70 public function index($modulepart, $original_file =
'')
74 if (empty($modulepart)) {
75 throw new RestException(400,
'bad value for parameter modulepart');
77 if (empty($original_file)) {
78 throw new RestException(400,
'bad value for parameter original_file');
82 $entity = $conf->entity;
93 $relativefile = $original_file;
96 $accessallowed = $check_access[
'accessallowed'];
97 $sqlprotectagainstexternals = $check_access[
'sqlprotectagainstexternals'];
98 $original_file = $check_access[
'original_file'];
100 if (preg_match(
'/\.\./', $original_file) || preg_match(
'/[<>|]/', $original_file)) {
101 throw new RestException(401);
103 if (!$accessallowed) {
104 throw new RestException(401);
107 $filename = basename($original_file);
108 $original_file_osencoded =
dol_osencode($original_file);
110 if (!file_exists($original_file_osencoded)) {
111 dol_syslog(
"Try to download not found file ".$original_file_osencoded, LOG_WARNING);
112 throw new RestException(404,
'File not found');
115 $file_content = file_get_contents($original_file_osencoded);
116 return array(
'filename'=>$filename,
'content-type' =>
dol_mimetype($filename),
'filesize'=>filesize($original_file),
'content'=>base64_encode($file_content),
'encoding'=>
'base64');
141 public function builddoc($modulepart, $original_file =
'', $doctemplate =
'', $langcode =
'')
143 global $conf, $langs;
145 if (empty($modulepart)) {
146 throw new RestException(400,
'bad value for parameter modulepart');
148 if (empty($original_file)) {
149 throw new RestException(400,
'bad value for parameter original_file');
152 $outputlangs = $langs;
153 if ($langcode && $langs->defaultlang != $langcode) {
155 $outputlangs->setDefaultLang($langcode);
159 $entity = $conf->entity;
170 $relativefile = $original_file;
173 $accessallowed = $check_access[
'accessallowed'];
174 $sqlprotectagainstexternals = $check_access[
'sqlprotectagainstexternals'];
175 $original_file = $check_access[
'original_file'];
177 if (preg_match(
'/\.\./', $original_file) || preg_match(
'/[<>|]/', $original_file)) {
178 throw new RestException(401);
180 if (!$accessallowed) {
181 throw new RestException(401);
185 $hidedetails = empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 0 : 1;
186 $hidedesc = empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 0 : 1;
187 $hideref = empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 0 : 1;
191 if ($modulepart ==
'facture' || $modulepart ==
'invoice') {
192 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
193 $this->invoice =
new Facture($this->db);
194 $result = $this->invoice->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
196 throw new RestException(404,
'Invoice not found');
199 $templateused = $doctemplate ? $doctemplate : $this->invoice->model_pdf;
200 $result = $this->invoice->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
202 throw new RestException(500,
'Error generating document');
204 } elseif ($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') {
205 require_once DOL_DOCUMENT_ROOT .
'/fourn/class/fournisseur.facture.class.php';
207 $result = $this->supplier_invoice->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
209 throw new RestException(404,
'Supplier invoice not found');
212 $templateused = $doctemplate ? $doctemplate : $this->supplier_invoice->model_pdf;
213 $result = $this->supplier_invoice->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
215 throw new RestException(500,
'Error generating document');
217 } elseif ($modulepart ==
'commande' || $modulepart ==
'order') {
218 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
219 $this->order =
new Commande($this->db);
220 $result = $this->order->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
222 throw new RestException(404,
'Order not found');
224 $templateused = $doctemplate ? $doctemplate : $this->order->model_pdf;
225 $result = $this->order->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
227 throw new RestException(500,
'Error generating document');
229 } elseif ($modulepart ==
'propal' || $modulepart ==
'proposal') {
230 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
231 $this->propal =
new Propal($this->db);
232 $result = $this->propal->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
234 throw new RestException(404,
'Proposal not found');
236 $templateused = $doctemplate ? $doctemplate : $this->propal->model_pdf;
237 $result = $this->propal->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
239 throw new RestException(500,
'Error generating document');
241 } elseif ($modulepart ==
'contrat' || $modulepart ==
'contract') {
242 require_once DOL_DOCUMENT_ROOT .
'/contrat/class/contrat.class.php';
244 $this->contract =
new Contrat($this->db);
245 $result = $this->contract->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
248 throw new RestException(404,
'Contract not found');
251 $templateused = $doctemplate ? $doctemplate : $this->contract->model_pdf;
252 $result = $this->contract->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
255 throw new RestException(500,
'Error generating document missing doctemplate parameter');
258 throw new RestException(403,
'Generation not available for this modulepart');
261 $filename = basename($original_file);
262 $original_file_osencoded =
dol_osencode($original_file);
264 if (!file_exists($original_file_osencoded)) {
265 throw new RestException(404,
'File not found');
268 $file_content = file_get_contents($original_file_osencoded);
269 return array(
'filename'=>$filename,
'content-type' =>
dol_mimetype($filename),
'filesize'=>filesize($original_file),
'content'=>base64_encode($file_content),
'langcode'=>$outputlangs->defaultlang,
'template'=>$templateused,
'encoding'=>
'base64');
295 if (empty($modulepart)) {
296 throw new RestException(400,
'bad value for parameter modulepart');
299 if (empty($id) && empty($ref)) {
300 throw new RestException(400,
'bad value for parameter id or ref');
303 $id = (empty($id) ? 0 : $id);
307 if ($modulepart ==
'societe' || $modulepart ==
'thirdparty') {
308 require_once DOL_DOCUMENT_ROOT.
'/societe/class/societe.class.php';
310 if (!DolibarrApiAccess::$user->hasRight(
'societe',
'lire')) {
311 throw new RestException(401);
314 $object =
new Societe($this->db);
315 $result = $object->fetch($id, $ref);
317 throw new RestException(404,
'Thirdparty not found');
320 $upload_dir = $conf->societe->multidir_output[$object->entity].
"/".$object->id;
321 } elseif ($modulepart ==
'user') {
322 require_once DOL_DOCUMENT_ROOT.
'/user/class/user.class.php';
325 if (!DolibarrApiAccess::$user->rights->user->user->lire && DolibarrApiAccess::$user->id != $id) {
326 throw new RestException(401);
329 $object =
new User($this->db);
330 $result = $object->fetch($id, $ref);
332 throw new RestException(404,
'User not found');
335 $upload_dir = $conf->user->dir_output.
'/'.
get_exdir(0, 0, 0, 0, $object,
'user').
'/'.$object->id;
336 } elseif ($modulepart ==
'adherent' || $modulepart ==
'member') {
337 require_once DOL_DOCUMENT_ROOT.
'/adherents/class/adherent.class.php';
339 if (!DolibarrApiAccess::$user->rights->adherent->lire) {
340 throw new RestException(401);
344 $result = $object->fetch($id, $ref);
346 throw new RestException(404,
'Member not found');
349 $upload_dir = $conf->adherent->dir_output.
"/".
get_exdir(0, 0, 0, 1, $object,
'member');
350 } elseif ($modulepart ==
'propal' || $modulepart ==
'proposal') {
351 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
353 if (!DolibarrApiAccess::$user->hasRight(
'propal',
'lire')) {
354 throw new RestException(401);
357 $object =
new Propal($this->db);
358 $result = $object->fetch($id, $ref);
360 throw new RestException(404,
'Proposal not found');
363 $upload_dir = $conf->propal->multidir_output[$object->entity].
"/".
get_exdir(0, 0, 0, 1, $object,
'propal');
364 } elseif ($modulepart ==
'supplier_proposal') {
365 require_once DOL_DOCUMENT_ROOT.
'/supplier_proposal/class/supplier_proposal.class.php';
367 if (!DolibarrApiAccess::$user->rights->supplier_proposal->read) {
368 throw new RestException(401);
371 $object =
new Propal($this->db);
372 $result = $object->fetch($id, $ref);
374 throw new RestException(404,
'Supplier proposal not found');
377 $upload_dir = $conf->propal->multidir_output[$object->entity].
"/".
get_exdir(0, 0, 0, 1, $object,
'propal');
378 } elseif ($modulepart ==
'commande' || $modulepart ==
'order') {
379 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
381 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'lire')) {
382 throw new RestException(401);
386 $result = $object->fetch($id, $ref);
388 throw new RestException(404,
'Order not found');
391 $upload_dir = $conf->commande->dir_output.
"/".
get_exdir(0, 0, 0, 1, $object,
'commande');
392 } elseif ($modulepart ==
'commande_fournisseur' || $modulepart ==
'supplier_order') {
393 $modulepart =
'supplier_order';
395 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.commande.class.php';
397 if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->lire) && empty(DolibarrApiAccess::$user->rights->supplier_order->lire)) {
398 throw new RestException(401);
402 $result = $object->fetch($id, $ref);
404 throw new RestException(404,
'Purchase order not found');
408 } elseif ($modulepart ==
'shipment' || $modulepart ==
'expedition') {
409 require_once DOL_DOCUMENT_ROOT.
'/expedition/class/expedition.class.php';
411 if (!DolibarrApiAccess::$user->rights->expedition->lire) {
412 throw new RestException(401);
416 $result = $object->fetch($id, $ref);
418 throw new RestException(404,
'Shipment not found');
421 $upload_dir = $conf->expedition->dir_output.
"/sending/".
get_exdir(0, 0, 0, 1, $object,
'shipment');
422 } elseif ($modulepart ==
'facture' || $modulepart ==
'invoice') {
423 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
425 if (!DolibarrApiAccess::$user->hasRight(
'facture',
'lire')) {
426 throw new RestException(401);
429 $object =
new Facture($this->db);
430 $result = $object->fetch($id, $ref);
432 throw new RestException(404,
'Invoice not found');
435 $upload_dir = $conf->facture->dir_output.
"/".
get_exdir(0, 0, 0, 1, $object,
'invoice');
436 } elseif ($modulepart ==
'facture_fournisseur' || $modulepart ==
'supplier_invoice') {
437 $modulepart =
'supplier_invoice';
439 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.facture.class.php';
441 if (empty(DolibarrApiAccess::$user->rights->fournisseur->facture->lire) && empty(DolibarrApiAccess::$user->rights->supplier_invoice->lire)) {
442 throw new RestException(401);
446 $result = $object->fetch($id, $ref);
448 throw new RestException(404,
'Invoice not found');
451 $upload_dir = $conf->fournisseur->dir_output.
"/facture/".
get_exdir($object->id, 2, 0, 0, $object,
'invoice_supplier').dol_sanitizeFileName($object->ref);
452 } elseif ($modulepart ==
'produit' || $modulepart ==
'product') {
453 require_once DOL_DOCUMENT_ROOT.
'/product/class/product.class.php';
455 if (!DolibarrApiAccess::$user->rights->produit->lire) {
456 throw new RestException(401);
459 $object =
new Product($this->db);
460 $result = $object->fetch($id, $ref);
462 throw new RestException(404,
'Product not found');
463 } elseif ($result < 0) {
464 throw new RestException(500,
'Error while fetching object: '.$object->error);
467 $upload_dir = $conf->product->multidir_output[$object->entity].
'/'.
get_exdir(0, 0, 0, 1, $object,
'product');
468 } elseif ($modulepart ==
'agenda' || $modulepart ==
'action' || $modulepart ==
'event') {
469 require_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
471 if (!DolibarrApiAccess::$user->rights->agenda->myactions->read && !DolibarrApiAccess::$user->rights->agenda->allactions->read) {
472 throw new RestException(401);
476 $result = $object->fetch($id, $ref);
478 throw new RestException(404,
'Event not found');
482 } elseif ($modulepart ==
'expensereport') {
483 require_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
485 if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
486 throw new RestException(401);
490 $result = $object->fetch($id, $ref);
492 throw new RestException(404,
'Expense report not found');
496 } elseif ($modulepart ==
'knowledgemanagement') {
497 require_once DOL_DOCUMENT_ROOT.
'/knowledgemanagement/class/knowledgerecord.class.php';
499 if (!DolibarrApiAccess::$user->hasRight(
'knowledgemanagement',
'knowledgerecord',
'read') && !DolibarrApiAccess::$user->hasRight(
'knowledgemanagement',
'knowledgerecord',
'read')) {
500 throw new RestException(401);
504 $result = $object->fetch($id, $ref);
506 throw new RestException(404,
'KM article not found');
509 $upload_dir = $conf->knowledgemanagement->dir_output.
'/knowledgerecord/'.
dol_sanitizeFileName($object->ref);
510 } elseif ($modulepart ==
'categorie' || $modulepart ==
'category') {
511 require_once DOL_DOCUMENT_ROOT.
'/categories/class/categorie.class.php';
513 if (!DolibarrApiAccess::$user->rights->categorie->lire) {
514 throw new RestException(401);
518 $result = $object->fetch($id, $ref);
520 throw new RestException(404,
'Category not found');
523 $upload_dir = $conf->categorie->multidir_output[$object->entity].
'/'.
get_exdir($object->id, 2, 0, 0, $object,
'category').$object->id.
"/photos/".
dol_sanitizeFileName($object->ref);
524 } elseif ($modulepart ==
'ecm') {
525 throw new RestException(500,
'Modulepart Ecm not implemented yet.');
540 } elseif ($modulepart ==
'contrat' || $modulepart ==
'contract') {
541 $modulepart =
'contrat';
542 require_once DOL_DOCUMENT_ROOT .
'/contrat/class/contrat.class.php';
544 $object =
new Contrat($this->db);
545 $result = $object->fetch($id, $ref);
547 throw new RestException(404,
'Contract not found');
550 $upload_dir = $conf->contrat->dir_output .
"/" .
get_exdir(0, 0, 0, 1, $object,
'contract');
551 } elseif ($modulepart ==
'projet' || $modulepart ==
'project') {
552 $modulepart =
'project';
553 require_once DOL_DOCUMENT_ROOT .
'/projet/class/project.class.php';
555 $object =
new Project($this->db);
556 $result = $object->fetch($id, $ref);
558 throw new RestException(404,
'Project not found');
561 $upload_dir = $conf->projet->dir_output .
"/" .
get_exdir(0, 0, 0, 1, $object,
'project');
563 throw new RestException(500,
'Modulepart '.$modulepart.
' not implemented yet.');
566 $objectType = $modulepart;
567 if (! empty($object->id) && ! empty($object->table_element)) {
568 $objectType = $object->table_element;
571 $filearray =
dol_dir_list($upload_dir, $type, $recursive,
'',
'(\.meta|_preview.*\.png)$', $sortfield, (strtolower($sortorder) ==
'desc' ?SORT_DESC:SORT_ASC), 1);
572 if (empty($filearray)) {
573 throw new RestException(404,
'Search for modulepart '.$modulepart.
' with Id '.$object->id.(!empty($object->ref) ?
' or Ref '.$object->ref :
'').
' does not return any document.');
575 if (($object->id) > 0 && !empty($modulepart)) {
576 require_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
578 $result = $ecmfile->fetchAll(
'',
'', 0, 0, array(
't.src_object_type' => $objectType,
't.src_object_id' => $object->id));
580 throw new RestException(503,
'Error when retrieve ecm list : '.$this->db->lasterror());
581 } elseif (is_array($ecmfile->lines) && count($ecmfile->lines) > 0) {
582 $count = count($filearray);
583 for ($i = 0 ; $i < $count ; $i++) {
584 foreach ($ecmfile->lines as $line) {
585 if ($filearray[$i][
'name'] == $line->filename) {
586 $filearray[$i] = array_merge($filearray[$i], (array) $line);
638 public function post($filename, $modulepart, $ref =
'', $subdir =
'', $filecontent =
'', $fileencoding =
'', $overwriteifexists = 0, $createdirifnotexists = 1)
646 $modulepartorig = $modulepart;
648 if (empty($modulepart)) {
649 throw new RestException(400,
'Modulepart not provided.');
652 if (!DolibarrApiAccess::$user->rights->ecm->upload) {
653 throw new RestException(401);
656 $newfilecontent =
'';
657 if (empty($fileencoding)) {
658 $newfilecontent = $filecontent;
660 if ($fileencoding ==
'base64') {
661 $newfilecontent = base64_decode($filecontent);
668 $entity = DolibarrApiAccess::$user->entity;
669 if (empty($entity)) {
677 if ($modulepart ==
'facture' || $modulepart ==
'invoice') {
678 $modulepart =
'facture';
680 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
681 $object =
new Facture($this->db);
682 } elseif ($modulepart ==
'facture_fournisseur' || $modulepart ==
'supplier_invoice') {
683 $modulepart =
'supplier_invoice';
685 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.facture.class.php';
687 } elseif ($modulepart ==
'commande' || $modulepart ==
'order') {
688 $modulepart =
'commande';
690 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
692 } elseif ($modulepart ==
'commande_fournisseur' || $modulepart ==
'supplier_order') {
693 $modulepart =
'supplier_order';
695 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.commande.class.php';
697 } elseif ($modulepart ==
'projet' || $modulepart ==
'project') {
698 require_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
699 $object =
new Project($this->db);
700 } elseif ($modulepart ==
'task' || $modulepart ==
'project_task') {
701 $modulepart =
'project_task';
703 require_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
704 $object =
new Task($this->db);
706 $task_result = $object->fetch(
'', $ref);
709 if ($task_result > 0) {
710 $project_result = $object->fetch_projet();
712 if ($project_result >= 0) {
716 throw new RestException(500,
'Error while fetching Task '.$ref);
718 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
719 require_once DOL_DOCUMENT_ROOT.
'/product/class/product.class.php';
720 $object =
new Product($this->db);
721 } elseif ($modulepart ==
'expensereport') {
722 require_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
724 } elseif ($modulepart ==
'fichinter') {
725 require_once DOL_DOCUMENT_ROOT.
'/fichinter/class/fichinter.class.php';
727 } elseif ($modulepart ==
'adherent' || $modulepart ==
'member') {
728 $modulepart =
'adherent';
729 require_once DOL_DOCUMENT_ROOT.
'/adherents/class/adherent.class.php';
731 } elseif ($modulepart ==
'proposal' || $modulepart ==
'propal' || $modulepart ==
'propale') {
732 $modulepart =
'propale';
733 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
734 $object =
new Propal($this->db);
735 } elseif ($modulepart ==
'agenda' || $modulepart ==
'action' || $modulepart ==
'event') {
736 $modulepart =
'agenda';
737 require_once DOL_DOCUMENT_ROOT .
'/comm/action/class/actioncomm.class.php';
739 } elseif ($modulepart ==
'contact' || $modulepart ==
'socpeople') {
740 $modulepart =
'contact';
741 require_once DOL_DOCUMENT_ROOT.
'/contact/class/contact.class.php';
742 $object =
new Contact($this->db);
744 } elseif ($modulepart ==
'contrat' || $modulepart ==
'contract') {
745 $modulepart =
'contrat';
746 require_once DOL_DOCUMENT_ROOT .
'/contrat/class/contrat.class.php';
747 $object =
new Contrat($this->db);
750 throw new RestException(500,
'Modulepart '.$modulepart.
' not implemented yet.');
753 if (is_object($object)) {
755 $result = $object->fetch($ref);
757 $result = $object->fetch(
'', $ref);
761 throw new RestException(404,
"Object with ref '".$ref.
"' was not found.");
762 } elseif ($result < 0) {
763 throw new RestException(500,
'Error while fetching object: '.$object->error);
767 if (!($object->id > 0)) {
768 throw new RestException(404,
'The object '.$modulepart.
" with ref '".$ref.
"' was not found.");
773 if ($modulepart ==
'supplier_invoice') {
774 $tmpreldir =
get_exdir($object->id, 2, 0, 0, $object,
'invoice_supplier');
777 $relativefile = $tmpreldir.dol_sanitizeFileName($object->ref);
780 $upload_dir = $tmp[
'original_file'];
782 if (empty($upload_dir) || $upload_dir ==
'/') {
783 throw new RestException(500,
'This value of modulepart ('.$modulepart.
') does not support yet usage of ref. Check modulepart parameter or try to use subdir parameter instead of ref.');
786 if ($modulepart ==
'invoice') {
787 $modulepart =
'facture';
789 if ($modulepart ==
'member') {
790 $modulepart =
'adherent';
793 $relativefile = $subdir;
795 $upload_dir = $tmp[
'original_file'];
797 if (empty($upload_dir) || $upload_dir ==
'/') {
798 if (!empty($tmp[
'error'])) {
799 throw new RestException(401,
'Error returned by dol_check_secure_access_document: '.$tmp[
'error']);
801 throw new RestException(500,
'This value of modulepart ('.$modulepart.
') is not allowed with this value of subdir ('.$relativefile.
')');
809 if (!empty($createdirifnotexists)) {
811 throw new RestException(500,
'Error while trying to create directory '.$upload_dir);
815 $destfile = $upload_dir.
'/'.$original_file;
816 $destfiletmp = DOL_DATA_ROOT.
'/admin/temp/'.$original_file;
821 throw new RestException(401,
'Directory not exists : '.dirname($destfile));
824 if (!$overwriteifexists &&
dol_is_file($destfile)) {
825 throw new RestException(500,
"File with name '".$original_file.
"' already exists.");
833 $fhandle = @fopen($destfiletmp,
'w');
835 $nbofbyteswrote = fwrite($fhandle, $newfilecontent);
839 throw new RestException(500,
"Failed to open file '".$destfiletmp.
"' for write");
842 $disablevirusscan = 0;
843 $src_file = $destfiletmp;
844 $dest_file = $destfile;
848 if (empty($disablevirusscan) && file_exists($src_file)) {
850 if (count($checkvirusarray)) {
851 dol_syslog(
'Files.lib::dol_move_uploaded_file File "'.$src_file.
'" (target name "'.$dest_file.
'") KO with antivirus: errors='.join(
',', $checkvirusarray), LOG_WARNING);
852 throw new RestException(500,
'ErrorFileIsInfectedWithAVirus: '.join(
',', $checkvirusarray));
861 $publicmediasdirwithslash = $conf->medias->multidir_output[$conf->entity];
862 if (!preg_match(
'/\/$/', $publicmediasdirwithslash)) {
863 $publicmediasdirwithslash .=
'/';
866 if (strpos($upload_dir, $publicmediasdirwithslash) !== 0 || !
getDolGlobalInt(
"MAIN_DOCUMENT_DISABLE_NOEXE_IN_MEDIAS_DIR")) {
867 $dest_file .=
'.noexe';
873 if (preg_match(
'/^\./', basename($src_file)) || preg_match(
'/\.\./', $src_file) || preg_match(
'/[<>|]/', $src_file)) {
874 dol_syslog(
"Refused to deliver file ".$src_file, LOG_WARNING);
875 throw new RestException(500,
"Refused to deliver file ".$src_file);
880 if (preg_match(
'/^\./', basename($dest_file)) || preg_match(
'/\.\./', $dest_file) || preg_match(
'/[<>|]/', $dest_file)) {
881 dol_syslog(
"Refused to deliver file ".$dest_file, LOG_WARNING);
882 throw new RestException(500,
"Refused to deliver file ".$dest_file);
885 $moreinfo = array(
'note_private' =>
'File uploaded using API /documents from IP '.
getUserRemoteIP());
886 if (!empty($object) && is_object($object) && $object->id > 0) {
887 $moreinfo[
'src_object_type'] = $object->table_element;
888 $moreinfo[
'src_object_id'] = $object->id;
892 $result =
dol_move($destfiletmp, $dest_file, 0, $overwriteifexists, 1, 1, $moreinfo);
894 throw new RestException(500,
"Failed to move file into '".$dest_file.
"'");