dolibarr  9.0.0
actions_linkedfiles.inc.php
1 <?php
2 /* Copyright (C) 2013 Cédric Salvador <csalvador@gpcsolutions.fr>
3  * Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
4  * Copyright (C) 2015 Ferran Marcet <fmarcet@2byte.es>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program. If not, see <http://www.gnu.org/licenses/>.
18  * or see http://www.gnu.org/
19  */
20 
21 // Variable $upload_dir must be defined when entering here.
22 // Variable $upload_dirold may also exists.
23 // Variable $confirm must be defined.
24 
25 //var_dump($upload_dir);
26 //var_dump($upload_dirold);
27 
28 
29 // Submit file/link
30 if (GETPOST('sendit','alpha') && ! empty($conf->global->MAIN_UPLOAD_DOC))
31 {
32  if (! empty($_FILES))
33  {
34  if (is_array($_FILES['userfile']['tmp_name'])) $userfiles=$_FILES['userfile']['tmp_name'];
35  else $userfiles=array($_FILES['userfile']['tmp_name']);
36 
37  foreach($userfiles as $key => $userfile)
38  {
39  if (empty($_FILES['userfile']['tmp_name'][$key]))
40  {
41  $error++;
42  if ($_FILES['userfile']['error'][$key] == 1 || $_FILES['userfile']['error'][$key] == 2){
43  setEventMessages($langs->trans('ErrorFileSizeTooLarge'), null, 'errors');
44  }
45  else {
46  setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("File")), null, 'errors');
47  }
48  }
49  }
50 
51  if (! $error)
52  {
53  // Define if we have to generate thumbs or not
54  $generatethumbs = 1;
55  if (GETPOST('section_dir')) $generatethumbs=0;
56 
57  if (! empty($upload_dirold) && ! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO))
58  {
59  $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha'), null, '', $generatethumbs);
60  }
61  elseif (! empty($upload_dir))
62  {
63  $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha'), null, '', $generatethumbs);
64  }
65  }
66  }
67 }
68 elseif (GETPOST('linkit','none') && ! empty($conf->global->MAIN_UPLOAD_DOC))
69 {
70  $link = GETPOST('link', 'alpha');
71  if ($link)
72  {
73  if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://') {
74  $link = 'http://' . $link;
75  }
76  dol_add_file_process($upload_dir, 0, 1, 'userfile', null, $link, '', 0);
77  }
78 }
79 
80 
81 // Delete file/link
82 if ($action == 'confirm_deletefile' && $confirm == 'yes')
83 {
84  $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
85  if (GETPOST('section', 'alpha')) // For a delete from the ECM module, upload_dir is ECM root dir and urlfile contains relative path from upload_dir
86  {
87  $file = $upload_dir . (preg_match('/\/$/', $upload_dir) ? '' : '/') . $urlfile;
88  }
89  else // For a delete from the file manager into another module, or from documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile.
90  {
91  $urlfile=basename($urlfile);
92  $file = $upload_dir . (preg_match('/\/$/', $upload_dir) ? '' : '/') . $urlfile;
93  if (! empty($upload_dirold)) $fileold = $upload_dirold . "/" . $urlfile;
94  }
95  $linkid = GETPOST('linkid', 'int');
96 
97  if ($urlfile) // delete of a file
98  {
99  $dir = dirname($file).'/'; // Chemin du dossier contenant l'image d'origine
100  $dirthumb = $dir.'/thumbs/'; // Chemin du dossier contenant la vignette (if file is an image)
101 
102  $ret = dol_delete_file($file, 0, 0, 0, (is_object($object)?$object:null));
103  if (! empty($fileold)) dol_delete_file($fileold, 0, 0, 0, (is_object($object)?$object:null)); // Delete file using old path
104 
105  // Si elle existe, on efface la vignette
106  if (preg_match('/(\.jpg|\.jpeg|\.bmp|\.gif|\.png|\.tiff)$/i',$file,$regs))
107  {
108  $photo_vignette=basename(preg_replace('/'.$regs[0].'/i','',$file).'_small'.$regs[0]);
109  if (file_exists(dol_osencode($dirthumb.$photo_vignette)))
110  {
111  dol_delete_file($dirthumb.$photo_vignette);
112  }
113 
114  $photo_vignette=basename(preg_replace('/'.$regs[0].'/i','',$file).'_mini'.$regs[0]);
115  if (file_exists(dol_osencode($dirthumb.$photo_vignette)))
116  {
117  dol_delete_file($dirthumb.$photo_vignette);
118  }
119  }
120 
121  if ($ret) setEventMessages($langs->trans("FileWasRemoved", $urlfile), null, 'mesgs');
122  else setEventMessages($langs->trans("ErrorFailToDeleteFile", $urlfile), null, 'errors');
123  }
124  elseif ($linkid) // delete of external link
125  {
126  require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php';
127  $link = new Link($db);
128  $link->id = $linkid;
129  $link->fetch();
130  $res = $link->delete($user);
131 
132  $langs->load('link');
133  if ($res > 0) {
134  setEventMessages($langs->trans("LinkRemoved", $link->label), null, 'mesgs');
135  } else {
136  if (count($link->errors)) {
137  setEventMessages('', $link->errors, 'errors');
138  } else {
139  setEventMessages($langs->trans("ErrorFailedToDeleteLink", $link->label), null, 'errors');
140  }
141  }
142  }
143 
144  if (is_object($object) && $object->id > 0)
145  {
146  if ($backtopage)
147  {
148  header('Location: ' . $backtopage);
149  exit;
150  }
151  else
152  {
153  header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.(GETPOST('section_dir','alpha')?'&section_dir='.urlencode(GETPOST('section_dir','alpha')):'').(!empty($withproject)?'&withproject=1':''));
154  exit;
155  }
156  }
157 }
158 elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('link', 'alpha'))
159 {
160  require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php';
161  $langs->load('link');
162  $link = new Link($db);
163  $link->id = GETPOST('linkid', 'int');
164  $f = $link->fetch();
165  if ($f)
166  {
167  $link->url = GETPOST('link', 'alpha');
168  if (substr($link->url, 0, 7) != 'http://' && substr($link->url, 0, 8) != 'https://' && substr($link->url, 0, 7) != 'file://')
169  {
170  $link->url = 'http://' . $link->url;
171  }
172  $link->label = GETPOST('label', 'alpha');
173  $res = $link->update($user);
174  if (!$res)
175  {
176  setEventMessages($langs->trans("ErrorFailedToUpdateLink", $link->label), null, 'mesgs');
177  }
178  }
179  else
180  {
181  //error fetching
182  }
183 }
184 elseif ($action == 'renamefile' && GETPOST('renamefilesave','alpha'))
185 {
186  // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile.
187  if (! empty($upload_dir))
188  {
189  $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha'), '_', 0); // Do not remove accents
190  $filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha'), '_', 0); // Do not remove accents
191 
192  if ($filenamefrom != $filenameto)
193  {
194  // Security:
195  // Disallow file with some extensions. We rename them.
196  // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code.
197  if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED))
198  {
199  $filenameto.= '.noexe';
200  }
201 
202  if ($filenamefrom && $filenameto)
203  {
204  $srcpath = $upload_dir.'/'.$filenamefrom;
205  $destpath = $upload_dir.'/'.$filenameto;
206 
207  $reshook=$hookmanager->initHooks(array('actionlinkedfiles'));
208  $parameters=array('filenamefrom' => $filenamefrom, 'filenameto' => $filenameto, 'upload_dir' => $upload_dir);
209  $reshook=$hookmanager->executeHooks('renameUploadedFile', $parameters, $object);
210 
211  if (empty($reshook))
212  {
213  if (! file_exists($destpath))
214  {
215  $result = dol_move($srcpath, $destpath);
216  if ($result)
217  {
218  // Define if we have to generate thumbs or not
219  $generatethumbs = 1;
220  // When we rename a file from the file manager in ecm, we must not regenerate thumbs (not a problem, we do pass here)
221  // When we rename a file from the website module, we must not regenerate thumbs (module = medias in such a case)
222  // but when we rename from a tab "Documents", we must regenerate thumbs
223  if (GETPOST('modulepart') == 'medias') $generatethumbs=0;
224 
225  if ($generatethumbs)
226  {
227  if ($object->id)
228  {
229  $object->addThumbs($destpath);
230  }
231 
232  // TODO Add revert function of addThumbs to remove thumbs with old name
233  //$object->delThumbs($srcpath);
234  }
235 
236  setEventMessages($langs->trans("FileRenamed"), null);
237  }
238  else
239  {
240  $langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
241  setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors');
242  }
243  }
244  else
245  {
246  $langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
247  setEventMessages($langs->trans("ErrorDestinationAlreadyExists", $filenameto), null, 'errors');
248  }
249  }
250  }
251  }
252  }
253 
254  // Update properties in ECM table
255  if (GETPOST('ecmfileid', 'int') > 0)
256  {
257  $shareenabled = GETPOST('shareenabled', 'alpha');
258 
259  include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
260  $ecmfile=new EcmFiles($db);
261  $result = $ecmfile->fetch(GETPOST('ecmfileid', 'int'));
262  if ($result > 0)
263  {
264  if ($shareenabled)
265  {
266  if (empty($ecmfile->share))
267  {
268  require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
269  $ecmfile->share = getRandomPassword(true);
270  }
271  }
272  else
273  {
274  $ecmfile->share = '';
275  }
276  $result = $ecmfile->update($user);
277  if ($result < 0)
278  {
279  setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
280  }
281  }
282  }
283 }
dol_osencode($str)
Return a string encoded into OS filesystem encoding.
GETPOST($paramname, $check='none', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
setEventMessages($mesg, $mesgs, $style='mesgs')
Set event messages in dol_events session object.
dol_sanitizeFileName($str, $newstr='_', $unaccent=1)
Clean a string to use it as a file name.
dol_move($srcfile, $destfile, $newmask=0, $overwriteifexists=1, $testvirus=0, $indexdatabase=1)
Move a file into another name.
Definition: files.lib.php:814
dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesession=0, $varfiles='addedfile', $savingdocmask='', $link=null, $trackid='', $generatethumbs=1)
Get and save an upload file (for example after submitting a new file a mail form).
Definition: files.lib.php:1519
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1)
Remove a file or several files with a mask.
Definition: files.lib.php:1139
getRandomPassword($generic=false)
Return a generated password using default module.
Class to manage ECM files.