| 481,7 → 481,7 |
|---|
| $parent = $obj->getParent(); |
| } |
| } |
| return array($parent, $res, $row); |
| return array($id, $parent, $res, $row); |
| } |
| |
| private static function getAlternativesForQuery($id) { |
| 538,36 → 538,40 |
|---|
| return; |
| } |
| |
| try { |
| $obj = OIDplusObject::parse($id); |
| } catch (Exception $e) { |
| $obj = null; |
| } |
| if (strpos($id,':') !== false) { |
| |
| if (!is_null($obj)) { |
| $handled = true; |
| // --- Try to find the object or an alternative |
| |
| if (!$obj->userHasReadRights()) { |
| if (isset($_SERVER['SCRIPT_FILENAME']) && (strtolower(basename($_SERVER['SCRIPT_FILENAME'])) !== 'ajax.php')) { // don't send HTTP error codes in ajax.php, because we want a page and not a JavaScript alert box, when someone enters an invalid OID in the GoTo-Box |
| http_response_code(403); |
| } |
| $out['title'] = _L('Access denied'); |
| $out['icon'] = 'img/error.png'; |
| $out['text'] = '<p>'._L('Please <a %1>log in</a> to receive information about this object.',OIDplus::gui()->link('oidplus:login')).'</p>'; |
| return; |
| } |
| |
| // --- |
| |
| $test = $this->tryObject($id, $out); |
| if ($test === false) { |
| // try to find an alternative |
| $alternatives = $this->getAlternativesForQuery($id); |
| foreach ($alternatives as $alternative) { |
| $test = $this->tryObject($alternative, $out); |
| if ($test !== false) break; |
| if ($test !== false) break; // found something |
| } |
| } |
| if ($test !== false) { |
| list($id, $parent, $res, $row) = $test; |
| } |
| |
| // --- If the object type is disabled or not an object at all (e.g. "oidplus:"), then $handled=false |
| // If the object type is enabled but object not found, $handled=true |
| |
| try { |
| $obj = OIDplusObject::parse($id); |
| } catch (Exception $e) { |
| $obj = null; |
| } |
| |
| if ($test === false) { |
| if (is_null($obj)) { |
| // Object type disabled or not known (e.g. ObjectType "oidplus:"). |
| $handled = false; |
| return; |
| } else { |
| // Object type enabled but identifier not in database |
| $handled = true; |
| if (isset($_SERVER['SCRIPT_FILENAME']) && (strtolower(basename($_SERVER['SCRIPT_FILENAME'])) !== 'ajax.php')) { // don't send HTTP error codes in ajax.php, because we want a page and not a JavaScript alert box, when someone enters an invalid OID in the GoTo-Box |
| http_response_code(404); |
| } |
| 575,12 → 579,25 |
|---|
| $out['icon'] = 'img/error.png'; |
| $out['text'] = _L('The object %1 was not found in this database.','<code>'.htmlentities($id).'</code>'); |
| return; |
| } |
| } else { |
| list($parent, $res, $row) = $test; |
| $handled = true; |
| } |
| |
| unset($test); |
| |
| // --- If found, do we have read rights? |
| |
| if (!$obj->userHasReadRights()) { |
| if (isset($_SERVER['SCRIPT_FILENAME']) && (strtolower(basename($_SERVER['SCRIPT_FILENAME'])) !== 'ajax.php')) { // don't send HTTP error codes in ajax.php, because we want a page and not a JavaScript alert box, when someone enters an invalid OID in the GoTo-Box |
| http_response_code(403); |
| } |
| $out['title'] = _L('Access denied'); |
| $out['icon'] = 'img/error.png'; |
| $out['text'] = '<p>'._L('Please <a %1>log in</a> to receive information about this object.',OIDplus::gui()->link('oidplus:login')).'</p>'; |
| return; |
| } |
| |
| // --- |
| |
| if ($parent) { |