<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2005 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/****************************************************************************************/
// $Id: revisions.php 481 2005-03-30 14:46:45Z shozubq $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN);
$id = intval($_REQUEST['id']);
$sql = "SELECT * FROM ".TABLE_PREFIX."files WHERE file_id=$id AND group_id=$_SESSION[group_id]";
$result = mysql_query($sql,$db);
if (!($row = mysql_fetch_assoc($result))) {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
require(AC_INCLUDE_PATH.'header.inc.php');
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
} else if ($row['folder_id'] == 0 && $row['member_id'] != $_SESSION['member_id'] && !authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK)) {
/* if file's in a private folder that is not yours and you're not grp admin */
/* actually permission is denied, but for security we fake a "FNF" */
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
require(AC_INCLUDE_PATH.'header.inc.php');
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
} else if (!authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) && $row['locked']) {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions');
if ($row['library_revision_id'] > 0) {
//do nothing
} else {
require(AC_INCLUDE_PATH.'header.inc.php');
$errors[] = E_FILE_LOCKED;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
}
}
$title = $row['title'];
$description = $row['description'];
$locked = $row['locked'];
$library = $row['library_revision_id'];
$sql_rev = "SELECT * FROM ".TABLE_PREFIX."files_revisions WHERE file_id=$id ORDER BY initial_date DESC";
$result_rev = mysql_query($sql_rev, $db);
if ($library > 0) {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('library');
$_SECTION[1][1] = 'library/index.php?id='.$row['folder_id'];
$_SECTION[2][0] = _AC('revisions'). ': '.$title;
$_SECTION[2][1] = 'drafting/revisions.php';
} else {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/?id='.$row['folder_id'];
$_SECTION[2][0] = _AC('revisions'). ': '.$title;
$_SECTION[2][1] = 'drafting/revisions.php';
}
require(AC_INCLUDE_PATH.'header.inc.php');
if (isset($_GET['f'])) {
print_feedback($_GET['f']);
}
?>
<table border="0" cellspacing="0" cellpadding="5" class="box" align="center" width="95%">
<tr>
<td valign="top" class="row1 white"><h1><img src="images/file_types/file.gif" height="16" width="13" border="0" alt="*" class="img" /> <?php echo $title;
if (!authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) && $locked) {
echo ' - <img src="images/lock.gif" class="img" height="12" width="16" alt="'._AC('locked').'" border="0" />';
} ?></h1></td>
</tr>
<tr>
<td valign="top" class="row1 nobar"><?php echo nl2br($description); ?></td>
</tr>
</table>
<?php
$num_revisions = mysql_num_rows($result_rev);
$col = 1;
echo '<br /><table cellspacing="0" cellpadding="3" border="0" width="95%" align="center" summary="" class="box">';
if (authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) || !$locked) {
echo '<tr><td class="row'.$col.' white" colspan="2" align="center"><a href="drafting/add_revision.php?id='.$id.'" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">'._AC('add_revision').'</a></td></tr>';
} else {
echo '<tr><td class="row'.$col.' white" colspan="2" align="center">'._AC('add_revision');
echo ' - <img src="images/lock.gif" class="img" height="12" width="16" alt="'._AC('locked').'" border="0" />';
echo '</td></tr>';
}
if (!$num_revisions) {
echo '<tr><td class="row1" colspan="2" align="center">'._AC('no_revisions_found').'</td></tr>';
} else {
while ($row = mysql_fetch_assoc($result_rev)) {
$col = abs($col-1);
echo '<tr>';
echo '<td class="row'.$col.' nobar"><strong>#'.(--$num_revisions).'</strong> '._AC('by') . ' <a href="profile.php?id='.$row['member_id'].'">' . get_login($row['member_id']).'</a></td>';
echo '<td class="row'.$col.' boxed" align="right"><a href="get_file.php?id='.$row['revision_id'].'"><img src="images/dl.jpg" class="img" height="14" width="14" alt="" border="0" /> '._AC('download_revision', $num_revisions).'</a> | <a href="drafting/comments.php?id='.$row['revision_id'].SEP.'r='.$num_revisions.SEP.'fid='.$row['file_id'].'"><img src="images/comments.gif" class="img" height="15" width="15" alt="" border="0" /> '.$row['num_comments'].' '._AC('comments').'</a> ';
if (authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) || !$locked) {
echo '| <a href="drafting/revision_edit_file.php?id='.$row['revision_id'].SEP.'pid='.$row['file_id'].'"><img src="images/edit.gif" class="img" height="12" width="16" alt="" border="0" /> '._AC('edit').'</a> | <a href="drafting/revision_delete_file.php?id='.$row['revision_id'].SEP.'fid='.$row['file_id'].'"><img src="images/delete.gif" class="img" height="14" width="14" alt="" border="0" /> '._AC('delete').'</a>';
}
echo '</td>';
echo '</tr>';
if ($row['file_size'] > 1024) {
$file_size = number_format($row['file_size']/1024, 1) . ' KB';
} else {
$file_size = $row['file_size'] . ' Bytes';
}
echo '<tr>';
echo '<td class="row'.$col.'" valign="top"><small>'.$row['initial_date'].'<br />'.$file_size.'<br />'.$row['file_name'].'</small></td>';
echo '<td class="row'.$col.'" valign="top" width="75%">'.nl2br($row['description']).'</td>';
echo '</tr>';
}
}
$col = abs($col-1);
if (authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) || !$locked) {
echo '<tr><td class="row'.$col.' nobar white" colspan="2" align="center"><a href="drafting/add_revision.php?id='.$id.'" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">'._AC('add_revision').'</a></td></tr>';
} else {
echo '<tr><td class="row'.$col.' nobar white" colspan="2" align="center">'._AC('add_revision');
echo ' - <img src="images/lock.gif" class="img" height="12" width="16" alt="'._AC('locked').'" border="0" />';
echo '</td></tr>';
}
echo '</table>';
echo '<br />';
require(AC_INCLUDE_PATH.'footer.inc.php');
?>