dolibarr  7.0.0-beta
commands.php
1 <?php
2 /*
3  * FCKeditor - The text editor for Internet - http://www.fckeditor.net
4  * Copyright (C) 2003-2010 Frederico Caldeira Knabben
5  *
6  * == BEGIN LICENSE ==
7  *
8  * Licensed under the terms of any of the following licenses at your
9  * choice:
10  *
11  * - GNU General Public License Version 2 or later (the "GPL")
12  * http://www.gnu.org/licenses/gpl.html
13  *
14  * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15  * http://www.gnu.org/licenses/lgpl.html
16  *
17  * - Mozilla Public License Version 1.1 or later (the "MPL")
18  * http://www.mozilla.org/MPL/MPL-1.1.html
19  *
20  * == END LICENSE ==
21  *
22  * This is the File Manager Connector for PHP.
23  */
24 
32 function GetFolders($resourceType, $currentFolder)
33 {
34  // Map the virtual path to the local server path.
35  $sServerDir = ServerMapFolder($resourceType, $currentFolder, 'GetFolders');
36 
37  // Array that will hold the folders names.
38  $aFolders = array();
39 
40  $oCurrentFolder = @opendir($sServerDir);
41 
42  if ($oCurrentFolder !== false)
43  {
44  while ( $sFile = readdir($oCurrentFolder) )
45  {
46  if ( $sFile != '.' && $sFile != '..' && is_dir($sServerDir . $sFile) )
47  $aFolders[] = '<Folder name="' . ConvertToXmlAttribute($sFile) . '" />' ;
48  }
49  closedir($oCurrentFolder);
50  }
51 
52  // Open the "Folders" node.
53  echo "<Folders>" ;
54 
55  natcasesort($aFolders);
56  foreach ( $aFolders as $sFolder )
57  echo $sFolder ;
58 
59  // Close the "Folders" node.
60  echo "</Folders>" ;
61 }
62 
70 function GetFoldersAndFiles( $resourceType, $currentFolder )
71 {
72  // Map the virtual path to the local server path.
73  $sServerDir = ServerMapFolder($resourceType, $currentFolder, 'GetFoldersAndFiles');
74 
75  // Arrays that will hold the folders and files names.
76  $aFolders = array();
77  $aFiles = array();
78 
79  $oCurrentFolder = @opendir($sServerDir);
80 
81  if ($oCurrentFolder !== false)
82  {
83  while ( $sFile = readdir($oCurrentFolder) )
84  {
85  if ( $sFile != '.' && $sFile != '..' )
86  {
87  if ( is_dir($sServerDir . $sFile) )
88  $aFolders[] = '<Folder name="' . ConvertToXmlAttribute($sFile) . '" />' ;
89  else
90  {
91  $iFileSize = @filesize($sServerDir . $sFile);
92  if ( !$iFileSize ) {
93  $iFileSize = 0 ;
94  }
95  if ( $iFileSize > 0 )
96  {
97  $iFileSize = round($iFileSize / 1024);
98  if ( $iFileSize < 1 )
99  $iFileSize = 1 ;
100  }
101 
102  $aFiles[] = '<File name="' . ConvertToXmlAttribute($sFile) . '" size="' . $iFileSize . '" />' ;
103  }
104  }
105  }
106  closedir($oCurrentFolder);
107  }
108 
109  // Send the folders
110  natcasesort($aFolders);
111  echo '<Folders>' ;
112 
113  foreach ( $aFolders as $sFolder )
114  echo $sFolder ;
115 
116  echo '</Folders>' ;
117 
118  // Send the files
119  natcasesort($aFiles);
120  echo '<Files>' ;
121 
122  foreach ( $aFiles as $sFiles )
123  echo $sFiles ;
124 
125  echo '</Files>' ;
126 }
127 
135 function CreateFolder( $resourceType, $currentFolder )
136 {
137  if (!isset($_GET)) {
138  global $_GET;
139  }
140  $sErrorNumber = '0' ;
141  $sErrorMsg = '' ;
142 
143  if ( isset( $_GET['NewFolderName'] ) )
144  {
145  $sNewFolderName = $_GET['NewFolderName'] ;
146  $sNewFolderName = SanitizeFolderName($sNewFolderName);
147 
148  if (strpos($sNewFolderName, '..') !== FALSE)
149  $sErrorNumber = '102' ; // Invalid folder name.
150  else
151  {
152  // Map the virtual path to the local server path of the current folder.
153  $sServerDir = ServerMapFolder($resourceType, $currentFolder, 'CreateFolder');
154 
155  if ( is_writable($sServerDir) )
156  {
157  $sServerDir .= $sNewFolderName ;
158 
159  $sErrorMsg = CreateServerFolder($sServerDir);
160 
161  switch ( $sErrorMsg )
162  {
163  case '':
164  $sErrorNumber = '0' ;
165  break;
166  case 'Invalid argument' :
167  case 'No such file or directory' :
168  $sErrorNumber = '102' ; // Path too long.
169  break ;
170  default:
171  $sErrorNumber = '110' ;
172  break ;
173  }
174  }
175  else
176  $sErrorNumber = '103' ;
177  }
178  }
179  else
180  $sErrorNumber = '102' ;
181 
182  // Create the "Error" node.
183  echo '<Error number="' . $sErrorNumber . '" />' ;
184 }
185 
186 // @CHANGE
187 //function FileUpload( $resourceType, $currentFolder, $sCommand )
197 function FileUpload($resourceType, $currentFolder, $sCommand, $CKEcallback = '')
198 {
199  if (!isset($_FILES)) {
200  global $_FILES;
201  }
202  $sErrorNumber = '0' ;
203  $sFileName = '' ;
204 
205  if ( isset( $_FILES['NewFile'] ) && !is_null($_FILES['NewFile']['tmp_name'])
206  // This is for the QuickUpload tab box
207  or (isset($_FILES['upload']) && !is_null($_FILES['upload']['tmp_name'])))
208  {
209  global $Config ;
210 
211  $oFile = isset($_FILES['NewFile']) ? $_FILES['NewFile'] : $_FILES['upload'];
212 
213  // Map the virtual path to the local server path.
214  $sServerDir = ServerMapFolder($resourceType, $currentFolder, $sCommand);
215 
216  // Get the uploaded file name.
217  $sFileName = $oFile['name'] ;
218  $sFileName = SanitizeFileName($sFileName);
219 
220  $sOriginalFileName = $sFileName ;
221 
222  // Get the extension.
223  $sExtension = substr($sFileName, (strrpos($sFileName, '.') + 1));
224  $sExtension = strtolower($sExtension);
225 
226  if ( isset( $Config['SecureImageUploads'] ) )
227  {
228  if ( ( $isImageValid = IsImageValid($oFile['tmp_name'], $sExtension) ) === false )
229  {
230  $sErrorNumber = '202' ;
231  }
232  }
233 
234  if ( isset( $Config['HtmlExtensions'] ) )
235  {
236  if (!IsHtmlExtension($sExtension, $Config['HtmlExtensions']) &&
237  ($detectHtml = DetectHtml($oFile['tmp_name'])) === true)
238  {
239  $sErrorNumber = '202' ;
240  }
241  }
242 
243  // Check if it is an allowed extension.
244  if ( !$sErrorNumber && IsAllowedExt($sExtension, $resourceType) )
245  {
246  $iCounter = 0 ;
247 
248  while ( true )
249  {
250  $sFilePath = $sServerDir . $sFileName ;
251 
252  if ( is_file($sFilePath) )
253  {
254  $iCounter++ ;
255  $sFileName = RemoveExtension($sOriginalFileName) . '(' . $iCounter . ').' . $sExtension ;
256  $sErrorNumber = '201' ;
257  }
258  else
259  {
260  move_uploaded_file($oFile['tmp_name'], $sFilePath);
261 
262  if ( is_file($sFilePath) )
263  {
264  if ( isset( $Config['ChmodOnUpload'] ) && !$Config['ChmodOnUpload'] )
265  {
266  break ;
267  }
268 
269  $permissions = '0777';
270  if ( isset( $Config['ChmodOnUpload'] ) && $Config['ChmodOnUpload'] )
271  {
272  $permissions = (string) $Config['ChmodOnUpload'] ;
273  }
274  $permissionsdec = octdec($permissions);
275  dol_syslog("commands.php permission = ".$permissions." ".$permissionsdec." ".decoct($permissionsdec));
276  $oldumask = umask(0);
277  chmod($sFilePath, $permissionsdec);
278  umask($oldumask);
279  }
280 
281  break ;
282  }
283  }
284 
285  if ( file_exists($sFilePath) )
286  {
287  //previous checks failed, try once again
288  if ( isset( $isImageValid ) && $isImageValid === -1 && IsImageValid($sFilePath, $sExtension) === false )
289  {
290  @unlink($sFilePath);
291  $sErrorNumber = '202' ;
292  }
293  else if ( isset( $detectHtml ) && $detectHtml === -1 && DetectHtml($sFilePath) === true )
294  {
295  @unlink($sFilePath);
296  $sErrorNumber = '202' ;
297  }
298  }
299  }
300  else
301  $sErrorNumber = '202' ;
302  }
303  else
304  $sErrorNumber = '202' ;
305 
306 
307  $sFileUrl = CombinePaths(GetResourceTypePath($resourceType, $sCommand), $currentFolder);
308  $sFileUrl = CombinePaths($sFileUrl, $sFileName);
309 
310 
311  // @CHANGE
312  //SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName );
313  if($CKEcallback == '')
314  {
315  // this line already exists so wrap the if block around it
316  SendUploadResults($sErrorNumber, $sFileUrl, $sFileName);
317  }
318  else
319  {
320  //issue the CKEditor Callback
321  SendCKEditorResults(
322  $CKEcallback,
323  $sFileUrl,
324  ($sErrorNumber != 0 ? 'Error '. $sErrorNumber. ' upload failed.' : 'Upload Successful')
325  );
326  }
327 
328  exit;
329 }
This class is used to manage file upload using ajax.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.