63function dol_dir_list($utf8_path, $types =
"all", $recursive = 0, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0, $nohook = 0, $relativename =
"", $donotfollowsymlinks = 0, $nbsecondsold = 0)
65 global $db, $hookmanager;
68 if ($recursive <= 1) {
73 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
74 foreach ((array($filter) + $exclude_array) as $f) {
76 if ((
int) preg_match(
'/(?:^|[^\\\\])\//', $f) > 0) {
78 $error_info .=
" error='$f unescaped_slash'";
82 dol_syslog(
"files.lib.php::dol_dir_list path=".$utf8_path.
" types=".$types.
" recursive=".$recursive.
" filter=".$filter.
" excludefilter=".json_encode($excludefilter).$error_info);
90 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
94 $excludefilterarray = array_merge(array(
'^\.'), $exclude_array);
96 $loaddate = ($mode == 1 || $mode == 2 || $nbsecondsold != 0 || $sortcriteria ==
'date');
97 $loadsize = ($mode == 1 || $mode == 3 || $sortcriteria ==
'size');
98 $loadperm = ($mode == 1 || $mode == 4 || $sortcriteria ==
'perm');
101 $utf8_path = preg_replace(
'/([\\/]+)$/',
'', $utf8_path);
106 $file_list = array();
108 if (!$nohook && $hookmanager instanceof
HookManager) {
109 $hookmanager->resArray = array();
111 $hookmanager->initHooks(array(
'fileslib'));
116 'recursive' => $recursive,
118 'excludefilter' => $exclude_array,
119 'sortcriteria' => $sortcriteria,
120 'sortorder' => $sortorder,
121 'loaddate' => $loaddate,
122 'loadsize' => $loadsize,
125 $reshook = $hookmanager->executeHooks(
'getDirList', $parameters,
$object);
129 if (empty($reshook)) {
130 if (!is_dir($os_path)) {
134 if (($dir = opendir($os_path)) ===
false) {
141 while (
false !== ($os_file = readdir($dir))) {
142 $os_fullpathfile = ($os_path ? $os_path.
'/' :
'').$os_file;
145 $utf8_file = mb_convert_encoding($os_file,
'UTF-8',
'ISO-8859-1');
147 $utf8_file = $os_file;
152 $utf8_fullpathfile =
"$utf8_path/$utf8_file";
155 foreach ($excludefilterarray as $filt) {
156 if (preg_match(
'/'.$filt.
'/i', $utf8_file) || preg_match(
'/'.$filt.
'/i', $utf8_fullpathfile)) {
164 $isdir = is_dir($os_fullpathfile);
168 if (($types ==
"directories") || ($types ==
"all")) {
169 if ($loaddate || $sortcriteria ==
'date') {
172 if ($loadsize || $sortcriteria ==
'size') {
175 if ($loadperm || $sortcriteria ==
'perm') {
179 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
181 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
182 $level1name = (isset($reg[1]) ? $reg[1] :
'');
183 $file_list[] = array(
184 "name" => $utf8_file,
185 "path" => $utf8_path,
186 "level1name" => $level1name,
187 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
188 "fullname" => $utf8_fullpathfile,
198 if ($recursive > 0) {
199 if (empty($donotfollowsymlinks) || !is_link($os_fullpathfile)) {
201 $file_list = array_merge($file_list,
dol_dir_list($utf8_fullpathfile, $types, $recursive + 1, $filter, $exclude_array, $sortcriteria, $sortorder, $mode, $nohook, ($relativename !=
'' ? $relativename.
'/' :
'').$utf8_file, $donotfollowsymlinks, $nbsecondsold));
204 } elseif (in_array($types, array(
"files",
"all"))) {
206 if ($loaddate || $sortcriteria ==
'date') {
209 if ($loadsize || $sortcriteria ==
'size') {
213 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
214 if (empty($nbsecondsold) || $filedate <= ($now - $nbsecondsold)) {
215 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
216 $level1name = (isset($reg[1]) ? $reg[1] :
'');
217 $file_list[] = array(
218 "name" => $utf8_file,
219 "path" => $utf8_path,
220 "level1name" => $level1name,
221 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
222 "fullname" => $utf8_fullpathfile,
235 if (!empty($sortcriteria) && $sortorder) {
236 $file_list =
dol_sort_array($file_list, $sortcriteria, ($sortorder == SORT_ASC ?
'asc' :
'desc'));
241 if ($hookmanager instanceof
HookManager && is_array($hookmanager->resArray)) {
242 $file_list = array_merge($file_list, $hookmanager->resArray);
1011function dol_move($srcfile, $destfile, $newmask =
'0', $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 1, $moreinfo = array())
1013 global $user, $db, $conf;
1016 dol_syslog(
"files.lib.php::dol_move srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwritifexists=".$overwriteifexists);
1021 dol_syslog(
"files.lib.php::dol_move srcfile does not exists. we ignore the move request.");
1025 if ($overwriteifexists || !$destexists) {
1030 $testvirusarray = array();
1033 $testvirusarray =
dolCheckVirus($newpathofsrcfile, $newpathofdestfile);
1034 if (count($testvirusarray)) {
1035 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1041 if (count($testvirusarray)) {
1042 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1047 global $dolibarr_main_restrict_os_commands;
1048 if (!empty($dolibarr_main_restrict_os_commands)) {
1049 $arrayofallowedcommand = explode(
',', $dolibarr_main_restrict_os_commands);
1050 $arrayofallowedcommand = array_map(
'trim', $arrayofallowedcommand);
1051 if (in_array(basename($destfile), $arrayofallowedcommand)) {
1054 dol_syslog(
"files.lib.php::dol_move canceled because target filename ".basename($destfile).
" is using a reserved command name. we ignore the move request.", LOG_WARNING);
1059 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1062 dol_syslog(
"files.lib.php::dol_move Failed. We try to delete target first and move after.", LOG_WARNING);
1065 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1067 dol_syslog(
"files.lib.php::dol_move Failed.", LOG_WARNING);
1072 if ($result && $indexdatabase) {
1074 $rel_filetorenamebefore = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $srcfile);
1075 $rel_filetorenameafter = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $destfile);
1076 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) {
1077 $rel_filetorenamebefore = preg_replace(
'/^[\\/]/',
'', $rel_filetorenamebefore);
1078 $rel_filetorenameafter = preg_replace(
'/^[\\/]/',
'', $rel_filetorenameafter);
1081 dol_syslog(
"Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore.
" after = ".$rel_filetorenameafter, LOG_DEBUG);
1082 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1084 $ecmfiletarget =
new EcmFiles($db);
1085 $resultecmtarget = $ecmfiletarget->fetch(0,
'', $rel_filetorenameafter);
1086 if ($resultecmtarget > 0) {
1087 $ecmfiletarget->delete($user);
1091 $resultecm = $ecmfile->fetch(0,
'', $rel_filetorenamebefore);
1092 if ($resultecm > 0) {
1093 $filename = basename($rel_filetorenameafter);
1094 $rel_dir = dirname($rel_filetorenameafter);
1095 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1096 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1098 $ecmfile->filepath = $rel_dir;
1099 $ecmfile->filename = $filename;
1101 $resultecm = $ecmfile->update($user);
1102 } elseif ($resultecm == 0) {
1103 $filename = basename($rel_filetorenameafter);
1104 $rel_dir = dirname($rel_filetorenameafter);
1105 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1106 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1108 $ecmfile->filepath = $rel_dir;
1109 $ecmfile->filename = $filename;
1111 $ecmfile->fullpath_orig = basename($srcfile);
1112 $ecmfile->gen_or_uploaded =
'uploaded';
1113 if (!empty($moreinfo) && !empty($moreinfo[
'description'])) {
1114 $ecmfile->description = $moreinfo[
'description'];
1116 $ecmfile->description =
'';
1118 if (!empty($moreinfo) && !empty($moreinfo[
'keywords'])) {
1119 $ecmfile->keywords = $moreinfo[
'keywords'];
1121 $ecmfile->keywords =
'';
1123 if (!empty($moreinfo) && !empty($moreinfo[
'note_private'])) {
1124 $ecmfile->note_private = $moreinfo[
'note_private'];
1126 if (!empty($moreinfo) && !empty($moreinfo[
'note_public'])) {
1127 $ecmfile->note_public = $moreinfo[
'note_public'];
1129 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_type'])) {
1130 $ecmfile->src_object_type = $moreinfo[
'src_object_type'];
1132 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_id'])) {
1133 $ecmfile->src_object_id = $moreinfo[
'src_object_id'];
1136 $resultecm = $ecmfile->create($user);
1137 if ($resultecm < 0) {
1140 } elseif ($resultecm < 0) {
1144 if ($resultecm > 0) {
1152 if (empty($newmask)) {
1159 dolChmod($newpathofdestfile, $newmask);
2740 global $conf, $db, $user, $hookmanager;
2741 global $dolibarr_main_data_root, $dolibarr_main_document_root_alt;
2744 if (!is_object($fuser)) {
2748 if (empty($modulepart)) {
2749 return 'ErrorBadParameter';
2751 if (empty($entity)) {
2752 if (!isModEnabled(
'multicompany')) {
2759 if ($modulepart ==
'facture') {
2760 $modulepart =
'invoice';
2761 } elseif ($modulepart ==
'users') {
2762 $modulepart =
'user';
2763 } elseif ($modulepart ==
'tva') {
2764 $modulepart =
'tax-vat';
2765 } elseif ($modulepart ==
'expedition' && strpos($original_file,
'receipt/') === 0) {
2767 $modulepart =
'delivery';
2771 dol_syslog(
'dol_check_secure_access_document modulepart='.$modulepart.
' original_file='.$original_file.
' entity='.$entity);
2775 $sqlprotectagainstexternals =
'';
2779 if (empty($refname)) {
2780 $refname = basename(dirname($original_file).
"/");
2781 if ($refname ==
'thumbs' || $refname ==
'temp') {
2783 $refname = basename(dirname(dirname($original_file)).
"/");
2790 $download =
'download';
2791 if ($mode ==
'write') {
2794 $download =
'upload';
2798 if ($modulepart ==
'common') {
2801 $original_file = DOL_DOCUMENT_ROOT.
'/public/theme/common/'.$original_file;
2802 } elseif ($modulepart ==
'medias' && !empty($dolibarr_main_data_root)) {
2807 if (empty($entity)) {
2811 $original_file = (empty($conf->medias->multidir_output[$entity]) ? (empty($conf->medias->dir_output) ? DOL_DATA_ROOT.
'/medias' : $conf->medias->dir_output) : $conf->medias->multidir_output[$entity]).
'/'.$original_file;
2812 } elseif ($modulepart ==
'logs' && !empty($dolibarr_main_data_root)) {
2814 $accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match(
'/^dolibarr.*\.(log|json)$/', basename($original_file)));
2815 $original_file = $dolibarr_main_data_root.
'/'.$original_file;
2816 } elseif ($modulepart ==
'doctemplates' && !empty($dolibarr_main_data_root)) {
2818 $accessallowed = $user->admin;
2819 $original_file = $dolibarr_main_data_root.
'/doctemplates/'.$original_file;
2820 } elseif ($modulepart ==
'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
2822 $accessallowed = ($fuser->hasRight(
'website',
'write') && preg_match(
'/\.jpg$/i', basename($original_file)));
2823 $original_file = $dolibarr_main_data_root.
'/doctemplates/websites/'.$original_file;
2824 } elseif ($modulepart ==
'packages' && !empty($dolibarr_main_data_root)) {
2827 $tmp = explode(
',', $dolibarr_main_document_root_alt);
2830 $accessallowed = ($user->admin && preg_match(
'/^module_.*\.zip$/', basename($original_file)));
2831 $original_file = $dirins.
'/'.$original_file;
2832 } elseif ($modulepart ==
'mycompany' && !empty($conf->mycompany->dir_output)) {
2835 $original_file = $conf->mycompany->dir_output.
'/'.$original_file;
2836 } elseif ($modulepart ==
'userphoto' && !empty($conf->user->dir_output)) {
2839 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2842 $original_file = $conf->user->dir_output.
'/'.$original_file;
2843 } elseif ($modulepart ==
'userphotopublic' && !empty($conf->user->dir_output)) {
2848 if (preg_match(
'/^(\d+)\/photos\//', $original_file, $reg)) {
2850 $tmpobject =
new User($db);
2851 $tmpobject->fetch($reg[1],
'',
'', 1);
2853 $securekey =
GETPOST(
'securekey',
'alpha', 1);
2855 global $dolibarr_main_cookie_cryptkey, $dolibarr_main_instance_unique_id;
2856 $valuetouse = $dolibarr_main_instance_unique_id ? $dolibarr_main_instance_unique_id : $dolibarr_main_cookie_cryptkey;
2857 $encodedsecurekey =
dol_hash($valuetouse.
'uservirtualcard'.$tmpobject->id.
'-'.$tmpobject->login,
'md5');
2858 if ($encodedsecurekey == $securekey) {
2867 $original_file = $conf->user->dir_output.
'/'.$original_file;
2868 } elseif (($modulepart ==
'companylogo') && !empty($conf->mycompany->dir_output)) {
2871 $original_file = $conf->mycompany->dir_output.
'/logos/'.$original_file;
2872 } elseif ($modulepart ==
'memberphoto' && !empty($conf->member->dir_output)) {
2875 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2878 $original_file = $conf->member->dir_output.
'/'.$original_file;
2879 } elseif ($modulepart ==
'apercufacture' && !empty($conf->invoice->multidir_output[$entity])) {
2881 if ($fuser->hasRight(
'facture', $lire)) {
2884 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
2885 } elseif ($modulepart ==
'apercupropal' && !empty($conf->propal->multidir_output[$entity])) {
2887 if ($fuser->hasRight(
'propal', $lire)) {
2890 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2891 } elseif ($modulepart ==
'apercucommande' && !empty($conf->order->multidir_output[$entity])) {
2893 if ($fuser->hasRight(
'commande', $lire)) {
2896 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
2897 } elseif (($modulepart ==
'apercufichinter' || $modulepart ==
'apercuficheinter') && !empty($conf->ficheinter->dir_output)) {
2899 if ($fuser->hasRight(
'ficheinter', $lire)) {
2902 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2903 } elseif (($modulepart ==
'apercucontract') && !empty($conf->contract->multidir_output[$entity])) {
2905 if ($fuser->hasRight(
'contrat', $lire)) {
2908 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
2909 } elseif (($modulepart ==
'apercusupplier_proposal' || $modulepart ==
'apercusupplier_proposal') && !empty($conf->supplier_proposal->dir_output)) {
2911 if ($fuser->hasRight(
'supplier_proposal', $lire)) {
2914 $original_file = $conf->supplier_proposal->dir_output.
'/'.$original_file;
2915 } elseif (($modulepart ==
'apercusupplier_order' || $modulepart ==
'apercusupplier_order') && !empty($conf->fournisseur->commande->dir_output)) {
2917 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2920 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2921 } elseif (($modulepart ==
'apercusupplier_invoice' || $modulepart ==
'apercusupplier_invoice') && !empty($conf->fournisseur->facture->dir_output)) {
2923 if ($fuser->hasRight(
'fournisseur', $lire)) {
2926 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2927 } elseif (($modulepart ==
'holiday') && !empty($conf->holiday->dir_output)) {
2928 if ($fuser->hasRight(
'holiday', $read) || $fuser->hasRight(
'holiday',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2931 if ($refname && !$fuser->hasRight(
'holiday',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2932 include_once DOL_DOCUMENT_ROOT.
'/holiday/class/holiday.class.php';
2933 $tmpholiday =
new Holiday($db);
2934 $tmpholiday->fetch(
'', $refname);
2935 $accessallowed =
checkUserAccessToObject($user, array(
'holiday'), $tmpholiday,
'holiday',
'',
'',
'rowid',
'');
2938 $original_file = $conf->holiday->dir_output.
'/'.$original_file;
2939 } elseif (($modulepart ==
'expensereport') && !empty($conf->expensereport->dir_output)) {
2940 if ($fuser->hasRight(
'expensereport', $lire) || $fuser->hasRight(
'expensereport',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2943 if ($refname && !$fuser->hasRight(
'expensereport',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2944 include_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
2946 $tmpexpensereport->fetch(
'', $refname);
2947 $accessallowed =
checkUserAccessToObject($user, array(
'expensereport'), $tmpexpensereport,
'expensereport',
'',
'',
'rowid',
'');
2950 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2951 } elseif (($modulepart ==
'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
2953 if ($fuser->hasRight(
'expensereport', $lire)) {
2956 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2957 } elseif ($modulepart ==
'propalstats' && !empty($conf->propal->multidir_temp[$entity])) {
2959 if ($fuser->hasRight(
'propal', $lire)) {
2962 $original_file = $conf->propal->multidir_temp[$entity].
'/'.$original_file;
2963 } elseif ($modulepart ==
'orderstats' && !empty($conf->order->dir_temp)) {
2965 if ($fuser->hasRight(
'commande', $lire)) {
2968 $original_file = $conf->order->dir_temp.
'/'.$original_file;
2969 } elseif ($modulepart ==
'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2970 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2973 $original_file = $conf->fournisseur->commande->dir_temp.
'/'.$original_file;
2974 } elseif ($modulepart ==
'billstats' && !empty($conf->invoice->dir_temp)) {
2976 if ($fuser->hasRight(
'facture', $lire)) {
2979 $original_file = $conf->invoice->dir_temp.
'/'.$original_file;
2980 } elseif ($modulepart ==
'billstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2981 if ($fuser->hasRight(
'fournisseur',
'facture', $lire)) {
2984 $original_file = $conf->fournisseur->facture->dir_temp.
'/'.$original_file;
2985 } elseif ($modulepart ==
'expeditionstats' && !empty($conf->expedition->dir_temp)) {
2987 if ($fuser->hasRight(
'expedition', $lire)) {
2990 $original_file = $conf->expedition->dir_temp.
'/'.$original_file;
2991 } elseif ($modulepart ==
'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) {
2993 if ($fuser->hasRight(
'deplacement', $lire)) {
2996 $original_file = $conf->deplacement->dir_temp.
'/'.$original_file;
2997 } elseif ($modulepart ==
'memberstats' && !empty($conf->member->dir_temp)) {
2999 if ($fuser->hasRight(
'adherent', $lire)) {
3002 $original_file = $conf->member->dir_temp.
'/'.$original_file;
3003 } elseif (preg_match(
'/^productstats_/i', $modulepart) && !empty($conf->product->dir_temp)) {
3005 if ($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) {
3008 $original_file = (!empty($conf->product->multidir_temp[$entity]) ? $conf->product->multidir_temp[$entity] : $conf->service->multidir_temp[$entity]).
'/'.$original_file;
3009 } elseif (in_array($modulepart, array(
'tax',
'tax-vat',
'tva')) && !empty($conf->tax->dir_output)) {
3011 if ($fuser->hasRight(
'tax',
'charges', $lire)) {
3014 $modulepartsuffix = str_replace(
'tax-',
'', $modulepart);
3015 $original_file = $conf->tax->dir_output.
'/'.($modulepartsuffix !=
'tax' ? $modulepartsuffix.
'/' :
'').$original_file;
3016 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
3018 if ($fuser->hasRight(
'agenda',
'myactions', $read)) {
3021 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3022 include_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
3024 $tmpobject->fetch((
int) $refname);
3025 $accessallowed =
checkUserAccessToObject($user, array(
'agenda'), $tmpobject->id,
'actioncomm&societe',
'myactions|allactions',
'fk_soc',
'id',
'');
3026 if ($user->socid && $tmpobject->socid) {
3031 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
3032 } elseif ($modulepart ==
'category' && !empty($conf->categorie->multidir_output[$entity])) {
3034 if (empty($entity) || empty($conf->categorie->multidir_output[$entity])) {
3035 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3037 if ($fuser->hasRight(
"categorie", $lire) || $fuser->hasRight(
"takepos",
"run")) {
3040 $original_file = $conf->categorie->multidir_output[$entity].
'/'.$original_file;
3041 } elseif ($modulepart ==
'prelevement' && !empty($conf->prelevement->dir_output)) {
3043 if ($fuser->hasRight(
'prelevement',
'bons', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3046 $original_file = $conf->prelevement->dir_output.
'/'.$original_file;
3047 } elseif ($modulepart ==
'graph_stock' && !empty($conf->stock->dir_temp)) {
3050 $original_file = $conf->stock->dir_temp.
'/'.$original_file;
3051 } elseif ($modulepart ==
'graph_fourn' && !empty($conf->fournisseur->dir_temp)) {
3054 $original_file = $conf->fournisseur->dir_temp.
'/'.$original_file;
3055 } elseif ($modulepart ==
'graph_product' && !empty($conf->product->dir_temp)) {
3058 $original_file = $conf->product->multidir_temp[$entity].
'/'.$original_file;
3059 } elseif ($modulepart ==
'barcode') {
3064 $original_file =
'';
3065 } elseif ($modulepart ==
'iconmailing' && !empty($conf->mailing->dir_temp)) {
3068 $original_file = $conf->mailing->dir_temp.
'/'.$original_file;
3069 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
3072 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3073 } elseif ($modulepart ==
'fckeditor' && !empty($conf->fckeditor->dir_output)) {
3076 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3077 } elseif ($modulepart ==
'user' && !empty($conf->user->dir_output)) {
3079 $canreaduser = (!empty($fuser->admin) || $fuser->rights->user->user->{$lire});
3080 if ($fuser->id == (
int) $refname) {
3083 if ($canreaduser || preg_match(
'/^specimen/i', $original_file)) {
3086 $original_file = $conf->user->dir_output.
'/'.$original_file;
3087 } elseif (($modulepart ==
'company' || $modulepart ==
'societe' || $modulepart ==
'thirdparty') && !empty($conf->societe->multidir_output[$entity])) {
3089 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3090 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3092 if ($fuser->hasRight(
'societe', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3095 $original_file = $conf->societe->multidir_output[$entity].
'/'.$original_file;
3096 $sqlprotectagainstexternals =
"SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX.
"societe WHERE rowid='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'societe').
")";
3097 } elseif ($modulepart ==
'contact' && !empty($conf->societe->multidir_output[$entity])) {
3099 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3100 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3102 if ($fuser->hasRight(
'societe', $lire)) {
3105 $original_file = $conf->societe->multidir_output[$entity].
'/contact/'.$original_file;
3106 } elseif (($modulepart ==
'facture' || $modulepart ==
'invoice') && !empty($conf->invoice->multidir_output[$entity])) {
3108 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3111 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
3112 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'invoice').
")";
3113 } elseif ($modulepart ==
'massfilesarea_proposals' && !empty($conf->propal->multidir_output[$entity])) {
3115 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3118 $original_file = $conf->propal->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3119 } elseif ($modulepart ==
'massfilesarea_orders') {
3120 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3123 $original_file = $conf->order->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3124 } elseif ($modulepart ==
'massfilesarea_sendings') {
3125 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3128 $original_file = $conf->expedition->dir_output.
'/sending/temp/massgeneration/'.$user->id.
'/'.$original_file;
3129 } elseif ($modulepart ==
'massfilesarea_receipts') {
3130 if ($fuser->hasRight(
'reception', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3133 $original_file = $conf->reception->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3134 } elseif ($modulepart ==
'massfilesarea_invoices') {
3135 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3138 $original_file = $conf->invoice->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3139 } elseif ($modulepart ==
'massfilesarea_expensereport') {
3140 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3143 $original_file = $conf->expensereport->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3144 } elseif ($modulepart ==
'massfilesarea_interventions') {
3145 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3148 $original_file = $conf->ficheinter->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3149 } elseif ($modulepart ==
'massfilesarea_supplier_proposal' && !empty($conf->supplier_proposal->dir_output)) {
3150 if ($fuser->hasRight(
'supplier_proposal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3153 $original_file = $conf->supplier_proposal->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3154 } elseif ($modulepart ==
'massfilesarea_supplier_order') {
3155 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3158 $original_file = $conf->fournisseur->commande->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3159 } elseif ($modulepart ==
'massfilesarea_supplier_invoice') {
3160 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3163 $original_file = $conf->fournisseur->facture->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3164 } elseif ($modulepart ==
'massfilesarea_contract' && !empty($conf->contract->dir_output)) {
3165 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3168 $original_file = $conf->contract->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3169 } elseif (($modulepart ==
'fichinter' || $modulepart ==
'ficheinter') && !empty($conf->ficheinter->dir_output)) {
3171 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3174 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
3175 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"fichinter WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3176 } elseif ($modulepart ==
'deplacement' && !empty($conf->deplacement->dir_output)) {
3178 if ($fuser->hasRight(
'deplacement', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3181 $original_file = $conf->deplacement->dir_output.
'/'.$original_file;
3183 } elseif (($modulepart ==
'propal' || $modulepart ==
'propale') && isset($conf->propal->multidir_output[$entity])) {
3185 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3188 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
3189 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"propal WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'propal').
")";
3190 } elseif (($modulepart ==
'commande' || $modulepart ==
'order') && !empty($conf->order->multidir_output[$entity])) {
3192 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3195 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
3196 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'order').
")";
3197 } elseif ($modulepart ==
'project' && !empty($conf->project->multidir_output[$entity])) {
3199 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3202 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3203 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
3204 $tmpproject =
new Project($db);
3205 $tmpproject->fetch(
'', $refname);
3206 $accessallowed =
checkUserAccessToObject($user, array(
'projet'), $tmpproject->id,
'projet&project',
'',
'',
'rowid',
'');
3209 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3210 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3211 } elseif ($modulepart ==
'project_task' && !empty($conf->project->multidir_output[$entity])) {
3212 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3215 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3216 include_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
3217 $tmptask =
new Task($db);
3218 $tmptask->fetch(
'', $refname);
3219 $accessallowed =
checkUserAccessToObject($user, array(
'projet_task'), $tmptask->id,
'projet_task&project',
'',
'',
'rowid',
'');
3222 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3223 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3224 } elseif (($modulepart ==
'commande_fournisseur' || $modulepart ==
'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) {
3226 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3229 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
3230 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande_fournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3231 } elseif (($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) {
3233 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3236 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
3237 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture_fourn WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3238 } elseif ($modulepart ==
'supplier_payment') {
3240 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3243 $original_file = $conf->fournisseur->payment->dir_output.
'/'.$original_file;
3244 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"paiementfournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3245 } elseif ($modulepart ==
'payment') {
3247 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3250 $original_file = $conf->compta->payment->dir_output.
'/'.$original_file;
3251 } elseif ($modulepart ==
'facture_paiement' && !empty($conf->invoice->dir_output)) {
3253 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3256 if ($fuser->socid > 0) {
3257 $original_file = $conf->invoice->dir_output.
'/payments/private/'.$fuser->id.
'/'.$original_file;
3259 $original_file = $conf->invoice->dir_output.
'/payments/'.$original_file;
3261 } elseif ($modulepart ==
'export_compta' && !empty($conf->accounting->dir_output)) {
3263 if ($fuser->hasRight(
'accounting',
'bind',
'write') || preg_match(
'/^specimen/i', $original_file)) {
3266 $original_file = $conf->accounting->dir_output.
'/'.$original_file;
3267 } elseif (($modulepart ==
'expedition' || $modulepart ==
'shipment') && !empty($conf->expedition->dir_output)) {
3269 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3272 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'sending/') === 0 ?
'' :
'sending/').$original_file;
3274 } elseif (($modulepart ==
'livraison' || $modulepart ==
'delivery') && !empty($conf->expedition->dir_output)) {
3276 if ($fuser->hasRight(
'expedition',
'delivery', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3279 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'receipt/') === 0 ?
'' :
'receipt/').$original_file;
3280 } elseif ($modulepart ==
'actionsreport' && !empty($conf->agenda->dir_temp)) {
3282 if ($fuser->hasRight(
'agenda',
'allactions', $read) || preg_match(
'/^specimen/i', $original_file)) {
3285 $original_file = $conf->agenda->dir_temp.
"/".$original_file;
3286 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
3288 if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
3289 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3291 if (($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3294 if (isModEnabled(
"product")) {
3295 $original_file = $conf->product->multidir_output[$entity].
'/'.$original_file;
3296 } elseif (isModEnabled(
"service")) {
3297 $original_file = $conf->service->multidir_output[$entity].
'/'.$original_file;
3299 } elseif ($modulepart ==
'product_batch' || $modulepart ==
'productlot') {
3301 if (empty($entity) || (empty($conf->productbatch->multidir_output[$entity]))) {
3302 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3304 if (($fuser->hasRight(
'produit', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3307 if (isModEnabled(
'productbatch')) {
3308 $original_file = $conf->productbatch->multidir_output[$entity].
'/'.$original_file;
3310 } elseif ($modulepart ==
'movement' || $modulepart ==
'mouvement') {
3312 if (empty($entity) || empty($conf->stock->multidir_output[$entity])) {
3313 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3315 if (($fuser->hasRight(
'stock', $lire) || $fuser->hasRight(
'stock',
'movement', $lire) || $fuser->hasRight(
'stock',
'mouvement', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3318 if (isModEnabled(
'stock')) {
3319 $original_file = $conf->stock->multidir_output[$entity].
'/movement/'.$original_file;
3321 } elseif ($modulepart ==
'contract' && !empty($conf->contract->multidir_output[$entity])) {
3323 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3326 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
3327 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"contrat WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'contract').
")";
3328 } elseif ($modulepart ==
'donation' && !empty($conf->don->dir_output)) {
3330 if ($fuser->hasRight(
'don', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3333 $original_file = $conf->don->dir_output.
'/'.$original_file;
3334 } elseif ($modulepart ==
'dolresource' && !empty($conf->resource->dir_output)) {
3336 if ($fuser->hasRight(
'resource', $read) || preg_match(
'/^specimen/i', $original_file)) {
3339 $original_file = $conf->resource->dir_output.
'/'.$original_file;
3340 } elseif (($modulepart ==
'remisecheque' || $modulepart ==
'chequereceipt') && !empty($conf->bank->dir_output)) {
3342 if ($fuser->hasRight(
'banque', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3345 $original_file = $conf->bank->dir_output.
'/checkdeposits/'.$original_file;
3346 } elseif (($modulepart ==
'banque' || $modulepart ==
'bank') && !empty($conf->bank->dir_output)) {
3348 if ($fuser->hasRight(
'banque', $lire)) {
3351 $original_file = $conf->bank->dir_output.
'/'.$original_file;
3352 } elseif ($modulepart ==
'export' && !empty($conf->export->dir_temp)) {
3355 $accessallowed = $user->hasRight(
'export',
'lire');
3356 $original_file = $conf->export->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3357 } elseif ($modulepart ==
'import' && !empty($conf->import->dir_temp)) {
3359 $accessallowed = $user->hasRight(
'import',
'run');
3360 $original_file = $conf->import->dir_temp.
'/'.$original_file;
3361 } elseif ($modulepart ==
'recruitment' && !empty($conf->recruitment->dir_output)) {
3363 $accessallowed = $user->hasRight(
'recruitment',
'recruitmentjobposition',
'read');
3364 $original_file = $conf->recruitment->dir_output.
'/'.$original_file;
3365 } elseif ($modulepart ==
'editor' && !empty($conf->fckeditor->dir_output)) {
3368 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3369 } elseif ($modulepart ==
'systemtools' && !empty($conf->admin->dir_output)) {
3371 if ($fuser->admin) {
3374 $original_file = $conf->admin->dir_output.
'/'.$original_file;
3375 } elseif ($modulepart ==
'admin_temp' && !empty($conf->admin->dir_temp)) {
3377 if ($fuser->admin) {
3380 $original_file = $conf->admin->dir_temp.
'/'.$original_file;
3381 } elseif ($modulepart ==
'bittorrent' && !empty($conf->bittorrent->dir_output)) {
3385 if (
dol_mimetype($original_file) ==
'application/x-bittorrent') {
3388 $original_file = $conf->bittorrent->dir_output.
'/'.$dir.
'/'.$original_file;
3389 } elseif ($modulepart ==
'member' && !empty($conf->member->dir_output)) {
3391 if ($fuser->hasRight(
'adherent', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3394 $original_file = $conf->member->dir_output.
'/'.$original_file;
3404 if (preg_match(
'/^specimen/i', $original_file)) {
3407 if ($fuser->admin) {
3411 $tmpmodulepart = explode(
'-', $modulepart);
3412 if (!empty($tmpmodulepart[1])) {
3413 $modulepart = $tmpmodulepart[0];
3414 $original_file = $tmpmodulepart[1].
'/'.$original_file;
3419 if (preg_match(
'/^([a-z]+)_user_temp$/i', $modulepart, $reg)) {
3420 $tmpmodule = $reg[1];
3421 if (empty($conf->$tmpmodule->dir_temp)) {
3422 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3425 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3428 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3429 } elseif (preg_match(
'/^([a-z]+)_temp$/i', $modulepart, $reg)) {
3430 $tmpmodule = $reg[1];
3431 if (empty($conf->$tmpmodule->dir_temp)) {
3432 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3435 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3438 $original_file = $conf->$tmpmodule->dir_temp.
'/'.$original_file;
3439 } elseif (preg_match(
'/^([a-z]+)_user$/i', $modulepart, $reg)) {
3440 $tmpmodule = $reg[1];
3441 if (empty($conf->$tmpmodule->dir_output)) {
3442 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3445 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3448 $original_file = $conf->$tmpmodule->dir_output.
'/'.$fuser->id.
'/'.$original_file;
3449 } elseif (preg_match(
'/^massfilesarea_([a-z]+)$/i', $modulepart, $reg)) {
3450 $tmpmodule = $reg[1];
3451 if (empty($conf->$tmpmodule->dir_output)) {
3452 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3455 if ($fuser->hasRight($tmpmodule, $lire) || preg_match(
'/^specimen/i', $original_file)) {
3458 $original_file = $conf->$tmpmodule->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3460 if (empty($conf->$modulepart->dir_output)) {
3461 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
'). The module for this modulepart value may not be activated.');
3466 $partsofdirinoriginalfile = explode(
'/', $original_file);
3467 if (!empty($partsofdirinoriginalfile[1])) {
3468 $partofdirinoriginalfile = $partsofdirinoriginalfile[0];
3469 if ($partofdirinoriginalfile && ($fuser->hasRight($modulepart, $partofdirinoriginalfile,
'lire') || $fuser->hasRight($modulepart, $partofdirinoriginalfile,
'read'))) {
3473 if ($fuser->hasRight($modulepart, $lire) || $fuser->hasRight($modulepart, $read)) {
3477 if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) {
3478 $original_file = $conf->$modulepart->multidir_output[$entity].
'/'.$original_file;
3480 $original_file = $conf->$modulepart->dir_output.
'/'.$original_file;
3484 $parameters = array(
3485 'modulepart' => $modulepart,
3486 'original_file' => $original_file,
3487 'entity' => $entity,
3492 $reshook = $hookmanager->executeHooks(
'checkSecureAccess', $parameters,
$object);
3494 if (!empty($hookmanager->resArray[
'original_file'])) {
3495 $original_file = $hookmanager->resArray[
'original_file'];
3497 if (!empty($hookmanager->resArray[
'accessallowed'])) {
3498 $accessallowed = $hookmanager->resArray[
'accessallowed'];
3500 if (!empty($hookmanager->resArray[
'sqlprotectagainstexternals'])) {
3501 $sqlprotectagainstexternals = $hookmanager->resArray[
'sqlprotectagainstexternals'];
3507 'accessallowed' => ($accessallowed ? 1 : 0),
3508 'sqlprotectagainstexternals' => $sqlprotectagainstexternals,
3509 'original_file' => $original_file