70 public function index($modulepart, $original_file =
'')
74 if (empty($modulepart)) {
75 throw new RestException(400,
'bad value for parameter modulepart');
77 if (empty($original_file)) {
78 throw new RestException(400,
'bad value for parameter original_file');
82 $entity = $conf->entity;
93 $relativefile = $original_file;
96 $accessallowed = $check_access[
'accessallowed'];
97 $sqlprotectagainstexternals = $check_access[
'sqlprotectagainstexternals'];
98 $original_file = $check_access[
'original_file'];
100 if (preg_match(
'/\.\./', $original_file) || preg_match(
'/[<>|]/', $original_file)) {
101 throw new RestException(401);
103 if (!$accessallowed) {
104 throw new RestException(401);
107 $filename = basename($original_file);
108 $original_file_osencoded =
dol_osencode($original_file);
110 if (!file_exists($original_file_osencoded)) {
111 dol_syslog(
"Try to download not found file ".$original_file_osencoded, LOG_WARNING);
112 throw new RestException(404,
'File not found');
115 $file_content = file_get_contents($original_file_osencoded);
116 return array(
'filename'=>$filename,
'content-type' =>
dol_mimetype($filename),
'filesize'=>filesize($original_file),
'content'=>base64_encode($file_content),
'encoding'=>
'base64');
141 public function builddoc($modulepart, $original_file =
'', $doctemplate =
'', $langcode =
'')
143 global $conf, $langs;
145 if (empty($modulepart)) {
146 throw new RestException(400,
'bad value for parameter modulepart');
148 if (empty($original_file)) {
149 throw new RestException(400,
'bad value for parameter original_file');
152 $outputlangs = $langs;
153 if ($langcode && $langs->defaultlang != $langcode) {
155 $outputlangs->setDefaultLang($langcode);
159 $entity = $conf->entity;
170 $relativefile = $original_file;
173 $accessallowed = $check_access[
'accessallowed'];
174 $sqlprotectagainstexternals = $check_access[
'sqlprotectagainstexternals'];
175 $original_file = $check_access[
'original_file'];
177 if (preg_match(
'/\.\./', $original_file) || preg_match(
'/[<>|]/', $original_file)) {
178 throw new RestException(401);
180 if (!$accessallowed) {
181 throw new RestException(401);
191 if ($modulepart ==
'facture' || $modulepart ==
'invoice') {
192 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
193 $tmpobject =
new Facture($this->db);
194 $result = $tmpobject->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
196 throw new RestException(404,
'Invoice not found');
199 $templateused = $doctemplate ? $doctemplate : $tmpobject->model_pdf;
200 $result = $tmpobject->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
202 throw new RestException(500,
'Error generating document');
204 } elseif ($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') {
205 require_once DOL_DOCUMENT_ROOT .
'/fourn/class/fournisseur.facture.class.php';
207 $result = $tmpobject->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
209 throw new RestException(404,
'Supplier invoice not found');
212 $templateused = $doctemplate ? $doctemplate : $tmpobject->model_pdf;
213 $result = $tmpobject->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
215 throw new RestException(500,
'Error generating document');
217 } elseif ($modulepart ==
'commande' || $modulepart ==
'order') {
218 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
219 $tmpobject =
new Commande($this->db);
220 $result = $tmpobject->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
222 throw new RestException(404,
'Order not found');
224 $templateused = $doctemplate ? $doctemplate : $tmpobject->model_pdf;
225 $result = $tmpobject->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
227 throw new RestException(500,
'Error generating document');
229 } elseif ($modulepart ==
'propal' || $modulepart ==
'proposal') {
230 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
231 $tmpobject =
new Propal($this->db);
232 $result = $tmpobject->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
234 throw new RestException(404,
'Proposal not found');
236 $templateused = $doctemplate ? $doctemplate : $tmpobject->model_pdf;
237 $result = $tmpobject->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
239 throw new RestException(500,
'Error generating document');
241 } elseif ($modulepart ==
'contrat' || $modulepart ==
'contract') {
242 require_once DOL_DOCUMENT_ROOT .
'/contrat/class/contrat.class.php';
244 $tmpobject =
new Contrat($this->db);
245 $result = $tmpobject->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
248 throw new RestException(404,
'Contract not found');
251 $templateused = $doctemplate ? $doctemplate : $tmpobject->model_pdf;
252 $result = $tmpobject->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
255 throw new RestException(500,
'Error generating document missing doctemplate parameter');
257 } elseif ($modulepart ==
'expedition' || $modulepart ==
'shipment') {
258 require_once DOL_DOCUMENT_ROOT .
'/expedition/class/expedition.class.php';
261 $result = $tmpobject->fetch(0, preg_replace(
'/\.[^\.]+$/',
'', basename($original_file)));
264 throw new RestException(404,
'Shipment not found');
267 $templateused = $doctemplate ? $doctemplate : $tmpobject->model_pdf;
268 $result = $tmpobject->generateDocument($templateused, $outputlangs, $hidedetails, $hidedesc, $hideref);
271 throw new RestException(500,
'Error generating document missing doctemplate parameter');
274 throw new RestException(403,
'Generation not available for this modulepart');
277 $filename = basename($original_file);
278 $original_file_osencoded =
dol_osencode($original_file);
280 if (!file_exists($original_file_osencoded)) {
281 throw new RestException(404,
'File not found');
284 $file_content = file_get_contents($original_file_osencoded);
285 return array(
'filename'=>$filename,
'content-type' =>
dol_mimetype($filename),
'filesize'=>filesize($original_file),
'content'=>base64_encode($file_content),
'langcode'=>$outputlangs->defaultlang,
'template'=>$templateused,
'encoding'=>
'base64');
311 if (empty($modulepart)) {
312 throw new RestException(400,
'bad value for parameter modulepart');
315 if (empty($id) && empty($ref)) {
316 throw new RestException(400,
'bad value for parameter id or ref');
319 $id = (empty($id) ? 0 : $id);
323 if ($modulepart ==
'societe' || $modulepart ==
'thirdparty') {
324 require_once DOL_DOCUMENT_ROOT.
'/societe/class/societe.class.php';
326 if (!DolibarrApiAccess::$user->hasRight(
'societe',
'lire')) {
327 throw new RestException(401);
330 $object =
new Societe($this->db);
331 $result = $object->fetch($id, $ref);
333 throw new RestException(404,
'Thirdparty not found');
336 $upload_dir = $conf->societe->multidir_output[$object->entity].
"/".$object->id;
337 } elseif ($modulepart ==
'user') {
338 require_once DOL_DOCUMENT_ROOT.
'/user/class/user.class.php';
341 if (!DolibarrApiAccess::$user->rights->user->user->lire && DolibarrApiAccess::$user->id != $id) {
342 throw new RestException(401);
345 $object =
new User($this->db);
346 $result = $object->fetch($id, $ref);
348 throw new RestException(404,
'User not found');
351 $upload_dir = $conf->user->dir_output.
'/'.
get_exdir(0, 0, 0, 0, $object,
'user').
'/'.$object->id;
352 } elseif ($modulepart ==
'adherent' || $modulepart ==
'member') {
353 require_once DOL_DOCUMENT_ROOT.
'/adherents/class/adherent.class.php';
355 if (!DolibarrApiAccess::$user->rights->adherent->lire) {
356 throw new RestException(401);
360 $result = $object->fetch($id, $ref);
362 throw new RestException(404,
'Member not found');
365 $upload_dir = $conf->adherent->dir_output.
"/".
get_exdir(0, 0, 0, 1, $object,
'member');
366 } elseif ($modulepart ==
'propal' || $modulepart ==
'proposal') {
367 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
369 if (!DolibarrApiAccess::$user->hasRight(
'propal',
'lire')) {
370 throw new RestException(401);
373 $object =
new Propal($this->db);
374 $result = $object->fetch($id, $ref);
376 throw new RestException(404,
'Proposal not found');
379 $upload_dir = $conf->propal->multidir_output[$object->entity].
"/".
get_exdir(0, 0, 0, 1, $object,
'propal');
380 } elseif ($modulepart ==
'supplier_proposal') {
381 require_once DOL_DOCUMENT_ROOT.
'/supplier_proposal/class/supplier_proposal.class.php';
383 if (!DolibarrApiAccess::$user->rights->supplier_proposal->read) {
384 throw new RestException(401);
387 $object =
new Propal($this->db);
388 $result = $object->fetch($id, $ref);
390 throw new RestException(404,
'Supplier proposal not found');
393 $upload_dir = $conf->propal->multidir_output[$object->entity].
"/".
get_exdir(0, 0, 0, 1, $object,
'propal');
394 } elseif ($modulepart ==
'commande' || $modulepart ==
'order') {
395 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
397 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'lire')) {
398 throw new RestException(401);
402 $result = $object->fetch($id, $ref);
404 throw new RestException(404,
'Order not found');
407 $upload_dir = $conf->commande->dir_output.
"/".
get_exdir(0, 0, 0, 1, $object,
'commande');
408 } elseif ($modulepart ==
'commande_fournisseur' || $modulepart ==
'supplier_order') {
409 $modulepart =
'supplier_order';
411 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.commande.class.php';
413 if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->lire) && empty(DolibarrApiAccess::$user->rights->supplier_order->lire)) {
414 throw new RestException(401);
418 $result = $object->fetch($id, $ref);
420 throw new RestException(404,
'Purchase order not found');
424 } elseif ($modulepart ==
'shipment' || $modulepart ==
'expedition') {
425 require_once DOL_DOCUMENT_ROOT.
'/expedition/class/expedition.class.php';
427 if (!DolibarrApiAccess::$user->rights->expedition->lire) {
428 throw new RestException(401);
432 $result = $object->fetch($id, $ref);
434 throw new RestException(404,
'Shipment not found');
437 $upload_dir = $conf->expedition->dir_output.
"/sending/".
get_exdir(0, 0, 0, 1, $object,
'shipment');
438 } elseif ($modulepart ==
'facture' || $modulepart ==
'invoice') {
439 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
441 if (!DolibarrApiAccess::$user->hasRight(
'facture',
'lire')) {
442 throw new RestException(401);
445 $object =
new Facture($this->db);
446 $result = $object->fetch($id, $ref);
448 throw new RestException(404,
'Invoice not found');
451 $upload_dir = $conf->facture->dir_output.
"/".
get_exdir(0, 0, 0, 1, $object,
'invoice');
452 } elseif ($modulepart ==
'facture_fournisseur' || $modulepart ==
'supplier_invoice') {
453 $modulepart =
'supplier_invoice';
455 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.facture.class.php';
457 if (empty(DolibarrApiAccess::$user->rights->fournisseur->facture->lire) && empty(DolibarrApiAccess::$user->rights->supplier_invoice->lire)) {
458 throw new RestException(401);
462 $result = $object->fetch($id, $ref);
464 throw new RestException(404,
'Invoice not found');
467 $upload_dir = $conf->fournisseur->dir_output.
"/facture/".
get_exdir($object->id, 2, 0, 0, $object,
'invoice_supplier').dol_sanitizeFileName($object->ref);
468 } elseif ($modulepart ==
'produit' || $modulepart ==
'product') {
469 require_once DOL_DOCUMENT_ROOT.
'/product/class/product.class.php';
471 if (!DolibarrApiAccess::$user->rights->produit->lire) {
472 throw new RestException(401);
475 $object =
new Product($this->db);
476 $result = $object->fetch($id, $ref);
478 throw new RestException(404,
'Product not found');
479 } elseif ($result < 0) {
480 throw new RestException(500,
'Error while fetching object: '.$object->error);
483 $upload_dir = $conf->product->multidir_output[$object->entity].
'/'.
get_exdir(0, 0, 0, 1, $object,
'product');
484 } elseif ($modulepart ==
'agenda' || $modulepart ==
'action' || $modulepart ==
'event') {
485 require_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
487 if (!DolibarrApiAccess::$user->rights->agenda->myactions->read && !DolibarrApiAccess::$user->rights->agenda->allactions->read) {
488 throw new RestException(401);
492 $result = $object->fetch($id, $ref);
494 throw new RestException(404,
'Event not found');
498 } elseif ($modulepart ==
'expensereport') {
499 require_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
501 if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
502 throw new RestException(401);
506 $result = $object->fetch($id, $ref);
508 throw new RestException(404,
'Expense report not found');
512 } elseif ($modulepart ==
'knowledgemanagement') {
513 require_once DOL_DOCUMENT_ROOT.
'/knowledgemanagement/class/knowledgerecord.class.php';
515 if (!DolibarrApiAccess::$user->hasRight(
'knowledgemanagement',
'knowledgerecord',
'read') && !DolibarrApiAccess::$user->hasRight(
'knowledgemanagement',
'knowledgerecord',
'read')) {
516 throw new RestException(401);
520 $result = $object->fetch($id, $ref);
522 throw new RestException(404,
'KM article not found');
525 $upload_dir = $conf->knowledgemanagement->dir_output.
'/knowledgerecord/'.
dol_sanitizeFileName($object->ref);
526 } elseif ($modulepart ==
'categorie' || $modulepart ==
'category') {
527 require_once DOL_DOCUMENT_ROOT.
'/categories/class/categorie.class.php';
529 if (!DolibarrApiAccess::$user->rights->categorie->lire) {
530 throw new RestException(401);
534 $result = $object->fetch($id, $ref);
536 throw new RestException(404,
'Category not found');
539 $upload_dir = $conf->categorie->multidir_output[$object->entity].
'/'.
get_exdir($object->id, 2, 0, 0, $object,
'category').$object->id.
"/photos/".
dol_sanitizeFileName($object->ref);
540 } elseif ($modulepart ==
'ecm') {
541 throw new RestException(500,
'Modulepart Ecm not implemented yet.');
556 } elseif ($modulepart ==
'contrat' || $modulepart ==
'contract') {
557 $modulepart =
'contrat';
558 require_once DOL_DOCUMENT_ROOT .
'/contrat/class/contrat.class.php';
560 $object =
new Contrat($this->db);
561 $result = $object->fetch($id, $ref);
563 throw new RestException(404,
'Contract not found');
566 $upload_dir = $conf->contrat->dir_output .
"/" .
get_exdir(0, 0, 0, 1, $object,
'contract');
567 } elseif ($modulepart ==
'projet' || $modulepart ==
'project') {
568 $modulepart =
'project';
569 require_once DOL_DOCUMENT_ROOT .
'/projet/class/project.class.php';
571 $object =
new Project($this->db);
572 $result = $object->fetch($id, $ref);
574 throw new RestException(404,
'Project not found');
577 $upload_dir = $conf->projet->dir_output .
"/" .
get_exdir(0, 0, 0, 1, $object,
'project');
579 throw new RestException(500,
'Modulepart '.$modulepart.
' not implemented yet.');
582 $objectType = $modulepart;
583 if (! empty($object->id) && ! empty($object->table_element)) {
584 $objectType = $object->table_element;
587 $filearray =
dol_dir_list($upload_dir, $type, $recursive,
'',
'(\.meta|_preview.*\.png)$', $sortfield, (strtolower($sortorder) ==
'desc' ? SORT_DESC : SORT_ASC), 1);
588 if (empty($filearray)) {
589 throw new RestException(404,
'Search for modulepart '.$modulepart.
' with Id '.$object->id.(!empty($object->ref) ?
' or Ref '.$object->ref :
'').
' does not return any document.');
591 if (($object->id) > 0 && !empty($modulepart)) {
592 require_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
594 $result = $ecmfile->fetchAll(
'',
'', 0, 0, array(
't.src_object_type' => $objectType,
't.src_object_id' => $object->id));
596 throw new RestException(503,
'Error when retrieve ecm list : '.$this->db->lasterror());
597 } elseif (is_array($ecmfile->lines) && count($ecmfile->lines) > 0) {
598 $count = count($filearray);
599 for ($i = 0 ; $i < $count ; $i++) {
600 foreach ($ecmfile->lines as $line) {
601 if ($filearray[$i][
'name'] == $line->filename) {
602 $filearray[$i] = array_merge($filearray[$i], (array) $line);
654 public function post($filename, $modulepart, $ref =
'', $subdir =
'', $filecontent =
'', $fileencoding =
'', $overwriteifexists = 0, $createdirifnotexists = 1)
662 $modulepartorig = $modulepart;
664 if (empty($modulepart)) {
665 throw new RestException(400,
'Modulepart not provided.');
668 $newfilecontent =
'';
669 if (empty($fileencoding)) {
670 $newfilecontent = $filecontent;
672 if ($fileencoding ==
'base64') {
673 $newfilecontent = base64_decode($filecontent);
680 $entity = DolibarrApiAccess::$user->entity;
681 if (empty($entity)) {
689 if ($modulepart ==
'facture' || $modulepart ==
'invoice') {
690 $modulepart =
'facture';
692 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
693 $object =
new Facture($this->db);
694 } elseif ($modulepart ==
'facture_fournisseur' || $modulepart ==
'supplier_invoice') {
695 $modulepart =
'supplier_invoice';
697 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.facture.class.php';
699 } elseif ($modulepart ==
'commande' || $modulepart ==
'order') {
700 $modulepart =
'commande';
702 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
704 } elseif ($modulepart ==
'commande_fournisseur' || $modulepart ==
'supplier_order') {
705 $modulepart =
'supplier_order';
707 require_once DOL_DOCUMENT_ROOT.
'/fourn/class/fournisseur.commande.class.php';
709 } elseif ($modulepart ==
'projet' || $modulepart ==
'project') {
710 require_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
711 $object =
new Project($this->db);
712 } elseif ($modulepart ==
'task' || $modulepart ==
'project_task') {
713 $modulepart =
'project_task';
715 require_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
716 $object =
new Task($this->db);
718 $task_result = $object->fetch(
'', $ref);
721 if ($task_result > 0) {
722 $project_result = $object->fetch_projet();
724 if ($project_result >= 0) {
728 throw new RestException(500,
'Error while fetching Task '.$ref);
730 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
731 require_once DOL_DOCUMENT_ROOT.
'/product/class/product.class.php';
732 $object =
new Product($this->db);
733 } elseif ($modulepart ==
'expensereport') {
734 require_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
736 } elseif ($modulepart ==
'fichinter') {
737 require_once DOL_DOCUMENT_ROOT.
'/fichinter/class/fichinter.class.php';
739 } elseif ($modulepart ==
'adherent' || $modulepart ==
'member') {
740 $modulepart =
'adherent';
741 require_once DOL_DOCUMENT_ROOT.
'/adherents/class/adherent.class.php';
743 } elseif ($modulepart ==
'proposal' || $modulepart ==
'propal' || $modulepart ==
'propale') {
744 $modulepart =
'propale';
745 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
746 $object =
new Propal($this->db);
747 } elseif ($modulepart ==
'agenda' || $modulepart ==
'action' || $modulepart ==
'event') {
748 $modulepart =
'agenda';
749 require_once DOL_DOCUMENT_ROOT .
'/comm/action/class/actioncomm.class.php';
751 } elseif ($modulepart ==
'contact' || $modulepart ==
'socpeople') {
752 $modulepart =
'contact';
753 require_once DOL_DOCUMENT_ROOT.
'/contact/class/contact.class.php';
754 $object =
new Contact($this->db);
756 } elseif ($modulepart ==
'contrat' || $modulepart ==
'contract') {
757 $modulepart =
'contrat';
758 require_once DOL_DOCUMENT_ROOT .
'/contrat/class/contrat.class.php';
759 $object =
new Contrat($this->db);
762 throw new RestException(500,
'Modulepart '.$modulepart.
' not implemented yet.');
765 if (is_object($object)) {
767 $result = $object->fetch($ref);
769 $result = $object->fetch(
'', $ref);
773 throw new RestException(404,
"Object with ref '".$ref.
"' was not found.");
774 } elseif ($result < 0) {
775 throw new RestException(500,
'Error while fetching object: '.$object->error);
779 if (!($object->id > 0)) {
780 throw new RestException(404,
'The object '.$modulepart.
" with ref '".$ref.
"' was not found.");
785 if ($modulepart ==
'supplier_invoice') {
786 $tmpreldir =
get_exdir($object->id, 2, 0, 0, $object,
'invoice_supplier');
790 if ($modulepart !=
'ecm') {
791 $relativefile = $tmpreldir.dol_sanitizeFileName($object->ref);
793 $upload_dir = $tmp[
'original_file'];
795 if (!DolibarrApiAccess::$user->hasRight(
'ecm',
'upload')) {
796 throw new RestException(401,
'Missing permission to upload files in ECM module');
798 $upload_dir = $conf->medias->multidir_output[$conf->entity];
801 if (empty($upload_dir) || $upload_dir ==
'/') {
802 throw new RestException(500,
'This value of modulepart ('.$modulepart.
') does not support yet usage of ref. Check modulepart parameter or try to use subdir parameter instead of ref.');
805 if ($modulepart ==
'invoice') {
806 $modulepart =
'facture';
808 if ($modulepart ==
'member') {
809 $modulepart =
'adherent';
813 if ($modulepart !=
'ecm') {
814 $relativefile = $subdir;
816 $upload_dir = $tmp[
'original_file'];
818 if (!DolibarrApiAccess::$user->hasRight(
'ecm',
'upload')) {
819 throw new RestException(401,
'Missing permission to upload files in ECM module');
821 $upload_dir = $conf->medias->multidir_output[$conf->entity];
824 if (empty($upload_dir) || $upload_dir ==
'/') {
825 if (!empty($tmp[
'error'])) {
826 throw new RestException(401,
'Error returned by dol_check_secure_access_document: '.$tmp[
'error']);
828 throw new RestException(500,
'This value of modulepart ('.$modulepart.
') is not allowed with this value of subdir ('.$relativefile.
')');
836 if (!empty($createdirifnotexists)) {
838 throw new RestException(500,
'Error while trying to create directory '.$upload_dir);
842 $destfile = $upload_dir.
'/'.$original_file;
843 $destfiletmp = DOL_DATA_ROOT.
'/admin/temp/'.$original_file;
848 throw new RestException(401,
'Directory not exists : '.dirname($destfile));
851 if (!$overwriteifexists &&
dol_is_file($destfile)) {
852 throw new RestException(500,
"File with name '".$original_file.
"' already exists.");
860 $fhandle = @fopen($destfiletmp,
'w');
862 $nbofbyteswrote = fwrite($fhandle, $newfilecontent);
866 throw new RestException(500,
"Failed to open file '".$destfiletmp.
"' for write");
869 $disablevirusscan = 0;
870 $src_file = $destfiletmp;
871 $dest_file = $destfile;
875 if (empty($disablevirusscan) && file_exists($src_file)) {
877 if (count($checkvirusarray)) {
878 dol_syslog(
'Files.lib::dol_move_uploaded_file File "'.$src_file.
'" (target name "'.$dest_file.
'") KO with antivirus: errors='.join(
',', $checkvirusarray), LOG_WARNING);
879 throw new RestException(500,
'ErrorFileIsInfectedWithAVirus: '.join(
',', $checkvirusarray));
888 $publicmediasdirwithslash = $conf->medias->multidir_output[$conf->entity];
889 if (!preg_match(
'/\/$/', $publicmediasdirwithslash)) {
890 $publicmediasdirwithslash .=
'/';
893 if (strpos($upload_dir, $publicmediasdirwithslash) !== 0 || !
getDolGlobalInt(
"MAIN_DOCUMENT_DISABLE_NOEXE_IN_MEDIAS_DIR")) {
894 $dest_file .=
'.noexe';
900 if (preg_match(
'/^\./', basename($src_file)) || preg_match(
'/\.\./', $src_file) || preg_match(
'/[<>|]/', $src_file)) {
901 dol_syslog(
"Refused to deliver file ".$src_file, LOG_WARNING);
902 throw new RestException(500,
"Refused to deliver file ".$src_file);
907 if (preg_match(
'/^\./', basename($dest_file)) || preg_match(
'/\.\./', $dest_file) || preg_match(
'/[<>|]/', $dest_file)) {
908 dol_syslog(
"Refused to deliver file ".$dest_file, LOG_WARNING);
909 throw new RestException(500,
"Refused to deliver file ".$dest_file);
912 $moreinfo = array(
'note_private' =>
'File uploaded using API /documents from IP '.
getUserRemoteIP());
913 if (!empty($object) && is_object($object) && $object->id > 0) {
914 $moreinfo[
'src_object_type'] = $object->table_element;
915 $moreinfo[
'src_object_id'] = $object->id;
919 $result =
dol_move($destfiletmp, $dest_file, 0, $overwriteifexists, 1, 1, $moreinfo);
921 throw new RestException(500,
"Failed to move file into '".$dest_file.
"'");