|
|
@@ -43,8 +43,7 @@ try
|
|
|
require_once(APPROOT.'/application/startup.inc.php');
|
|
|
|
|
|
require_once(APPROOT.'/application/loginwebpage.class.inc.php');
|
|
|
- LoginWebPage::DoLoginEx(null /* any portal */, false);
|
|
|
-
|
|
|
+
|
|
|
$oPage = new ajax_page("");
|
|
|
$oPage->no_cache();
|
|
|
|
|
|
@@ -54,6 +53,7 @@ try
|
|
|
switch($operation)
|
|
|
{
|
|
|
case 'download_document':
|
|
|
+ LoginWebPage::DoLoginEx(null /* any portal */, false);
|
|
|
$id = utils::ReadParam('id', '');
|
|
|
$sField = utils::ReadParam('field', '');
|
|
|
if ($sClass == 'Attachment')
|
|
|
@@ -78,6 +78,8 @@ try
|
|
|
break;
|
|
|
|
|
|
case 'download_inlineimage':
|
|
|
+ // No login is required because the "secret" protects us
|
|
|
+ // Benefit: the inline image can be inserted into any HTML (templating = $this->html(public_log)$)
|
|
|
$id = utils::ReadParam('id', '');
|
|
|
$sSecret = utils::ReadParam('s', '');
|
|
|
$iCacheSec = 31556926; // One year ahead: an inline image cannot change
|
romainq