mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-07 02:31:40 +09:00
Use static method calls and consistent permission checks throughout the Board module
This commit is contained in:
Kijin Sung
parent
ee1ea9729c
commit
da73eb7427
6 changed files with 181 additions and 203 deletions
|
|
@ -168,14 +168,12 @@ class boardAdminView extends board {
|
|||
$documentStatusList = $oDocumentModel->getStatusNameList();
|
||||
Context::set('document_status_list', $documentStatusList);
|
||||
|
||||
$oBoardModel = getModel('board');
|
||||
|
||||
// setup the extra vaiables
|
||||
$extra_vars = $oBoardModel->getDefaultListConfig($this->module_info->module_srl);
|
||||
$extra_vars = BoardModel::getDefaultListConfig($this->module_info->module_srl);
|
||||
Context::set('extra_vars', $extra_vars);
|
||||
|
||||
// setup the list config (install the default value if there is no list config)
|
||||
Context::set('list_config', $oBoardModel->getListConfig($this->module_info->module_srl));
|
||||
Context::set('list_config', BoardModel::getListConfig($this->module_info->module_srl));
|
||||
|
||||
// setup extra_order_target
|
||||
$module_extra_vars = $oDocumentModel->getExtraKeys($this->module_info->module_srl);
|
||||
|
|
|
|||
|
|
@ -57,21 +57,20 @@ class boardController extends board
|
|||
$obj->is_admin = 'Y';
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocumentController = getController('document');
|
||||
|
||||
$_SECRET = $oDocumentModel->getConfigStatus('secret');
|
||||
$secret_status = DocumentModel::getConfigStatus('secret');
|
||||
$use_status = explode('|@|', $this->module_info->use_status);
|
||||
|
||||
// Set status
|
||||
if(($obj->is_secret == 'Y' || $obj->status == $_SECRET) && is_array($use_status) && in_array($_SECRET, $use_status))
|
||||
if(($obj->is_secret == 'Y' || $obj->status == $secret_status) && is_array($use_status) && in_array($secret_status, $use_status))
|
||||
{
|
||||
$obj->status = $_SECRET;
|
||||
$obj->status = $secret_status;
|
||||
}
|
||||
else
|
||||
{
|
||||
unset($obj->is_secret);
|
||||
$obj->status = $oDocumentModel->getConfigStatus('public');
|
||||
$obj->status = DocumentModel::getConfigStatus('public');
|
||||
}
|
||||
|
||||
// Set update log
|
||||
|
|
@ -102,7 +101,7 @@ class boardController extends board
|
|||
}
|
||||
|
||||
// Update if the document already exists.
|
||||
$oDocument = $oDocumentModel->getDocument($obj->document_srl, $this->grant->manager);
|
||||
$oDocument = DocumentModel::getDocument($obj->document_srl, $this->grant->manager);
|
||||
if($oDocument->isExists())
|
||||
{
|
||||
if(!$oDocument->isGranted())
|
||||
|
|
@ -111,14 +110,14 @@ class boardController extends board
|
|||
}
|
||||
|
||||
// Protect admin document
|
||||
$member_info = getModel('member')->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
|
||||
$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
|
||||
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_admin_document_no_modify');
|
||||
}
|
||||
|
||||
// if document status is temp
|
||||
if($oDocument->get('status') == $oDocumentModel->getConfigStatus('temp'))
|
||||
if($oDocument->get('status') == DocumentModel::getConfigStatus('temp'))
|
||||
{
|
||||
// if use anonymous, set the member_srl to a negative number
|
||||
if($this->module_info->use_anonymous == 'Y')
|
||||
|
|
@ -188,7 +187,7 @@ class boardController extends board
|
|||
if ($output->toBool())
|
||||
{
|
||||
// Set grant for the new document.
|
||||
$oDocument = $oDocumentModel->getDocument($output->get('document_srl'));
|
||||
$oDocument = DocumentModel::getDocument($output->get('document_srl'));
|
||||
$oDocument->setGrantForSession();
|
||||
|
||||
// send an email to admin user
|
||||
|
|
@ -240,13 +239,12 @@ class boardController extends board
|
|||
throw new Rhymix\Framework\Exception('msg_no_update_id');
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocumentController = getController('document');
|
||||
$update_log = $oDocumentModel->getUpdateLog($update_id);
|
||||
$update_log = DocumentModel::getUpdateLog($update_id);
|
||||
|
||||
if($logged_info->is_admin != 'Y')
|
||||
{
|
||||
$Exists_log = $oDocumentModel->getUpdateLogAdminisExists($update_log->document_srl);
|
||||
$Exists_log = DocumentModel::getUpdateLogAdminisExists($update_log->document_srl);
|
||||
if($Exists_log === true)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_admin_update_log');
|
||||
|
|
@ -258,7 +256,7 @@ class boardController extends board
|
|||
throw new Rhymix\Framework\Exception('msg_no_update_log');
|
||||
}
|
||||
|
||||
$oDocument = $oDocumentModel->getDocument($update_log->document_srl);
|
||||
$oDocument = DocumentModel::getDocument($update_log->document_srl);
|
||||
$obj = new stdClass();
|
||||
$obj->title = $update_log->title;
|
||||
$obj->document_srl = $update_log->document_srl;
|
||||
|
|
@ -287,8 +285,7 @@ class boardController extends board
|
|||
throw new Rhymix\Framework\Exception('msg_invalid_document');
|
||||
}
|
||||
|
||||
$oDocumentModel = &getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
// check protect content
|
||||
if($this->module_info->protect_content == 'Y' || $this->module_info->protect_delete_content == 'Y')
|
||||
{
|
||||
|
|
@ -396,8 +393,7 @@ class boardController extends board
|
|||
}
|
||||
|
||||
// check if the doument is existed
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($obj->document_srl);
|
||||
$oDocument = DocumentModel::getDocument($obj->document_srl);
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
|
|
@ -418,9 +414,6 @@ class boardController extends board
|
|||
$manual = false;
|
||||
}
|
||||
|
||||
// generate comment module model object
|
||||
$oCommentModel = getModel('comment');
|
||||
|
||||
// generate comment module controller object
|
||||
$oCommentController = getController('comment');
|
||||
|
||||
|
|
@ -432,10 +425,10 @@ class boardController extends board
|
|||
}
|
||||
else
|
||||
{
|
||||
$comment = $oCommentModel->getComment($obj->comment_srl, $this->grant->manager);
|
||||
$comment = CommentModel::getComment($obj->comment_srl, $this->grant->manager);
|
||||
if($this->module_info->protect_update_comment === 'Y' && $this->grant->manager == false)
|
||||
{
|
||||
$childs = $oCommentModel->getChildComments($obj->comment_srl);
|
||||
$childs = CommentModel::getChildComments($obj->comment_srl);
|
||||
if(count($childs) > 0)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_board_update_protect_comment');
|
||||
|
|
@ -443,9 +436,7 @@ class boardController extends board
|
|||
}
|
||||
}
|
||||
|
||||
$oMemberModel = getModel('member');
|
||||
$member_info = $oMemberModel->getMemberInfoByMemberSrl($comment->member_srl);
|
||||
|
||||
$member_info = MemberModel::getMemberInfo($comment->member_srl);
|
||||
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_admin_comment_no_modify');
|
||||
|
|
@ -460,7 +451,7 @@ class boardController extends board
|
|||
// Parent exists.
|
||||
if($obj->parent_srl)
|
||||
{
|
||||
$parent_comment = $oCommentModel->getComment($obj->parent_srl);
|
||||
$parent_comment = CommentModel::getComment($obj->parent_srl);
|
||||
if(!$parent_comment->comment_srl)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
|
|
@ -479,7 +470,7 @@ class boardController extends board
|
|||
// Set grant for the new comment.
|
||||
if ($output->toBool())
|
||||
{
|
||||
$comment = $oCommentModel->getComment($output->get('comment_srl'));
|
||||
$comment = CommentModel::getComment($output->get('comment_srl'));
|
||||
$comment->setGrantForSession();
|
||||
}
|
||||
}
|
||||
|
|
@ -523,6 +514,10 @@ class boardController extends board
|
|||
{
|
||||
// get the comment_srl
|
||||
$comment_srl = Context::get('comment_srl');
|
||||
if(!$comment_srl)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
}
|
||||
|
||||
$instant_delete = null;
|
||||
if($this->grant->manager == true)
|
||||
|
|
@ -530,22 +525,25 @@ class boardController extends board
|
|||
$instant_delete = Context::get('instant_delete');
|
||||
}
|
||||
|
||||
if(!$comment_srl)
|
||||
$comment = CommentModel::getComment($comment_srl, $this->grant->manager);
|
||||
if(!$comment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\InvalidRequest;
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
if(!$comment->isGranted())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
|
||||
$oCommentModel = getModel('comment');
|
||||
|
||||
$childs = null;
|
||||
if($this->module_info->protect_delete_comment === 'Y' && $this->grant->manager == false)
|
||||
{
|
||||
$childs = $oCommentModel->getChildComments($comment_srl);
|
||||
$childs = CommentModel::getChildComments($comment_srl);
|
||||
if(count($childs) > 0)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_board_delete_protect_comment');
|
||||
}
|
||||
}
|
||||
$comment = $oCommentModel->getComment($comment_srl, $this->grant->manager);
|
||||
if($this->module_info->protect_comment_regdate > 0 && $this->grant->manager == false)
|
||||
{
|
||||
if($comment->get('regdate') < date('YmdHis', strtotime('-'.$this->module_info->protect_document_regdate.' day')))
|
||||
|
|
@ -570,7 +568,7 @@ class boardController extends board
|
|||
}
|
||||
elseif(starts_with('only_comm', $this->module_info->comment_delete_message) && $instant_delete != 'Y')
|
||||
{
|
||||
$childs = $oCommentModel->getChildComments($comment_srl);
|
||||
$childs = ($childs !== null) ? $childs : CommentModel::getChildComments($comment_srl);
|
||||
if(count($childs) > 0)
|
||||
{
|
||||
$output = $oCommentController->updateCommentByDelete($comment, $this->grant->manager);
|
||||
|
|
@ -654,21 +652,18 @@ class boardController extends board
|
|||
$document_srl = Context::get('document_srl');
|
||||
$comment_srl = Context::get('comment_srl');
|
||||
|
||||
$oMemberModel = getModel('member');
|
||||
|
||||
// if the comment exists
|
||||
if($comment_srl)
|
||||
{
|
||||
// get the comment information
|
||||
$oCommentModel = getModel('comment');
|
||||
$oComment = $oCommentModel->getComment($comment_srl);
|
||||
$oComment = CommentModel::getComment($comment_srl);
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
|
||||
// compare the comment password and the user input password
|
||||
if(!$oMemberModel->isValidPassword($oComment->get('password'),$password))
|
||||
if(!MemberModel::isValidPassword($oComment->get('password'), $password))
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_invalid_password');
|
||||
}
|
||||
|
|
@ -676,15 +671,14 @@ class boardController extends board
|
|||
$oComment->setGrantForSession();
|
||||
} else {
|
||||
// get the document information
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
}
|
||||
|
||||
// compare the document password and the user input password
|
||||
if(!$oMemberModel->isValidPassword($oDocument->get('password'),$password))
|
||||
if(!MemberModel::isValidPassword($oDocument->get('password'), $password))
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_invalid_password');
|
||||
}
|
||||
|
|
@ -704,7 +698,7 @@ class boardController extends board
|
|||
}
|
||||
|
||||
// get the module information
|
||||
$module_info = getModel('module')->getModuleInfoByMid($mid);
|
||||
$module_info = ModuleModel::getModuleInfoByMid($mid);
|
||||
if(empty($module_info->module) || $module_info->module !== 'board' || $module_info->use_anonymous === 'Y')
|
||||
{
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -18,20 +18,17 @@ class boardModel extends module
|
|||
/**
|
||||
* @brief get the list configuration
|
||||
**/
|
||||
function getListConfig($module_srl)
|
||||
public static function getListConfig($module_srl)
|
||||
{
|
||||
$oModuleModel = getModel('module');
|
||||
$oDocumentModel = getModel('document');
|
||||
|
||||
// get the list config value, if it is not exitsted then setup the default value
|
||||
$list_config = $oModuleModel->getModulePartConfig('board', $module_srl);
|
||||
$list_config = ModuleModel::getModulePartConfig('board', $module_srl);
|
||||
if(!is_array($list_config) || count($list_config) <= 0)
|
||||
{
|
||||
$list_config = array('no', 'title', 'nick_name','regdate','readed_count');
|
||||
}
|
||||
|
||||
// get the extra variables
|
||||
$inserted_extra_vars = $oDocumentModel->getExtraKeys($module_srl);
|
||||
$inserted_extra_vars = DocumentModel::getExtraKeys($module_srl);
|
||||
|
||||
foreach($list_config as $key)
|
||||
{
|
||||
|
|
@ -57,7 +54,7 @@ class boardModel extends module
|
|||
/**
|
||||
* @brief return the default list configration value
|
||||
**/
|
||||
function getDefaultListConfig($module_srl)
|
||||
public static function getDefaultListConfig($module_srl)
|
||||
{
|
||||
// add virtual srl, title, registered date, update date, nickname, ID, name, readed count, voted count etc.
|
||||
$virtual_vars = array( 'no', 'title', 'regdate', 'last_update', 'last_post', 'nick_name',
|
||||
|
|
@ -68,9 +65,7 @@ class boardModel extends module
|
|||
}
|
||||
|
||||
// get the extra variables from the document model
|
||||
$oDocumentModel = getModel('document');
|
||||
$inserted_extra_vars = $oDocumentModel->getExtraKeys($module_srl);
|
||||
|
||||
$inserted_extra_vars = DocumentModel::getExtraKeys($module_srl);
|
||||
if(count($inserted_extra_vars))
|
||||
{
|
||||
foreach($inserted_extra_vars as $obj)
|
||||
|
|
@ -86,7 +81,7 @@ class boardModel extends module
|
|||
/**
|
||||
* @brief return module name in sitemap
|
||||
**/
|
||||
function triggerModuleListInSitemap(&$obj)
|
||||
public function triggerModuleListInSitemap(&$obj)
|
||||
{
|
||||
array_push($obj, 'board');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,16 +38,14 @@ class boardView extends board
|
|||
$this->except_notice = $this->module_info->except_notice == 'N' ? FALSE : TRUE;
|
||||
|
||||
// $this->_getStatusNameListecret option backward compatibility
|
||||
$oDocumentModel = getModel('document');
|
||||
|
||||
$statusList = $this->_getStatusNameList($oDocumentModel);
|
||||
$statusList = $this->_getStatusNameList();
|
||||
if(isset($statusList['SECRET']))
|
||||
{
|
||||
$this->module_info->secret = 'Y';
|
||||
}
|
||||
|
||||
// use_category <=1.5.x, hide_category >=1.7.x
|
||||
$count_category = count($oDocumentModel->getCategoryList($this->module_info->module_srl));
|
||||
$count_category = count(DocumentModel::getCategoryList($this->module_info->module_srl));
|
||||
if($count_category)
|
||||
{
|
||||
if($this->module_info->hide_category)
|
||||
|
|
@ -93,8 +91,7 @@ class boardView extends board
|
|||
/**
|
||||
* use context::set to setup extra variables
|
||||
**/
|
||||
$oDocumentModel = getModel('document');
|
||||
$extra_keys = $oDocumentModel->getExtraKeys($this->module_info->module_srl);
|
||||
$extra_keys = DocumentModel::getExtraKeys($this->module_info->module_srl);
|
||||
Context::set('extra_keys', $extra_keys);
|
||||
|
||||
/**
|
||||
|
|
@ -158,7 +155,7 @@ class boardView extends board
|
|||
}
|
||||
}
|
||||
// remove a search option that is not public in member config
|
||||
$memberConfig = getModel('module')->getModuleConfig('member');
|
||||
$memberConfig = ModuleModel::getModuleConfig('member');
|
||||
foreach($memberConfig->signupForm as $signupFormElement)
|
||||
{
|
||||
if(in_array($signupFormElement->title, $search_option))
|
||||
|
|
@ -171,8 +168,7 @@ class boardView extends board
|
|||
}
|
||||
Context::set('search_option', $search_option);
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$statusNameList = $this->_getStatusNameList($oDocumentModel);
|
||||
$statusNameList = $this->_getStatusNameList();
|
||||
if(count($statusNameList) > 0)
|
||||
{
|
||||
Context::set('status_list', $statusNameList);
|
||||
|
|
@ -182,8 +178,7 @@ class boardView extends board
|
|||
$this->dispBoardContentView();
|
||||
|
||||
// list config, columnList setting
|
||||
$oBoardModel = getModel('board');
|
||||
$this->listConfig = $oBoardModel->getListConfig($this->module_info->module_srl);
|
||||
$this->listConfig = BoardModel::getListConfig($this->module_info->module_srl);
|
||||
if(!$this->listConfig) $this->listConfig = array();
|
||||
$this->_makeListColumnList();
|
||||
|
||||
|
|
@ -219,8 +214,7 @@ class boardView extends board
|
|||
return;
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
Context::set('category_list', $oDocumentModel->getCategoryList($this->module_srl));
|
||||
Context::set('category_list', DocumentModel::getCategoryList($this->module_srl));
|
||||
|
||||
$oSecurity = new Security();
|
||||
$oSecurity->encodeHTML('category_list.', 'category_list.childs.');
|
||||
|
|
@ -235,15 +229,12 @@ class boardView extends board
|
|||
$document_srl = Context::get('document_srl');
|
||||
$page = Context::get('page');
|
||||
|
||||
// generate document model object
|
||||
$oDocumentModel = getModel('document');
|
||||
|
||||
/**
|
||||
* if the document exists, then get the document information
|
||||
**/
|
||||
if($document_srl)
|
||||
{
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl, false, true);
|
||||
$oDocument = DocumentModel::getDocument($document_srl, false, true);
|
||||
|
||||
// if the document is existed
|
||||
if($oDocument->isExists())
|
||||
|
|
@ -263,7 +254,7 @@ class boardView extends board
|
|||
$logged_info = Context::get('logged_info');
|
||||
if(abs($oDocument->get('member_srl')) != $logged_info->member_srl)
|
||||
{
|
||||
$oDocument = $oDocumentModel->getDocument(0);
|
||||
$oDocument = DocumentModel::getDocument(0);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -272,7 +263,7 @@ class boardView extends board
|
|||
{
|
||||
if(!$oDocument->isGranted())
|
||||
{
|
||||
$oDocument = $oDocumentModel->getDocument(0);
|
||||
$oDocument = DocumentModel::getDocument(0);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -290,7 +281,7 @@ class boardView extends board
|
|||
}
|
||||
else
|
||||
{
|
||||
$oDocument = $oDocumentModel->getDocument(0);
|
||||
$oDocument = DocumentModel::getDocument(0);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -300,7 +291,7 @@ class boardView extends board
|
|||
{
|
||||
if(!$this->grant->view && !$oDocument->isGranted())
|
||||
{
|
||||
$oDocument = $oDocumentModel->getDocument(0);
|
||||
$oDocument = DocumentModel::getDocument(0);
|
||||
Context::set('document_srl','',true);
|
||||
$this->alertMessage('msg_not_permitted', 403);
|
||||
}
|
||||
|
|
@ -360,8 +351,7 @@ class boardView extends board
|
|||
|
||||
// Check if a permission for file download is granted
|
||||
// Get configurations (using module model object)
|
||||
$oModuleModel = getModel('module');
|
||||
$file_module_config = $oModuleModel->getModulePartConfig('file',$this->module_srl);
|
||||
$file_module_config = ModuleModel::getModulePartConfig('file',$this->module_srl);
|
||||
|
||||
$downloadGrantCount = 0;
|
||||
if(is_array($file_module_config->download_grant))
|
||||
|
|
@ -380,14 +370,12 @@ class boardView extends board
|
|||
$logged_info = Context::get('logged_info');
|
||||
if($logged_info->is_admin != 'Y')
|
||||
{
|
||||
$oModuleModel =& getModel('module');
|
||||
$columnList = array('module_srl', 'site_srl');
|
||||
$module_info = $oModuleModel->getModuleInfoByModuleSrl($this->module_srl, $columnList);
|
||||
$module_info = ModuleModel::getModuleInfoByModuleSrl($this->module_srl, $columnList);
|
||||
|
||||
if(!$oModuleModel->isSiteAdmin($logged_info, $module_info->site_srl))
|
||||
if(!ModuleModel::isSiteAdmin($logged_info, $module_info->site_srl))
|
||||
{
|
||||
$oMemberModel =& getModel('member');
|
||||
$member_groups = $oMemberModel->getMemberGroups($logged_info->member_srl, $module_info->site_srl);
|
||||
$member_groups = MemberModel::getMemberGroups($logged_info->member_srl, $module_info->site_srl);
|
||||
|
||||
$is_permitted = false;
|
||||
for($i=0;$i<count($file_module_config->download_grant);$i++)
|
||||
|
|
@ -407,9 +395,8 @@ class boardView extends board
|
|||
}
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$document_srl = Context::get('document_srl');
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
Context::set('oDocument', $oDocument);
|
||||
Context::set('file_list',$oDocument->getUploadedFiles());
|
||||
|
||||
|
|
@ -424,9 +411,8 @@ class boardView extends board
|
|||
// check document view grant
|
||||
$this->dispBoardContentView();
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$document_srl = Context::get('document_srl');
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
$comment_list = $oDocument->getComments();
|
||||
|
||||
// setup the comment list
|
||||
|
|
@ -455,10 +441,9 @@ class boardView extends board
|
|||
return;
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$args = new stdClass();
|
||||
$args->module_srl = $this->module_srl;
|
||||
$notice_output = $oDocumentModel->getNoticeList($args, $this->columnList);
|
||||
$notice_output = DocumentModel::getNoticeList($args, $this->columnList);
|
||||
Context::set('notice_list', $notice_output->data);
|
||||
}
|
||||
|
||||
|
|
@ -477,8 +462,6 @@ class boardView extends board
|
|||
return;
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
|
||||
// setup module_srl/page number/ list number/ page count
|
||||
$args = new stdClass();
|
||||
$args->module_srl = $this->module_srl;
|
||||
|
|
@ -534,7 +517,7 @@ class boardView extends board
|
|||
}
|
||||
elseif(!$args->page && $document_srl)
|
||||
{
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
if($oDocument->isExists() && !$oDocument->isNotice())
|
||||
{
|
||||
$days = $this->module_info->skip_bottom_list_days ?: 30;
|
||||
|
|
@ -544,7 +527,7 @@ class boardView extends board
|
|||
}
|
||||
else
|
||||
{
|
||||
$args->page = $oDocumentModel->getDocumentPage($oDocument, $args);
|
||||
$args->page = DocumentModel::getDocumentPage($oDocument, $args);
|
||||
Context::set('page', $args->page);
|
||||
}
|
||||
}
|
||||
|
|
@ -575,7 +558,7 @@ class boardView extends board
|
|||
Context::set('list_config', $this->listConfig);
|
||||
|
||||
// setup document list variables on context
|
||||
$output = $oDocumentModel->getDocumentList($args, $this->except_notice, TRUE, $this->columnList);
|
||||
$output = DocumentModel::getDocumentList($args, $this->except_notice, TRUE, $this->columnList);
|
||||
Context::set('document_list', $output->data);
|
||||
Context::set('total_count', $output->total_count);
|
||||
Context::set('total_page', $output->total_page);
|
||||
|
|
@ -690,7 +673,7 @@ class boardView extends board
|
|||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
|
||||
$oDocument = getModel('document')->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\TargetNotFound;
|
||||
|
|
@ -713,9 +696,6 @@ class boardView extends board
|
|||
return $this->dispBoardMessage('msg_not_permitted');
|
||||
}
|
||||
|
||||
$oDocumentModel = getModel('document');
|
||||
$logged_info = Context::get('logged_info');
|
||||
|
||||
/**
|
||||
* check if the category option is enabled not not
|
||||
**/
|
||||
|
|
@ -724,7 +704,7 @@ class boardView extends board
|
|||
// get the user group information
|
||||
if(Context::get('is_logged'))
|
||||
{
|
||||
$group_srls = array_keys($logged_info->group_list);
|
||||
$group_srls = array_keys($this->user->group_list);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -734,7 +714,7 @@ class boardView extends board
|
|||
|
||||
// check the grant after obtained the category list
|
||||
$category_list = array();
|
||||
$normal_category_list = $oDocumentModel->getCategoryList($this->module_srl);
|
||||
$normal_category_list = DocumentModel::getCategoryList($this->module_srl);
|
||||
if(count($normal_category_list))
|
||||
{
|
||||
foreach($normal_category_list as $category_srl => $category)
|
||||
|
|
@ -773,11 +753,10 @@ class boardView extends board
|
|||
|
||||
// GET parameter document_srl from request
|
||||
$document_srl = Context::get('document_srl');
|
||||
$oDocument = $oDocumentModel->getDocument(0, $this->grant->manager);
|
||||
$oDocument = DocumentModel::getDocument(0, $this->grant->manager);
|
||||
$oDocument->setDocument($document_srl);
|
||||
|
||||
$oMemberModel = getModel('member');
|
||||
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oDocument->get('member_srl'));
|
||||
$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
|
||||
|
||||
if($oDocument->get('module_srl') == $oDocument->get('member_srl')) $savedDoc = TRUE;
|
||||
$oDocument->add('module_srl', $this->module_srl);
|
||||
|
|
@ -801,13 +780,12 @@ class boardView extends board
|
|||
}
|
||||
}
|
||||
}
|
||||
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
|
||||
if($member_info->is_admin == 'Y' && $this->user->is_admin != 'Y')
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_admin_document_no_modify');
|
||||
}
|
||||
|
||||
// if the document is not granted, then back to the password input form
|
||||
$oModuleModel = getModel('module');
|
||||
if($oDocument->isExists() && !$oDocument->isGranted())
|
||||
{
|
||||
return $this->setTemplateFile('input_password_form');
|
||||
|
|
@ -815,7 +793,7 @@ class boardView extends board
|
|||
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
$point_config = $oModuleModel->getModulePartConfig('point',$this->module_srl);
|
||||
$point_config = ModuleModel::getModulePartConfig('point',$this->module_srl);
|
||||
if ($point_config)
|
||||
{
|
||||
$pointForInsert = is_object($point_config) ? $point_config->insert_document : $point_config["insert_document"];
|
||||
|
|
@ -824,23 +802,22 @@ class boardView extends board
|
|||
{
|
||||
$pointForInsert = 0;
|
||||
}
|
||||
$logged_info = Context::get('logged_info');
|
||||
|
||||
if($pointForInsert < 0)
|
||||
{
|
||||
if(!Context::get('is_logged'))
|
||||
if(!$this->user->isMember())
|
||||
{
|
||||
return $this->dispBoardMessage('msg_not_permitted');
|
||||
}
|
||||
else if((getModel('point')->getPoint($logged_info->member_srl) + $pointForInsert) < 0)
|
||||
else if((getModel('point')->getPoint($this->user->member_srl) + $pointForInsert) < 0)
|
||||
{
|
||||
return $this->dispBoardMessage('msg_not_enough_point');
|
||||
}
|
||||
}
|
||||
}
|
||||
if(!$oDocument->get('status')) $oDocument->add('status', $oDocumentModel->getDefaultStatus());
|
||||
if(!$oDocument->get('status')) $oDocument->add('status', DocumentModel::getDefaultStatus());
|
||||
|
||||
$statusList = $this->_getStatusNameList($oDocumentModel);
|
||||
$statusList = $this->_getStatusNameList();
|
||||
if(count($statusList) > 0) Context::set('status_list', $statusList);
|
||||
|
||||
// get Document status config value
|
||||
|
|
@ -872,12 +849,12 @@ class boardView extends board
|
|||
$this->setTemplateFile('write_form');
|
||||
}
|
||||
|
||||
function _getStatusNameList(&$oDocumentModel)
|
||||
function _getStatusNameList()
|
||||
{
|
||||
$resultList = array();
|
||||
if(!empty($this->module_info->use_status))
|
||||
{
|
||||
$statusNameList = $oDocumentModel->getStatusNameList();
|
||||
$statusNameList = DocumentModel::getStatusNameList();
|
||||
$statusList = explode('|@|', $this->module_info->use_status);
|
||||
|
||||
if(is_array($statusList))
|
||||
|
|
@ -908,8 +885,7 @@ class boardView extends board
|
|||
// if document exists, get the document information
|
||||
if($document_srl)
|
||||
{
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
}
|
||||
|
||||
// if the document is not existed, then back to the board content page
|
||||
|
|
@ -966,8 +942,7 @@ class boardView extends board
|
|||
}
|
||||
|
||||
// get the document information
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($document_srl);
|
||||
$oDocument = DocumentModel::getDocument($document_srl);
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
return $this->dispBoardMessage('msg_not_founded');
|
||||
|
|
@ -980,8 +955,7 @@ class boardView extends board
|
|||
}
|
||||
|
||||
// obtain the comment (create an empty comment document for comment_form usage)
|
||||
$oCommentModel = getModel('comment');
|
||||
$oSourceComment = $oComment = $oCommentModel->getComment(0);
|
||||
$oSourceComment = $oComment = CommentModel::getComment(0);
|
||||
$oComment->add('document_srl', $document_srl);
|
||||
$oComment->add('module_srl', $this->module_srl);
|
||||
|
||||
|
|
@ -1019,8 +993,7 @@ class boardView extends board
|
|||
}
|
||||
|
||||
// get the comment
|
||||
$oCommentModel = getModel('comment');
|
||||
$oSourceComment = $oCommentModel->getComment($parent_srl, $this->grant->manager);
|
||||
$oSourceComment = CommentModel::getComment($parent_srl, $this->grant->manager);
|
||||
|
||||
// if the comment is not existed, opoup an error message
|
||||
if(!$oSourceComment->isExists())
|
||||
|
|
@ -1033,15 +1006,14 @@ class boardView extends board
|
|||
}
|
||||
|
||||
// Check allow comment
|
||||
$oDocumentModel = getModel('document');
|
||||
$oDocument = $oDocumentModel->getDocument($oSourceComment->get('document_srl'));
|
||||
$oDocument = DocumentModel::getDocument($oSourceComment->get('document_srl'));
|
||||
if(!$oDocument->allowComment())
|
||||
{
|
||||
return $this->dispBoardMessage('msg_not_allow_comment');
|
||||
}
|
||||
|
||||
// get the comment information
|
||||
$oComment = $oCommentModel->getComment();
|
||||
$oComment = CommentModel::getComment();
|
||||
$oComment->add('parent_srl', $parent_srl);
|
||||
$oComment->add('document_srl', $oSourceComment->get('document_srl'));
|
||||
|
||||
|
|
@ -1081,11 +1053,9 @@ class boardView extends board
|
|||
}
|
||||
|
||||
// get comment information
|
||||
$oCommentModel = getModel('comment');
|
||||
$oComment = $oCommentModel->getComment($comment_srl, $this->grant->manager);
|
||||
$oComment = CommentModel::getComment($comment_srl, $this->grant->manager);
|
||||
|
||||
$oMemberModel = getModel('member');
|
||||
$member_info = $oMemberModel->getMemberInfoByMemberSrl($oComment->member_srl);
|
||||
$member_info = MemberModel::getMemberInfo($oComment->member_srl);
|
||||
if($this->module_info->protect_comment_regdate > 0 && $this->grant->manager == false)
|
||||
{
|
||||
if($oComment->get('regdate') < date('YmdHis', strtotime('-'.$this->module_info->protect_document_regdate.' day')))
|
||||
|
|
@ -1097,7 +1067,7 @@ class boardView extends board
|
|||
}
|
||||
if($this->module_info->protect_update_comment === 'Y' && $this->grant->manager == false)
|
||||
{
|
||||
$childs = $oCommentModel->getChildComments($comment_srl);
|
||||
$childs = CommentModel::getChildComments($comment_srl);
|
||||
if(count($childs) > 0)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_board_update_protect_comment');
|
||||
|
|
@ -1122,7 +1092,7 @@ class boardView extends board
|
|||
}
|
||||
|
||||
// setup the comment variables on context
|
||||
Context::set('oSourceComment', $oCommentModel->getComment());
|
||||
Context::set('oSourceComment', CommentModel::getComment());
|
||||
Context::set('oComment', $oComment);
|
||||
|
||||
/**
|
||||
|
|
@ -1150,8 +1120,7 @@ class boardView extends board
|
|||
// if the comment exists, then get the comment information
|
||||
if($comment_srl)
|
||||
{
|
||||
$oCommentModel = getModel('comment');
|
||||
$oComment = $oCommentModel->getComment($comment_srl, $this->grant->manager);
|
||||
$oComment = CommentModel::getComment($comment_srl, $this->grant->manager);
|
||||
}
|
||||
|
||||
if($this->module_info->protect_comment_regdate > 0 && $this->grant->manager == false)
|
||||
|
|
@ -1166,8 +1135,7 @@ class boardView extends board
|
|||
|
||||
if($this->module_info->protect_delete_comment === 'Y' && $this->grant->manager == false)
|
||||
{
|
||||
$oCommentModel = getModel('comment');
|
||||
$childs = $oCommentModel->getChildComments($comment_srl);
|
||||
$childs = CommentModel::getChildComments($comment_srl);
|
||||
if(count($childs) > 0)
|
||||
{
|
||||
throw new Rhymix\Framework\Exception('msg_board_delete_protect_comment');
|
||||
|
|
@ -1202,7 +1170,6 @@ class boardView extends board
|
|||
function dispBoardDeleteTrackback()
|
||||
{
|
||||
$oTrackbackModel = getModel('trackback');
|
||||
|
||||
if(!$oTrackbackModel)
|
||||
{
|
||||
return;
|
||||
|
|
@ -1245,15 +1212,13 @@ class boardView extends board
|
|||
|
||||
function dispBoardUpdateLog()
|
||||
{
|
||||
$oDocumentModel = getModel('document');
|
||||
$document_srl = Context::get('document_srl');
|
||||
|
||||
if($this->grant->update_view !== true)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
|
||||
$updatelog = $oDocumentModel->getDocumentUpdateLog($document_srl);
|
||||
$document_srl = Context::get('document_srl');
|
||||
$updatelog = DocumentModel::getDocumentUpdateLog($document_srl);
|
||||
Context::set('total_count', $updatelog->page_navigation->total_count);
|
||||
Context::set('total_page', $updatelog->page_navigation->total_page);
|
||||
Context::set('page', $updatelog->page);
|
||||
|
|
@ -1265,16 +1230,14 @@ class boardView extends board
|
|||
|
||||
function dispBoardUpdateLogView()
|
||||
{
|
||||
$oDocumentModel = getModel('document');
|
||||
$update_id = Context::get('update_id');
|
||||
|
||||
if($this->grant->update_view !== true)
|
||||
{
|
||||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
|
||||
$update_log = $oDocumentModel->getUpdateLog($update_id);
|
||||
$oDocument = $oDocumentModel->getDocument($update_log->document_srl);
|
||||
$update_id = Context::get('update_id');
|
||||
$update_log = DocumentModel::getUpdateLog($update_id);
|
||||
$oDocument = DocumentModel::getDocument($update_log->document_srl);
|
||||
|
||||
$extra_vars = unserialize($update_log->extra_vars);
|
||||
|
||||
|
|
@ -1309,8 +1272,6 @@ class boardView extends board
|
|||
throw new Rhymix\Framework\Exceptions\NotPermitted;
|
||||
}
|
||||
|
||||
$oMemberModel = getModel('member');
|
||||
|
||||
$target = Context::get('target');
|
||||
$target_srl = Context::get('target_srl');
|
||||
|
||||
|
|
@ -1348,7 +1309,7 @@ class boardView extends board
|
|||
{
|
||||
continue;
|
||||
}
|
||||
$vote_member_infos[$log->member_srl] = $oMemberModel->getMemberInfoByMemberSrl($log->member_srl);
|
||||
$vote_member_infos[$log->member_srl] = MemberModel::getMemberInfo($log->member_srl);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -1356,7 +1317,7 @@ class boardView extends board
|
|||
{
|
||||
continue;
|
||||
}
|
||||
$blame_member_infos[$log->member_srl] = $oMemberModel->getMemberInfoByMemberSrl($log->member_srl);
|
||||
$blame_member_infos[$log->member_srl] = MemberModel::getMemberInfo($log->member_srl);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -883,9 +883,16 @@ class commentController extends comment
|
|||
return $output;
|
||||
}
|
||||
|
||||
// begin transaction
|
||||
$oDB = DB::getInstance();
|
||||
$oDB->begin();
|
||||
// check if comment exists and permission is granted
|
||||
$comment = CommentModel::getComment($obj->comment_srl);
|
||||
if(!$comment->isExists())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_founded');
|
||||
}
|
||||
if(!$is_admin && !$comment->isGranted())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
|
||||
// If the case manager to delete comments, it indicated that the administrator deleted.
|
||||
$logged_info = Context::get('logged_info');
|
||||
|
|
@ -899,6 +906,12 @@ class commentController extends comment
|
|||
$obj->content = lang('msg_deleted_comment');
|
||||
$obj->status = RX_STATUS_DELETED;
|
||||
}
|
||||
|
||||
// Begin transaction
|
||||
$oDB = DB::getInstance();
|
||||
$oDB->begin();
|
||||
|
||||
// Update
|
||||
$obj->member_srl = 0;
|
||||
unset($obj->last_update);
|
||||
$output = executeQuery('comment.updateCommentByDelete', $obj);
|
||||
|
|
@ -931,7 +944,6 @@ class commentController extends comment
|
|||
$oDB->commit();
|
||||
|
||||
$output->add('document_srl', $obj->document_srl);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
|
|
@ -992,13 +1004,16 @@ class commentController extends comment
|
|||
|
||||
// check if comment already exists
|
||||
$comment = CommentModel::getComment($comment_srl);
|
||||
if($comment->comment_srl != $comment_srl)
|
||||
if(!$comment->isExists())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_invalid_request');
|
||||
return new BaseObject(-1, 'msg_not_founded');
|
||||
}
|
||||
if(!$is_admin && !$comment->isGranted())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
|
||||
$member_info = MemberModel::getMemberInfoByMemberSrl($comment->member_srl);
|
||||
|
||||
$member_info = MemberModel::getMemberInfo($comment->member_srl);
|
||||
$document_srl = $comment->document_srl;
|
||||
|
||||
// call a trigger (before)
|
||||
|
|
@ -1009,14 +1024,8 @@ class commentController extends comment
|
|||
return $output;
|
||||
}
|
||||
|
||||
// check if permission is granted
|
||||
if(!$is_admin && !$comment->isGranted())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
|
||||
// check if child comment exists on the comment
|
||||
if(!$childs)
|
||||
if($childs === null)
|
||||
{
|
||||
$childs = CommentModel::getChildComments($comment_srl);
|
||||
}
|
||||
|
|
@ -1144,7 +1153,7 @@ class commentController extends comment
|
|||
*/
|
||||
function moveCommentToTrash($obj, $updateComment = false)
|
||||
{
|
||||
$logged_info = Context::get('logged_info');
|
||||
// Initialize trash arguments
|
||||
$trash_args = new stdClass();
|
||||
if(!$obj->trash_srl)
|
||||
{
|
||||
|
|
@ -1155,12 +1164,23 @@ class commentController extends comment
|
|||
$trash_args->trash_srl = $obj->trash_srl;
|
||||
}
|
||||
|
||||
// check if comment exists and permission is granted
|
||||
$oComment = CommentModel::getComment($obj->comment_srl);
|
||||
|
||||
$member_info = MemberModel::getMemberInfoByMemberSrl($oComment->get('member_srl'));
|
||||
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
|
||||
if(!$oComment->isExists())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_admin_comment_no_move_to_trash');
|
||||
return new BaseObject(-1, 'msg_not_founded');
|
||||
}
|
||||
if(!$oComment->isGranted())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
if($this->user->is_admin !== 'Y')
|
||||
{
|
||||
$member_info = MemberModel::getMemberInfo($oComment->get('member_srl'));
|
||||
if($member_info->is_admin === 'Y')
|
||||
{
|
||||
return new BaseObject(-1, 'msg_admin_comment_no_move_to_trash');
|
||||
}
|
||||
}
|
||||
|
||||
$obj->module_srl = $oComment->get('module_srl');
|
||||
|
|
@ -1172,13 +1192,12 @@ class commentController extends comment
|
|||
$trash_args->document_srl = $obj->document_srl;
|
||||
$trash_args->comment_srl = $obj->comment_srl;
|
||||
$trash_args->description = $obj->description;
|
||||
|
||||
if(!Context::get('is_logged'))
|
||||
if($this->user->isMember())
|
||||
{
|
||||
$trash_args->member_Srl = $logged_info->member_srl;
|
||||
$trash_args->user_id = htmlspecialchars_decode($logged_info->user_id);
|
||||
$trash_args->user_name = htmlspecialchars_decode($logged_info->user_name);
|
||||
$trash_args->nick_name = htmlspecialchars_decode($logged_info->nick_name);
|
||||
$trash_args->member_srl = $this->user->member_srl;
|
||||
$trash_args->user_id = htmlspecialchars_decode($this->user->user_id);
|
||||
$trash_args->user_name = htmlspecialchars_decode($this->user->user_name);
|
||||
$trash_args->nick_name = htmlspecialchars_decode($this->user->nick_name);
|
||||
}
|
||||
|
||||
$oDB = &DB::getInstance();
|
||||
|
|
|
|||
|
|
@ -1024,26 +1024,31 @@ class documentController extends document
|
|||
$oDB = &DB::getInstance();
|
||||
$oDB->begin();
|
||||
|
||||
// Check if the document exists
|
||||
if(!$isEmptyTrash)
|
||||
{
|
||||
// Check if the documnet exists
|
||||
$oDocument = DocumentModel::getDocument($document_srl, $is_admin);
|
||||
}
|
||||
else if($isEmptyTrash && $oDocument == null) return new BaseObject(-1, 'document is not exists');
|
||||
else if($isEmptyTrash && $oDocument == null)
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_founded');
|
||||
}
|
||||
|
||||
$member_info = MemberModel::getMemberInfoByMemberSrl($oDocument->get('member_srl'));
|
||||
$logged_info = Context::get('logged_info');
|
||||
|
||||
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
|
||||
// Check permission
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_invalid_document');
|
||||
}
|
||||
if(!$oDocument->isGranted())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
|
||||
if($member_info->is_admin === 'Y' && $this->user->is_admin !== 'Y')
|
||||
{
|
||||
return new BaseObject(-1, 'msg_document_is_admin_not_permitted');
|
||||
}
|
||||
|
||||
|
||||
if(!$oDocument->isExists() || $oDocument->document_srl != $document_srl) return new BaseObject(-1, 'msg_invalid_document');
|
||||
// Check if a permossion is granted
|
||||
if(!$oDocument->isGranted()) return new BaseObject(-1, 'msg_not_permitted');
|
||||
|
||||
//if empty trash, document already deleted, therefore document not delete
|
||||
$args = new stdClass();
|
||||
$args->document_srl = $document_srl;
|
||||
|
|
@ -1136,18 +1141,27 @@ class documentController extends document
|
|||
*/
|
||||
function moveDocumentToTrash($obj)
|
||||
{
|
||||
$logged_info = Context::get('logged_info');
|
||||
$trash_args = new stdClass();
|
||||
// Get trash_srl if a given trash_srl doesn't exist
|
||||
if(!$obj->trash_srl) $trash_args->trash_srl = getNextSequence();
|
||||
else $trash_args->trash_srl = $obj->trash_srl;
|
||||
// Get its module_srl which the document belongs to
|
||||
$oDocument = DocumentModel::getDocument($obj->document_srl);
|
||||
|
||||
$member_info = MemberModel::getMemberInfoByMemberSrl($oDocument->get('member_srl'));
|
||||
if($member_info->is_admin == 'Y' && $logged_info->is_admin != 'Y')
|
||||
if(!$oDocument->isExists())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_admin_document_no_move_to_trash');
|
||||
return new BaseObject(-1, 'msg_not_founded');
|
||||
}
|
||||
if(!$oDocument->isGranted())
|
||||
{
|
||||
return new BaseObject(-1, 'msg_not_permitted');
|
||||
}
|
||||
if($this->user->is_admin !== 'Y')
|
||||
{
|
||||
$member_info = MemberModel::getMemberInfo($oDocument->get('member_srl'));
|
||||
if($member_info->is_admin === 'Y')
|
||||
{
|
||||
return new BaseObject(-1, 'msg_admin_document_no_move_to_trash');
|
||||
}
|
||||
}
|
||||
|
||||
$trash_args->module_srl = $oDocument->get('module_srl');
|
||||
|
|
@ -1161,15 +1175,12 @@ class documentController extends document
|
|||
$trash_args->document_srl = $obj->document_srl;
|
||||
$trash_args->description = $obj->description;
|
||||
// Insert member's information only if the member is logged-in and not manually registered.
|
||||
if(Context::get('is_logged'))
|
||||
if($this->user->isMember())
|
||||
{
|
||||
$logged_info = Context::get('logged_info');
|
||||
$trash_args->member_srl = $logged_info->member_srl;
|
||||
|
||||
// user_id, user_name and nick_name already encoded
|
||||
$trash_args->user_id = htmlspecialchars_decode($logged_info->user_id);
|
||||
$trash_args->user_name = htmlspecialchars_decode($logged_info->user_name);
|
||||
$trash_args->nick_name = htmlspecialchars_decode($logged_info->nick_name);
|
||||
$trash_args->member_srl = $this->user->member_srl;
|
||||
$trash_args->user_id = htmlspecialchars_decode($this->user->user_id);
|
||||
$trash_args->user_name = htmlspecialchars_decode($this->user->user_name);
|
||||
$trash_args->nick_name = htmlspecialchars_decode($this->user->nick_name);
|
||||
}
|
||||
// Date setting for updating documents
|
||||
$document_args = new stdClass;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue