63function dol_dir_list($utf8_path, $types =
"all", $recursive = 0, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0, $nohook = 0, $relativename =
"", $donotfollowsymlinks = 0, $nbsecondsold = 0)
65 global $db, $hookmanager;
68 if ($recursive <= 1) {
73 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
74 foreach ((array($filter) + $exclude_array) as $f) {
76 if ((
int) preg_match(
'/(?:^|[^\\\\])\//', $f) > 0) {
78 $error_info .=
" error='$f unescaped_slash'";
82 dol_syslog(
"files.lib.php::dol_dir_list path=".$utf8_path.
" types=".$types.
" recursive=".$recursive.
" filter=".$filter.
" excludefilter=".json_encode($excludefilter).$error_info);
90 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
94 $excludefilterarray = array_merge(array(
'^\.'), $exclude_array);
96 $loaddate = ($mode == 1 || $mode == 2 || $nbsecondsold != 0 || $sortcriteria ==
'date');
97 $loadsize = ($mode == 1 || $mode == 3 || $sortcriteria ==
'size');
98 $loadperm = ($mode == 1 || $mode == 4 || $sortcriteria ==
'perm');
101 $utf8_path = preg_replace(
'/([\\/]+)$/',
'', $utf8_path);
106 $file_list = array();
108 if (!$nohook && $hookmanager instanceof
HookManager) {
109 $hookmanager->resArray = array();
111 $hookmanager->initHooks(array(
'fileslib'));
116 'recursive' => $recursive,
118 'excludefilter' => $exclude_array,
119 'sortcriteria' => $sortcriteria,
120 'sortorder' => $sortorder,
121 'loaddate' => $loaddate,
122 'loadsize' => $loadsize,
125 $reshook = $hookmanager->executeHooks(
'getDirList', $parameters,
$object);
129 if (empty($reshook)) {
130 if (!is_dir($os_path)) {
134 if (($dir = opendir($os_path)) ===
false) {
141 while (
false !== ($os_file = readdir($dir))) {
142 $os_fullpathfile = ($os_path ? $os_path.
'/' :
'').$os_file;
145 $utf8_file = mb_convert_encoding($os_file,
'UTF-8',
'ISO-8859-1');
147 $utf8_file = $os_file;
152 $utf8_fullpathfile =
"$utf8_path/$utf8_file";
155 foreach ($excludefilterarray as $filt) {
156 if (preg_match(
'/'.$filt.
'/i', $utf8_file) || preg_match(
'/'.$filt.
'/i', $utf8_fullpathfile)) {
164 $isdir = is_dir($os_fullpathfile);
168 if (($types ==
"directories") || ($types ==
"all")) {
169 if ($loaddate || $sortcriteria ==
'date') {
172 if ($loadsize || $sortcriteria ==
'size') {
175 if ($loadperm || $sortcriteria ==
'perm') {
179 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
181 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
182 $level1name = (isset($reg[1]) ? $reg[1] :
'');
183 $file_list[] = array(
184 "name" => $utf8_file,
185 "path" => $utf8_path,
186 "level1name" => $level1name,
187 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
188 "fullname" => $utf8_fullpathfile,
198 if ($recursive > 0) {
199 if (empty($donotfollowsymlinks) || !is_link($os_fullpathfile)) {
201 $file_list = array_merge($file_list,
dol_dir_list($utf8_fullpathfile, $types, $recursive + 1, $filter, $exclude_array, $sortcriteria, $sortorder, $mode, $nohook, ($relativename !=
'' ? $relativename.
'/' :
'').$utf8_file, $donotfollowsymlinks, $nbsecondsold));
204 } elseif (in_array($types, array(
"files",
"all"))) {
206 if ($loaddate || $sortcriteria ==
'date') {
209 if ($loadsize || $sortcriteria ==
'size') {
213 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
214 if (empty($nbsecondsold) || $filedate <= ($now - $nbsecondsold)) {
215 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
216 $level1name = (isset($reg[1]) ? $reg[1] :
'');
217 $file_list[] = array(
218 "name" => $utf8_file,
219 "path" => $utf8_path,
220 "level1name" => $level1name,
221 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
222 "fullname" => $utf8_fullpathfile,
235 if (!empty($sortcriteria) && $sortorder) {
236 $file_list =
dol_sort_array($file_list, $sortcriteria, ($sortorder == SORT_ASC ?
'asc' :
'desc'));
241 if ($hookmanager instanceof
HookManager && is_array($hookmanager->resArray)) {
242 $file_list = array_merge($file_list, $hookmanager->resArray);
1011function dol_move($srcfile, $destfile, $newmask =
'0', $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 1, $moreinfo = array())
1013 global $user, $db, $conf;
1016 dol_syslog(
"files.lib.php::dol_move srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwritifexists=".$overwriteifexists);
1021 dol_syslog(
"files.lib.php::dol_move srcfile does not exists. we ignore the move request.");
1025 if ($overwriteifexists || !$destexists) {
1030 $testvirusarray = array();
1033 $testvirusarray =
dolCheckVirus($newpathofsrcfile, $newpathofdestfile);
1034 if (count($testvirusarray)) {
1035 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1041 if (count($testvirusarray)) {
1042 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1047 global $dolibarr_main_restrict_os_commands;
1048 if (!empty($dolibarr_main_restrict_os_commands)) {
1049 $arrayofallowedcommand = explode(
',', $dolibarr_main_restrict_os_commands);
1050 $arrayofallowedcommand = array_map(
'trim', $arrayofallowedcommand);
1051 if (in_array(basename($destfile), $arrayofallowedcommand)) {
1054 dol_syslog(
"files.lib.php::dol_move canceled because target filename ".basename($destfile).
" is using a reserved command name. we ignore the move request.", LOG_WARNING);
1059 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1062 dol_syslog(
"files.lib.php::dol_move Failed. We try to delete target first and move after.", LOG_WARNING);
1065 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1067 dol_syslog(
"files.lib.php::dol_move Failed.", LOG_WARNING);
1072 if ($result && $indexdatabase) {
1074 $rel_filetorenamebefore = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $srcfile);
1075 $rel_filetorenameafter = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $destfile);
1076 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) {
1077 $rel_filetorenamebefore = preg_replace(
'/^[\\/]/',
'', $rel_filetorenamebefore);
1078 $rel_filetorenameafter = preg_replace(
'/^[\\/]/',
'', $rel_filetorenameafter);
1081 dol_syslog(
"Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore.
" after = ".$rel_filetorenameafter, LOG_DEBUG);
1082 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1084 $ecmfiletarget =
new EcmFiles($db);
1085 $resultecmtarget = $ecmfiletarget->fetch(0,
'', $rel_filetorenameafter);
1086 if ($resultecmtarget > 0) {
1087 $ecmfiletarget->delete($user);
1091 $resultecm = $ecmfile->fetch(0,
'', $rel_filetorenamebefore);
1092 if ($resultecm > 0) {
1093 $filename = basename($rel_filetorenameafter);
1094 $rel_dir = dirname($rel_filetorenameafter);
1095 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1096 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1098 $ecmfile->filepath = $rel_dir;
1099 $ecmfile->filename = $filename;
1101 $resultecm = $ecmfile->update($user);
1102 } elseif ($resultecm == 0) {
1103 $filename = basename($rel_filetorenameafter);
1104 $rel_dir = dirname($rel_filetorenameafter);
1105 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1106 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1108 $ecmfile->filepath = $rel_dir;
1109 $ecmfile->filename = $filename;
1111 $ecmfile->fullpath_orig = basename($srcfile);
1112 $ecmfile->gen_or_uploaded =
'uploaded';
1113 if (!empty($moreinfo) && !empty($moreinfo[
'description'])) {
1114 $ecmfile->description = $moreinfo[
'description'];
1116 $ecmfile->description =
'';
1118 if (!empty($moreinfo) && !empty($moreinfo[
'keywords'])) {
1119 $ecmfile->keywords = $moreinfo[
'keywords'];
1121 $ecmfile->keywords =
'';
1123 if (!empty($moreinfo) && !empty($moreinfo[
'note_private'])) {
1124 $ecmfile->note_private = $moreinfo[
'note_private'];
1126 if (!empty($moreinfo) && !empty($moreinfo[
'note_public'])) {
1127 $ecmfile->note_public = $moreinfo[
'note_public'];
1129 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_type'])) {
1130 $ecmfile->src_object_type = $moreinfo[
'src_object_type'];
1132 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_id'])) {
1133 $ecmfile->src_object_id = $moreinfo[
'src_object_id'];
1136 $resultecm = $ecmfile->create($user);
1137 if ($resultecm < 0) {
1140 } elseif ($resultecm < 0) {
1144 if ($resultecm > 0) {
1152 if (empty($newmask)) {
1159 dolChmod($newpathofdestfile, $newmask);
2739 global $conf, $db, $user, $hookmanager;
2740 global $dolibarr_main_data_root, $dolibarr_main_document_root_alt;
2743 if (!is_object($fuser)) {
2747 if (empty($modulepart)) {
2748 return 'ErrorBadParameter';
2750 if (empty($entity)) {
2751 if (!isModEnabled(
'multicompany')) {
2758 if ($modulepart ==
'facture') {
2759 $modulepart =
'invoice';
2760 } elseif ($modulepart ==
'users') {
2761 $modulepart =
'user';
2762 } elseif ($modulepart ==
'tva') {
2763 $modulepart =
'tax-vat';
2764 } elseif ($modulepart ==
'expedition' && strpos($original_file,
'receipt/') === 0) {
2766 $modulepart =
'delivery';
2770 dol_syslog(
'dol_check_secure_access_document modulepart='.$modulepart.
' original_file='.$original_file.
' entity='.$entity);
2774 $sqlprotectagainstexternals =
'';
2778 if (empty($refname)) {
2779 $refname = basename(dirname($original_file).
"/");
2780 if ($refname ==
'thumbs' || $refname ==
'temp') {
2782 $refname = basename(dirname(dirname($original_file)).
"/");
2789 $download =
'download';
2790 if ($mode ==
'write') {
2793 $download =
'upload';
2797 if ($modulepart ==
'common') {
2800 $original_file = DOL_DOCUMENT_ROOT.
'/public/theme/common/'.$original_file;
2801 } elseif ($modulepart ==
'medias' && !empty($dolibarr_main_data_root)) {
2806 if (empty($entity)) {
2810 $original_file = (empty($conf->medias->multidir_output[$entity]) ? $conf->medias->dir_output : $conf->medias->multidir_output[$entity]).
'/'.$original_file;
2811 } elseif ($modulepart ==
'logs' && !empty($dolibarr_main_data_root)) {
2813 $accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match(
'/^dolibarr.*\.(log|json)$/', basename($original_file)));
2814 $original_file = $dolibarr_main_data_root.
'/'.$original_file;
2815 } elseif ($modulepart ==
'doctemplates' && !empty($dolibarr_main_data_root)) {
2817 $accessallowed = $user->admin;
2818 $original_file = $dolibarr_main_data_root.
'/doctemplates/'.$original_file;
2819 } elseif ($modulepart ==
'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
2821 $accessallowed = ($fuser->hasRight(
'website',
'write') && preg_match(
'/\.jpg$/i', basename($original_file)));
2822 $original_file = $dolibarr_main_data_root.
'/doctemplates/websites/'.$original_file;
2823 } elseif ($modulepart ==
'packages' && !empty($dolibarr_main_data_root)) {
2826 $tmp = explode(
',', $dolibarr_main_document_root_alt);
2829 $accessallowed = ($user->admin && preg_match(
'/^module_.*\.zip$/', basename($original_file)));
2830 $original_file = $dirins.
'/'.$original_file;
2831 } elseif ($modulepart ==
'mycompany' && !empty($conf->mycompany->dir_output)) {
2834 $original_file = $conf->mycompany->dir_output.
'/'.$original_file;
2835 } elseif ($modulepart ==
'userphoto' && !empty($conf->user->dir_output)) {
2838 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2841 $original_file = $conf->user->dir_output.
'/'.$original_file;
2842 } elseif ($modulepart ==
'userphotopublic' && !empty($conf->user->dir_output)) {
2847 if (preg_match(
'/^(\d+)\/photos\//', $original_file, $reg)) {
2849 $tmpobject =
new User($db);
2850 $tmpobject->fetch($reg[1],
'',
'', 1);
2852 $securekey =
GETPOST(
'securekey',
'alpha', 1);
2854 global $dolibarr_main_cookie_cryptkey, $dolibarr_main_instance_unique_id;
2855 $valuetouse = $dolibarr_main_instance_unique_id ? $dolibarr_main_instance_unique_id : $dolibarr_main_cookie_cryptkey;
2856 $encodedsecurekey =
dol_hash($valuetouse.
'uservirtualcard'.$tmpobject->id.
'-'.$tmpobject->login,
'md5');
2857 if ($encodedsecurekey == $securekey) {
2866 $original_file = $conf->user->dir_output.
'/'.$original_file;
2867 } elseif (($modulepart ==
'companylogo') && !empty($conf->mycompany->dir_output)) {
2870 $original_file = $conf->mycompany->dir_output.
'/logos/'.$original_file;
2871 } elseif ($modulepart ==
'memberphoto' && !empty($conf->member->dir_output)) {
2874 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2877 $original_file = $conf->member->dir_output.
'/'.$original_file;
2878 } elseif ($modulepart ==
'apercufacture' && !empty($conf->invoice->multidir_output[$entity])) {
2880 if ($fuser->hasRight(
'facture', $lire)) {
2883 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
2884 } elseif ($modulepart ==
'apercupropal' && !empty($conf->propal->multidir_output[$entity])) {
2886 if ($fuser->hasRight(
'propal', $lire)) {
2889 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2890 } elseif ($modulepart ==
'apercucommande' && !empty($conf->order->multidir_output[$entity])) {
2892 if ($fuser->hasRight(
'commande', $lire)) {
2895 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
2896 } elseif (($modulepart ==
'apercufichinter' || $modulepart ==
'apercuficheinter') && !empty($conf->ficheinter->dir_output)) {
2898 if ($fuser->hasRight(
'ficheinter', $lire)) {
2901 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2902 } elseif (($modulepart ==
'apercucontract') && !empty($conf->contract->multidir_output[$entity])) {
2904 if ($fuser->hasRight(
'contrat', $lire)) {
2907 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
2908 } elseif (($modulepart ==
'apercusupplier_proposal' || $modulepart ==
'apercusupplier_proposal') && !empty($conf->supplier_proposal->dir_output)) {
2910 if ($fuser->hasRight(
'supplier_proposal', $lire)) {
2913 $original_file = $conf->supplier_proposal->dir_output.
'/'.$original_file;
2914 } elseif (($modulepart ==
'apercusupplier_order' || $modulepart ==
'apercusupplier_order') && !empty($conf->fournisseur->commande->dir_output)) {
2916 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2919 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2920 } elseif (($modulepart ==
'apercusupplier_invoice' || $modulepart ==
'apercusupplier_invoice') && !empty($conf->fournisseur->facture->dir_output)) {
2922 if ($fuser->hasRight(
'fournisseur', $lire)) {
2925 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2926 } elseif (($modulepart ==
'holiday') && !empty($conf->holiday->dir_output)) {
2927 if ($fuser->hasRight(
'holiday', $read) || $fuser->hasRight(
'holiday',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2930 if ($refname && !$fuser->hasRight(
'holiday',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2931 include_once DOL_DOCUMENT_ROOT.
'/holiday/class/holiday.class.php';
2932 $tmpholiday =
new Holiday($db);
2933 $tmpholiday->fetch(
'', $refname);
2934 $accessallowed =
checkUserAccessToObject($user, array(
'holiday'), $tmpholiday,
'holiday',
'',
'',
'rowid',
'');
2937 $original_file = $conf->holiday->dir_output.
'/'.$original_file;
2938 } elseif (($modulepart ==
'expensereport') && !empty($conf->expensereport->dir_output)) {
2939 if ($fuser->hasRight(
'expensereport', $lire) || $fuser->hasRight(
'expensereport',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2942 if ($refname && !$fuser->hasRight(
'expensereport',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2943 include_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
2945 $tmpexpensereport->fetch(
'', $refname);
2946 $accessallowed =
checkUserAccessToObject($user, array(
'expensereport'), $tmpexpensereport,
'expensereport',
'',
'',
'rowid',
'');
2949 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2950 } elseif (($modulepart ==
'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
2952 if ($fuser->hasRight(
'expensereport', $lire)) {
2955 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2956 } elseif ($modulepart ==
'propalstats' && !empty($conf->propal->multidir_temp[$entity])) {
2958 if ($fuser->hasRight(
'propal', $lire)) {
2961 $original_file = $conf->propal->multidir_temp[$entity].
'/'.$original_file;
2962 } elseif ($modulepart ==
'orderstats' && !empty($conf->order->dir_temp)) {
2964 if ($fuser->hasRight(
'commande', $lire)) {
2967 $original_file = $conf->order->dir_temp.
'/'.$original_file;
2968 } elseif ($modulepart ==
'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2969 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2972 $original_file = $conf->fournisseur->commande->dir_temp.
'/'.$original_file;
2973 } elseif ($modulepart ==
'billstats' && !empty($conf->invoice->dir_temp)) {
2975 if ($fuser->hasRight(
'facture', $lire)) {
2978 $original_file = $conf->invoice->dir_temp.
'/'.$original_file;
2979 } elseif ($modulepart ==
'billstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2980 if ($fuser->hasRight(
'fournisseur',
'facture', $lire)) {
2983 $original_file = $conf->fournisseur->facture->dir_temp.
'/'.$original_file;
2984 } elseif ($modulepart ==
'expeditionstats' && !empty($conf->expedition->dir_temp)) {
2986 if ($fuser->hasRight(
'expedition', $lire)) {
2989 $original_file = $conf->expedition->dir_temp.
'/'.$original_file;
2990 } elseif ($modulepart ==
'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) {
2992 if ($fuser->hasRight(
'deplacement', $lire)) {
2995 $original_file = $conf->deplacement->dir_temp.
'/'.$original_file;
2996 } elseif ($modulepart ==
'memberstats' && !empty($conf->member->dir_temp)) {
2998 if ($fuser->hasRight(
'adherent', $lire)) {
3001 $original_file = $conf->member->dir_temp.
'/'.$original_file;
3002 } elseif (preg_match(
'/^productstats_/i', $modulepart) && !empty($conf->product->dir_temp)) {
3004 if ($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) {
3007 $original_file = (!empty($conf->product->multidir_temp[$entity]) ? $conf->product->multidir_temp[$entity] : $conf->service->multidir_temp[$entity]).
'/'.$original_file;
3008 } elseif (in_array($modulepart, array(
'tax',
'tax-vat',
'tva')) && !empty($conf->tax->dir_output)) {
3010 if ($fuser->hasRight(
'tax',
'charges', $lire)) {
3013 $modulepartsuffix = str_replace(
'tax-',
'', $modulepart);
3014 $original_file = $conf->tax->dir_output.
'/'.($modulepartsuffix !=
'tax' ? $modulepartsuffix.
'/' :
'').$original_file;
3015 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
3017 if ($fuser->hasRight(
'agenda',
'myactions', $read)) {
3020 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3021 include_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
3023 $tmpobject->fetch((
int) $refname);
3024 $accessallowed =
checkUserAccessToObject($user, array(
'agenda'), $tmpobject->id,
'actioncomm&societe',
'myactions|allactions',
'fk_soc',
'id',
'');
3025 if ($user->socid && $tmpobject->socid) {
3030 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
3031 } elseif ($modulepart ==
'category' && !empty($conf->categorie->multidir_output[$entity])) {
3033 if (empty($entity) || empty($conf->categorie->multidir_output[$entity])) {
3034 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3036 if ($fuser->hasRight(
"categorie", $lire) || $fuser->hasRight(
"takepos",
"run")) {
3039 $original_file = $conf->categorie->multidir_output[$entity].
'/'.$original_file;
3040 } elseif ($modulepart ==
'prelevement' && !empty($conf->prelevement->dir_output)) {
3042 if ($fuser->hasRight(
'prelevement',
'bons', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3045 $original_file = $conf->prelevement->dir_output.
'/'.$original_file;
3046 } elseif ($modulepart ==
'graph_stock' && !empty($conf->stock->dir_temp)) {
3049 $original_file = $conf->stock->dir_temp.
'/'.$original_file;
3050 } elseif ($modulepart ==
'graph_fourn' && !empty($conf->fournisseur->dir_temp)) {
3053 $original_file = $conf->fournisseur->dir_temp.
'/'.$original_file;
3054 } elseif ($modulepart ==
'graph_product' && !empty($conf->product->dir_temp)) {
3057 $original_file = $conf->product->multidir_temp[$entity].
'/'.$original_file;
3058 } elseif ($modulepart ==
'barcode') {
3063 $original_file =
'';
3064 } elseif ($modulepart ==
'iconmailing' && !empty($conf->mailing->dir_temp)) {
3067 $original_file = $conf->mailing->dir_temp.
'/'.$original_file;
3068 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
3071 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3072 } elseif ($modulepart ==
'fckeditor' && !empty($conf->fckeditor->dir_output)) {
3075 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3076 } elseif ($modulepart ==
'user' && !empty($conf->user->dir_output)) {
3078 $canreaduser = (!empty($fuser->admin) || $fuser->rights->user->user->{$lire});
3079 if ($fuser->id == (
int) $refname) {
3082 if ($canreaduser || preg_match(
'/^specimen/i', $original_file)) {
3085 $original_file = $conf->user->dir_output.
'/'.$original_file;
3086 } elseif (($modulepart ==
'company' || $modulepart ==
'societe' || $modulepart ==
'thirdparty') && !empty($conf->societe->multidir_output[$entity])) {
3088 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3089 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3091 if ($fuser->hasRight(
'societe', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3094 $original_file = $conf->societe->multidir_output[$entity].
'/'.$original_file;
3095 $sqlprotectagainstexternals =
"SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX.
"societe WHERE rowid='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'societe').
")";
3096 } elseif ($modulepart ==
'contact' && !empty($conf->societe->multidir_output[$entity])) {
3098 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3099 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3101 if ($fuser->hasRight(
'societe', $lire)) {
3104 $original_file = $conf->societe->multidir_output[$entity].
'/contact/'.$original_file;
3105 } elseif (($modulepart ==
'facture' || $modulepart ==
'invoice') && !empty($conf->invoice->multidir_output[$entity])) {
3107 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3110 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
3111 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'invoice').
")";
3112 } elseif ($modulepart ==
'massfilesarea_proposals' && !empty($conf->propal->multidir_output[$entity])) {
3114 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3117 $original_file = $conf->propal->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3118 } elseif ($modulepart ==
'massfilesarea_orders') {
3119 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3122 $original_file = $conf->order->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3123 } elseif ($modulepart ==
'massfilesarea_sendings') {
3124 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3127 $original_file = $conf->expedition->dir_output.
'/sending/temp/massgeneration/'.$user->id.
'/'.$original_file;
3128 } elseif ($modulepart ==
'massfilesarea_receipts') {
3129 if ($fuser->hasRight(
'reception', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3132 $original_file = $conf->reception->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3133 } elseif ($modulepart ==
'massfilesarea_invoices') {
3134 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3137 $original_file = $conf->invoice->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3138 } elseif ($modulepart ==
'massfilesarea_expensereport') {
3139 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3142 $original_file = $conf->expensereport->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3143 } elseif ($modulepart ==
'massfilesarea_interventions') {
3144 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3147 $original_file = $conf->ficheinter->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3148 } elseif ($modulepart ==
'massfilesarea_supplier_proposal' && !empty($conf->supplier_proposal->dir_output)) {
3149 if ($fuser->hasRight(
'supplier_proposal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3152 $original_file = $conf->supplier_proposal->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3153 } elseif ($modulepart ==
'massfilesarea_supplier_order') {
3154 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3157 $original_file = $conf->fournisseur->commande->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3158 } elseif ($modulepart ==
'massfilesarea_supplier_invoice') {
3159 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3162 $original_file = $conf->fournisseur->facture->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3163 } elseif ($modulepart ==
'massfilesarea_contract' && !empty($conf->contract->dir_output)) {
3164 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3167 $original_file = $conf->contract->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3168 } elseif (($modulepart ==
'fichinter' || $modulepart ==
'ficheinter') && !empty($conf->ficheinter->dir_output)) {
3170 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3173 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
3174 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"fichinter WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3175 } elseif ($modulepart ==
'deplacement' && !empty($conf->deplacement->dir_output)) {
3177 if ($fuser->hasRight(
'deplacement', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3180 $original_file = $conf->deplacement->dir_output.
'/'.$original_file;
3182 } elseif (($modulepart ==
'propal' || $modulepart ==
'propale') && isset($conf->propal->multidir_output[$entity])) {
3184 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3187 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
3188 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"propal WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'propal').
")";
3189 } elseif (($modulepart ==
'commande' || $modulepart ==
'order') && !empty($conf->order->multidir_output[$entity])) {
3191 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3194 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
3195 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'order').
")";
3196 } elseif ($modulepart ==
'project' && !empty($conf->project->multidir_output[$entity])) {
3198 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3201 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3202 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
3203 $tmpproject =
new Project($db);
3204 $tmpproject->fetch(
'', $refname);
3205 $accessallowed =
checkUserAccessToObject($user, array(
'projet'), $tmpproject->id,
'projet&project',
'',
'',
'rowid',
'');
3208 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3209 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3210 } elseif ($modulepart ==
'project_task' && !empty($conf->project->multidir_output[$entity])) {
3211 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3214 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3215 include_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
3216 $tmptask =
new Task($db);
3217 $tmptask->fetch(
'', $refname);
3218 $accessallowed =
checkUserAccessToObject($user, array(
'projet_task'), $tmptask->id,
'projet_task&project',
'',
'',
'rowid',
'');
3221 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3222 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3223 } elseif (($modulepart ==
'commande_fournisseur' || $modulepart ==
'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) {
3225 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3228 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
3229 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande_fournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3230 } elseif (($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) {
3232 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3235 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
3236 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture_fourn WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3237 } elseif ($modulepart ==
'supplier_payment') {
3239 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3242 $original_file = $conf->fournisseur->payment->dir_output.
'/'.$original_file;
3243 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"paiementfournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3244 } elseif ($modulepart ==
'payment') {
3246 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3249 $original_file = $conf->compta->payment->dir_output.
'/'.$original_file;
3250 } elseif ($modulepart ==
'facture_paiement' && !empty($conf->invoice->dir_output)) {
3252 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3255 if ($fuser->socid > 0) {
3256 $original_file = $conf->invoice->dir_output.
'/payments/private/'.$fuser->id.
'/'.$original_file;
3258 $original_file = $conf->invoice->dir_output.
'/payments/'.$original_file;
3260 } elseif ($modulepart ==
'export_compta' && !empty($conf->accounting->dir_output)) {
3262 if ($fuser->hasRight(
'accounting',
'bind',
'write') || preg_match(
'/^specimen/i', $original_file)) {
3265 $original_file = $conf->accounting->dir_output.
'/'.$original_file;
3266 } elseif (($modulepart ==
'expedition' || $modulepart ==
'shipment') && !empty($conf->expedition->dir_output)) {
3268 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3271 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'sending/') === 0 ?
'' :
'sending/').$original_file;
3273 } elseif (($modulepart ==
'livraison' || $modulepart ==
'delivery') && !empty($conf->expedition->dir_output)) {
3275 if ($fuser->hasRight(
'expedition',
'delivery', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3278 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'receipt/') === 0 ?
'' :
'receipt/').$original_file;
3279 } elseif ($modulepart ==
'actionsreport' && !empty($conf->agenda->dir_temp)) {
3281 if ($fuser->hasRight(
'agenda',
'allactions', $read) || preg_match(
'/^specimen/i', $original_file)) {
3284 $original_file = $conf->agenda->dir_temp.
"/".$original_file;
3285 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
3287 if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
3288 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3290 if (($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3293 if (isModEnabled(
"product")) {
3294 $original_file = $conf->product->multidir_output[$entity].
'/'.$original_file;
3295 } elseif (isModEnabled(
"service")) {
3296 $original_file = $conf->service->multidir_output[$entity].
'/'.$original_file;
3298 } elseif ($modulepart ==
'product_batch' || $modulepart ==
'produitlot') {
3300 if (empty($entity) || (empty($conf->productbatch->multidir_output[$entity]))) {
3301 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3303 if (($fuser->hasRight(
'produit', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3306 if (isModEnabled(
'productbatch')) {
3307 $original_file = $conf->productbatch->multidir_output[$entity].
'/'.$original_file;
3309 } elseif ($modulepart ==
'movement' || $modulepart ==
'mouvement') {
3311 if (empty($entity) || empty($conf->stock->multidir_output[$entity])) {
3312 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3314 if (($fuser->hasRight(
'stock', $lire) || $fuser->hasRight(
'stock',
'movement', $lire) || $fuser->hasRight(
'stock',
'mouvement', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3317 if (isModEnabled(
'stock')) {
3318 $original_file = $conf->stock->multidir_output[$entity].
'/movement/'.$original_file;
3320 } elseif ($modulepart ==
'contract' && !empty($conf->contract->multidir_output[$entity])) {
3322 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3325 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
3326 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"contrat WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'contract').
")";
3327 } elseif ($modulepart ==
'donation' && !empty($conf->don->dir_output)) {
3329 if ($fuser->hasRight(
'don', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3332 $original_file = $conf->don->dir_output.
'/'.$original_file;
3333 } elseif ($modulepart ==
'dolresource' && !empty($conf->resource->dir_output)) {
3335 if ($fuser->hasRight(
'resource', $read) || preg_match(
'/^specimen/i', $original_file)) {
3338 $original_file = $conf->resource->dir_output.
'/'.$original_file;
3339 } elseif (($modulepart ==
'remisecheque' || $modulepart ==
'chequereceipt') && !empty($conf->bank->dir_output)) {
3341 if ($fuser->hasRight(
'banque', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3344 $original_file = $conf->bank->dir_output.
'/checkdeposits/'.$original_file;
3345 } elseif (($modulepart ==
'banque' || $modulepart ==
'bank') && !empty($conf->bank->dir_output)) {
3347 if ($fuser->hasRight(
'banque', $lire)) {
3350 $original_file = $conf->bank->dir_output.
'/'.$original_file;
3351 } elseif ($modulepart ==
'export' && !empty($conf->export->dir_temp)) {
3354 $accessallowed = $user->hasRight(
'export',
'lire');
3355 $original_file = $conf->export->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3356 } elseif ($modulepart ==
'import' && !empty($conf->import->dir_temp)) {
3358 $accessallowed = $user->hasRight(
'import',
'run');
3359 $original_file = $conf->import->dir_temp.
'/'.$original_file;
3360 } elseif ($modulepart ==
'recruitment' && !empty($conf->recruitment->dir_output)) {
3362 $accessallowed = $user->hasRight(
'recruitment',
'recruitmentjobposition',
'read');
3363 $original_file = $conf->recruitment->dir_output.
'/'.$original_file;
3364 } elseif ($modulepart ==
'editor' && !empty($conf->fckeditor->dir_output)) {
3367 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3368 } elseif ($modulepart ==
'systemtools' && !empty($conf->admin->dir_output)) {
3370 if ($fuser->admin) {
3373 $original_file = $conf->admin->dir_output.
'/'.$original_file;
3374 } elseif ($modulepart ==
'admin_temp' && !empty($conf->admin->dir_temp)) {
3376 if ($fuser->admin) {
3379 $original_file = $conf->admin->dir_temp.
'/'.$original_file;
3380 } elseif ($modulepart ==
'bittorrent' && !empty($conf->bittorrent->dir_output)) {
3384 if (
dol_mimetype($original_file) ==
'application/x-bittorrent') {
3387 $original_file = $conf->bittorrent->dir_output.
'/'.$dir.
'/'.$original_file;
3388 } elseif ($modulepart ==
'member' && !empty($conf->member->dir_output)) {
3390 if ($fuser->hasRight(
'adherent', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3393 $original_file = $conf->member->dir_output.
'/'.$original_file;
3403 if (preg_match(
'/^specimen/i', $original_file)) {
3406 if ($fuser->admin) {
3410 $tmpmodulepart = explode(
'-', $modulepart);
3411 if (!empty($tmpmodulepart[1])) {
3412 $modulepart = $tmpmodulepart[0];
3413 $original_file = $tmpmodulepart[1].
'/'.$original_file;
3418 if (preg_match(
'/^([a-z]+)_user_temp$/i', $modulepart, $reg)) {
3419 $tmpmodule = $reg[1];
3420 if (empty($conf->$tmpmodule->dir_temp)) {
3421 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3424 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3427 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3428 } elseif (preg_match(
'/^([a-z]+)_temp$/i', $modulepart, $reg)) {
3429 $tmpmodule = $reg[1];
3430 if (empty($conf->$tmpmodule->dir_temp)) {
3431 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3434 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3437 $original_file = $conf->$tmpmodule->dir_temp.
'/'.$original_file;
3438 } elseif (preg_match(
'/^([a-z]+)_user$/i', $modulepart, $reg)) {
3439 $tmpmodule = $reg[1];
3440 if (empty($conf->$tmpmodule->dir_output)) {
3441 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3444 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3447 $original_file = $conf->$tmpmodule->dir_output.
'/'.$fuser->id.
'/'.$original_file;
3448 } elseif (preg_match(
'/^massfilesarea_([a-z]+)$/i', $modulepart, $reg)) {
3449 $tmpmodule = $reg[1];
3450 if (empty($conf->$tmpmodule->dir_output)) {
3451 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3454 if ($fuser->hasRight($tmpmodule, $lire) || preg_match(
'/^specimen/i', $original_file)) {
3457 $original_file = $conf->$tmpmodule->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3459 if (empty($conf->$modulepart->dir_output)) {
3460 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
'). The module for this modulepart value may not be activated.');
3465 $partsofdirinoriginalfile = explode(
'/', $original_file);
3466 if (!empty($partsofdirinoriginalfile[1])) {
3467 $partofdirinoriginalfile = $partsofdirinoriginalfile[0];
3468 if ($partofdirinoriginalfile && ($fuser->hasRight($modulepart, $partofdirinoriginalfile,
'lire') || $fuser->hasRight($modulepart, $partofdirinoriginalfile,
'read'))) {
3472 if ($fuser->hasRight($modulepart, $lire) || $fuser->hasRight($modulepart, $read)) {
3476 if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) {
3477 $original_file = $conf->$modulepart->multidir_output[$entity].
'/'.$original_file;
3479 $original_file = $conf->$modulepart->dir_output.
'/'.$original_file;
3483 $parameters = array(
3484 'modulepart' => $modulepart,
3485 'original_file' => $original_file,
3486 'entity' => $entity,
3491 $reshook = $hookmanager->executeHooks(
'checkSecureAccess', $parameters,
$object);
3493 if (!empty($hookmanager->resArray[
'original_file'])) {
3494 $original_file = $hookmanager->resArray[
'original_file'];
3496 if (!empty($hookmanager->resArray[
'accessallowed'])) {
3497 $accessallowed = $hookmanager->resArray[
'accessallowed'];
3499 if (!empty($hookmanager->resArray[
'sqlprotectagainstexternals'])) {
3500 $sqlprotectagainstexternals = $hookmanager->resArray[
'sqlprotectagainstexternals'];
3506 'accessallowed' => ($accessallowed ? 1 : 0),
3507 'sqlprotectagainstexternals' => $sqlprotectagainstexternals,
3508 'original_file' => $original_file