retrieve($_REQUEST['record']); } if(!$Document->ACLAccess('Save')){ ACLController::displayNoAccess(true); sugar_cleanup(true); } if (isset($_REQUEST['SaveRevision'])) { //fetch the document record. $Document->retrieve($_REQUEST['return_id']); if($useRequired && !checkRequired($prefix, array_keys($Revision->required_fields))){ return null; } $Revision = populateFromPost($prefix, $Revision); $upload_file = new UploadFile('uploadfile'); if (isset($_FILES['uploadfile']) && $upload_file->confirm_upload()) { $Revision->filename = $upload_file->get_stored_file_name(); $Revision->file_mime_type = $upload_file->mime_type; $Revision->file_ext = $upload_file->file_ext; $do_final_move = 1; } //save revision $Revision->document_id = $_REQUEST['return_id']; $Revision->id = null; // 17767: Security fix, make sure no id is passed in via form. $Revision->save(); //revsion is the document. $Document->document_revision_id = $Revision->id; $Document->save(); $return_id = $Document->id; } if ($do_final_move) { $upload_file->final_move($Revision->id); } else if ( ! empty($_REQUEST['old_id'])) { $upload_file->duplicate_file($_REQUEST['old_id'], $Revision->id, $Revision->filename); } $GLOBALS['log']->debug("Saved record with id of ".$return_id); handleRedirect($return_id, "Documents"); ?>