dolibarr  9.0.0
ajaxdirpreview.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2004-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3  * Copyright (C) 2004-2012 Laurent Destailleur <eldy@users.sourceforge.net>
4  * Copyright (C) 2005 Simon Tosser <simon@kornog-computing.com>
5  * Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
6  * Copyright (C) 2010 Pierre Morin <pierre.morin@auguria.net>
7  * Copyright (C) 2013 Marcos GarcĂ­a <marcosgdf@gmail.com>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 3 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program. If not, see <http://www.gnu.org/licenses/>.
21  */
22 
30 if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL',1); // Disables token renewal
31 if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
32 if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
33 if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
34 
35 if (! isset($mode) || $mode != 'noajax') // For ajax call
36 {
37  require_once '../../main.inc.php';
38  require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
39  require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
40  require_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php';
41 
42  $action=GETPOST('action','aZ09');
43  $file=urldecode(GETPOST('file','alpha'));
44  $section=GETPOST("section",'alpha');
45  $module=GETPOST("module",'alpha');
46  $urlsource=GETPOST("urlsource",'alpha');
47  $search_doc_ref=GETPOST('search_doc_ref','alpha');
48 
49  $sortfield = GETPOST("sortfield",'alpha');
50  $sortorder = GETPOST("sortorder",'alpha');
51  $page = GETPOST("page",'int');
52  if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
53  $offset = $conf->liste_limit * $page;
54  $pageprev = $page - 1;
55  $pagenext = $page + 1;
56  if (! $sortorder) $sortorder="ASC";
57  if (! $sortfield) $sortfield="name";
58 
59  $rootdirfordoc = $conf->ecm->dir_output;
60 
61  $upload_dir = dirname(str_replace("../", "/", $rootdirfordoc.'/'.$file));
62 
63  $ecmdir = new EcmDirectory($db);
64  $result=$ecmdir->fetch($section);
65  if (! $result > 0)
66  {
67  //dol_print_error($db,$ecmdir->error);
68  //exit;
69  }
70 }
71 else // For no ajax call
72 {
73  $rootdirfordoc = $conf->ecm->dir_output;
74 
75  $ecmdir = new EcmDirectory($db);
76  $relativepath='';
77  if ($section > 0)
78  {
79  $result=$ecmdir->fetch($section);
80  if (! $result > 0)
81  {
82  dol_print_error($db,$ecmdir->error);
83  exit;
84  }
85 
86  $relativepath=$ecmdir->getRelativePath(); // Example 'mydir/'
87  }
88  elseif (GETPOST('section_dir'))
89  {
90  $relativepath=GETPOST('section_dir');
91  }
92  //var_dump($section.'-'.GETPOST('section_dir').'-'.$relativepath);
93 
94  $upload_dir = $rootdirfordoc.'/'.$relativepath;
95 }
96 
97 if (empty($url))
98 {
99  if (GETPOSTISSET('website')) $url=DOL_URL_ROOT.'/website/index.php';
100  else $url=DOL_URL_ROOT.'/ecm/index.php';
101 }
102 
103 // Load translation files required by the page
104 $langs->loadLangs(array("ecm","companies","other"));
105 
106 // Security check
107 if ($user->societe_id > 0) $socid = $user->societe_id;
108 
109 //print 'xxx'.$upload_dir;
110 
111 // Security:
112 // On interdit les remontees de repertoire ainsi que les pipe dans les noms de fichiers.
113 if (preg_match('/\.\./',$upload_dir) || preg_match('/[<>|]/',$upload_dir))
114 {
115  dol_syslog("Refused to deliver file ".$upload_dir);
116  // Do no show plain path in shown error message
117  dol_print_error(0,$langs->trans("ErrorFileNameInvalid",$upload_dir));
118  exit;
119 }
120 
121 // Check permissions
122 if ($modulepart == 'ecm')
123 {
124  if (! $user->rights->ecm->read) accessforbidden();
125 }
126 if ($modulepart == 'medias')
127 {
128  // Always allowed
129 }
130 
131 
132 /*
133  * Action
134  */
135 
136 // None
137 
138 
139 
140 /*
141  * View
142  */
143 
144 if (! isset($mode) || $mode != 'noajax')
145 {
146  // Ajout directives pour resoudre bug IE
147  header('Cache-Control: Public, must-revalidate');
148  header('Pragma: public');
149 
150  top_httphead();
151 }
152 
153 $type='directory';
154 
155 // This test if file exists should be useless. We keep it to find bug more easily
156 if (! dol_is_dir($upload_dir))
157 {
158 // dol_mkdir($upload_dir);
159 /* $langs->load("install");
160  dol_print_error(0,$langs->trans("ErrorDirDoesNotExists",$upload_dir));
161  exit;*/
162 }
163 
164 print '<!-- ajaxdirpreview type='.$type.' -->'."\n";
165 //print '<!-- Page called with mode='.dol_escape_htmltag(isset($mode)?$mode:'').' type='.dol_escape_htmltag($type).' module='.dol_escape_htmltag($module).' url='.dol_escape_htmltag($url).' '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
166 
167 $param=($sortfield?'&sortfield='.$sortfield:'').($sortorder?'&sortorder='.$sortorder:'');
168 if (! empty($websitekey)) $param.='&website='.$websitekey;
169 if (! empty($pageid)) $param.='&pageid='.$pageid;
170 
171 
172 // Dir scan
173 if ($type == 'directory')
174 {
175  $formfile=new FormFile($db);
176 
177  $maxlengthname=40;
178  $excludefiles = array('^SPECIMEN\.pdf$','^\.','(\.meta|_preview.*\.png)$','^temp$','^payments$','^CVS$','^thumbs$');
179  $sorting = (strtolower($sortorder)=='desc'?SORT_DESC:SORT_ASC);
180 
181  // Right area. If module is defined here, we are in automatic ecm.
182  $automodules = array('company', 'invoice', 'invoice_supplier', 'propal', 'supplier_proposal', 'order', 'order_supplier', 'contract', 'product', 'tax', 'project', 'fichinter', 'user', 'expensereport', 'holiday');
183 
184  // TODO change for multicompany sharing
185  // Auto area for suppliers invoices
186  if ($module == 'company') $upload_dir = $conf->societe->dir_output;
187  // Auto area for suppliers invoices
188  else if ($module == 'invoice') $upload_dir = $conf->facture->dir_output;
189  // Auto area for suppliers invoices
190  else if ($module == 'invoice_supplier') $upload_dir = $conf->fournisseur->facture->dir_output;
191  // Auto area for customers proposal
192  else if ($module == 'propal') $upload_dir = $conf->propal->dir_output;
193  // Auto area for suppliers proposal
194  else if ($module == 'supplier_proposal') $upload_dir = $conf->supplier_proposal->dir_output;
195  // Auto area for customers orders
196  else if ($module == 'order') $upload_dir = $conf->commande->dir_output;
197  // Auto area for suppliers orders
198  else if ($module == 'order_supplier') $upload_dir = $conf->fournisseur->commande->dir_output;
199  // Auto area for suppliers invoices
200  else if ($module == 'contract') $upload_dir = $conf->contrat->dir_output;
201  // Auto area for products
202  else if ($module == 'product') $upload_dir = $conf->product->dir_output;
203  // Auto area for suppliers invoices
204  else if ($module == 'tax') $upload_dir = $conf->tax->dir_output;
205  // Auto area for projects
206  else if ($module == 'project') $upload_dir = $conf->projet->dir_output;
207  // Auto area for interventions
208  else if ($module == 'fichinter') $upload_dir = $conf->ficheinter->dir_output;
209  // Auto area for users
210  else if ($module == 'user') $upload_dir = $conf->user->dir_output;
211  // Auto area for expense report
212  else if ($module == 'expensereport') $upload_dir = $conf->expensereport->dir_output;
213  // Auto area for holiday
214  else if ($module == 'holiday') $upload_dir = $conf->holiday->dir_output;
215 
216  // Automatic list
217  if (in_array($module, $automodules))
218  {
219  $param.='&module='.$module;
220  if (isset($search_doc_ref) && $search_doc_ref != '') $param.='&search_doc_ref='.$search_doc_ref;
221 
222  $textifempty=($section?$langs->trans("NoFileFound"):($showonrightsize=='featurenotyetavailable'?$langs->trans("FeatureNotYetAvailable"):$langs->trans("NoFileFound")));
223 
224  if ($module == 'company') $excludefiles[]='^contact$'; // The subdir 'contact' contains files of contacts with no id of thirdparty.
225 
226  $filter=preg_quote($search_doc_ref, '/');
227  $filearray=dol_dir_list($upload_dir, "files", 1, $filter, $excludefiles, $sortfield, $sorting,1);
228 
229  $perm=$user->rights->ecm->upload;
230 
231  $formfile->list_of_autoecmfiles($upload_dir,$filearray,$module,$param,1,'',$perm,1,$textifempty,$maxlengthname,$url,1);
232  }
233  // Manual list
234  else
235  {
236  if ($module == 'medias')
237  {
238  /*
239  $_POST is array like
240  'token' => string '062380e11b7dcd009d07318b57b71750' (length=32)
241  'action' => string 'file_manager' (length=12)
242  'website' => string 'template' (length=8)
243  'pageid' => string '124' (length=3)
244  'section_dir' => string 'mydir/' (length=3)
245  'section_id' => string '0' (length=1)
246  'max_file_size' => string '2097152' (length=7)
247  'sendit' => string 'Envoyer fichier' (length=15)
248  */
249  $relativepath=GETPOST('file','alpha')?GETPOST('file','alpha'):GETPOST('section_dir','alpha');
250  if ($relativepath && $relativepath!= '/') $relativepath.='/';
251  $upload_dir = $dolibarr_main_data_root.'/'.$module.'/'.$relativepath;
252  if (GETPOSTISSET('website') || GETPOSTISSET('file_manager'))
253  {
254  $param.='&file_manager=1';
255  if (!preg_match('/website=/',$param)) $param.='&website='.urlencode(GETPOST('website','alpha'));
256  if (!preg_match('/pageid=/',$param)) $param.='&pageid='.urlencode(GETPOST('pageid','int'));
257  //if (!preg_match('/backtopage=/',$param)) $param.='&backtopage='.urlencode($_SERVER["PHP_SELF"].'?file_manager=1&website='.$websitekey.'&pageid='.$pageid);
258  }
259  }
260  else
261  {
262  $relativepath=$ecmdir->getRelativePath();
263  $upload_dir = $conf->ecm->dir_output.'/'.$relativepath;
264  }
265 
266  // If $section defined with value 0
267  if (($section === '0' || empty($section)) && ($module != 'medias'))
268  {
269  $filearray=array();
270  }
271  else
272  {
273  $filearray=dol_dir_list($upload_dir,"files",0,'',array('^\.','(\.meta|_preview.*\.png)$','^temp$','^CVS$'),$sortfield, $sorting,1);
274  }
275 
276  if ($section)
277  {
278  $param.='&section='.$section;
279  if (isset($search_doc_ref) && $search_doc_ref != '') $param.='&search_doc_ref='.$search_doc_ref;
280 
281  $textifempty = $langs->trans('NoFileFound');
282  }
283  else if ($section === '0')
284  {
285  if ($module == 'ecm') $textifempty='<br><div align="center"><font class="warning">'.$langs->trans("DirNotSynchronizedSyncFirst").'</font></div><br>';
286  else $textifempty = $langs->trans('NoFileFound');
287  }
288  else $textifempty=($showonrightsize=='featurenotyetavailable'?$langs->trans("FeatureNotYetAvailable"):$langs->trans("ECMSelectASection"));
289 
290  if ($module == 'medias')
291  {
292  $useinecm = 2;
293  $modulepart='medias';
294  $perm=($user->rights->website->write || $user->rights->emailing->creer);
295  $title='none';
296  }
297  else
298  {
299  $useinecm = 1;
300  $modulepart='ecm';
301  $perm=$user->rights->ecm->upload;
302  $title=''; // Use default
303  }
304 
305  // When we show list of files for ECM files, $filearray contains file list, and directory is defined with modulepart + section into $param
306  // When we show list of files for a directory, $filearray ciontains file list, and directory is defined with modulepart + $relativepath
307  //var_dump("title=".$title." modulepart=".$modulepart." useinecm=".$useinecm." perm=".$perm." relativepath=".$relativepath." param=".$param." url=".$url);
308  $formfile->list_of_documents($filearray, '', $modulepart, $param, 1, $relativepath, $perm, $useinecm, $textifempty, $maxlengthname, $title, $url, 0, $perm);
309  }
310 }
311 
312 
313 
314 // Bottom of page
315 $useajax=1;
316 if (! empty($conf->dol_use_jmobile)) $useajax=0;
317 if (empty($conf->use_javascript_ajax)) $useajax=0;
318 if (! empty($conf->global->MAIN_ECM_DISABLE_JS)) $useajax=0;
319 
320 //$param.=($param?'?':'').(preg_replace('/^&/','',$param));
321 
322 if ($useajax || $action == 'delete')
323 {
324  $urlfile='';
325  if ($action == 'delete') $urlfile=GETPOST('urlfile','alpha');
326 
327  if (empty($section_dir)) $section_dir=GETPOST("file","alpha");
328  $section_id=$section;
329 
330  require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
331  $useglobalvars=1;
332  $form = new Form($db);
333  $formquestion['urlfile']=array('type'=>'hidden','value'=>$urlfile,'name'=>'urlfile'); // We must always put field, even if empty because it is fille by javascript later
334  $formquestion['section']=array('type'=>'hidden','value'=>$section,'name'=>'section'); // We must always put field, even if empty because it is fille by javascript later
335  $formquestion['section_id']=array('type'=>'hidden','value'=>$section_id,'name'=>'section_id'); // We must always put field, even if empty because it is fille by javascript later
336  $formquestion['section_dir']=array('type'=>'hidden','value'=>$section_dir,'name'=>'section_dir'); // We must always put field, even if empty because it is fille by javascript later
337  if (! empty($action) && $action == 'file_manager') $formquestion['file_manager']=array('type'=>'hidden','value'=>1,'name'=>'file_manager');
338  if (! empty($websitekey)) $formquestion['website']=array('type'=>'hidden','value'=>$websitekey,'name'=>'website');
339  if (! empty($pageid) && $pageid > 0) $formquestion['pageid']=array('type'=>'hidden','value'=>$pageid,'name'=>'pageid');
340 
341  print $form->formconfirm($url,$langs->trans("DeleteFile"),$langs->trans("ConfirmDeleteFile"),'confirm_deletefile',$formquestion,"no",($useajax?'deletefile':0));
342 }
343 
344 if ($useajax)
345 {
346  print '<script type="text/javascript">';
347 
348  // Enable jquery handlers on new generated HTML objects (same code than into lib_footer.js.php)
349  // Because the content is reloaded by ajax call, we must also reenable some jquery hooks
350  // Wrapper to manage document_preview
351  if ($conf->browser->layout != 'phone')
352  {
353  print "\n/* JS CODE TO ENABLE document_preview */\n";
354  print '
355  jQuery(document).ready(function () {
356  jQuery(".documentpreview").click(function () {
357  console.log("We click on preview for element with href="+$(this).attr(\'href\')+" mime="+$(this).attr(\'mime\'));
358  document_preview($(this).attr(\'href\'), $(this).attr(\'mime\'), \''.dol_escape_js($langs->transnoentities("Preview")).'\');
359  return false;
360  });
361  });
362  ' . "\n";
363  }
364 
365  // Enable jquery handlers button to delete files
366  print 'jQuery(document).ready(function() {'."\n";
367  print ' jQuery(".deletefilelink").click(function(e) { '."\n";
368  print ' console.log("We click on button with class deletefilelink, param='.$param.', we set urlfile to "+jQuery(this).attr("rel"));'."\n";
369  print ' jQuery("#urlfile").val(jQuery(this).attr("rel"));'."\n";
370  //print ' jQuery("#section_dir").val(\'aaa\');'."\n";
371  print ' jQuery("#dialog-confirm-deletefile").dialog("open");'."\n";
372  print ' return false;'."\n";
373  print ' });'."\n";
374  print '});'."\n";
375  print '</script>'."\n";
376 }
377 
378 // Close db if mode is not noajax
379 if ((! isset($mode) || $mode != 'noajax') && is_object($db)) $db->close();
GETPOST($paramname, $check='none', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
print
Draft customers invoices.
Definition: index.php:91
if(! defined('NOREQUIREMENU')) if(! function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition: main.inc.php:1107
dol_print_error($db='', $error='', $errors=null)
Affiche message erreur system avec toutes les informations pour faciliter le diagnostic et la remonte...
dol_is_dir($folder)
Test if filename is a directory.
Definition: files.lib.php:438
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0)
Show a message to say access is forbidden and stop program Calling this function terminate execution ...
Class to manage generation of HTML components Only common components must be here.
GETPOSTISSET($paramname)
Return true if we are in a context of submitting a parameter.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.
if(GETPOST('cancel', 'alpha')) if(! GETPOST( 'confirmmassaction', 'alpha') &&$massaction !='presend' &&$massaction !='confirm_presend')
Draft customers invoices.
Definition: list.php:156
dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefilter=null, $sortcriteria="name", $sortorder=SORT_ASC, $mode=0, $nohook=0, $relativename="", $donotfollowsymlinks=0)
Scan a directory and return a list of files/directories.
Definition: files.lib.php:59
Class to offer components to list and upload files.
Class to manage ECM directories.