38 return preg_replace(
'/^.*\/([^\/]+)$/',
'$1', rtrim($pathfile,
'/'));
60 function dol_dir_list($path, $types =
"all", $recursive = 0, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0, $nohook = 0, $relativename =
"", $donotfollowsymlinks = 0)
62 global $db, $hookmanager;
65 if ($recursive <= 1) {
66 dol_syslog(
"files.lib.php::dol_dir_list path=".$path.
" types=".$types.
" recursive=".$recursive.
" filter=".$filter.
" excludefilter=".json_encode($excludefilter));
70 $loaddate = ($mode == 1 || $mode == 2) ?
true:
false;
71 $loadsize = ($mode == 1 || $mode == 3) ?
true:
false;
72 $loadperm = ($mode == 1 || $mode == 4) ?
true:
false;
75 $path = preg_replace(
'/([\\/]+)$/i',
'', $path);
81 if (is_object($hookmanager) && !$nohook) {
82 $hookmanager->resArray = array();
84 $hookmanager->initHooks(array(
'fileslib'));
89 'recursive' => $recursive,
91 'excludefilter' => $excludefilter,
92 'sortcriteria' => $sortcriteria,
93 'sortorder' => $sortorder,
94 'loaddate' => $loaddate,
95 'loadsize' => $loadsize,
98 $reshook = $hookmanager->executeHooks(
'getDirList', $parameters, $object);
102 if (empty($reshook)) {
103 if (!is_dir($newpath)) {
107 if ($dir = opendir($newpath)) {
111 while (
false !== ($file = readdir($dir))) {
113 $file = utf8_encode($file);
115 $fullpathfile = ($newpath ? $newpath.
'/' :
'').$file;
120 $excludefilterarray = array(
'^\.');
121 if (is_array($excludefilter)) {
122 $excludefilterarray = array_merge($excludefilterarray, $excludefilter);
123 } elseif ($excludefilter) {
124 $excludefilterarray[] = $excludefilter;
127 foreach ($excludefilterarray as $filt) {
128 if (preg_match(
'/'.$filt.
'/i', $file) || preg_match(
'/'.$filt.
'/i', $fullpathfile)) {
138 if ($isdir && (($types ==
"directories") || ($types ==
"all") || $recursive > 0)) {
140 if (($types ==
"directories") || ($types ==
"all")) {
141 if ($loaddate || $sortcriteria ==
'date') {
144 if ($loadsize || $sortcriteria ==
'size') {
147 if ($loadperm || $sortcriteria ==
'perm') {
151 if (!$filter || preg_match(
'/'.$filter.
'/i', $file)) {
153 preg_match(
'/([^\/]+)\/[^\/]+$/', $path.
'/'.$file, $reg);
154 $level1name = (isset($reg[1]) ? $reg[1] :
'');
155 $file_list[] = array(
158 "level1name" => $level1name,
159 "relativename" => ($relativename ? $relativename.
'/' :
'').$file,
160 "fullname" => $path.
'/'.$file,
170 if ($recursive > 0) {
171 if (empty($donotfollowsymlinks) || !is_link($path.
"/".$file)) {
173 $file_list = array_merge($file_list,
dol_dir_list($path.
"/".$file, $types, $recursive + 1, $filter, $excludefilter, $sortcriteria, $sortorder, $mode, $nohook, ($relativename !=
'' ? $relativename.
'/' :
'').$file, $donotfollowsymlinks));
176 } elseif (!$isdir && (($types ==
"files") || ($types ==
"all"))) {
178 if ($loaddate || $sortcriteria ==
'date') {
181 if ($loadsize || $sortcriteria ==
'size') {
185 if (!$filter || preg_match(
'/'.$filter.
'/i', $file)) {
186 preg_match(
'/([^\/]+)\/[^\/]+$/', $path.
'/'.$file, $reg);
187 $level1name = (isset($reg[1]) ? $reg[1] :
'');
188 $file_list[] = array(
191 "level1name" => $level1name,
192 "relativename" => ($relativename ? $relativename.
'/' :
'').$file,
193 "fullname" => $path.
'/'.$file,
205 if (!empty($sortcriteria) && $sortorder) {
206 $file_list =
dol_sort_array($file_list, $sortcriteria, ($sortorder == SORT_ASC ?
'asc' :
'desc'));
211 if (is_object($hookmanager) && is_array($hookmanager->resArray)) {
212 $file_list = array_merge($file_list, $hookmanager->resArray);
232 function dol_dir_list_in_database($path, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0)
236 $sql =
" SELECT rowid, label, entity, filename, filepath, fullpath_orig, keywords, cover, gen_or_uploaded, extraparams,";
237 $sql .=
" date_c, tms as date_m, fk_user_c, fk_user_m, acl, position, share";
239 $sql .=
", description";
241 $sql .=
" FROM ".MAIN_DB_PREFIX.
"ecm_files";
242 $sql .=
" WHERE entity = ".$conf->entity;
243 if (preg_match(
'/%$/', $path)) {
244 $sql .=
" AND filepath LIKE '".$db->escape($path).
"'";
246 $sql .=
" AND filepath = '".$db->escape($path).
"'";
249 $resql = $db->query($sql);
251 $file_list = array();
252 $num = $db->num_rows(
$resql);
255 $obj = $db->fetch_object(
$resql);
258 preg_match(
'/([^\/]+)\/[^\/]+$/', DOL_DATA_ROOT.
'/'.$obj->filepath.
'/'.$obj->filename, $reg);
259 $level1name = (isset($reg[1]) ? $reg[1] :
'');
260 $file_list[] = array(
261 "rowid" => $obj->rowid,
262 "label" => $obj->label,
263 "name" => $obj->filename,
264 "path" => DOL_DATA_ROOT.
'/'.$obj->filepath,
265 "level1name" => $level1name,
266 "fullname" => DOL_DATA_ROOT.
'/'.$obj->filepath.
'/'.$obj->filename,
267 "fullpath_orig" => $obj->fullpath_orig,
268 "date_c" => $db->jdate($obj->date_c),
269 "date_m" => $db->jdate($obj->date_m),
271 "keywords" => $obj->keywords,
272 "cover" => $obj->cover,
273 "position" => (
int) $obj->position,
275 "share" => $obj->share,
276 "description" => ($mode ? $obj->description :
'')
283 if (!empty($sortcriteria)) {
285 foreach ($file_list as $key => $row) {
286 $myarray[$key] = (isset($row[$sortcriteria]) ? $row[$sortcriteria] :
'');
290 array_multisort($myarray, $sortorder, $file_list);
312 global $conf, $db, $user;
318 if ($modulepart ==
'produit' && !empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) {
320 if (!empty($object->id)) {
321 if (!empty($conf->product->enabled)) {
322 $upload_dirold = $conf->product->multidir_output[$object->entity].
'/'.substr(substr(
"000".$object->id, -2), 1, 1).
'/'.substr(substr(
"000".$object->id, -2), 0, 1).
'/'.$object->id.
"/photos";
324 $upload_dirold = $conf->service->multidir_output[$object->entity].
'/'.substr(substr(
"000".$object->id, -2), 1, 1).
'/'.substr(substr(
"000".$object->id, -2), 0, 1).
'/'.$object->id.
"/photos";
327 $relativedirold = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $upload_dirold);
328 $relativedirold = preg_replace(
'/^[\\/]/',
'', $relativedirold);
330 $filearrayindatabase = array_merge($filearrayindatabase,
dol_dir_list_in_database($relativedirold,
'',
null,
'name', SORT_ASC));
339 foreach ($filearray as $key => $val) {
340 $tmpfilename = preg_replace(
'/\.noexe$/',
'', $filearray[$key][
'name']);
343 foreach ($filearrayindatabase as $key2 => $val2) {
344 if (($filearrayindatabase[$key2][
'path'] == $filearray[$key][
'path']) && ($filearrayindatabase[$key2][
'name'] == $tmpfilename)) {
345 $filearray[$key][
'position_name'] = ($filearrayindatabase[$key2][
'position'] ? $filearrayindatabase[$key2][
'position'] :
'0').
'_'.$filearrayindatabase[$key2][
'name'];
346 $filearray[$key][
'position'] = $filearrayindatabase[$key2][
'position'];
347 $filearray[$key][
'cover'] = $filearrayindatabase[$key2][
'cover'];
348 $filearray[$key][
'keywords'] = $filearrayindatabase[$key2][
'keywords'];
349 $filearray[$key][
'acl'] = $filearrayindatabase[$key2][
'acl'];
350 $filearray[$key][
'rowid'] = $filearrayindatabase[$key2][
'rowid'];
351 $filearray[$key][
'label'] = $filearrayindatabase[$key2][
'label'];
352 $filearray[$key][
'share'] = $filearrayindatabase[$key2][
'share'];
359 $filearray[$key][
'position'] =
'999999';
360 $filearray[$key][
'cover'] = 0;
361 $filearray[$key][
'acl'] =
'';
363 $rel_filename = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $filearray[$key][
'fullname']);
365 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filename)) {
366 dol_syslog(
"list_of_documents We found a file called '".$filearray[$key][
'name'].
"' not indexed into database. We add it");
367 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
371 $filename = basename($rel_filename);
372 $rel_dir = dirname($rel_filename);
373 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
374 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
376 $ecmfile->filepath = $rel_dir;
377 $ecmfile->filename = $filename;
378 $ecmfile->label = md5_file(
dol_osencode($filearray[$key][
'fullname']));
379 $ecmfile->fullpath_orig = $filearray[$key][
'fullname'];
380 $ecmfile->gen_or_uploaded =
'unknown';
381 $ecmfile->description =
'';
382 $ecmfile->keywords =
'';
383 $result = $ecmfile->create($user);
387 $filearray[$key][
'rowid'] = $result;
390 $filearray[$key][
'rowid'] = 0;
410 $sortorder = strtoupper($sortorder);
412 if ($sortorder ==
'ASC') {
420 if ($sortfield ==
'name') {
421 if ($a->name == $b->name) {
424 return ($a->name < $b->name) ? $retup : $retdown;
426 if ($sortfield ==
'date') {
427 if ($a->date == $b->date) {
430 return ($a->date < $b->date) ? $retup : $retdown;
432 if ($sortfield ==
'size') {
433 if ($a->size == $b->size) {
436 return ($a->size < $b->size) ? $retup : $retdown;
450 if (is_dir($newfolder)) {
465 if (!is_readable($dir)) {
468 return (count(scandir($dir)) == 2);
480 return is_file($newpathoffile);
492 return is_link($newpathoffile);
503 $tmpprot = array(
'file',
'http',
'https',
'ftp',
'zlib',
'data',
'ssh',
'ssh2',
'ogg',
'expect');
504 foreach ($tmpprot as $prot) {
505 if (preg_match(
'/^'.$prot.
':/i', $url)) {
521 if (is_dir($newfolder)) {
522 $handle = opendir($newfolder);
523 $folder_content =
'';
524 while ((gettype($name = readdir($handle)) !=
"boolean")) {
525 $name_array[] = $name;
527 foreach ($name_array as $temp) {
528 $folder_content .= $temp;
533 if ($folder_content ==
"...") {
556 $fp = fopen($newfile,
'r');
561 if (!$line ===
false) {
584 return filesize($newpathoffile);
596 return @filemtime($newpathoffile);
608 return fileperms($newpathoffile);
623 function dolReplaceInFile($srcfile, $arrayreplacement, $destfile =
'', $newmask = 0, $indexdatabase = 0, $arrayreplacementisregex = 0)
627 dol_syslog(
"files.lib.php::dolReplaceInFile srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" indexdatabase=".$indexdatabase.
" arrayreplacementisregex=".$arrayreplacementisregex);
629 if (empty($srcfile)) {
632 if (empty($destfile)) {
633 $destfile = $srcfile;
637 if (($destfile != $srcfile) && $destexists) {
641 $tmpdestfile = $destfile.
'.tmp';
646 $newdirdestfile = dirname($newpathofdestfile);
648 if ($destexists && !is_writable($newpathofdestfile)) {
649 dol_syslog(
"files.lib.php::dolReplaceInFile failed Permission denied to overwrite target file", LOG_WARNING);
652 if (!is_writable($newdirdestfile)) {
653 dol_syslog(
"files.lib.php::dolReplaceInFile failed Permission denied to write into target directory ".$newdirdestfile, LOG_WARNING);
660 $content = file_get_contents($newpathofsrcfile,
'r');
662 if (empty($arrayreplacementisregex)) {
665 foreach ($arrayreplacement as $key => $value) {
666 $content = preg_replace($key, $value, $content);
670 file_put_contents($newpathoftmpdestfile, $content);
671 @chmod($newpathoftmpdestfile, octdec($newmask));
674 $result =
dol_move($newpathoftmpdestfile, $newpathofdestfile, $newmask, (($destfile == $srcfile) ? 1 : 0), 0, $indexdatabase);
676 dol_syslog(
"files.lib.php::dolReplaceInFile failed to move tmp file to final dest", LOG_WARNING);
679 if (empty($newmask) && !empty($conf->global->MAIN_UMASK)) {
680 $newmask = $conf->global->MAIN_UMASK;
682 if (empty($newmask)) {
683 dol_syslog(
"Warning: dolReplaceInFile called with empty value for newmask and no default value defined", LOG_WARNING);
687 @chmod($newpathofdestfile, octdec($newmask));
703 function dol_copy($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1)
707 dol_syslog(
"files.lib.php::dol_copy srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwriteifexists=".$overwriteifexists);
709 if (empty($srcfile) || empty($destfile)) {
714 if (!$overwriteifexists && $destexists) {
720 $newdirdestfile = dirname($newpathofdestfile);
722 if ($destexists && !is_writable($newpathofdestfile)) {
723 dol_syslog(
"files.lib.php::dol_copy failed Permission denied to overwrite target file", LOG_WARNING);
726 if (!is_writable($newdirdestfile)) {
727 dol_syslog(
"files.lib.php::dol_copy failed Permission denied to write into target directory ".$newdirdestfile, LOG_WARNING);
731 $result = @copy($newpathofsrcfile, $newpathofdestfile);
734 dol_syslog(
"files.lib.php::dol_copy failed to copy", LOG_WARNING);
737 if (empty($newmask) && !empty($conf->global->MAIN_UMASK)) {
738 $newmask = $conf->global->MAIN_UMASK;
740 if (empty($newmask)) {
741 dol_syslog(
"Warning: dol_copy called with empty value for newmask and no default value defined", LOG_WARNING);
745 @chmod($newpathofdestfile, octdec($newmask));
762 function dolCopyDir($srcfile, $destfile, $newmask, $overwriteifexists, $arrayreplacement =
null, $excludesubdir = 0)
768 dol_syslog(
"files.lib.php::dolCopyDir srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwriteifexists=".$overwriteifexists);
770 if (empty($srcfile) || empty($destfile)) {
780 $dirmaskdec = octdec($newmask);
781 if (empty($newmask) && !empty($conf->global->MAIN_UMASK)) {
782 $dirmaskdec = octdec($conf->global->MAIN_UMASK);
784 $dirmaskdec |= octdec(
'0200');
785 dol_mkdir($destfile,
'', decoct($dirmaskdec));
792 if (is_dir($ossrcfile)) {
793 $dir_handle = opendir($ossrcfile);
794 while ($file = readdir($dir_handle)) {
795 if ($file !=
"." && $file !=
".." && !is_link($ossrcfile.
"/".$file)) {
796 if (is_dir($ossrcfile.
"/".$file)) {
797 if (empty($excludesubdir) || ($excludesubdir == 2 && strlen($file) == 2)) {
800 if (is_array($arrayreplacement)) {
801 foreach ($arrayreplacement as $key => $val) {
802 $newfile = str_replace($key, $val, $newfile);
806 $tmpresult =
dolCopyDir($srcfile.
"/".$file, $destfile.
"/".$newfile, $newmask, $overwriteifexists, $arrayreplacement, $excludesubdir);
811 if (is_array($arrayreplacement)) {
812 foreach ($arrayreplacement as $key => $val) {
813 $newfile = str_replace($key, $val, $newfile);
816 $tmpresult =
dol_copy($srcfile.
"/".$file, $destfile.
"/".$newfile, $newmask, $overwriteifexists);
819 if ($result > 0 && $tmpresult >= 0) {
822 $result = $tmpresult;
829 closedir($dir_handle);
855 function dol_move($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 1)
857 global $user, $db, $conf;
860 dol_syslog(
"files.lib.php::dol_move srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwritifexists=".$overwriteifexists);
865 dol_syslog(
"files.lib.php::dol_move srcfile does not exists. we ignore the move request.");
869 if ($overwriteifexists || !$destexists) {
874 $testvirusarray = array();
877 if (count($testvirusarray)) {
878 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. we ignore the move request.", LOG_WARNING);
883 $result = @rename($newpathofsrcfile, $newpathofdestfile);
886 dol_syslog(
"files.lib.php::dol_move Failed. We try to delete target first and move after.", LOG_WARNING);
889 $result = @rename($newpathofsrcfile, $newpathofdestfile);
891 dol_syslog(
"files.lib.php::dol_move Failed.", LOG_WARNING);
896 if ($result && $indexdatabase) {
898 $rel_filetorenamebefore = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $srcfile);
899 $rel_filetorenameafter = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $destfile);
900 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) {
901 $rel_filetorenamebefore = preg_replace(
'/^[\\/]/',
'', $rel_filetorenamebefore);
902 $rel_filetorenameafter = preg_replace(
'/^[\\/]/',
'', $rel_filetorenameafter);
905 dol_syslog(
"Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore.
" after = ".$rel_filetorenameafter, LOG_DEBUG);
906 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
909 $resultecmtarget = $ecmfiletarget->fetch(0,
'', $rel_filetorenameafter);
910 if ($resultecmtarget > 0) {
911 $ecmfiletarget->delete($user);
915 $resultecm = $ecmfile->fetch(0,
'', $rel_filetorenamebefore);
916 if ($resultecm > 0) {
917 $filename = basename($rel_filetorenameafter);
918 $rel_dir = dirname($rel_filetorenameafter);
919 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
920 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
922 $ecmfile->filepath = $rel_dir;
923 $ecmfile->filename = $filename;
925 $resultecm = $ecmfile->update($user);
926 } elseif ($resultecm == 0) {
927 $filename = basename($rel_filetorenameafter);
928 $rel_dir = dirname($rel_filetorenameafter);
929 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
930 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
932 $ecmfile->filepath = $rel_dir;
933 $ecmfile->filename = $filename;
935 $ecmfile->fullpath_orig = $srcfile;
936 $ecmfile->gen_or_uploaded =
'unknown';
937 $ecmfile->description =
'';
938 $ecmfile->keywords =
'';
939 $resultecm = $ecmfile->create($user);
940 if ($resultecm < 0) {
943 } elseif ($resultecm < 0) {
947 if ($resultecm > 0) {
955 if (empty($newmask)) {
956 $newmask = empty($conf->global->MAIN_UMASK) ?
'0755' : $conf->global->MAIN_UMASK;
958 $newmaskdec = octdec($newmask);
962 @chmod($newpathofdestfile, $newmaskdec);
979 function dol_move_dir($srcdir, $destdir, $overwriteifexists = 1, $indexdatabase = 1, $renamedircontent = 1)
982 global $user, $db, $conf;
985 dol_syslog(
"files.lib.php::dol_move_dir srcdir=".$srcdir.
" destdir=".$destdir.
" overwritifexists=".$overwriteifexists.
" indexdatabase=".$indexdatabase.
" renamedircontent=".$renamedircontent);
987 $srcbasename = basename($srcdir);
991 dol_syslog(
"files.lib.php::dol_move_dir srcdir does not exists. we ignore the move request.");
995 if ($overwriteifexists || !$destexists) {
999 $result = @rename($newpathofsrcdir, $newpathofdestdir);
1001 if ($result && $renamedircontent) {
1002 if (file_exists($newpathofdestdir)) {
1003 $destbasename = basename($newpathofdestdir);
1005 if (!empty($files) && is_array($files)) {
1006 foreach ($files as $key => $file) {
1007 if (!file_exists($file[
"fullname"]))
continue;
1008 $filepath = $file[
"path"];
1009 $oldname = $file[
"name"];
1011 $newname = str_replace($srcbasename, $destbasename, $oldname);
1012 if (!empty($newname) && $newname !== $oldname) {
1013 if ($file[
"type"] ==
"dir") {
1014 $res =
dol_move_dir($filepath.
'/'.$oldname, $filepath.
'/'.$newname, $overwriteifexists, $indexdatabase, $renamedircontent);
1016 $res =
dol_move($filepath.
'/'.$oldname, $filepath.
'/'.$newname);
1043 return trim(basename($filename),
".\x00..\x20");
1057 if (!empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) {
1058 if (!class_exists(
'AntiVir')) {
1059 require_once DOL_DOCUMENT_ROOT.
'/core/class/antivir.class.php';
1062 $result = $antivir->dol_avscan_file($src_file);
1064 $reterrors = $antivir->errors;
1092 function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disablevirusscan = 0, $uploaderrorcode = 0, $nohook = 0, $varfiles =
'addedfile', $upload_dir =
'')
1094 global $conf, $db, $user, $langs;
1095 global $object, $hookmanager;
1098 $file_name = $dest_file;
1101 if (empty($nohook)) {
1102 $reshook = $hookmanager->initHooks(array(
'fileslib'));
1104 $parameters = array(
'dest_file' => $dest_file,
'src_file' => $src_file,
'file_name' => $file_name,
'varfiles' => $varfiles,
'allowoverwrite' => $allowoverwrite);
1105 $reshook = $hookmanager->executeHooks(
'moveUploadedFile', $parameters, $object);
1108 if (empty($reshook)) {
1110 if ($uploaderrorcode) {
1111 switch ($uploaderrorcode) {
1112 case UPLOAD_ERR_INI_SIZE:
1113 return 'ErrorFileSizeTooLarge';
1114 case UPLOAD_ERR_FORM_SIZE:
1115 return 'ErrorFileSizeTooLarge';
1116 case UPLOAD_ERR_PARTIAL:
1117 return 'ErrorPartialFile';
1118 case UPLOAD_ERR_NO_TMP_DIR:
1119 return 'ErrorNoTmpDir';
1120 case UPLOAD_ERR_CANT_WRITE:
1121 return 'ErrorFailedToWriteInDir';
1122 case UPLOAD_ERR_EXTENSION:
1123 return 'ErrorUploadBlockedByAddon';
1130 if (empty($disablevirusscan) && file_exists($src_file)) {
1132 if (count($checkvirusarray)) {
1133 dol_syslog(
'Files.lib::dol_move_uploaded_file File "'.$src_file.
'" (target name "'.$dest_file.
'") KO with antivirus: errors='.join(
',', $checkvirusarray), LOG_WARNING);
1134 return 'ErrorFileIsInfectedWithAVirus: '.join(
',', $checkvirusarray);
1143 $publicmediasdirwithslash = $conf->medias->multidir_output[$conf->entity];
1144 if (!preg_match(
'/\/$/', $publicmediasdirwithslash)) {
1145 $publicmediasdirwithslash .=
'/';
1148 if (strpos($upload_dir, $publicmediasdirwithslash) !== 0) {
1149 $file_name .=
'.noexe';
1156 if (preg_match(
'/^\./', basename($src_file)) || preg_match(
'/\.\./', $src_file) || preg_match(
'/[<>|]/', $src_file)) {
1157 dol_syslog(
"Refused to deliver file ".$src_file, LOG_WARNING);
1163 if (preg_match(
'/^\./', basename($dest_file)) || preg_match(
'/\.\./', $dest_file) || preg_match(
'/[<>|]/', $dest_file)) {
1164 dol_syslog(
"Refused to deliver file ".$dest_file, LOG_WARNING);
1170 $errmsg = join(
',', $hookmanager->errors);
1171 if (empty($errmsg)) {
1172 $errmsg =
'ErrorReturnedBySomeHooks';
1175 } elseif (empty($reshook)) {
1181 if (!is_writable(dirname($file_name_osencoded))) {
1182 dol_syslog(
"Files.lib::dol_move_uploaded_file Dir ".dirname($file_name_osencoded).
" is not writable. Return 'ErrorDirNotWritable'", LOG_WARNING);
1183 return 'ErrorDirNotWritable';
1187 if (!$allowoverwrite) {
1188 if (file_exists($file_name_osencoded)) {
1189 dol_syslog(
"Files.lib::dol_move_uploaded_file File ".$file_name.
" already exists. Return 'ErrorFileAlreadyExists'", LOG_WARNING);
1190 return 'ErrorFileAlreadyExists';
1193 if (is_dir($file_name_osencoded)) {
1194 dol_syslog(
"Files.lib::dol_move_uploaded_file A directory with name ".$file_name.
" already exists. Return 'ErrorDirWithFileNameAlreadyExists'", LOG_WARNING);
1195 return 'ErrorDirWithFileNameAlreadyExists';
1200 $return = move_uploaded_file($src_file_osencoded, $file_name_osencoded);
1202 if (!empty($conf->global->MAIN_UMASK)) {
1203 @chmod($file_name_osencoded, octdec($conf->global->MAIN_UMASK));
1205 dol_syslog(
"Files.lib::dol_move_uploaded_file Success to move ".$src_file.
" to ".$file_name.
" - Umask=".$conf->global->MAIN_UMASK, LOG_DEBUG);
1206 return $successcode;
1208 dol_syslog(
"Files.lib::dol_move_uploaded_file Failed to move ".$src_file.
" to ".$file_name, LOG_ERR);
1213 return $successcode;
1231 function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0, $object =
null, $allowdotdot =
false, $indexdatabase = 1, $nolog = 0)
1233 global $db, $conf, $user, $langs;
1234 global $hookmanager;
1237 $langs->loadLangs(array(
'other',
'errors'));
1239 if (empty($nolog)) {
1240 dol_syslog(
"dol_delete_file file=".$file.
" disableglob=".$disableglob.
" nophperrors=".$nophperrors.
" nohook=".$nohook);
1245 if ((!$allowdotdot && preg_match(
'/\.\./', $file)) || preg_match(
'/[<>|]/', $file)) {
1246 dol_syslog(
"Refused to delete file ".$file, LOG_WARNING);
1251 if (empty($nohook)) {
1252 $hookmanager->initHooks(array(
'fileslib'));
1254 $parameters = array(
1257 'disableglob'=> $disableglob,
1258 'nophperrors' => $nophperrors
1260 $reshook = $hookmanager->executeHooks(
'deleteFile', $parameters, $object);
1263 if (empty($nohook) && $reshook != 0) {
1271 if (empty($disableglob) && !empty($file_osencoded)) {
1273 $globencoded = str_replace(
'[',
'\[', $file_osencoded);
1274 $globencoded = str_replace(
']',
'\]', $globencoded);
1275 $listofdir = glob($globencoded);
1276 if (!empty($listofdir) && is_array($listofdir)) {
1277 foreach ($listofdir as $filename) {
1279 $ok = @unlink($filename);
1281 $ok = unlink($filename);
1285 if (!$ok && file_exists(dirname($filename)) && !(fileperms(dirname($filename)) & 0200)) {
1286 dol_syslog(
"Error in deletion, but parent directory exists with no permission to write, we try to change permission on parent directory and retry...", LOG_DEBUG);
1287 @chmod(dirname($filename), fileperms(dirname($filename)) | 0200);
1290 $ok = @unlink($filename);
1292 $ok = unlink($filename);
1297 if (empty($nolog)) {
1298 dol_syslog(
"Removed file ".$filename, LOG_DEBUG);
1302 $rel_filetodelete = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $filename);
1303 if (!preg_match(
'/(\/temp\/|\/thumbs\/|\.meta$)/', $rel_filetodelete)) {
1304 if (is_object($db) && $indexdatabase) {
1305 $rel_filetodelete = preg_replace(
'/^[\\/]/',
'', $rel_filetodelete);
1306 $rel_filetodelete = preg_replace(
'/\.noexe$/',
'', $rel_filetodelete);
1308 dol_syslog(
"Try to remove also entries in database for full relative path = ".$rel_filetodelete, LOG_DEBUG);
1309 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1311 $result = $ecmfile->fetch(0,
'', $rel_filetodelete);
1312 if ($result >= 0 && $ecmfile->id > 0) {
1313 $result = $ecmfile->delete($user);
1321 dol_syslog(
"Failed to remove file ".$filename, LOG_WARNING);
1327 dol_syslog(
"No files to delete found", LOG_DEBUG);
1332 $ok = @unlink($file_osencoded);
1334 $ok = unlink($file_osencoded);
1337 if (empty($nolog)) {
1338 dol_syslog(
"Removed file ".$file_osencoded, LOG_DEBUG);
1341 dol_syslog(
"Failed to remove file ".$file_osencoded, LOG_WARNING);
1362 if (preg_match(
'/\.\./', $dir) || preg_match(
'/[<>|]/', $dir)) {
1363 dol_syslog(
"Refused to delete dir ".$dir, LOG_WARNING);
1368 return ($nophperrors ? @rmdir($dir_osencoded) : rmdir($dir_osencoded));
1383 function dol_delete_dir_recursive($dir, $count = 0, $nophperrors = 0, $onlysub = 0, &$countdeleted = 0, $indexdatabase = 1, $nolog = 0)
1385 if (empty($nolog)) {
1386 dol_syslog(
"functions.lib:dol_delete_dir_recursive ".$dir, LOG_DEBUG);
1390 if ($handle = opendir(
"$dir_osencoded")) {
1391 while (
false !== ($item = readdir($handle))) {
1393 $item = utf8_encode($item);
1396 if ($item !=
"." && $item !=
"..") {
1400 $result =
dol_delete_file(
"$dir/$item", 1, $nophperrors, 0,
null,
false, $indexdatabase, $nolog);
1412 if (empty($onlysub)) {
1437 global $langs, $conf;
1440 $element = $object->element;
1442 if ($object->element ==
'order_supplier') {
1443 $dir = $conf->fournisseur->commande->dir_output;
1444 } elseif ($object->element ==
'invoice_supplier') {
1445 $dir = $conf->fournisseur->facture->dir_output;
1446 } elseif ($object->element ==
'project') {
1447 $dir = $conf->project->dir_output;
1448 } elseif ($object->element ==
'shipping') {
1449 $dir = $conf->expedition->dir_output.
'/sending';
1450 } elseif ($object->element ==
'delivery') {
1451 $dir = $conf->expedition->dir_output.
'/receipt';
1452 } elseif ($object->element ==
'fichinter') {
1453 $dir = $conf->ficheinter->dir_output;
1455 $dir = empty($conf->$element->dir_output) ?
'' : $conf->$element->dir_output;
1459 return 'ErrorObjectNoSupportedByFunction';
1463 $dir = $dir.
"/".$refsan;
1464 $filepreviewnew = $dir.
"/".$refsan.
".pdf_preview.png";
1465 $filepreviewnewbis = $dir.
"/".$refsan.
".pdf_preview-0.png";
1466 $filepreviewold = $dir.
"/".$refsan.
".pdf.png";
1469 if (file_exists($filepreviewnew) && is_writable($filepreviewnew)) {
1471 $object->error = $langs->trans(
"ErrorFailedToDeleteFile", $filepreviewnew);
1475 if (file_exists($filepreviewnewbis) && is_writable($filepreviewnewbis)) {
1477 $object->error = $langs->trans(
"ErrorFailedToDeleteFile", $filepreviewnewbis);
1482 if (file_exists($filepreviewold) && is_writable($filepreviewold)) {
1484 $object->error = $langs->trans(
"ErrorFailedToDeleteFile", $filepreviewold);
1488 $multiple = $filepreviewold.
".";
1489 for ($i = 0; $i < 20; $i++) {
1490 $preview = $multiple.$i;
1492 if (file_exists($preview) && is_writable($preview)) {
1494 $object->error = $langs->trans(
"ErrorFailedToOpenFile", $preview);
1517 if (empty($conf->global->MAIN_DOC_CREATE_METAFILE)) {
1522 $element = $object->element;
1524 if ($object->element ==
'order_supplier') {
1525 $dir = $conf->fournisseur->dir_output.
'/commande';
1526 } elseif ($object->element ==
'invoice_supplier') {
1527 $dir = $conf->fournisseur->dir_output.
'/facture';
1528 } elseif ($object->element ==
'project') {
1529 $dir = $conf->project->dir_output;
1530 } elseif ($object->element ==
'shipping') {
1531 $dir = $conf->expedition->dir_output.
'/sending';
1532 } elseif ($object->element ==
'delivery') {
1533 $dir = $conf->expedition->dir_output.
'/receipt';
1534 } elseif ($object->element ==
'fichinter') {
1535 $dir = $conf->ficheinter->dir_output;
1537 $dir = empty($conf->$element->dir_output) ?
'' : $conf->$element->dir_output;
1541 $object->fetch_thirdparty();
1544 $dir = $dir.
"/".$objectref;
1545 $file = $dir.
"/".$objectref.
".meta";
1547 if (!is_dir($dir)) {
1552 $nblines = count($object->lines);
1553 $client = $object->thirdparty->name.
" ".$object->thirdparty->address.
" ".$object->thirdparty->zip.
" ".$object->thirdparty->town;
1554 $meta =
"REFERENCE=\"".$object->ref.
"\"
1556 NB_ITEMS=\"" . $nblines.
"\"
1557 CLIENT=\"" . $client.
"\"
1558 AMOUNT_EXCL_TAX=\"" . $object->total_ht.
"\"
1559 AMOUNT=\"" . $object->total_ttc.
"\"\n";
1561 for ($i = 0; $i < $nblines; $i++) {
1563 $meta .=
"ITEM_".$i.
"_QUANTITY=\"".$object->lines[$i]->qty.
"\"
1564 ITEM_" . $i.
"_AMOUNT_WO_TAX=\"".$object->lines[$i]->total_ht.
"\"
1565 ITEM_" . $i.
"_VAT=\"".$object->lines[$i]->tva_tx.
"\"
1566 ITEM_" . $i.
"_DESCRIPTION=\"".str_replace(
"\r\n",
"", nl2br($object->lines[$i]->desc)).
"\"
1571 $fp = fopen($file,
"w");
1574 if (!empty($conf->global->MAIN_UMASK)) {
1575 @chmod($file, octdec($conf->global->MAIN_UMASK));
1580 dol_syslog(
'FailedToDetectDirInDolMetaCreateFor'.$object->element, LOG_WARNING);
1598 $listofpaths = array();
1599 $listofnames = array();
1600 $listofmimes = array();
1604 foreach ($listoffiles as $key => $val) {
1605 $listofpaths[] = $val[
'fullname'];
1606 $listofnames[] = $val[
'name'];
1610 $keytoavoidconflict = empty($trackid) ?
'' :
'-'.$trackid;
1611 $_SESSION[
"listofpaths".$keytoavoidconflict] = join(
';', $listofpaths);
1612 $_SESSION[
"listofnames".$keytoavoidconflict] = join(
';', $listofnames);
1613 $_SESSION[
"listofmimes".$keytoavoidconflict] = join(
';', $listofmimes);
1634 function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesession = 0, $varfiles =
'addedfile', $savingdocmask =
'', $link =
null, $trackid =
'', $generatethumbs = 1, $object =
null)
1636 global $db, $user, $conf, $langs;
1640 if (!empty($_FILES[$varfiles])) {
1641 dol_syslog(
'dol_add_file_process upload_dir='.$upload_dir.
' allowoverwrite='.$allowoverwrite.
' donotupdatesession='.$donotupdatesession.
' savingdocmask='.$savingdocmask, LOG_DEBUG);
1646 $TFile = $_FILES[$varfiles];
1647 if (!is_array($TFile[
'name'])) {
1648 foreach ($TFile as $key => &$val) {
1653 $nbfile = count($TFile[
'name']);
1655 for ($i = 0; $i < $nbfile; $i++) {
1656 if (empty($TFile[
'name'][$i])) {
1661 $destfull = $upload_dir.
"/".$TFile[
'name'][$i];
1662 $destfile = $TFile[
'name'][$i];
1663 $destfilewithoutext = preg_replace(
'/\.[^\.]+$/',
'', $destfile);
1665 if ($savingdocmask && strpos($savingdocmask, $destfilewithoutext) !== 0) {
1666 $destfull = $upload_dir.
"/".preg_replace(
'/__file__/', $TFile[
'name'][$i], $savingdocmask);
1667 $destfile = preg_replace(
'/__file__/', $TFile[
'name'][$i], $savingdocmask);
1670 $filenameto = basename($destfile);
1671 if (preg_match(
'/^\./', $filenameto)) {
1672 $langs->load(
"errors");
1673 setEventMessages($langs->trans(
"ErrorFilenameCantStartWithDot", $filenameto),
null,
'errors');
1678 $info = pathinfo($destfull);
1679 $destfull = $info[
'dirname'].
'/'.
dol_sanitizeFileName($info[
'filename'].($info[
'extension'] !=
'' ? (
'.'.strtolower($info[
'extension'])) :
''));
1680 $info = pathinfo($destfile);
1682 $destfile =
dol_sanitizeFileName($info[
'filename'].($info[
'extension'] !=
'' ? (
'.'.strtolower($info[
'extension'])) :
''));
1690 $resupload =
dol_move_uploaded_file($TFile[
'tmp_name'][$i], $destfull, $allowoverwrite, 0, $TFile[
'error'][$i], 0, $varfiles, $upload_dir);
1692 if (is_numeric($resupload) && $resupload > 0) {
1693 include_once DOL_DOCUMENT_ROOT.
'/core/lib/images.lib.php';
1696 $maxwidthsmall = $tmparraysize[
'maxwidthsmall'];
1697 $maxheightsmall = $tmparraysize[
'maxheightsmall'];
1698 $maxwidthmini = $tmparraysize[
'maxwidthmini'];
1699 $maxheightmini = $tmparraysize[
'maxheightmini'];
1704 if ($generatethumbs) {
1710 $imgThumbSmall =
vignette($destfull, $maxwidthsmall, $maxheightsmall,
'_small', $quality,
"thumbs");
1713 $imgThumbMini =
vignette($destfull, $maxwidthmini, $maxheightmini,
'_mini', $quality,
"thumbs");
1718 if (empty($donotupdatesession)) {
1719 include_once DOL_DOCUMENT_ROOT.
'/core/class/html.formmail.class.php';
1721 $formmail->trackid = $trackid;
1722 $formmail->add_attached_files($destfull, $destfile, $TFile[
'type'][$i]);
1726 if ($donotupdatesession == 1) {
1727 $result =
addFileIntoDatabaseIndex($upload_dir, basename($destfile).($resupload == 2 ?
'.noexe' :
''), $TFile[
'name'][$i],
'uploaded', 0, $object);
1729 if ($allowoverwrite) {
1732 setEventMessages(
'WarningFailedToAddFileIntoDatabaseIndex',
'',
'warnings');
1739 $langs->load(
"errors");
1740 if ($resupload < 0) {
1742 } elseif (preg_match(
'/ErrorFileIsInfectedWithAVirus/', $resupload)) {
1743 setEventMessages($langs->trans(
"ErrorFileIsInfectedWithAVirus"),
null,
'errors');
1755 setEventMessages($langs->trans(
"ErrorFailedToCreateDir", $upload_dir),
null,
'errors');
1758 require_once DOL_DOCUMENT_ROOT.
'/core/class/link.class.php';
1759 $linkObject =
new Link($db);
1760 $linkObject->entity = $conf->entity;
1761 $linkObject->url = $link;
1762 $linkObject->objecttype =
GETPOST(
'objecttype',
'alpha');
1763 $linkObject->objectid =
GETPOST(
'objectid',
'int');
1764 $linkObject->label =
GETPOST(
'label',
'alpha');
1765 $res = $linkObject->create($user);
1766 $langs->load(
'link');
1773 $langs->load(
"errors");
1774 setEventMessages($langs->trans(
"ErrorFieldRequired", $langs->transnoentities(
"File")),
null,
'errors');
1794 global $db, $user, $conf, $langs, $_FILES;
1796 $keytodelete = $filenb;
1799 $listofpaths = array();
1800 $listofnames = array();
1801 $listofmimes = array();
1802 $keytoavoidconflict = empty($trackid) ?
'' :
'-'.$trackid;
1803 if (!empty($_SESSION[
"listofpaths".$keytoavoidconflict])) {
1804 $listofpaths = explode(
';', $_SESSION[
"listofpaths".$keytoavoidconflict]);
1806 if (!empty($_SESSION[
"listofnames".$keytoavoidconflict])) {
1807 $listofnames = explode(
';', $_SESSION[
"listofnames".$keytoavoidconflict]);
1809 if (!empty($_SESSION[
"listofmimes".$keytoavoidconflict])) {
1810 $listofmimes = explode(
';', $_SESSION[
"listofmimes".$keytoavoidconflict]);
1813 if ($keytodelete >= 0) {
1814 $pathtodelete = $listofpaths[$keytodelete];
1815 $filetodelete = $listofnames[$keytodelete];
1816 if (empty($donotdeletefile)) {
1822 if (empty($donotdeletefile)) {
1823 $langs->load(
"other");
1824 setEventMessages($langs->trans(
"FileWasRemoved", $filetodelete),
null,
'mesgs');
1826 if (empty($donotupdatesession)) {
1827 include_once DOL_DOCUMENT_ROOT.
'/core/class/html.formmail.class.php';
1829 $formmail->trackid = $trackid;
1830 $formmail->remove_attached_files($keytodelete);
1852 global $db, $user, $conf;
1856 $rel_dir = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $dir);
1858 if (!preg_match(
'/[\\/]temp[\\/]|[\\/]thumbs|\.meta$/', $rel_dir)) {
1859 $filename = basename(preg_replace(
'/\.noexe$/',
'', $file));
1860 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1861 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1863 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1865 $ecmfile->filepath = $rel_dir;
1866 $ecmfile->filename = $filename;
1867 $ecmfile->label = md5_file(
dol_osencode($dir.
'/'.$file));
1868 $ecmfile->fullpath_orig = $fullpathorig;
1869 $ecmfile->gen_or_uploaded = $mode;
1870 $ecmfile->description =
'';
1871 $ecmfile->keywords =
'';
1873 if (is_object($object) && $object->id > 0) {
1874 $ecmfile->src_object_id = $object->id;
1875 if (isset($object->table_element)) {
1876 $ecmfile->src_object_type = $object->table_element;
1878 dol_syslog(
'Error: object ' . get_class($object) .
' has no table_element attribute.');
1881 if (isset($object->src_object_description)) $ecmfile->description = $object->src_object_description;
1882 if (isset($object->src_object_keywords)) $ecmfile->keywords = $object->src_object_keywords;
1885 if (!empty($conf->global->MAIN_FORCE_SHARING_ON_ANY_UPLOADED_FILE)) {
1890 require_once DOL_DOCUMENT_ROOT.
'/core/lib/security2.lib.php';
1894 $result = $ecmfile->create($user);
1913 global $conf, $db, $user;
1918 dol_syslog(
"deleteFilesIntoDatabaseIndex: dir parameter can't be empty", LOG_ERR);
1924 $rel_dir = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $dir);
1926 $filename = basename($file);
1927 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1928 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1931 $sql =
'DELETE FROM '.MAIN_DB_PREFIX.
'ecm_files';
1932 $sql .=
' WHERE entity = '.$conf->entity;
1933 $sql .=
" AND filepath = '".$db->escape($rel_dir).
"'";
1935 $sql .=
" AND filename = '".$db->escape($file).
"'";
1938 $sql .=
" AND gen_or_uploaded = '".$db->escape($mode).
"'";
1941 $resql = $db->query($sql);
1944 dol_syslog(__METHOD__.
' '.$db->lasterror(), LOG_ERR);
1973 if (class_exists(
'Imagick')) {
1974 $image =
new Imagick();
1976 $filetoconvert = $fileinput.(($page !=
'') ?
'['.$page.
']' :
'');
1978 $ret = $image->readImage($filetoconvert);
1980 $ext = pathinfo($fileinput, PATHINFO_EXTENSION);
1981 dol_syslog(
"Failed to read image using Imagick (Try to install package 'apt-get install php-imagick ghostscript' and check there is no policy to disable ".$ext.
" convertion in /etc/ImageMagick*/policy.xml): ".$e->getMessage(), LOG_WARNING);
1985 $ret = $image->setImageFormat($ext);
1987 if (empty($fileoutput)) {
1988 $fileoutput = $fileinput.
".".$ext;
1991 $count = $image->getNumberImages();
1993 if (!
dol_is_file($fileoutput) || is_writeable($fileoutput)) {
1995 $ret = $image->writeImages($fileoutput,
true);
2000 dol_syslog(
"Warning: Failed to write cache preview file '.$fileoutput.'. Check permission on file/dir", LOG_ERR);
2029 function dol_compress_file($inputfile, $outputfile, $mode =
"gz", &$errorstring =
null)
2036 dol_syslog(
"dol_compress_file mode=".$mode.
" inputfile=".$inputfile.
" outputfile=".$outputfile);
2039 if ($mode ==
'gz') {
2041 $compressdata = gzencode($data, 9);
2042 } elseif ($mode ==
'bz') {
2044 $compressdata = bzcompress($data, 9);
2045 } elseif ($mode ==
'zstd') {
2047 $compressdata = zstd_compress($data, 9);
2048 } elseif ($mode ==
'zip') {
2049 if (class_exists(
'ZipArchive') && !empty($conf->global->MAIN_USE_ZIPARCHIVE_FOR_ZIP_COMPRESS)) {
2052 $rootPath = realpath($inputfile);
2054 dol_syslog(
"Class ZipArchive is set so we zip using ZipArchive to zip into ".$outputfile.
' rootPath='.$rootPath);
2055 $zip =
new ZipArchive;
2057 if ($zip->open($outputfile, ZipArchive::CREATE) !==
true) {
2058 $errorstring =
"dol_compress_file failure - Failed to open file ".$outputfile.
"\n";
2062 $errormsg = $errorstring;
2069 $files =
new RecursiveIteratorIterator(
2070 new RecursiveDirectoryIterator($rootPath),
2071 RecursiveIteratorIterator::LEAVES_ONLY
2074 foreach ($files as $name => $file) {
2076 if (!$file->isDir()) {
2078 $filePath = $file->getPath();
2079 $fileName = $file->getFilename();
2080 $fileFullRealPath = $file->getRealPath();
2083 $relativePath = substr(($filePath ? $filePath.
'/' :
'').$fileName, strlen($rootPath) + 1);
2086 $zip->addFile($fileFullRealPath, $relativePath);
2093 dol_syslog(
"dol_compress_file success - ".count($zip->numFiles).
" files");
2097 if (defined(
'ODTPHP_PATHTOPCLZIP')) {
2100 include_once ODTPHP_PATHTOPCLZIP.
'/pclzip.lib.php';
2101 $archive =
new PclZip($outputfile);
2102 $result = $archive->add($inputfile, PCLZIP_OPT_REMOVE_PATH, dirname($inputfile));
2104 if ($result === 0) {
2106 $errormsg = $archive->errorInfo(
true);
2108 if ($archive->errorCode() == PCLZIP_ERR_WRITE_OPEN_FAIL) {
2109 $errorstring =
"PCLZIP_ERR_WRITE_OPEN_FAIL";
2110 dol_syslog(
"dol_compress_file error - archive->errorCode() = PCLZIP_ERR_WRITE_OPEN_FAIL", LOG_ERR);
2114 $errorstring =
"dol_compress_file error archive->errorCode = ".$archive->errorCode().
" errormsg=".$errormsg;
2115 dol_syslog(
"dol_compress_file failure - ".$errormsg, LOG_ERR);
2118 dol_syslog(
"dol_compress_file success - ".count($result).
" files");
2124 if ($foundhandler) {
2125 $fp = fopen($outputfile,
"w");
2126 fwrite($fp, $compressdata);
2130 $errorstring =
"Try to zip with format ".$mode.
" with no handler for this format";
2134 $errormsg = $errorstring;
2138 global $langs, $errormsg;
2139 $langs->load(
"errors");
2140 $errormsg = $langs->trans(
"ErrorFailedToWriteInDir");
2142 $errorstring =
"Failed to open file ".$outputfile;
2157 global $conf, $langs, $db;
2159 $fileinfo = pathinfo($inputfile);
2160 $fileinfo[
"extension"] = strtolower($fileinfo[
"extension"]);
2162 if ($fileinfo[
"extension"] ==
"zip") {
2163 if (defined(
'ODTPHP_PATHTOPCLZIP') && empty($conf->global->MAIN_USE_ZIPARCHIVE_FOR_ZIP_UNCOMPRESS)) {
2164 dol_syslog(
"Constant ODTPHP_PATHTOPCLZIP for pclzip library is set to ".ODTPHP_PATHTOPCLZIP.
", so we use Pclzip to unzip into ".$outputdir);
2165 include_once ODTPHP_PATHTOPCLZIP.
'/pclzip.lib.php';
2166 $archive =
new PclZip($inputfile);
2172 $result = $archive->extract(PCLZIP_OPT_PATH, $outputdir, PCLZIP_OPT_BY_PREG,
'/^((?!\.\.).)*$/');
2174 if (!is_array($result) && $result <= 0) {
2175 return array(
'error'=>$archive->errorInfo(
true));
2180 foreach ($result as $key => $val) {
2181 if ($val[
'status'] ==
'path_creation_fail') {
2182 $langs->load(
"errors");
2184 $errmsg = $langs->trans(
"ErrorFailToCreateDir", $val[
'filename']);
2192 return array(
'error'=>$errmsg);
2197 if (class_exists(
'ZipArchive')) {
2198 dol_syslog(
"Class ZipArchive is set so we unzip using ZipArchive to unzip into ".$outputdir);
2199 $zip =
new ZipArchive;
2200 $res = $zip->open($inputfile);
2201 if ($res ===
true) {
2207 for ($i = 0; $i < $zip->numFiles; $i++) {
2208 if (preg_match(
'/\.\./', $zip->getNameIndex($i))) {
2209 dol_syslog(
"Warning: Try to unzip a file with a transversal path ".$zip->getNameIndex($i), LOG_WARNING);
2212 $zip->extractTo($outputdir.
'/', array($zip->getNameIndex($i)));
2218 return array(
'error'=>
'ErrUnzipFails');
2222 return array(
'error'=>
'ErrNoZipEngine');
2223 } elseif (in_array($fileinfo[
"extension"], array(
'gz',
'bz2',
'zst'))) {
2224 include_once DOL_DOCUMENT_ROOT.
"/core/class/utils.class.php";
2225 $utils =
new Utils($db);
2232 $extension = strtolower(pathinfo($fileinfo[
"filename"], PATHINFO_EXTENSION));
2233 if ($extension ==
"tar") {
2236 $resarray = $utils->executeCLI($cmd, $outputfilename.
'.tmp', 0, $outputfilename.
'.err', 0);
2237 if ($resarray[
"result"] != 0) {
2238 $resarray[
"error"] .= file_get_contents($outputfilename.
'.err');
2242 if ($fileinfo[
"extension"] ==
"gz") {
2244 } elseif ($fileinfo[
"extension"] ==
"bz2") {
2246 } elseif ($fileinfo[
"extension"] ==
"zst") {
2249 return array(
'error'=>
'ErrorBadFileExtension');
2252 $cmd .=
' > '.$outputfilename;
2254 $resarray = $utils->executeCLI($cmd, $outputfilename.
'.tmp', 0,
null, 1, $outputfilename.
'.err');
2255 if ($resarray[
"result"] != 0) {
2256 $errfilecontent = @file_get_contents($outputfilename.
'.err');
2257 if ($errfilecontent) {
2258 $resarray[
"error"] .=
" - ".$errfilecontent;
2262 return $resarray[
"result"] != 0 ? array(
'error' => $resarray[
"error"]) : array();
2265 return array(
'error'=>
'ErrorBadFileExtension');
2279 function dol_compress_dir($inputdir, $outputfile, $mode =
"zip", $excludefiles =
'', $rootdirinzip =
'')
2283 dol_syslog(
"Try to zip dir ".$inputdir.
" into ".$outputfile.
" mode=".$mode);
2285 if (!
dol_is_dir(dirname($outputfile)) || !is_writable(dirname($outputfile))) {
2286 global $langs, $errormsg;
2287 $langs->load(
"errors");
2288 $errormsg = $langs->trans(
"ErrorFailedToWriteInDir", $outputfile);
2293 if ($mode ==
'gz') {
2295 } elseif ($mode ==
'bz') {
2297 } elseif ($mode ==
'zip') {
2310 if (class_exists(
'ZipArchive')) {
2314 $zip =
new ZipArchive();
2315 $result = $zip->open($outputfile, ZipArchive::CREATE | ZipArchive::OVERWRITE);
2317 global $langs, $errormsg;
2318 $langs->load(
"errors");
2319 $errormsg = $langs->trans(
"ErrorFailedToWriteInFile", $outputfile);
2326 $files =
new RecursiveIteratorIterator(
2327 new RecursiveDirectoryIterator($inputdir),
2328 RecursiveIteratorIterator::LEAVES_ONLY
2332 foreach ($files as $name => $file) {
2334 if (!$file->isDir()) {
2336 $filePath = $file->getPath();
2337 $fileName = $file->getFilename();
2338 $fileFullRealPath = $file->getRealPath();
2341 $relativePath = ($rootdirinzip ? $rootdirinzip.
'/' :
'').substr(($filePath ? $filePath.
'/' :
'').$fileName, strlen($inputdir) + 1);
2344 if (empty($excludefiles) || !preg_match($excludefiles, $fileFullRealPath)) {
2346 $zip->addFile($fileFullRealPath, $relativePath);
2358 if (!$foundhandler) {
2359 dol_syslog(
"Try to zip with format ".$mode.
" with no handler for this format", LOG_ERR);
2365 global $langs, $errormsg;
2366 $langs->load(
"errors");
2367 dol_syslog(
"Failed to open file ".$outputfile, LOG_ERR);
2369 $errormsg = $langs->trans(
"ErrorFailedToWriteInDir", $outputfile);
2386 function dol_most_recent_file($dir, $regexfilter =
'', $excludefilter = array(
'(\.meta|_preview.*\.png)$',
'^\.'), $nohook =
false, $mode =
'')
2388 $tmparray =
dol_dir_list($dir,
'files', 0, $regexfilter, $excludefilter,
'date', SORT_DESC, $mode, $nohook);
2389 return $tmparray[0];
2407 global $conf, $db, $user, $hookmanager;
2408 global $dolibarr_main_data_root, $dolibarr_main_document_root_alt;
2411 if (!is_object($fuser)) {
2415 if (empty($modulepart)) {
2416 return 'ErrorBadParameter';
2418 if (empty($entity)) {
2419 if (empty($conf->multicompany->enabled)) {
2426 if ($modulepart ==
'users') {
2427 $modulepart =
'user';
2429 if ($modulepart ==
'tva') {
2430 $modulepart =
'tax-vat';
2434 dol_syslog(
'dol_check_secure_access_document modulepart='.$modulepart.
' original_file='.$original_file.
' entity='.$entity);
2438 $sqlprotectagainstexternals =
'';
2442 if (empty($refname)) {
2443 $refname = basename(dirname($original_file).
"/");
2444 if ($refname ==
'thumbs') {
2446 $refname = basename(dirname(dirname($original_file)).
"/");
2453 $download =
'download';
2454 if ($mode ==
'write') {
2457 $download =
'upload';
2461 if ($modulepart ==
'medias' && !empty($dolibarr_main_data_root)) {
2462 if (empty($entity) || empty($conf->medias->multidir_output[$entity])) {
2463 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2466 $original_file = $conf->medias->multidir_output[$entity].
'/'.$original_file;
2467 } elseif ($modulepart ==
'logs' && !empty($dolibarr_main_data_root)) {
2469 $accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match(
'/^dolibarr.*\.log$/', basename($original_file)));
2470 $original_file = $dolibarr_main_data_root.
'/'.$original_file;
2471 } elseif ($modulepart ==
'doctemplates' && !empty($dolibarr_main_data_root)) {
2473 $accessallowed = $user->admin;
2474 $original_file = $dolibarr_main_data_root.
'/doctemplates/'.$original_file;
2475 } elseif ($modulepart ==
'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
2477 $accessallowed = ($fuser->rights->website->write && preg_match(
'/\.jpg$/i', basename($original_file)));
2478 $original_file = $dolibarr_main_data_root.
'/doctemplates/websites/'.$original_file;
2479 } elseif ($modulepart ==
'packages' && !empty($dolibarr_main_data_root)) {
2482 $tmp = explode(
',', $dolibarr_main_document_root_alt);
2485 $accessallowed = ($user->admin && preg_match(
'/^module_.*\.zip$/', basename($original_file)));
2486 $original_file = $dirins.
'/'.$original_file;
2487 } elseif ($modulepart ==
'mycompany' && !empty($conf->mycompany->dir_output)) {
2490 $original_file = $conf->mycompany->dir_output.
'/'.$original_file;
2491 } elseif ($modulepart ==
'userphoto' && !empty($conf->user->dir_output)) {
2494 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2497 $original_file = $conf->user->dir_output.
'/'.$original_file;
2498 } elseif (($modulepart ==
'companylogo') && !empty($conf->mycompany->dir_output)) {
2501 $original_file = $conf->mycompany->dir_output.
'/logos/'.$original_file;
2502 } elseif ($modulepart ==
'memberphoto' && !empty($conf->adherent->dir_output)) {
2505 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2508 $original_file = $conf->adherent->dir_output.
'/'.$original_file;
2509 } elseif ($modulepart ==
'apercufacture' && !empty($conf->facture->multidir_output[$entity])) {
2511 if ($fuser->rights->facture->{$lire}) {
2514 $original_file = $conf->facture->multidir_output[$entity].
'/'.$original_file;
2515 } elseif ($modulepart ==
'apercupropal' && !empty($conf->propal->multidir_output[$entity])) {
2517 if ($fuser->rights->propale->{$lire}) {
2520 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2521 } elseif ($modulepart ==
'apercucommande' && !empty($conf->commande->multidir_output[$entity])) {
2523 if ($fuser->rights->commande->{$lire}) {
2526 $original_file = $conf->commande->multidir_output[$entity].
'/'.$original_file;
2527 } elseif (($modulepart ==
'apercufichinter' || $modulepart ==
'apercuficheinter') && !empty($conf->ficheinter->dir_output)) {
2529 if ($fuser->rights->ficheinter->{$lire}) {
2532 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2533 } elseif (($modulepart ==
'apercucontract') && !empty($conf->contrat->multidir_output[$entity])) {
2535 if ($fuser->rights->contrat->{$lire}) {
2538 $original_file = $conf->contrat->multidir_output[$entity].
'/'.$original_file;
2539 } elseif (($modulepart ==
'apercusupplier_proposal' || $modulepart ==
'apercusupplier_proposal') && !empty($conf->supplier_proposal->dir_output)) {
2541 if ($fuser->rights->supplier_proposal->{$lire}) {
2544 $original_file = $conf->supplier_proposal->dir_output.
'/'.$original_file;
2545 } elseif (($modulepart ==
'apercusupplier_order' || $modulepart ==
'apercusupplier_order') && !empty($conf->fournisseur->commande->dir_output)) {
2547 if ($fuser->rights->fournisseur->commande->{$lire}) {
2550 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2551 } elseif (($modulepart ==
'apercusupplier_invoice' || $modulepart ==
'apercusupplier_invoice') && !empty($conf->fournisseur->facture->dir_output)) {
2553 if ($fuser->rights->fournisseur->facture->{$lire}) {
2556 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2557 } elseif (($modulepart ==
'holiday') && !empty($conf->holiday->dir_output)) {
2558 if ($fuser->rights->holiday->{$read} || !empty($fuser->rights->holiday->readall) || preg_match(
'/^specimen/i', $original_file)) {
2561 if ($refname && empty($fuser->rights->holiday->readall) && !preg_match(
'/^specimen/i', $original_file)) {
2562 include_once DOL_DOCUMENT_ROOT.
'/holiday/class/holiday.class.php';
2563 $tmpholiday =
new Holiday($db);
2564 $tmpholiday->fetch(
'', $refname);
2565 $accessallowed =
checkUserAccessToObject($user, array(
'holiday'), $tmpholiday,
'holiday',
'',
'',
'rowid',
'');
2568 $original_file = $conf->holiday->dir_output.
'/'.$original_file;
2569 } elseif (($modulepart ==
'expensereport') && !empty($conf->expensereport->dir_output)) {
2570 if ($fuser->rights->expensereport->{$lire} || !empty($fuser->rights->expensereport->readall) || preg_match(
'/^specimen/i', $original_file)) {
2573 if ($refname && empty($fuser->rights->expensereport->readall) && !preg_match(
'/^specimen/i', $original_file)) {
2574 include_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
2576 $tmpexpensereport->fetch(
'', $refname);
2577 $accessallowed =
checkUserAccessToObject($user, array(
'expensereport'), $tmpexpensereport,
'expensereport',
'',
'',
'rowid',
'');
2580 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2581 } elseif (($modulepart ==
'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
2583 if ($fuser->rights->expensereport->{$lire}) {
2586 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2587 } elseif ($modulepart ==
'propalstats' && !empty($conf->propal->multidir_temp[$entity])) {
2589 if ($fuser->rights->propale->{$lire}) {
2592 $original_file = $conf->propal->multidir_temp[$entity].
'/'.$original_file;
2593 } elseif ($modulepart ==
'orderstats' && !empty($conf->commande->dir_temp)) {
2595 if ($fuser->rights->commande->{$lire}) {
2598 $original_file = $conf->commande->dir_temp.
'/'.$original_file;
2599 } elseif ($modulepart ==
'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2600 if ($fuser->rights->fournisseur->commande->{$lire}) {
2603 $original_file = $conf->fournisseur->commande->dir_temp.
'/'.$original_file;
2604 } elseif ($modulepart ==
'billstats' && !empty($conf->facture->dir_temp)) {
2606 if ($fuser->rights->facture->{$lire}) {
2609 $original_file = $conf->facture->dir_temp.
'/'.$original_file;
2610 } elseif ($modulepart ==
'billstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2611 if ($fuser->rights->fournisseur->facture->{$lire}) {
2614 $original_file = $conf->fournisseur->facture->dir_temp.
'/'.$original_file;
2615 } elseif ($modulepart ==
'expeditionstats' && !empty($conf->expedition->dir_temp)) {
2617 if ($fuser->rights->expedition->{$lire}) {
2620 $original_file = $conf->expedition->dir_temp.
'/'.$original_file;
2621 } elseif ($modulepart ==
'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) {
2623 if ($fuser->rights->deplacement->{$lire}) {
2626 $original_file = $conf->deplacement->dir_temp.
'/'.$original_file;
2627 } elseif ($modulepart ==
'memberstats' && !empty($conf->adherent->dir_temp)) {
2629 if ($fuser->rights->adherent->{$lire}) {
2632 $original_file = $conf->adherent->dir_temp.
'/'.$original_file;
2633 } elseif (preg_match(
'/^productstats_/i', $modulepart) && !empty($conf->product->dir_temp)) {
2635 if ($fuser->rights->produit->{$lire} || $fuser->rights->service->{$lire}) {
2638 $original_file = (!empty($conf->product->multidir_temp[$entity]) ? $conf->product->multidir_temp[$entity] : $conf->service->multidir_temp[$entity]).
'/'.$original_file;
2639 } elseif (in_array($modulepart, array(
'tax',
'tax-vat',
'tva')) && !empty($conf->tax->dir_output)) {
2641 if ($fuser->rights->tax->charges->{$lire}) {
2644 $modulepartsuffix = str_replace(
'tax-',
'', $modulepart);
2645 $original_file = $conf->tax->dir_output.
'/'.($modulepartsuffix !=
'tax' ? $modulepartsuffix.
'/' :
'').$original_file;
2646 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
2648 if ($fuser->rights->agenda->myactions->{$read}) {
2651 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
2652 include_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
2654 $tmpobject->fetch((
int) $refname);
2655 $accessallowed =
checkUserAccessToObject($user, array(
'agenda'), $tmpobject->id,
'actioncomm&societe',
'myactions|allactions',
'fk_soc',
'id',
'');
2656 if ($user->socid && $tmpobject->socid) {
2661 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
2662 } elseif ($modulepart ==
'category' && !empty($conf->categorie->multidir_output[$entity])) {
2664 if (empty($entity) || empty($conf->categorie->multidir_output[$entity])) {
2665 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2667 if ($fuser->rights->categorie->{$lire} || $fuser->rights->takepos->run) {
2670 $original_file = $conf->categorie->multidir_output[$entity].
'/'.$original_file;
2671 } elseif ($modulepart ==
'prelevement' && !empty($conf->prelevement->dir_output)) {
2673 if ($fuser->rights->prelevement->bons->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2676 $original_file = $conf->prelevement->dir_output.
'/'.$original_file;
2677 } elseif ($modulepart ==
'graph_stock' && !empty($conf->stock->dir_temp)) {
2680 $original_file = $conf->stock->dir_temp.
'/'.$original_file;
2681 } elseif ($modulepart ==
'graph_fourn' && !empty($conf->fournisseur->dir_temp)) {
2684 $original_file = $conf->fournisseur->dir_temp.
'/'.$original_file;
2685 } elseif ($modulepart ==
'graph_product' && !empty($conf->product->dir_temp)) {
2688 $original_file = $conf->product->multidir_temp[$entity].
'/'.$original_file;
2689 } elseif ($modulepart ==
'barcode') {
2694 $original_file =
'';
2695 } elseif ($modulepart ==
'iconmailing' && !empty($conf->mailing->dir_temp)) {
2698 $original_file = $conf->mailing->dir_temp.
'/'.$original_file;
2699 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
2702 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
2703 } elseif ($modulepart ==
'fckeditor' && !empty($conf->fckeditor->dir_output)) {
2706 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
2707 } elseif ($modulepart ==
'user' && !empty($conf->user->dir_output)) {
2709 $canreaduser = (!empty($fuser->admin) || $fuser->rights->user->user->{$lire});
2710 if ($fuser->id == (
int) $refname) {
2713 if ($canreaduser || preg_match(
'/^specimen/i', $original_file)) {
2716 $original_file = $conf->user->dir_output.
'/'.$original_file;
2717 } elseif (($modulepart ==
'company' || $modulepart ==
'societe' || $modulepart ==
'thirdparty') && !empty($conf->societe->multidir_output[$entity])) {
2719 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
2720 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2722 if ($fuser->rights->societe->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2725 $original_file = $conf->societe->multidir_output[$entity].
'/'.$original_file;
2726 $sqlprotectagainstexternals =
"SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX.
"societe WHERE rowid='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'societe').
")";
2727 } elseif ($modulepart ==
'contact' && !empty($conf->societe->multidir_output[$entity])) {
2729 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
2730 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2732 if ($fuser->rights->societe->{$lire}) {
2735 $original_file = $conf->societe->multidir_output[$entity].
'/contact/'.$original_file;
2736 } elseif (($modulepart ==
'facture' || $modulepart ==
'invoice') && !empty($conf->facture->multidir_output[$entity])) {
2738 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2741 $original_file = $conf->facture->multidir_output[$entity].
'/'.$original_file;
2742 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'invoice').
")";
2743 } elseif ($modulepart ==
'massfilesarea_proposals' && !empty($conf->propal->multidir_output[$entity])) {
2745 if ($fuser->rights->propal->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2748 $original_file = $conf->propal->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2749 } elseif ($modulepart ==
'massfilesarea_orders') {
2750 if ($fuser->rights->commande->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2753 $original_file = $conf->commande->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2754 } elseif ($modulepart ==
'massfilesarea_sendings') {
2755 if ($fuser->rights->expedition->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2758 $original_file = $conf->expedition->dir_output.
'/sending/temp/massgeneration/'.$user->id.
'/'.$original_file;
2759 } elseif ($modulepart ==
'massfilesarea_invoices') {
2760 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2763 $original_file = $conf->facture->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2764 } elseif ($modulepart ==
'massfilesarea_expensereport') {
2765 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2768 $original_file = $conf->expensereport->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2769 } elseif ($modulepart ==
'massfilesarea_interventions') {
2770 if ($fuser->rights->ficheinter->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2773 $original_file = $conf->ficheinter->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2774 } elseif ($modulepart ==
'massfilesarea_supplier_proposal' && !empty($conf->supplier_proposal->dir_output)) {
2775 if ($fuser->rights->supplier_proposal->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2778 $original_file = $conf->supplier_proposal->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2779 } elseif ($modulepart ==
'massfilesarea_supplier_order') {
2780 if ($fuser->rights->fournisseur->commande->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2783 $original_file = $conf->fournisseur->commande->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2784 } elseif ($modulepart ==
'massfilesarea_supplier_invoice') {
2785 if ($fuser->rights->fournisseur->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2788 $original_file = $conf->fournisseur->facture->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2789 } elseif ($modulepart ==
'massfilesarea_contract' && !empty($conf->contrat->dir_output)) {
2790 if ($fuser->rights->contrat->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2793 $original_file = $conf->contrat->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
2794 } elseif (($modulepart ==
'fichinter' || $modulepart ==
'ficheinter') && !empty($conf->ficheinter->dir_output)) {
2796 if ($fuser->rights->ficheinter->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2799 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2800 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"fichinter WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
2801 } elseif ($modulepart ==
'deplacement' && !empty($conf->deplacement->dir_output)) {
2803 if ($fuser->rights->deplacement->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2806 $original_file = $conf->deplacement->dir_output.
'/'.$original_file;
2808 } elseif (($modulepart ==
'propal' || $modulepart ==
'propale') && !empty($conf->propal->multidir_output[$entity])) {
2810 if ($fuser->rights->propale->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2813 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2814 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"propal WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'propal').
")";
2815 } elseif (($modulepart ==
'commande' || $modulepart ==
'order') && !empty($conf->commande->multidir_output[$entity])) {
2817 if ($fuser->rights->commande->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2820 $original_file = $conf->commande->multidir_output[$entity].
'/'.$original_file;
2821 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'order').
")";
2822 } elseif ($modulepart ==
'project' && !empty($conf->project->multidir_output[$entity])) {
2824 if ($fuser->rights->projet->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2827 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
2828 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
2829 $tmpproject =
new Project($db);
2830 $tmpproject->fetch(
'', $refname);
2831 $accessallowed =
checkUserAccessToObject($user, array(
'projet'), $tmpproject->id,
'projet&project',
'',
'',
'rowid',
'');
2834 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
2835 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
2836 } elseif ($modulepart ==
'project_task' && !empty($conf->project->multidir_output[$entity])) {
2837 if ($fuser->rights->projet->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2840 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
2841 include_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
2842 $tmptask =
new Task($db);
2843 $tmptask->fetch(
'', $refname);
2844 $accessallowed =
checkUserAccessToObject($user, array(
'projet_task'), $tmptask->id,
'projet_task&project',
'',
'',
'rowid',
'');
2847 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
2848 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
2849 } elseif (($modulepart ==
'commande_fournisseur' || $modulepart ==
'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) {
2851 if ($fuser->rights->fournisseur->commande->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2854 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2855 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande_fournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
2856 } elseif (($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) {
2858 if ($fuser->rights->fournisseur->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2861 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2862 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture_fourn WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
2863 } elseif ($modulepart ==
'supplier_payment') {
2865 if ($fuser->rights->fournisseur->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2868 $original_file = $conf->fournisseur->payment->dir_output.
'/'.$original_file;
2869 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"paiementfournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
2870 } elseif ($modulepart ==
'facture_paiement' && !empty($conf->facture->dir_output)) {
2872 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2875 if ($fuser->socid > 0) {
2876 $original_file = $conf->facture->dir_output.
'/payments/private/'.$fuser->id.
'/'.$original_file;
2878 $original_file = $conf->facture->dir_output.
'/payments/'.$original_file;
2880 } elseif ($modulepart ==
'export_compta' && !empty($conf->accounting->dir_output)) {
2882 if ($fuser->rights->accounting->bind->write || preg_match(
'/^specimen/i', $original_file)) {
2885 $original_file = $conf->accounting->dir_output.
'/'.$original_file;
2886 } elseif (($modulepart ==
'expedition' || $modulepart ==
'shipment') && !empty($conf->expedition->dir_output)) {
2888 if ($fuser->rights->expedition->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2891 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'sending/') === 0 ?
'' :
'sending/').$original_file;
2893 } elseif (($modulepart ==
'livraison' || $modulepart ==
'delivery') && !empty($conf->expedition->dir_output)) {
2895 if ($fuser->rights->expedition->delivery->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2898 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'receipt/') === 0 ?
'' :
'receipt/').$original_file;
2899 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
2901 if ($fuser->rights->agenda->myactions->{$read} || preg_match(
'/^specimen/i', $original_file)) {
2904 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
2905 } elseif ($modulepart ==
'actionsreport' && !empty($conf->agenda->dir_temp)) {
2907 if ($fuser->rights->agenda->allactions->{$read} || preg_match(
'/^specimen/i', $original_file)) {
2910 $original_file = $conf->agenda->dir_temp.
"/".$original_file;
2911 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
2913 if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
2914 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2916 if (($fuser->rights->produit->{$lire} || $fuser->rights->service->{$lire}) || preg_match(
'/^specimen/i', $original_file)) {
2919 if (!empty($conf->product->enabled)) {
2920 $original_file = $conf->product->multidir_output[$entity].
'/'.$original_file;
2921 } elseif (!empty($conf->service->enabled)) {
2922 $original_file = $conf->service->multidir_output[$entity].
'/'.$original_file;
2924 } elseif ($modulepart ==
'product_batch' || $modulepart ==
'produitlot') {
2926 if (empty($entity) || (empty($conf->productbatch->multidir_output[$entity]))) {
2927 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2929 if (($fuser->rights->produit->{$lire} ) || preg_match(
'/^specimen/i', $original_file)) {
2932 if (!empty($conf->productbatch->enabled)) {
2933 $original_file = $conf->productbatch->multidir_output[$entity].
'/'.$original_file;
2935 } elseif ($modulepart ==
'movement' || $modulepart ==
'mouvement') {
2937 if (empty($entity) || empty($conf->stock->multidir_output[$entity])) {
2938 return array(
'accessallowed'=>0,
'error'=>
'Value entity must be provided');
2940 if (($fuser->rights->stock->{$lire} || $fuser->rights->stock->movement->{$lire} || $fuser->rights->stock->mouvement->{$lire}) || preg_match(
'/^specimen/i', $original_file)) {
2943 if (!empty($conf->stock->enabled)) {
2944 $original_file = $conf->stock->multidir_output[$entity].
'/movement/'.$original_file;
2946 } elseif ($modulepart ==
'contract' && !empty($conf->contrat->multidir_output[$entity])) {
2948 if ($fuser->rights->contrat->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2951 $original_file = $conf->contrat->multidir_output[$entity].
'/'.$original_file;
2952 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"contrat WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'contract').
")";
2953 } elseif ($modulepart ==
'donation' && !empty($conf->don->dir_output)) {
2955 if ($fuser->rights->don->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2958 $original_file = $conf->don->dir_output.
'/'.$original_file;
2959 } elseif ($modulepart ==
'dolresource' && !empty($conf->resource->dir_output)) {
2961 if ($fuser->rights->resource->{$read} || preg_match(
'/^specimen/i', $original_file)) {
2964 $original_file = $conf->resource->dir_output.
'/'.$original_file;
2965 } elseif ($modulepart ==
'remisecheque' && !empty($conf->bank->dir_output)) {
2967 if ($fuser->rights->banque->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
2971 $original_file = $conf->bank->dir_output.
'/checkdeposits/'.$original_file;
2972 } elseif (($modulepart ==
'banque' || $modulepart ==
'bank') && !empty($conf->bank->dir_output)) {
2974 if ($fuser->rights->banque->{$lire}) {
2977 $original_file = $conf->bank->dir_output.
'/'.$original_file;
2978 } elseif ($modulepart ==
'export' && !empty($conf->export->dir_temp)) {
2981 $accessallowed = $user->rights->export->lire;
2982 $original_file = $conf->export->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
2983 } elseif ($modulepart ==
'import' && !empty($conf->import->dir_temp)) {
2985 $accessallowed = $user->rights->import->run;
2986 $original_file = $conf->import->dir_temp.
'/'.$original_file;
2987 } elseif ($modulepart ==
'recruitment' && !empty($conf->recruitment->dir_output)) {
2989 $accessallowed = $user->rights->recruitment->recruitmentjobposition->read;
2990 $original_file = $conf->recruitment->dir_output.
'/'.$original_file;
2991 } elseif ($modulepart ==
'editor' && !empty($conf->fckeditor->dir_output)) {
2994 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
2995 } elseif ($modulepart ==
'systemtools' && !empty($conf->admin->dir_output)) {
2997 if ($fuser->admin) {
3000 $original_file = $conf->admin->dir_output.
'/'.$original_file;
3001 } elseif ($modulepart ==
'admin_temp' && !empty($conf->admin->dir_temp)) {
3003 if ($fuser->admin) {
3006 $original_file = $conf->admin->dir_temp.
'/'.$original_file;
3007 } elseif ($modulepart ==
'bittorrent' && !empty($conf->bittorrent->dir_output)) {
3011 if (
dol_mimetype($original_file) ==
'application/x-bittorrent') {
3014 $original_file = $conf->bittorrent->dir_output.
'/'.$dir.
'/'.$original_file;
3015 } elseif ($modulepart ==
'member' && !empty($conf->adherent->dir_output)) {
3017 if ($fuser->rights->adherent->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3020 $original_file = $conf->adherent->dir_output.
'/'.$original_file;
3021 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
3024 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3034 if (preg_match(
'/^specimen/i', $original_file)) {
3037 if ($fuser->admin) {
3041 $tmpmodulepart = explode(
'-', $modulepart);
3042 if (!empty($tmpmodulepart[1])) {
3043 $modulepart = $tmpmodulepart[0];
3044 $original_file = $tmpmodulepart[1].
'/'.$original_file;
3049 if (preg_match(
'/^([a-z]+)_user_temp$/i', $modulepart, $reg)) {
3050 if (empty($conf->{$reg[1]}->dir_temp)) {
3051 dol_print_error(
'',
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3054 if ($fuser->rights->{$reg[1]}->{$lire} || $fuser->rights->{$reg[1]}->{$read} || ($fuser->rights->{$reg[1]}->{$download})) {
3057 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3058 } elseif (preg_match(
'/^([a-z]+)_temp$/i', $modulepart, $reg)) {
3059 if (empty($conf->{$reg[1]}->dir_temp)) {
3060 dol_print_error(
'',
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3063 if ($fuser->rights->{$reg[1]}->{$lire} || $fuser->rights->{$reg[1]}->{$read} || ($fuser->rights->{$reg[1]}->{$download})) {
3066 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$original_file;
3067 } elseif (preg_match(
'/^([a-z]+)_user$/i', $modulepart, $reg)) {
3068 if (empty($conf->{$reg[1]}->dir_output)) {
3069 dol_print_error(
'',
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3072 if ($fuser->rights->{$reg[1]}->{$lire} || $fuser->rights->{$reg[1]}->{$read} || ($fuser->rights->{$reg[1]}->{$download})) {
3075 $original_file = $conf->{$reg[1]}->dir_output.
'/'.$fuser->id.
'/'.$original_file;
3076 } elseif (preg_match(
'/^massfilesarea_([a-z]+)$/i', $modulepart, $reg)) {
3077 if (empty($conf->{$reg[1]}->dir_output)) {
3078 dol_print_error(
'',
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3081 if ($fuser->rights->{$reg[1]}->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3084 $original_file = $conf->{$reg[1]}->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3086 if (empty($conf->$modulepart->dir_output)) {
3087 dol_print_error(
'',
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
'). The module for this modulepart value may not be activated.');
3092 $partsofdirinoriginalfile = explode(
'/', $original_file);
3093 if (!empty($partsofdirinoriginalfile[1])) {
3094 $partofdirinoriginalfile = $partsofdirinoriginalfile[0];
3095 if ($partofdirinoriginalfile && !empty($fuser->rights->$modulepart->$partofdirinoriginalfile) && ($fuser->rights->$modulepart->$partofdirinoriginalfile->{$lire} || $fuser->rights->$modulepart->$partofdirinoriginalfile->{$read})) {
3099 if (!empty($fuser->rights->$modulepart->{$lire}) || !empty($fuser->rights->$modulepart->{$read})) {
3103 if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) {
3104 $original_file = $conf->$modulepart->multidir_output[$entity].
'/'.$original_file;
3106 $original_file = $conf->$modulepart->dir_output.
'/'.$original_file;
3110 $parameters = array(
3111 'modulepart' => $modulepart,
3112 'original_file' => $original_file,
3113 'entity' => $entity,
3118 $reshook = $hookmanager->executeHooks(
'checkSecureAccess', $parameters, $object);
3120 if (!empty($hookmanager->resArray[
'original_file'])) {
3121 $original_file = $hookmanager->resArray[
'original_file'];
3123 if (!empty($hookmanager->resArray[
'accessallowed'])) {
3124 $accessallowed = $hookmanager->resArray[
'accessallowed'];
3126 if (!empty($hookmanager->resArray[
'sqlprotectagainstexternals'])) {
3127 $sqlprotectagainstexternals = $hookmanager->resArray[
'sqlprotectagainstexternals'];
3133 'accessallowed' => ($accessallowed ? 1 : 0),
3134 'sqlprotectagainstexternals' => $sqlprotectagainstexternals,
3135 'original_file' => $original_file
3154 $cachefile = $directory.$filename;
3155 file_put_contents($cachefile, serialize($object), LOCK_EX);
3156 @chmod($cachefile, 0644);
3170 $cachefile = $directory.$filename;
3171 $refresh = !file_exists($cachefile) || ($now - $cachetime) >
dol_filemtime($cachefile);
3184 $cachefile = $directory.$filename;
3185 $object = unserialize(file_get_contents($cachefile));
3201 function getFilesUpdated(&$file_list, SimpleXMLElement $dir, $path =
'', $pathref =
'', &$checksumconcat = array())
3205 $exclude =
'install';
3207 foreach ($dir->md5file as $file) {
3208 $filename = $path.$file[
'name'];
3209 $file_list[
'insignature'][] = $filename;
3210 $expectedsize = (empty($file[
'size']) ?
'' : $file[
'size']);
3211 $expectedmd5 = (string) $file;
3215 if (!file_exists($pathref.
'/'.$filename)) {
3216 $file_list[
'missing'][] = array(
'filename'=>$filename,
'expectedmd5'=>$expectedmd5,
'expectedsize'=>$expectedsize);
3218 $md5_local = md5_file($pathref.
'/'.$filename);
3220 if ($conffile ==
'/etc/dolibarr/conf.php' && $filename ==
'/filefunc.inc.php') {
3221 $checksumconcat[] = $expectedmd5;
3223 if ($md5_local != $expectedmd5) {
3224 $file_list[
'updated'][] = array(
'filename'=>$filename,
'expectedmd5'=>$expectedmd5,
'expectedsize'=>$expectedsize,
'md5'=>(
string) $md5_local);
3226 $checksumconcat[] = $md5_local;
3231 foreach ($dir->dir as $subdir) {
3232 getFilesUpdated($file_list, $subdir, $path.$subdir[
'name'].
'/', $pathref, $checksumconcat);