# ================================================================== # Gossamer Links - enhanced directory management system # # Website : http://gossamer-threads.com/ # Support : http://gossamer-threads.com/scripts/support/ # CVS Info : 087,071,086,086,085 # Revision : $Id: Editor.pm,v 1.15 2009/05/09 06:40:54 brewt Exp $ # # Copyright (c) 2001 Gossamer Threads Inc. All Rights Reserved. # Redistribution in part or in whole strictly prohibited. Please # see LICENSE file for full details. # ================================================================== package Links::User::Editor; # ================================================================== use strict; use Links qw/:objects/; use Links::Browser::Controller; use Links::Browser; use Links::SiteHTML; sub handle { # ------------------------------------------------------------------ # This script is only available to users who have logged on. # unless ($USER) { my $url = $IN->url(absolute => 1, query_string => 1); $url = $IN->escape($url); $url = $CFG->{db_cgi_url} . "/user.cgi?url=$url;from=browser"; print $IN->redirect($url); return; } my $editors = $DB->table('Editors'); my @nodes; my $perms = {}; # Get a controller to manage access. my $ctrl = Links::Browser::Controller->new(user => $USER); if ($USER->{Status} eq 'Administrator') { $ctrl->{admin} = 1; } else { my $sth = $editors->select({ Username => $USER->{Username} }); if ($sth->rows) { while (my $ed = $sth->fetchrow_hashref) { push @nodes, $ed->{CategoryID}; $perms->{$ed->{CategoryID}} = $ed; } } unless (@nodes) { print $IN->header; print Links::SiteHTML::display('error', { error => Links::language('BROWSER_NOTEDITOR') }); return; } } # Handle the special condition which related to viewing # and downloading files. Must remap the passed column # values so Jump functions properly. my $method = $IN->param('do'); if ($method and $method =~ m/^(?:(v)iew|(download))_file$/) { $IN->param($+, $IN->param('cn')); $IN->param('ID', $IN->param('link_id') || $IN->param('id')); $IN->param('DB', $IN->param('db')); require Links::User::Jump; return Links::User::Jump::handle(); } elsif ($method and $method =~ m/^(?:(v)iew|(download))_tmp_file$/) { my $download = $2; # view_tmp_file doesn't go through Jump because only editors are # allowed to see them - the tmp files are used for pending Changes. my $col = $IN->param('cn'); my $id = $IN->param('link_id'); my $changes = $DB->table('Changes')->select({ LinkID => $id })->fetchrow_hashref; my ($linkinfo, $fh); if ($changes) { $linkinfo = eval $changes->{ChgRequest}; if ($linkinfo and -f $linkinfo->{$col}) { my $colfh = \do { local *FH; *FH }; if (open $colfh, "<$linkinfo->{$col}") { $fh = $colfh; binmode $fh; } } } if (!$fh) { print $IN->header(); print Links::SiteHTML::display('error', { error => Links::language('FILE_UNKNOWN', $id) }); return; } (my $filename = $linkinfo->{"${col}_filename"} || $linkinfo->{$col}) =~ s{.*[/\\]}{}; print $IN->header($IN->file_headers( filename => $filename, inline => $download ? 0 : 1, size => -s $linkinfo->{$col} )); while (read $fh, my $buffer, 64*1024) { print $buffer; } return 1; } # Load the tree if it is under 200 categories. $ctrl->{load_tree} = 1; $ctrl->{user_base_node} = \@nodes; $ctrl->{perms} = $perms; $ctrl->{admin_templates} = 0; # Begin the script. print $IN->header(-charset => $CFG->{header_charset}); $method = $ctrl->can_run; if ($method) { my $browser = Links::Browser->new(ctrl => $ctrl); $PLG->dispatch("browser_$method", sub { $browser->$method(); }, $browser); } else { print Links::SiteHTML::display('error', { error => Links::language('BROWSER_UNAUTHORIZED') }); } } 1;