noalyss Version-9
export_document.php
Go to the documentation of this file.
1<?php
2
3/*
4 * This file is part of NOALYSS.
5 *
6 * NOALYSS is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * NOALYSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with NOALYSS; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
20// Copyright Author Dany De Bontridder danydb@aevalys.eu
21// Verify parameters
22/**
23 * \file
24 * \brief retrieve a document. It received http variables :
25 * - a is the action : rm remove document, rmop: remove an operation : rmcomment , remove a comment,
26 * rmaction remove an action,dwnall download all document of an action into a zip
27 * - id number
28 * - ag_id action_gestion.ag_id
29 *
30 */
31if ( ! defined ('ALLOWED')) die (_('Non autorisé'));
32
33require_once NOALYSS_INCLUDE.'/lib/ac_common.php';
34$http=new HttpInput();
35
36// the parameter a is the action for the document,
37$action = (isset($_REQUEST['a'])) ? $_REQUEST['a'] : 'sh';
38
39$id=$http->request('id','number','0');
40$ag_id=$http->request('ag_id','number',0);
41$value=$http->request('value',"string", null);
42
43/* Show the document */
44if ($action == 'sh')
45{
46 if ($g_user->check_action(VIEWDOC) == 1)
47 {
48 $d_id=$http->request('d_id',"number");
49 // retrieve the document
50 $doc = new Document($cn, $d_id);
51 $doc->send();
52 }
53}
54/* remove the document */
55if ($action == 'rm')
56{
57 $json='{"d_id":"-1"}';
58 if ($g_user->check_action(RMDOC) == 1)
59 {
60 $d_id=$http->request('d_id',"number");
61
62 $doc = new Document($cn, $d_id);
63 $doc->remove();
64 $json = sprintf('{"d_id":"%s"}', $d_id);
65 }
66 header("Content-type: text/html; charset: utf8", true);
67 print $json;
68}
69/* remove the operation from action_gestion_operation */
70if ($action == 'rmop')
71{
72 $json = '{"ago_id":"-1"}';
73 $dt_id = $cn->get_value("select ag_id from action_gestion_operation where ago_id=$1",array( $id));
74 if ($g_user->check_action(RMDOC) == 1 && $g_user->can_write_action($dt_id) == true)
75 {
76 $cn->exec_sql("delete from action_gestion_operation where ago_id=$1", array($id));
77 $json = sprintf('{"ago_id":"%s"}', $id);
78 }
79 header("Content-type: text/html; charset: utf8", true);
80 print $json;
81}
82/* remove the comment from action_gestion_operation */
83if ($action == 'rmcomment')
84{
85 $json = '{"agc_id":"-1"}';
86 $dt_id = $cn->get_value("select ag_id from action_gestion_comment where agc_id=$1", array($id));
87 if ($g_user->check_action(RMDOC) == 1 && $g_user->can_write_action($dt_id) == true)
88 {
89 $cn->exec_sql("delete from action_gestion_comment where agc_id=$1", array($id));
90 $json = sprintf('{"agc_id":"%s"}', $id);
91 }
92 header("Content-type: text/html; charset: utf8", true);
93 print $json;
94}
95/* remove the action from action_gestion_operation */
96if ($action == 'rmaction')
97{
98 $json = '{"act_id":"-1"}';
99 if ($g_user->check_action(RMDOC) == 1 && $g_user->can_write_action($id) == true && $g_user->can_write_action($ag_id) == true)
100 {
101 $cn->exec_sql("delete from action_gestion_related where aga_least=$1 and aga_greatest=$2", array($id, $ag_id));
102 $cn->exec_sql("delete from action_gestion_related where aga_least=$2 and aga_greatest=$1", array($id, $ag_id));
103 $json = sprintf('{"act_id":"%s"}', $id);
104 }
105 header("Content-type: text/html; charset: utf8", true);
106 print $json;
107}
108/**
109 * Download all document into a zip
110 */
111if ($action == 'dwnall') {
112 // existing action ?
113 if ($ag_id == 0) {
114 throw new Exception("Action inconnue");
115 }
116 // check that user can read
117 if ( $g_user->can_read_action($ag_id) == false
118 || $g_user->check_action(VIEWDOC) == 0)
119 {
120 throw new Exception ("not allowed");
121 }
122
123 // Retrieve all documents
124 $document=new Document($cn);
125 $aDocument=$document->get_all($ag_id);
126
127 // Download all of them
128 $document->download($aDocument);
129
130
131
132}
$g_user
global $g_user
if no group available , then stop
Definition: action.common.inc.php:46
$cn
$cn
Definition: ajax_anc_accounting.php:30
$doc
global $doc
Definition: ajax_mod_document.php:30
$_REQUEST
$_REQUEST['ac']
Definition: ajax_search_action.php:26
Document
Class Document corresponds to the table document.
Definition: document.class.php:29
HttpInput
manage the http input (get , post, request) and extract from an array
Definition: http_input.class.php:38
RMDOC
const RMDOC
Definition: constant.security.php:24
VIEWDOC
const VIEWDOC
Definition: constant.security.php:26
$value
$value
Definition: export_document.php:41
$ag_id
$ag_id
Definition: export_document.php:40
$http
$http
Definition: export_document.php:34
$action
$action
Definition: export_document.php:37
$id
$id
Definition: export_document.php:39
print
print
Type of printing.
Definition: impress_jrn.inc.php:118