Ignore:
Timestamp:
Feb 17, 2021, 9:27:32 PM (4 years ago)
Author:
chronos
Message:
  • Added: Documents section accessible from users panel.
  • Added: Contract model moved to separate module Contract.
  • Added: New action to generate PDF from Contract.
  • Fixed: Allow users to download files only by hash instead of direct id.
  • Added: Support for SHA1 as allowed mysql function.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/Modules/File/File.php

    r899 r901  
    2020    $Desc->AddReference('Directory', FileDirectory::GetClassName(), true);
    2121    $Desc->AddDateTime('Time');
     22    $Desc->AddString('Hash');
     23    $Desc->AddBoolean('Generate');
    2224    return $Desc;
    2325  }
     
    5961  }
    6062
    61   function Download(string $Id): void
    62   {
    63     $DbResult = $this->Database->select('File', '*', 'Id='.addslashes($Id));
     63  function DownloadHash(string $Hash): void
     64  {
     65    $this->Download('Hash="'.addslashes($Hash).'"');
     66  }
     67
     68  function DownloadId(string $Id): void
     69  {
     70    if (!ModuleUser::Cast($this->System->GetModule('User'))->User->CheckPermission('File', 'DownloadById'))
     71      echo('Nemáte oprávnění');
     72    $this->Download('Id='.addslashes($Id));
     73  }
     74
     75  function Download(string $Where): void
     76  {
     77    $DbResult = $this->Database->select('File', '*', $Where);
    6478    if ($DbResult->num_rows > 0)
    6579    {
     
    105119  function Show(): string
    106120  {
    107     if (array_key_exists('id', $_GET)) $Id = $_GET['id'];
    108     else if (array_key_exists('i', $_GET)) $Id = $_GET['i'];
     121    if (array_key_exists('h', $_GET))
     122    {
     123      $Hash = $_GET['h'];
     124      $this->ClearPage = true;
     125      ModuleFile::Cast($this->System->GetModule('File'))->File->DownloadHash($Hash);
     126      return '';
     127    }
     128    else if (array_key_exists('i', $_GET))
     129    {
     130      $Id = $_GET['i'] * 1;
     131      $this->ClearPage = true;
     132      ModuleFile::Cast($this->System->GetModule('File'))->File->DownloadId($Id);
     133    }
    109134    else return $this->SystemMessage('Chyba', 'Nezadáno id souboru');
    110     $this->ClearPage = true;
    111     $Output = ModuleFile::Cast($this->System->GetModule('File'))->File->Download($Id);
    112     return $Output;
     135    return '';
    113136  }
    114137}
     
    208231        'Size' => array('Type' => 'Integer', 'Caption' => 'Velikost', 'Default' => ''),
    209232        'Time' => array('Type' => 'DateTime', 'Caption' => 'Čas vytvoření', 'Default' => ''),
     233        'Hash' => array('Type' => 'String', 'Caption' => 'Haš', 'Default' => ''),
    210234        'Invoices' => array('Type' => 'TFinanceInvoiceListFile', 'Caption' => 'Faktury', 'Default' => ''),
    211235        'Operations' => array('Type' => 'TFinanceOperationListFile', 'Caption' => 'Operace', 'Default' => ''),
Note: See TracChangeset for help on using the changeset viewer.