dolibarr  7.0.0-beta
ajaxdirpreview.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2004-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3  * Copyright (C) 2004-2012 Laurent Destailleur <eldy@users.sourceforge.net>
4  * Copyright (C) 2005 Simon Tosser <simon@kornog-computing.com>
5  * Copyright (C) 2005-2012 Regis Houssin <regis.houssin@capnetworks.com>
6  * Copyright (C) 2010 Pierre Morin <pierre.morin@auguria.net>
7  * Copyright (C) 2013 Marcos GarcĂ­a <marcosgdf@gmail.com>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 3 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program. If not, see <http://www.gnu.org/licenses/>.
21  */
22 
30 if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL',1); // Disables token renewal
31 if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
32 if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
33 if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
34 
35 if (! isset($mode) || $mode != 'noajax') // For ajax call
36 {
37  require_once '../../main.inc.php';
38  require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
39  require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
40  require_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php';
41 
42  $action=GETPOST('action','aZ09');
43  $file=urldecode(GETPOST('file','alpha'));
44  $section=GETPOST("section",'alpha');
45  $module=GETPOST("module",'alpha');
46  $urlsource=GETPOST("urlsource",'alpha');
47  $search_doc_ref=GETPOST('search_doc_ref','alpha');
48 
49  $sortfield = GETPOST("sortfield",'alpha');
50  $sortorder = GETPOST("sortorder",'alpha');
51  $page = GETPOST("page",'int');
52  if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
53  $offset = $conf->liste_limit * $page;
54  $pageprev = $page - 1;
55  $pagenext = $page + 1;
56  if (! $sortorder) $sortorder="ASC";
57  if (! $sortfield) $sortfield="name";
58 
59  $rootdirfordoc = $conf->ecm->dir_output;
60 
61  $upload_dir = dirname(str_replace("../", "/", $rootdirfordoc.'/'.$file));
62 
63  $ecmdir = new EcmDirectory($db);
64  $result=$ecmdir->fetch($section);
65  if (! $result > 0)
66  {
67  //dol_print_error($db,$ecmdir->error);
68  //exit;
69  }
70 }
71 else // For no ajax call
72 {
73  $rootdirfordoc = $conf->ecm->dir_output;
74 
75  $ecmdir = new EcmDirectory($db);
76  $relativepath='';
77  if ($section > 0)
78  {
79  $result=$ecmdir->fetch($section);
80  if (! $result > 0)
81  {
82  dol_print_error($db,$ecmdir->error);
83  exit;
84  }
85  }
86  $relativepath=$ecmdir->getRelativePath();
87  $upload_dir = $rootdirfordoc.'/'.$relativepath;
88 }
89 
90 if (empty($url))
91 {
92  if (GETPOSTISSET('website')) $url=DOL_URL_ROOT.'/website/index.php';
93  else $url=DOL_URL_ROOT.'/ecm/index.php';
94 }
95 
96 // Load traductions files
97 $langs->loadLangs(array("ecm","companies","other"));
98 
99 // Security check
100 if ($user->societe_id > 0) $socid = $user->societe_id;
101 
102 //print 'xxx'.$upload_dir;
103 
104 // Security:
105 // On interdit les remontees de repertoire ainsi que les pipe dans les noms de fichiers.
106 if (preg_match('/\.\./',$upload_dir) || preg_match('/[<>|]/',$upload_dir))
107 {
108  dol_syslog("Refused to deliver file ".$upload_dir);
109  // Do no show plain path in shown error message
110  dol_print_error(0,$langs->trans("ErrorFileNameInvalid",$upload_dir));
111  exit;
112 }
113 
114 // Check permissions
115 if ($modulepart == 'ecm')
116 {
117  if (! $user->rights->ecm->read) accessforbidden();
118 }
119 if ($modulepart == 'medias')
120 {
121  // Always allowed
122 }
123 
124 
125 /*
126  * Action
127  */
128 
129 // None
130 
131 
132 
133 /*
134  * View
135  */
136 
137 if (! isset($mode) || $mode != 'noajax')
138 {
139  // Ajout directives pour resoudre bug IE
140  header('Cache-Control: Public, must-revalidate');
141  header('Pragma: public');
142 
143  top_httphead();
144 }
145 
146 $type='directory';
147 
148 // This test if file exists should be useless. We keep it to find bug more easily
149 if (! dol_is_dir($upload_dir))
150 {
151 // dol_mkdir($upload_dir);
152 /* $langs->load("install");
153  dol_print_error(0,$langs->trans("ErrorDirDoesNotExists",$upload_dir));
154  exit;*/
155 }
156 
157 print '<!-- ajaxdirpreview type='.$type.' -->'."\n";
158 //print '<!-- Page called with mode='.dol_escape_htmltag(isset($mode)?$mode:'').' type='.dol_escape_htmltag($type).' module='.dol_escape_htmltag($module).' url='.dol_escape_htmltag($url).' '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
159 
160 $param=($sortfield?'&sortfield='.$sortfield:'').($sortorder?'&sortorder='.$sortorder:'');
161 if (! empty($website)) $param.='&website='.$website;
162 if (! empty($pageid)) $param.='&pageid='.$pageid;
163 
164 
165 // Dir scan
166 if ($type == 'directory')
167 {
168  $formfile=new FormFile($db);
169 
170  $maxlengthname=40;
171  $excludefiles = array('^SPECIMEN\.pdf$','^\.','(\.meta|_preview.*\.png)$','^temp$','^payments$','^CVS$','^thumbs$');
172  $sorting = (strtolower($sortorder)=='desc'?SORT_DESC:SORT_ASC);
173 
174  // Right area. If module is defined here, we are in automatic ecm.
175  $automodules = array('company', 'invoice', 'invoice_supplier', 'propal', 'supplier_proposal', 'order', 'order_supplier', 'contract', 'product', 'tax', 'project', 'fichinter', 'user', 'expensereport');
176 
177  // TODO change for multicompany sharing
178  // Auto area for suppliers invoices
179  if ($module == 'company') $upload_dir = $conf->societe->dir_output;
180  // Auto area for suppliers invoices
181  else if ($module == 'invoice') $upload_dir = $conf->facture->dir_output;
182  // Auto area for suppliers invoices
183  else if ($module == 'invoice_supplier') $upload_dir = $conf->fournisseur->facture->dir_output;
184  // Auto area for customers proposal
185  else if ($module == 'propal') $upload_dir = $conf->propal->dir_output;
186  // Auto area for suppliers proposal
187  else if ($module == 'supplier_proposal') $upload_dir = $conf->supplier_proposal->dir_output;
188  // Auto area for customers orders
189  else if ($module == 'order') $upload_dir = $conf->commande->dir_output;
190  // Auto area for suppliers orders
191  else if ($module == 'order_supplier') $upload_dir = $conf->fournisseur->commande->dir_output;
192  // Auto area for suppliers invoices
193  else if ($module == 'contract') $upload_dir = $conf->contrat->dir_output;
194  // Auto area for products
195  else if ($module == 'product') $upload_dir = $conf->product->dir_output;
196  // Auto area for suppliers invoices
197  else if ($module == 'tax') $upload_dir = $conf->tax->dir_output;
198  // Auto area for projects
199  else if ($module == 'project') $upload_dir = $conf->projet->dir_output;
200  // Auto area for interventions
201  else if ($module == 'fichinter') $upload_dir = $conf->ficheinter->dir_output;
202  // Auto area for users
203  else if ($module == 'user') $upload_dir = $conf->user->dir_output;
204  // Auto area for expense report
205  else if ($module == 'expensereport') $upload_dir = $conf->expensereport->dir_output;
206 
207  // Automatic list
208  if (in_array($module, $automodules))
209  {
210  $param.='&module='.$module;
211  if (isset($search_doc_ref) && $search_doc_ref != '') $param.='&search_doc_ref='.$search_doc_ref;
212 
213  $textifempty=($section?$langs->trans("NoFileFound"):($showonrightsize=='featurenotyetavailable'?$langs->trans("FeatureNotYetAvailable"):$langs->trans("NoFileFound")));
214 
215  if ($module == 'company') $excludefiles[]='^contact$'; // The subdir 'contact' contains files of contacts with no id of thirdparty.
216 
217  $filter=preg_quote($search_doc_ref, '/');
218  $filearray=dol_dir_list($upload_dir, "files", 1, $filter, $excludefiles, $sortfield, $sorting,1);
219 
220  $perm=$user->rights->ecm->upload;
221 
222  $formfile->list_of_autoecmfiles($upload_dir,$filearray,$module,$param,1,'',$perm,1,$textifempty,$maxlengthname,$url,1);
223  }
224  // Manual list
225  else
226  {
227  if ($module == 'medias')
228  {
229  $relativepath=GETPOST('file','alpha');
230  if ($relativepath && $relativepath!= '/') $relativepath.='/';
231  $upload_dir = $dolibarr_main_data_root.'/'.$module.'/'.$relativepath;
232  if (GETPOSTISSET('website') || GETPOSTISSET('file_manager'))
233  {
234  $param.='&file_manager=1';
235  if (!preg_match('/website=/',$param)) $param.='&website='.urlencode(GETPOST('website','alpha'));
236  if (!preg_match('/pageid=/',$param)) $param.='&pageid='.urlencode(GETPOST('pageid','int'));
237  //if (!preg_match('/backtopage=/',$param)) $param.='&backtopage='.urlencode($_SERVER["PHP_SELF"].'?file_manager=1&website='.$website.'&pageid='.$pageid);
238  }
239  }
240  else
241  {
242  $relativepath=$ecmdir->getRelativePath();
243  $upload_dir = $conf->ecm->dir_output.'/'.$relativepath;
244  }
245 
246  // If $section defined with value 0
247  if (($section === '0' || empty($section)) && ($module != 'medias'))
248  {
249  $filearray=array();
250  }
251  else
252  {
253  $filearray=dol_dir_list($upload_dir,"files",0,'',array('^\.','(\.meta|_preview.*\.png)$','^temp$','^CVS$'),$sortfield, $sorting,1);
254  }
255 
256  if ($section)
257  {
258  $param.='&section='.$section;
259  if (isset($search_doc_ref) && $search_doc_ref != '') $param.='&search_doc_ref='.$search_doc_ref;
260 
261  $textifempty = $langs->trans('NoFileFound');
262  }
263  else if ($section === '0')
264  {
265  if ($module == 'ecm') $textifempty='<br><div align="center"><font class="warning">'.$langs->trans("DirNotSynchronizedSyncFirst").'</font></div><br>';
266  else $textifempty = $langs->trans('NoFileFound');
267  }
268  else $textifempty=($showonrightsize=='featurenotyetavailable'?$langs->trans("FeatureNotYetAvailable"):$langs->trans("ECMSelectASection"));
269 
270  if ($module == 'medias')
271  {
272  $useinecm = 2;
273  $modulepart='medias';
274  $perm=($user->rights->website->write || $user->rights->emailing->creer);
275  $title='none';
276  }
277  else
278  {
279  $useinecm = 1;
280  $modulepart='ecm';
281  $perm=$user->rights->ecm->upload;
282  $title=''; // Use default
283  }
284 
285  // When we show list of files for ECM files, $filearray contains file list, and directory is defined with modulepart + section into $param
286  // When we show list of files for a directory, $filearray ciontains file list, and directory is defined with modulepart + $relativepath
287  //var_dump("title=".$title." modulepart=".$modulepart." useinecm=".$useinecm." perm=".$perm." relativepath=".$relativepath." param=".$param." url=".$url);
288  $formfile->list_of_documents($filearray, '', $modulepart, $param, 1, $relativepath, $perm, $useinecm, $textifempty, $maxlengthname, $title, $url, 0, $perm);
289  }
290 }
291 
292 
293 
294 // Bottom of page
295 $useajax=1;
296 if (! empty($conf->dol_use_jmobile)) $useajax=0;
297 if (empty($conf->use_javascript_ajax)) $useajax=0;
298 if (! empty($conf->global->MAIN_ECM_DISABLE_JS)) $useajax=0;
299 
300 //$param.=($param?'?':'').(preg_replace('/^&/','',$param));
301 
302 if ($useajax || $action == 'delete')
303 {
304  $urlfile='';
305  if ($action == 'delete') $urlfile=GETPOST('urlfile','alpha');
306 
307  if (empty($section_dir)) $section_dir=GETPOST("file","alpha");
308  $section_id=$section;
309 
310  require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
311  $useglobalvars=1;
312  $form = new Form($db);
313  $formquestion['urlfile']=array('type'=>'hidden','value'=>$urlfile,'name'=>'urlfile'); // We must always put field, even if empty because it is fille by javascript later
314  $formquestion['section']=array('type'=>'hidden','value'=>$section,'name'=>'section'); // We must always put field, even if empty because it is fille by javascript later
315  $formquestion['section_id']=array('type'=>'hidden','value'=>$section_id,'name'=>'section_id'); // We must always put field, even if empty because it is fille by javascript later
316  $formquestion['section_dir']=array('type'=>'hidden','value'=>$section_dir,'name'=>'section_dir'); // We must always put field, even if empty because it is fille by javascript later
317  if (! empty($action) && $action == 'file_manager') $formquestion['file_manager']=array('type'=>'hidden','value'=>1,'name'=>'file_manager');
318  if (! empty($website)) $formquestion['website']=array('type'=>'hidden','value'=>$website,'name'=>'website');
319  if (! empty($pageid) && $pageid > 0) $formquestion['pageid']=array('type'=>'hidden','value'=>$pageid,'name'=>'pageid');
320 
321  print $form->formconfirm($url,$langs->trans("DeleteFile"),$langs->trans("ConfirmDeleteFile"),'confirm_deletefile',$formquestion,"no",($useajax?'deletefile':0));
322 }
323 
324 if ($useajax)
325 {
326  print '<script type="text/javascript">';
327 
328  // Enable jquery handlers on new generated HTML objects (same code than into lib_footer.js.php)
329  // Because the content is reloaded by ajax call, we must also reenable some jquery hooks
330  // Wrapper to manage document_preview
331  if ($conf->browser->layout != 'phone')
332  {
333  print "\n/* JS CODE TO ENABLE document_preview */\n";
334  print '
335  jQuery(document).ready(function () {
336  jQuery(".documentpreview").click(function () {
337  console.log("We click on preview for element with href="+$(this).attr(\'href\')+" mime="+$(this).attr(\'mime\'));
338  document_preview($(this).attr(\'href\'), $(this).attr(\'mime\'), \''.dol_escape_js($langs->transnoentities("Preview")).'\');
339  return false;
340  });
341  });
342  ' . "\n";
343  }
344 
345  // Enable jquery handlers button to delete files
346  print 'jQuery(document).ready(function() {'."\n";
347  print ' jQuery(".deletefilelink").click(function(e) { '."\n";
348  print ' console.log("We click on button with class deletefilelink, param='.$param.', we set urlfile to "+jQuery(this).attr("rel"));'."\n";
349  print ' jQuery("#urlfile").val(jQuery(this).attr("rel"));'."\n";
350  //print ' jQuery("#section_dir").val(\'aaa\');'."\n";
351  print ' jQuery("#dialog-confirm-deletefile").dialog("open");'."\n";
352  print ' return false;'."\n";
353  print ' });'."\n";
354  print '});'."\n";
355  print '</script>'."\n";
356 }
357 
358 // Close db if mode is not noajax
359 if ((! isset($mode) || $mode != 'noajax') && is_object($db)) $db->close();
if(GETPOST('cancel','alpha')) if(!GETPOST('confirmmassaction','alpha')&&$massaction!= 'presend'&&$massaction!= 'confirm_presend')
Draft customers invoices.
Definition: list.php:147
dol_print_error($db='', $error='', $errors=null)
Affiche message erreur system avec toutes les informations pour faciliter le diagnostic et la remonte...
dol_is_dir($folder)
Test if filename is a directory.
Definition: files.lib.php:414
if(empty($reshook)) $form
View.
Definition: perms.php:103
dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefilter=null, $sortcriteria="name", $sortorder=SORT_ASC, $mode=0, $nohook=0, $relativename="")
Scan a directory and return a list of files/directories.
Definition: files.lib.php:58
GETPOST($paramname, $check='none', $method=0, $filter=NULL, $options=NULL, $noreplace=0)
Return value of a param into GET or POST supervariable.
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0)
Show a message to say access is forbidden and stop program Calling this function terminate execution ...
Class to manage generation of HTML components Only common components must be here.
GETPOSTISSET($paramname)
Return true if we are in a context of submitting a parameter.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.
if($_POST["cancel"]==$langs->trans("Cancel")&&!$id) if($action== 'setdatev'&&$user->rights->tax->charges->creer) if($action== 'add'&&$_POST["cancel"]<> $langs->trans("Cancel")) if($action== 'delete') $title
Actions.
Definition: card.php:183
Class to offer components to list and upload files.
print
Draft customers invoices.
Definition: index.php:91
if(!defined('NOREQUIREMENU')) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html')
Show HTTP header.
Definition: main.inc.php:1052
Class to manage ECM directories.