to list
|
||||
if (chkeditaccess($catid)) {
|
||||
if (chkreadaccess($catid)) {
|
||||
$_SESSION['copylist'][$catid]=$catid;
|
||||
header("Location: /home");exit;
|
||||
}
|
||||
@ -343,7 +343,7 @@
|
||||
$eoa=$row['oa'];
|
||||
|
||||
for ($i=0;$i<$FMAX;$i++) $ef[$i]=$efl[$i]=$row["f$i"];
|
||||
|
||||
|
||||
$J=json_decode($row['jsonmeta'],true);
|
||||
|
||||
$sctype=$J['type'];
|
||||
@ -362,7 +362,7 @@
|
||||
|
||||
if (PM("/^\s*$/",$otype)) $ctype=$otype;
|
||||
|
||||
if (PM("/^\s*$/",$ctype)) $ctype='data'; // ToDo: change to feault type
|
||||
if (PM("/^\s*$/",$ctype)) $ctype=$DEVTYPE;
|
||||
|
||||
if (!preg_match("/^\s*$/",$ctype)) {
|
||||
for ($i=0;$i<$FMAX;$i++) {
|
||||
@ -431,7 +431,7 @@
|
||||
<? } ?>
|
||||
<? if ($f[2]==1) { ?>
|
||||
<textarea WRAP=virtual COLS=72 ROWS=3 name=<?="f$n"?>
|
||||
style='width:600px;'><?= HSC($ef[$n]) ?></textarea></TD></TR>
|
||||
style='width:600px;white-space: pre-wrap;'><?= HSC($ef[$n]) ?></textarea></TD></TR>
|
||||
<? } ?>
|
||||
|
||||
<? if ($f[2]==3) { ?>
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
<?
|
||||
include_once('init.php');include_once('header.php');
|
||||
include_once('Parsedown.php');
|
||||
|
||||
$mode=getpar('mode');
|
||||
$docid=getpar('docid');
|
||||
@ -69,6 +70,24 @@
|
||||
<? ///////////////////////////////////////////////////////////////////////////////////// display single entry ?>
|
||||
|
||||
<? if ($numrows==1) { ?>
|
||||
|
||||
<?
|
||||
|
||||
if ($mode==='print') {
|
||||
exec("/db/bin/qrlabel $id '".$row['user']."' '".$row['f0']."'");
|
||||
$connection = ssh2_connect('ripley.rz-berlin.mpg.de', 22,array('hostkey' => 'ssh-rsa'));
|
||||
|
||||
ssh2_auth_pubkey_file($connection, 'root','/db/ssh/id_rsa.pub','/db/ssh/id_rsa');
|
||||
|
||||
ssh2_scp_send($connection, "/db/tmp/$id.png", "/tmp/$id.png", 0644);
|
||||
ssh2_exec($connection, "/usr/bin/lp -o fit-to-page -d archivzebra /tmp/$id.png");
|
||||
ssh2_exec($connection, "/bin/rm /tmp/$id.png");
|
||||
|
||||
header("Location: /$id");exit;
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<? subheader(); ?>
|
||||
|
||||
<H3>Metadata</H3> <? // metedata table ?>
|
||||
@ -79,6 +98,12 @@
|
||||
<A HREF="/<?=$xid?>/edit" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Edit' SRC="/img/pencil.png"></A>
|
||||
|
||||
<? if (isset($LABELPRINTER)) { ?>
|
||||
|
||||
<A HREF="/<?=$xid?>/print" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Print Label' SRC="/img/print.png"></A>
|
||||
<? } ?>
|
||||
|
||||
<A HREF="/<?=$xid?>/copy" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Copy' SRC="/img/copy.png"></A>
|
||||
|
||||
@ -97,13 +122,22 @@
|
||||
<IMG HEIGHT=16 TITLE='Delete' SRC="/img/trash.png"></A>
|
||||
<? } ?>
|
||||
<? if ($row['fixed']==1) { ?>
|
||||
<A HREF="/<?=$xid?>/copy" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Copy' SRC="/img/copy.png"></A>
|
||||
|
||||
<A HREF="/<?=$xid?>/clone" CLASS='icon'>
|
||||
<IMG HEIGHT=16 TITLE='Clone' SRC="/img/clone.png"></A>
|
||||
|
||||
|
||||
|
||||
<IMG HEIGHT=11 TITLE='' SRC="/img/lock_grey.png">
|
||||
<SPAN STYLE='font-size:80%;color:#CCC;'>fixed entry</SPAN>
|
||||
<? } ?>
|
||||
</TD></TR>
|
||||
<? } ?>
|
||||
|
||||
<TR><TH ALIGN=left>Id</TH><TD><?= $row['id'] ?><? if ($TAG==='DEV') {?> / <?= $row['catid']?><? } ?></TD></TR>
|
||||
<TR><TH ALIGN=left>Id</TH><TD><?= $row['id'] ?>
|
||||
<? if ($TAG==='DEV') {?> / <?= $row['catid']?><? } ?></TD></TR>
|
||||
|
||||
<? if (count($gen)) { ?>
|
||||
<TR><TH ALIGN=left>Ancestry:</TH>
|
||||
@ -190,6 +224,19 @@
|
||||
$tmp=AL($row["f$n"]);
|
||||
}
|
||||
?>
|
||||
|
||||
<?
|
||||
if ($f[0]==='Comment' || $f[0]==='Abstract') {
|
||||
|
||||
//$tmp=preg_replace('/\n/', "<BR>", $tmp);
|
||||
|
||||
$Parsedown = new Parsedown();
|
||||
|
||||
$tmp= $Parsedown->text($tmp);
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
<TR><TH ALIGN=left><?= $f[0] ?></TH><TD><?= $tmp ?></TD></TR>
|
||||
<? } ?>
|
||||
<? } ?>
|
||||
@ -252,8 +299,9 @@
|
||||
|
||||
<? } ?>
|
||||
|
||||
<? // ----------------------------------------------------------------------------------------- document table
|
||||
<?= $_SESSION['s_ft'] ?>
|
||||
|
||||
<? // ----------------------------------------------------------------------------------------- document table
|
||||
$fres=mydo($DB,"SELECT count(*) AS c FROM docs WHERE catid=".$row['catid']." AND rm=0",1);
|
||||
$frow = mysqli_fetch_assoc($fres);
|
||||
$fnumrows=$frow['c'];
|
||||
@ -290,8 +338,16 @@
|
||||
|
||||
<? while($row = mysqli_fetch_assoc($res)) { ?>
|
||||
<TR>
|
||||
<TD><A HREF="/send/<?= idencode($catid,$row['docid'])?>"><?= $row['docid'] ?></A></TD>
|
||||
<TD><A HREF="/send/<?= idencode($catid,$row['docid'])?>"><?= $row['filename'] ?></A></TD>
|
||||
<TD>
|
||||
<? if (isset($_SESSION['ftres'][$row['docid']])) {?><B><?}?>
|
||||
<A HREF="/send/<?= idencode($catid,$row['docid'])?>"><?= $row['docid'] ?></A>
|
||||
<? if (isset($_SESSION['ftres'][$row['docid']])) {?></B><?}?>
|
||||
</TD>
|
||||
<TD>
|
||||
<? if (isset($_SESSION['ftres'][$row['docid']])) {?><B><?}?>
|
||||
<A HREF="/send/<?= idencode($catid,$row['docid'])?>"><?= $row['filename'] ?></A>
|
||||
<? if (isset($_SESSION['ftres'][$row['docid']])) {?></B><?}?>
|
||||
</TD>
|
||||
<TD><?= $row['ts'] ?></TD>
|
||||
<TD><?= $row['comment'] ?></TD>
|
||||
<TD ALIGN=center><?= formsize($row['size']) ?></TD>
|
||||
@ -384,7 +440,8 @@
|
||||
<DIV id=head>
|
||||
<FORM action="/" method="post">
|
||||
<TABLE WIDTH=100%>
|
||||
<TR><TD VALIGN=top><H2>Type:</H2></TD><TD><? if ($TYPE==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
|
||||
<TR><TD VALIGN=top WIDTH=10><H2>Type:</H2></TD><TD>
|
||||
<? if ($TYPE==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
|
||||
<input type="submit" name="type" value="ALL" class="<?=$tmp?>">
|
||||
<? foreach($TYPES as $t) { ?>
|
||||
<? if (SU($t)===SU($TYPE)) $tmp="button"; else $tmp="ubutton"; ?>
|
||||
@ -400,7 +457,8 @@
|
||||
</FORM></TD>
|
||||
</TR>
|
||||
|
||||
<TR><TD VALIGN=top><H2>Project:</H2></TD><TD><? if ($PROJECT==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
|
||||
<TR><TD VALIGN=top WIDTH=10><H2>Project:</H2></TD><TD>
|
||||
<? if ($PROJECT==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
|
||||
<input type="submit" name="project" value="ALL" class="<?=$tmp?>">
|
||||
<? foreach($USERPROJECTS as $pid => $pname) { ?>
|
||||
<? if (SU($pname)===SU($PROJECT)) $tmp="button"; else $tmp="ubutton"; ?>
|
||||
|
||||
16
src/init.php
16
src/init.php
@ -6,10 +6,10 @@
|
||||
include_once('access.php');
|
||||
include_once('tools.php');
|
||||
|
||||
function callback($buffer) { // cleanup html output (disable with $NOCLEAN=true)
|
||||
return PR("/^\s+/m","",$buffer);
|
||||
}
|
||||
if (!$NOCLEAN) ob_start("callback");
|
||||
// function callback($buffer) { // cleanup html output (disable with $NOCLEAN=true)
|
||||
// return PR("/^\s+/m","",$buffer);
|
||||
// }
|
||||
// if (!$NOCLEAN) ob_start("callback");
|
||||
|
||||
global $DB; // connect to database
|
||||
$DB=@mysqli_connect($MYHOST,$MYUSER,$MYPW,$MYDB);
|
||||
@ -49,8 +49,9 @@
|
||||
}
|
||||
|
||||
global $USER,$ROLE,$ROLENAMES,$USERPROJECTS,$PROJECTS,$PROJECTNAMES,$ACCESSQL,$TCHR,$VERSION;
|
||||
global $TITLE,$DEBUG,$STDEF,$STYPES,$LMSG,$PROJECTPRIV,$ALLFIELDS,$DEFSEARCHFIELD,$IDPAT;
|
||||
|
||||
global $TITLE,$DEBUG,$STDEF,$STYPES,$LMSG,$PROJECTPRIV,$ALLFIELDS,$DEFSEARCHFIELD,$IDPAT,$DEVTYPE;
|
||||
global $LABELPRINTER;
|
||||
|
||||
$USER='';$USERTYPE='';$ROLE='';$ACCESSQL='';$ROLENAMES=array();$USERPROJECTS=array();
|
||||
|
||||
$res = mysqli_query($DB,"SELECT * FROM projects");
|
||||
@ -64,5 +65,4 @@
|
||||
|
||||
phplog('','info');
|
||||
|
||||
?>
|
||||
|
||||
?>
|
||||
@ -16,7 +16,6 @@
|
||||
|
||||
session_unset();session_destroy();
|
||||
?>
|
||||
|
||||
<?php if(!isset($_SESSION['USER'])) { ?>
|
||||
<BR><CENTER>
|
||||
<? if (!PM("/^\s*$/",$LMSG)) { ?>
|
||||
@ -32,5 +31,4 @@
|
||||
</form>
|
||||
</CENTER>
|
||||
<?php } ?>
|
||||
|
||||
<? include_once('footer.php'); ?>
|
||||
|
||||
@ -63,7 +63,7 @@
|
||||
<? readfile($prevfilepath); ?>
|
||||
</PRE>
|
||||
<? } else if (PM("/^image\//",$prevmime)) { ?>
|
||||
<P><IMG SRC='/p/<?=$catid?>/<?=$docid?>/<?=$prevfilename?>' WIDTH=100%>
|
||||
<P><IMG SRC='/p/<?=$catid?>/<?=$docid?>/<?=$prevfilename?>' style='height: width:100%;'>
|
||||
<? } else if (PM("/^application\/pdf$/",$prevmime)) { ?>
|
||||
<? header("Location: /send/".idencode($catid,$row['docid']));exit; ?>
|
||||
<? } else { ?>
|
||||
|
||||
240
src/rest.php
240
src/rest.php
@ -2,7 +2,7 @@
|
||||
$NOLOGIN=1;
|
||||
|
||||
require('./init.php');
|
||||
|
||||
// sleep(1);
|
||||
function jfailed($err='') {
|
||||
header('Content-Type: application/json');
|
||||
if (strlen($err)>0) echo json_encode(array('success' => 0, 'error' => $err))."\n";
|
||||
@ -28,8 +28,6 @@ if ($cmd==='login') {
|
||||
jfailed('login failed');
|
||||
}
|
||||
|
||||
mydo($DB,"DELETE FROM tokens WHERE unix_timestamp(now())-unix_timestamp(ts)>86400");
|
||||
|
||||
$J = json_decode(file_get_contents('php://input'), true); // load user info from token
|
||||
|
||||
if ($J==null) jfailed("invalid json");
|
||||
@ -41,7 +39,7 @@ if ($numrows==1) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
|
||||
if ($_SERVER['REMOTE_ADDR']===$row['ip']) {
|
||||
mydo($DB,"UPDATE tokens SET ts=now() WHERE token='".$J['token']."'");
|
||||
mydo($DB,"UPDATE tokens SET ts=now() WHERE token='".$J['token']."'",1);
|
||||
|
||||
$name=$row['name'];
|
||||
$type=$row['type'];
|
||||
@ -52,6 +50,14 @@ if (!setaccess($name,$type)) jfailed("login failed");
|
||||
|
||||
////////////////////////////////////////////////////////////////////////////////////////////////// rest commands
|
||||
|
||||
if ($cmd==='renew') { ////////////////////////////////////////////////////////////////////////////// renew token
|
||||
$I=array();
|
||||
$J=json_decode(file_get_contents('php://input'), true);
|
||||
$newtoken=id62(16);
|
||||
mydo($DB,"UPDATE tokens SET ts=now(),token='".$newtoken."' WHERE token='".$J['token']."'",1);
|
||||
jsuccess(array('success' => 1, 'token' => $newtoken));
|
||||
}
|
||||
|
||||
if ($cmds[0]==='download') { ///////////////////////////////////////////////////////////////////// download file
|
||||
|
||||
$catid=catidfromid($cmds[1]); if ($catid==-1) jfailed("id not found");
|
||||
@ -114,6 +120,7 @@ if ($cmds[0]==='directupload' || $cmds[0]==='urlupload') { //////////////// uplo
|
||||
$J=json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
$fn=$J['filename'];
|
||||
$comment=$J['comment'];
|
||||
$fid=id62(12);
|
||||
|
||||
if ($cmds[0]==='directupload') {
|
||||
@ -131,7 +138,8 @@ if ($cmds[0]==='directupload' || $cmds[0]==='urlupload') { //////////////// uplo
|
||||
$mysqlts=date('Y-m-d H:i:s');
|
||||
|
||||
$sql="INSERT INTO docs SET docid=0,catid=$catid,ts='$mysqlts',rm=0,md5='$md5',filename='".
|
||||
mysqli_escape_string($DB,$fn) ."',mime='".mysqli_escape_string($DB,$mime)."',size=$size";
|
||||
mysqli_escape_string($DB,$fn) ."',comment='".mysqli_escape_string($DB,$comment).
|
||||
"',mime='".mysqli_escape_string($DB,$mime)."',size=$size";
|
||||
$res= mydo($DB,$sql);
|
||||
$docid=mysqli_insert_id($DB);
|
||||
|
||||
@ -158,7 +166,7 @@ if ($cmd==='list') { ///////////////////////////////////////////////////////////
|
||||
if ($numrows>0) {
|
||||
|
||||
while($row = mysqli_fetch_assoc($res)) {
|
||||
array_push($I,$row['catid']);
|
||||
array_push($I,$row['id']);
|
||||
}
|
||||
|
||||
jsuccess(array('success' => 1, 'ids' => $I));
|
||||
@ -196,6 +204,186 @@ if ($cmd==='projects') { ///////////////////////////////////////////////////////
|
||||
jsuccess(array('success' => 1, 'projects' => $I));
|
||||
}
|
||||
|
||||
if ($cmds[0]==='metadump') { /////////////////////////////////////////////////////////// bulk get entry data
|
||||
|
||||
$CTI=array();
|
||||
$sql="SELECT id,catid FROM cat";
|
||||
$res=mydo($DB,$sql,1);
|
||||
while($r = mysqli_fetch_assoc($res)) {
|
||||
$CTI[$r['catid']]=$r['id'];
|
||||
}
|
||||
|
||||
$JJ = array('success' => 1);
|
||||
|
||||
$sql="SELECT * FROM cat WHERE rm=0 AND $ACCESSQL";
|
||||
$res=mydo($DB,$sql,1);
|
||||
|
||||
$numrows =mysqli_num_rows($res);
|
||||
|
||||
if ($numrows>0) {
|
||||
$I=array();
|
||||
while($row = mysqli_fetch_assoc($res)) {
|
||||
|
||||
$comment =$row['comment'];if (PM("/^\s*$/",$row['comment'])) $comment="";
|
||||
|
||||
$J=array('catid'=> $row['catid'],
|
||||
'id' => $row['id'],
|
||||
'comment' => $comment,
|
||||
'tent'=>$row['tent'],
|
||||
'tcha'=>$row['tcha'],
|
||||
'project'=>$project,
|
||||
'user'=>$row['user'],
|
||||
'type'=>$row['type']);
|
||||
|
||||
for ($i=0;$i<$FMAX;$i++) {
|
||||
$key=$FMAP[$row['type']][$i][0];
|
||||
if (!PM("/^\s*$/",$row["f$i"])) $J[$key]=$row["f$i"];
|
||||
}
|
||||
|
||||
$J["jasondata"]= json_decode($row['jsondata']);
|
||||
|
||||
array_push($I,$J);
|
||||
|
||||
}
|
||||
$JJ["cat"]=$I;
|
||||
}
|
||||
|
||||
$sql="SELECT * FROM cat,links,".
|
||||
"(select access as laccess,project as lproject,catid as lcatid,user as luser from cat) AS L ".
|
||||
"WHERE cat.rm=0 AND cat.catid=links.catid AND links.link=lcatid AND $LACCESSQL AND $ACCESSQL";
|
||||
$res=mydo($DB,$sql,1);
|
||||
$numrows =mysqli_num_rows($res);
|
||||
|
||||
if ($numrows>0) {
|
||||
$I=array();
|
||||
while($row = mysqli_fetch_assoc($res)) {
|
||||
$J=array('lid' => $row['lid'],
|
||||
'ts' => $row['ts'],
|
||||
'catid' => $CTI[$row['catid']],
|
||||
'link' => $CTI[$row['link']]);
|
||||
array_push($I,$J);
|
||||
}
|
||||
$JJ["links"]=$I;
|
||||
}
|
||||
|
||||
$sql="select * from gen where rm=0";
|
||||
$res=mydo($DB,$sql,1);
|
||||
$numrows =mysqli_num_rows($res);
|
||||
|
||||
if ($numrows>0) {
|
||||
$I=array();
|
||||
while($row = mysqli_fetch_assoc($res)) {
|
||||
$J=array('ts' => $row['ts'],
|
||||
'catid' => $CTI[$row['catid']],
|
||||
'parent' => $CTI[$row['parent']],
|
||||
'gen' => $row['gen']);
|
||||
|
||||
array_push($I,$J);
|
||||
}
|
||||
$JJ["gen"]=$I;
|
||||
}
|
||||
|
||||
jsuccess($JJ);
|
||||
|
||||
}
|
||||
|
||||
if ($cmds[0]==='bulk') { /////////////////////////////////////////////////////////////////// bulk get entry data
|
||||
|
||||
$xids=explode(',',$cmds[1]);
|
||||
$JJ=array();
|
||||
|
||||
$CTI=array();
|
||||
$sql="SELECT id,catid FROM cat";
|
||||
$res=mydo($DB,$sql,1);
|
||||
while($r = mysqli_fetch_assoc($res)) {
|
||||
$CTI[$r['id']]=$r['catid'];
|
||||
}
|
||||
|
||||
foreach ($xids as $xid) {
|
||||
if (!array_key_exists($xid, $CTI)) jfailed("id not found");
|
||||
|
||||
$catid=$CTI[$xid];
|
||||
|
||||
$gen=array();
|
||||
$sql="SELECT * FROM gen WHERE catid=$catid AND rm=0 ORDER BY gen";
|
||||
$res=mydo($DB,$sql,1);
|
||||
while($r = mysqli_fetch_assoc($res)) {
|
||||
array_push($gen,$CTI[$r['parent']]);
|
||||
}
|
||||
|
||||
$par=array();
|
||||
$sql="SELECT * FROM gen WHERE parent=$catid AND rm=0 ORDER BY gen";
|
||||
$res=mydo($DB,$sql,1);
|
||||
while($r = mysqli_fetch_assoc($res)) {
|
||||
array_push($par,$CTI[$r['catid']]);
|
||||
}
|
||||
|
||||
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
|
||||
$res=mydo($DB,$sql,1);
|
||||
|
||||
$numrows =mysqli_num_rows($res);
|
||||
if ($numrows==1) {
|
||||
$row = mysqli_fetch_assoc($res);
|
||||
|
||||
$project=$PROJECTS[$row['project']];
|
||||
|
||||
$J = array('success' => 1,
|
||||
'id'=>$row['id'],
|
||||
'tent'=>$row['tent'],
|
||||
'tcha'=>$row['tcha'],
|
||||
'project'=>$project,
|
||||
'user'=>$row['user'],
|
||||
'type'=>$row['type']);
|
||||
|
||||
if (count($gen)>0) $J['ancestry'] = $gen;
|
||||
if (count($par)>0) $J['descendants'] = $par;
|
||||
|
||||
for ($i=0;$i<$FMAX;$i++) {
|
||||
$key=$FMAP[$row['type']][$i][0];
|
||||
if (!PM("/^\s*$/",$row["f$i"])) $J[$key]=$row["f$i"];
|
||||
}
|
||||
|
||||
$J["jasondata"]= json_decode($row['jsondata']);
|
||||
|
||||
$I=array();
|
||||
|
||||
$sql="SELECT * FROM docs WHERE catid=$catid AND rm=0";
|
||||
$res=mydo($DB,$sql,1);
|
||||
$fnumrows =mysqli_num_rows($res);
|
||||
if ($fnumrows>0) {
|
||||
while($row = mysqli_fetch_assoc($res)) {
|
||||
|
||||
$comment =$row['comment'];if (PM("/^\s*$/",$row['comment'])) $comment="";
|
||||
|
||||
array_push($I,array('id' => $row['docid'],
|
||||
'filename' => $row['filename'],
|
||||
'comment' => $comment,
|
||||
'size' => $row['size'],
|
||||
'mimetype' => $row['mime']));
|
||||
}
|
||||
$J["files"]=$I;
|
||||
}
|
||||
|
||||
$I=array();
|
||||
$sql="select * from cat,links where links.catid=$catid and cat.catid=links.link and $ACCESSQL";
|
||||
|
||||
$res=mydo($DB,$sql,1);
|
||||
$fnumrows =mysqli_num_rows($res);
|
||||
if ($fnumrows>0) {
|
||||
while($lrow = mysqli_fetch_assoc($res)) {
|
||||
array_push($I,array('lid' => $lrow['lid'],
|
||||
'link' => $lrow['id']));
|
||||
}
|
||||
$J["links"]=$I;
|
||||
}
|
||||
array_push($JJ,$J);
|
||||
}
|
||||
}
|
||||
|
||||
jsuccess($JJ);
|
||||
|
||||
}
|
||||
|
||||
if ($cmds[0]==='get' || $cmds[0]==='getraw') { ////////////////////////////////////////////////// get entry data
|
||||
|
||||
$catid=catidfromid($cmds[1]); if ($catid==-1) jfailed("id not found");
|
||||
@ -244,7 +432,7 @@ if ($cmds[0]==='get' || $cmds[0]==='getraw') { /////////////////////////////////
|
||||
$J["jasondata"]= json_decode($row['jsondata']);
|
||||
|
||||
$I=array();
|
||||
$sql="SELECT * FROM docs WHERE catid=$catid AND rm=0";
|
||||
$sql="SELECT * FROM docs WHERE catid=$catid AND rm=0 ORDER BY ts DESC";
|
||||
$res=mydo($DB,$sql,1);
|
||||
$fnumrows =mysqli_num_rows($res);
|
||||
if ($fnumrows>0) {
|
||||
@ -254,6 +442,7 @@ if ($cmds[0]==='get' || $cmds[0]==='getraw') { /////////////////////////////////
|
||||
|
||||
array_push($I,array('id' => $row['docid'],
|
||||
'filename' => $row['filename'],
|
||||
'timestamp' => $row['ts'],
|
||||
'comment' => $comment,
|
||||
'size' => $row['size'],
|
||||
'mimetype' => $row['mime']));
|
||||
@ -416,6 +605,29 @@ if ($cmds[0]==='edit') { ///////////////////////////////////////////////////////
|
||||
jfailed();
|
||||
}
|
||||
|
||||
if ($cmds[0]==='fix') { ////////////////////////////////////////////////////////////////////////////// fix entry
|
||||
$J=json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
|
||||
|
||||
if (chkeditaccess($catid)) {
|
||||
|
||||
$sql="SELECT * FROM cat WHERE catid=$catid AND $ACCESSQL";
|
||||
$res=mydo($DB,$sql,1);
|
||||
|
||||
$numrows =mysqli_num_rows($res);
|
||||
if ($numrows==1) {
|
||||
mydo($DB,"UPDATE cat SET fixed=1 WHERE catid=$catid");
|
||||
alog($cmds[1],0,'fixed');
|
||||
jsuccess(array('success' => 1, 'id' => $cmds[1]));
|
||||
}
|
||||
} else {
|
||||
jfailed('no access');
|
||||
}
|
||||
|
||||
jfailed();
|
||||
}
|
||||
|
||||
if ($cmds[0]==='delete') { //////////////////////////////////////////////////////////////////////// delete entry
|
||||
$J=json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
@ -546,16 +758,22 @@ if ($cmds[0]==='search') { /////////////////////////////////////////////////////
|
||||
$sql="SELECT * FROM cat WHERE (";
|
||||
|
||||
foreach ($S as $s) {
|
||||
foreach ($s['fields'] as $f) {
|
||||
|
||||
$fa=array();
|
||||
if (array_key_exists('fields',$s)) $fa=$s['fields'];
|
||||
else $fa=range(0,31);
|
||||
|
||||
foreach ($fa as $f) {
|
||||
$sql.="(";
|
||||
foreach ($s['keys'] as $k) {
|
||||
|
||||
|
||||
$sql.="f$f LIKE '%$k%' OR ";
|
||||
}
|
||||
$sql=PR("/\s*OR\s*$/",") OR ",$sql);
|
||||
}
|
||||
$sql=PR("/\s*OR\s*$/","",$sql);
|
||||
$sql.=" AND ";
|
||||
|
||||
}
|
||||
$sql=PR("/\s*AND\s*$/","",$sql);
|
||||
$sql.=") AND $ACCESSQL";
|
||||
@ -597,7 +815,7 @@ if ($cmds[0]==='jsonadd') { ////////////////////////////////////////////////////
|
||||
jfailed();
|
||||
}
|
||||
|
||||
if ($cmds[0]==='jsonget') { ////////////////////////////////////////////////////////////////////// add json data
|
||||
if ($cmds[0]==='jsonget') { ////////////////////////////////////////////////////////////////////// get json data
|
||||
$J=json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
$catid=catidfromid($cmds[1]);if ($catid==-1) jfailed("id not found");
|
||||
@ -651,4 +869,4 @@ if ($cmds[0]==='jsonsearch') { /////////////////////////////////////////////////
|
||||
jsuccess(array('success' => 1, 'result' => $I));
|
||||
}
|
||||
|
||||
?>
|
||||
?>
|
||||
@ -13,6 +13,7 @@
|
||||
unset($_SESSION['s_json2']);
|
||||
$_SESSION['s_op']='AND';
|
||||
unset($_SESSION['s_usr']);
|
||||
unset($_SESSION['s_ft']);
|
||||
unset($_SESSION['s_all']);
|
||||
unset($_SESSION['s_id']);
|
||||
unset($_SESSION['s_fn']);
|
||||
@ -34,7 +35,7 @@
|
||||
$_POST["s_field$fn"] =$S['s_field'][$fn];
|
||||
$_POST["s_fieldop$fn"] =$S['s_fieldop'][$fn];
|
||||
}
|
||||
foreach (array('type','project','s_op','s_json1','s_json2','s_usr','s_all','s_id','s_fn') as $val) {
|
||||
foreach (array('type','project','s_op','s_json1','s_json2','s_usr','s_ft','s_all','s_id','s_fn') as $val) {
|
||||
$_POST[$val]=$S[$val];
|
||||
}
|
||||
$TYPE=$S['type'];
|
||||
@ -49,7 +50,7 @@
|
||||
if (!PM("/^\s*$/",getpar('project'))) $_SESSION['currentproject']=getpar('project');
|
||||
$PROJECT=$_SESSION['currentproject'];
|
||||
|
||||
foreach (array('s_op','s_json1','s_json2','s_usr','s_all','s_id','s_fn') as $val) {
|
||||
foreach (array('s_op','s_json1','s_json2','s_usr','s_ft','s_all','s_id','s_fn') as $val) {
|
||||
if (isset($_POST[$val])) $_SESSION[$val]=getpar($val);
|
||||
$S[$val]=$_SESSION[$val];
|
||||
}
|
||||
@ -82,6 +83,15 @@
|
||||
}
|
||||
$MS=PR("/,\s*$/","",$MS);
|
||||
|
||||
unset($_SESSION["ftres"]);
|
||||
if (!PM("/^\s*$/",$S['s_ft'])) {
|
||||
$res=mydo($DB,"SELECT catid,docid FROM ft WHERE ft LIKE '%".$S['s_ft']."%'",1);
|
||||
while($row = mysqli_fetch_assoc($res)) {
|
||||
phplog($row['docid']);
|
||||
$_SESSION['ftres'][$row['docid']]=$row['catid'];
|
||||
}
|
||||
}
|
||||
|
||||
foreach($TYPES as $type) {
|
||||
foreach($FMAP[$type] as $n => $f) {
|
||||
$ALLFIELDS[$f[0]]=1;
|
||||
@ -192,7 +202,11 @@
|
||||
$searchsql.=" AND (catid=".catidfromid($M[1].$M[2]).")";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (!PM("/^\s*$/",$S['s_ft'])) {
|
||||
$searchsql.=" AND (cat.catid in (select ft.catid from ft where ft like '%".$S['s_ft']."%'))";
|
||||
}
|
||||
|
||||
$FX='';
|
||||
for ($n=1;$n<$FSM;$n++) {
|
||||
if ($S['s_fieldop'][$n]==='AND') $FX.="1";
|
||||
@ -268,7 +282,7 @@
|
||||
</FORM></TD>
|
||||
</TR>
|
||||
|
||||
<TR><TD VALIGN=top><H2>Project:</H2></TD><TD><? if ($PROJECT==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
|
||||
<TR><TD VALIGN=top><H2>Project:</H2></TD><TD><? if ($PROJECT==='ALL') $tmp="button"; else $tmp="ubutton"; ?>
|
||||
<input type="submit" name="project" value="ALL" class="<?=$tmp?>">
|
||||
<? foreach($USERPROJECTS as $pid => $pname) { ?>
|
||||
<? if (SU($pname)===SU($PROJECT)) $tmp="button"; else $tmp="ubutton"; ?>
|
||||
@ -325,7 +339,13 @@
|
||||
<INPUT type="search" name="s_json2" value="<?=$S['s_json2']?>" onsearch="onsearchsearch(this)"
|
||||
style='text-align:left;width:380px;'>
|
||||
</TD></TR>
|
||||
|
||||
<TR><TD HEIGHT=8></TD></TR>
|
||||
|
||||
<TR><TD><H2>Fulltext: </H2></TD>
|
||||
<TD COLSPAN=3 ><input type="search" name="s_ft" value="<?=$S['s_ft']?>" onsearch="onsearchsearch(this)"
|
||||
style='text-align:left;width:300px;'></TD></TR>
|
||||
|
||||
<TR><TD HEIGHT=8></TD></TR>
|
||||
|
||||
<TR><TD><H2>Save As:</H2> </TD><TD colspan=2>
|
||||
@ -370,11 +390,11 @@
|
||||
</TABLE>
|
||||
<P>
|
||||
|
||||
<? function fieldsearch($fn) { global $FSM,$ALLFIELDS,$S; // ------------------------------ search field macro ?>
|
||||
<? function fieldsearch($fn) { global $FSM,$ALLFIELDS,$S; // ----------------------------- search field macro ?>
|
||||
<DIV CLASS="select">
|
||||
<SELECT NAME="s_field<?=$fn?>" class=select>
|
||||
<? foreach($ALLFIELDS as $field => $n) { ?>
|
||||
<OPTION VALUE='<?= $field ?>' <? if ($field===$S['s_field'][$fn]) {?>SELECTED<?}?> ><?= SU($field) ?></OPTION>
|
||||
<OPTION VALUE='<?= $field ?>' <? if ($field===$S['s_field'][$fn]) {?>SELECTED<?}?> ><?= SU($field) ?></OPTION>
|
||||
<? } ?>
|
||||
</SELECT> <DIV class="select_arrow"></DIV></DIV></TD>
|
||||
<TD><input type="search" name="<?="s_key$fn"?>" value="<?=$S['s_key'][$fn]?>" onsearch="onsearchsearch(this)"
|
||||
|
||||
@ -168,6 +168,8 @@
|
||||
|
||||
function mydo($db,$sql,$quiet=0) { // ------------------------------------------------------------ mysql query
|
||||
if (!$quiet) phplog($sql,'sql');
|
||||
phplog($sql,'sql');
|
||||
|
||||
$res=mysqli_query($db,$sql);
|
||||
myerr($db,$sql);
|
||||
return $res;
|
||||
@ -218,6 +220,20 @@
|
||||
}
|
||||
}
|
||||
|
||||
function xphplog($msg,$type='info',$debuglevel=1) { // ------------------------------------------ write php log
|
||||
global $PHPLOG,$TAG,$USER,$DEBUG;
|
||||
if ($DEBUG>=$debuglevel) {
|
||||
$ip=$_SERVER['REMOTE_ADDR'];
|
||||
$url=$_SERVER['REQUEST_URI'];
|
||||
|
||||
if (PM("/^\s*$/",$msg)) {
|
||||
error_log(date("Y-m-d H:i:s")."|$type|$TAG|$ip|$USER\n", 3,$PHPLOG);
|
||||
} else {
|
||||
error_log(date("Y-m-d H:i:s")."|$type|$TAG|$ip|$USER|$msg\n", 3,$PHPLOG);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function HSC($str) { // -------------------------------------------------------- shortcut for htmlspecialchars
|
||||
return htmlspecialchars($str);
|
||||
}
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
<?
|
||||
$VERSION='1.0.121';
|
||||
$VERSION='1.0.176';
|
||||
?>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user