63function dol_dir_list($utf8_path, $types =
"all", $recursive = 0, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0, $nohook = 0, $relativename =
"", $donotfollowsymlinks = 0, $nbsecondsold = 0)
65 global $db, $hookmanager;
68 if ($recursive <= 1) {
73 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
74 foreach ((array($filter) + $exclude_array) as $f) {
76 if ((
int) preg_match(
'/(?:^|[^\\\\])\//', $f) > 0) {
78 $error_info .=
" error='$f unescaped_slash'";
82 dol_syslog(
"files.lib.php::dol_dir_list path=".$utf8_path.
" types=".$types.
" recursive=".$recursive.
" filter=".$filter.
" excludefilter=".json_encode($excludefilter).$error_info);
90 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
94 $excludefilterarray = array_merge(array(
'^\.'), $exclude_array);
96 $loaddate = ($mode == 1 || $mode == 2 || $nbsecondsold != 0 || $sortcriteria ==
'date');
97 $loadsize = ($mode == 1 || $mode == 3 || $sortcriteria ==
'size');
98 $loadperm = ($mode == 1 || $mode == 4 || $sortcriteria ==
'perm');
101 $utf8_path = preg_replace(
'/([\\/]+)$/',
'', $utf8_path);
106 $file_list = array();
108 if (!$nohook && $hookmanager instanceof
HookManager) {
109 $hookmanager->resArray = array();
111 $hookmanager->initHooks(array(
'fileslib'));
116 'recursive' => $recursive,
118 'excludefilter' => $exclude_array,
119 'sortcriteria' => $sortcriteria,
120 'sortorder' => $sortorder,
121 'loaddate' => $loaddate,
122 'loadsize' => $loadsize,
125 $reshook = $hookmanager->executeHooks(
'getDirList', $parameters,
$object);
129 if (empty($reshook)) {
130 if (!is_dir($os_path)) {
134 if (($dir = opendir($os_path)) ===
false) {
141 while (
false !== ($os_file = readdir($dir))) {
142 $os_fullpathfile = ($os_path ? $os_path.
'/' :
'').$os_file;
145 $utf8_file = mb_convert_encoding($os_file,
'UTF-8',
'ISO-8859-1');
147 $utf8_file = $os_file;
152 $utf8_fullpathfile =
"$utf8_path/$utf8_file";
155 foreach ($excludefilterarray as $filt) {
156 if (preg_match(
'/'.$filt.
'/i', $utf8_file) || preg_match(
'/'.$filt.
'/i', $utf8_fullpathfile)) {
164 $isdir = is_dir($os_fullpathfile);
168 if (($types ==
"directories") || ($types ==
"all")) {
169 if ($loaddate || $sortcriteria ==
'date') {
172 if ($loadsize || $sortcriteria ==
'size') {
175 if ($loadperm || $sortcriteria ==
'perm') {
179 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
181 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
182 $level1name = (isset($reg[1]) ? $reg[1] :
'');
183 $file_list[] = array(
184 "name" => $utf8_file,
185 "path" => $utf8_path,
186 "level1name" => $level1name,
187 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
188 "fullname" => $utf8_fullpathfile,
198 if ($recursive > 0) {
199 if (empty($donotfollowsymlinks) || !is_link($os_fullpathfile)) {
201 $file_list = array_merge($file_list,
dol_dir_list($utf8_fullpathfile, $types, $recursive + 1, $filter, $exclude_array, $sortcriteria, $sortorder, $mode, $nohook, ($relativename !=
'' ? $relativename.
'/' :
'').$utf8_file, $donotfollowsymlinks, $nbsecondsold));
204 } elseif (in_array($types, array(
"files",
"all"))) {
206 if ($loaddate || $sortcriteria ==
'date') {
209 if ($loadsize || $sortcriteria ==
'size') {
213 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
214 if (empty($nbsecondsold) || $filedate <= ($now - $nbsecondsold)) {
215 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
216 $level1name = (isset($reg[1]) ? $reg[1] :
'');
217 $file_list[] = array(
218 "name" => $utf8_file,
219 "path" => $utf8_path,
220 "level1name" => $level1name,
221 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
222 "fullname" => $utf8_fullpathfile,
235 if (!empty($sortcriteria) && $sortorder) {
236 $file_list =
dol_sort_array($file_list, $sortcriteria, ($sortorder == SORT_ASC ?
'asc' :
'desc'));
241 if ($hookmanager instanceof
HookManager && is_array($hookmanager->resArray)) {
242 $file_list = array_merge($file_list, $hookmanager->resArray);
1011function dol_move($srcfile, $destfile, $newmask =
'0', $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 1, $moreinfo = array())
1013 global $user, $db, $conf;
1016 dol_syslog(
"files.lib.php::dol_move srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwritifexists=".$overwriteifexists);
1021 dol_syslog(
"files.lib.php::dol_move srcfile does not exists. we ignore the move request.");
1025 if ($overwriteifexists || !$destexists) {
1030 $testvirusarray = array();
1033 $testvirusarray =
dolCheckVirus($newpathofsrcfile, $newpathofdestfile);
1034 if (count($testvirusarray)) {
1035 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1041 if (count($testvirusarray)) {
1042 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1047 global $dolibarr_main_restrict_os_commands;
1048 if (!empty($dolibarr_main_restrict_os_commands)) {
1049 $arrayofallowedcommand = explode(
',', $dolibarr_main_restrict_os_commands);
1050 $arrayofallowedcommand = array_map(
'trim', $arrayofallowedcommand);
1051 if (in_array(basename($destfile), $arrayofallowedcommand)) {
1054 dol_syslog(
"files.lib.php::dol_move canceled because target filename ".basename($destfile).
" is using a reserved command name. we ignore the move request.", LOG_WARNING);
1059 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1062 dol_syslog(
"files.lib.php::dol_move Failed. We try to delete target first and move after.", LOG_WARNING);
1065 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1067 dol_syslog(
"files.lib.php::dol_move Failed.", LOG_WARNING);
1072 if ($result && $indexdatabase) {
1074 $rel_filetorenamebefore = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $srcfile);
1075 $rel_filetorenameafter = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $destfile);
1076 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) {
1077 $rel_filetorenamebefore = preg_replace(
'/^[\\/]/',
'', $rel_filetorenamebefore);
1078 $rel_filetorenameafter = preg_replace(
'/^[\\/]/',
'', $rel_filetorenameafter);
1081 dol_syslog(
"Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore.
" after = ".$rel_filetorenameafter, LOG_DEBUG);
1082 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1084 $ecmfiletarget =
new EcmFiles($db);
1085 $resultecmtarget = $ecmfiletarget->fetch(0,
'', $rel_filetorenameafter);
1086 if ($resultecmtarget > 0) {
1087 $ecmfiletarget->delete($user);
1091 $resultecm = $ecmfile->fetch(0,
'', $rel_filetorenamebefore);
1092 if ($resultecm > 0) {
1093 $filename = basename($rel_filetorenameafter);
1094 $rel_dir = dirname($rel_filetorenameafter);
1095 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1096 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1098 $ecmfile->filepath = $rel_dir;
1099 $ecmfile->filename = $filename;
1101 $resultecm = $ecmfile->update($user);
1102 } elseif ($resultecm == 0) {
1103 $filename = basename($rel_filetorenameafter);
1104 $rel_dir = dirname($rel_filetorenameafter);
1105 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1106 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1108 $ecmfile->filepath = $rel_dir;
1109 $ecmfile->filename = $filename;
1111 $ecmfile->fullpath_orig = basename($srcfile);
1112 $ecmfile->gen_or_uploaded =
'uploaded';
1113 if (!empty($moreinfo) && !empty($moreinfo[
'description'])) {
1114 $ecmfile->description = $moreinfo[
'description'];
1116 $ecmfile->description =
'';
1118 if (!empty($moreinfo) && !empty($moreinfo[
'keywords'])) {
1119 $ecmfile->keywords = $moreinfo[
'keywords'];
1121 $ecmfile->keywords =
'';
1123 if (!empty($moreinfo) && !empty($moreinfo[
'note_private'])) {
1124 $ecmfile->note_private = $moreinfo[
'note_private'];
1126 if (!empty($moreinfo) && !empty($moreinfo[
'note_public'])) {
1127 $ecmfile->note_public = $moreinfo[
'note_public'];
1129 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_type'])) {
1130 $ecmfile->src_object_type = $moreinfo[
'src_object_type'];
1132 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_id'])) {
1133 $ecmfile->src_object_id = $moreinfo[
'src_object_id'];
1136 $resultecm = $ecmfile->create($user);
1137 if ($resultecm < 0) {
1140 } elseif ($resultecm < 0) {
1144 if ($resultecm > 0) {
1152 if (empty($newmask)) {
1159 dolChmod($newpathofdestfile, $newmask);
2738 global $conf, $db, $user, $hookmanager;
2739 global $dolibarr_main_data_root, $dolibarr_main_document_root_alt;
2742 if (!is_object($fuser)) {
2746 if (empty($modulepart)) {
2747 return 'ErrorBadParameter';
2749 if (empty($entity)) {
2750 if (!isModEnabled(
'multicompany')) {
2757 if ($modulepart ==
'facture') {
2758 $modulepart =
'invoice';
2759 } elseif ($modulepart ==
'users') {
2760 $modulepart =
'user';
2761 } elseif ($modulepart ==
'tva') {
2762 $modulepart =
'tax-vat';
2763 } elseif ($modulepart ==
'expedition' && strpos($original_file,
'receipt/') === 0) {
2765 $modulepart =
'delivery';
2769 dol_syslog(
'dol_check_secure_access_document modulepart='.$modulepart.
' original_file='.$original_file.
' entity='.$entity);
2773 $sqlprotectagainstexternals =
'';
2777 if (empty($refname)) {
2778 $refname = basename(dirname($original_file).
"/");
2779 if ($refname ==
'thumbs' || $refname ==
'temp') {
2781 $refname = basename(dirname(dirname($original_file)).
"/");
2788 $download =
'download';
2789 if ($mode ==
'write') {
2792 $download =
'upload';
2796 if ($modulepart ==
'common') {
2799 $original_file = DOL_DOCUMENT_ROOT.
'/public/theme/common/'.$original_file;
2800 } elseif ($modulepart ==
'medias' && !empty($dolibarr_main_data_root)) {
2801 if (empty($entity) || empty($conf->medias->multidir_output[$entity])) {
2802 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
2805 $original_file = $conf->medias->multidir_output[$entity].
'/'.$original_file;
2806 } elseif ($modulepart ==
'logs' && !empty($dolibarr_main_data_root)) {
2808 $accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match(
'/^dolibarr.*\.(log|json)$/', basename($original_file)));
2809 $original_file = $dolibarr_main_data_root.
'/'.$original_file;
2810 } elseif ($modulepart ==
'doctemplates' && !empty($dolibarr_main_data_root)) {
2812 $accessallowed = $user->admin;
2813 $original_file = $dolibarr_main_data_root.
'/doctemplates/'.$original_file;
2814 } elseif ($modulepart ==
'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
2816 $accessallowed = ($fuser->hasRight(
'website',
'write') && preg_match(
'/\.jpg$/i', basename($original_file)));
2817 $original_file = $dolibarr_main_data_root.
'/doctemplates/websites/'.$original_file;
2818 } elseif ($modulepart ==
'packages' && !empty($dolibarr_main_data_root)) {
2821 $tmp = explode(
',', $dolibarr_main_document_root_alt);
2824 $accessallowed = ($user->admin && preg_match(
'/^module_.*\.zip$/', basename($original_file)));
2825 $original_file = $dirins.
'/'.$original_file;
2826 } elseif ($modulepart ==
'mycompany' && !empty($conf->mycompany->dir_output)) {
2829 $original_file = $conf->mycompany->dir_output.
'/'.$original_file;
2830 } elseif ($modulepart ==
'userphoto' && !empty($conf->user->dir_output)) {
2833 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2836 $original_file = $conf->user->dir_output.
'/'.$original_file;
2837 } elseif ($modulepart ==
'userphotopublic' && !empty($conf->user->dir_output)) {
2842 if (preg_match(
'/^(\d+)\/photos\//', $original_file, $reg)) {
2844 $tmpobject =
new User($db);
2845 $tmpobject->fetch($reg[1],
'',
'', 1);
2847 $securekey =
GETPOST(
'securekey',
'alpha', 1);
2849 global $dolibarr_main_cookie_cryptkey, $dolibarr_main_instance_unique_id;
2850 $valuetouse = $dolibarr_main_instance_unique_id ? $dolibarr_main_instance_unique_id : $dolibarr_main_cookie_cryptkey;
2851 $encodedsecurekey =
dol_hash($valuetouse.
'uservirtualcard'.$tmpobject->id.
'-'.$tmpobject->login,
'md5');
2852 if ($encodedsecurekey == $securekey) {
2861 $original_file = $conf->user->dir_output.
'/'.$original_file;
2862 } elseif (($modulepart ==
'companylogo') && !empty($conf->mycompany->dir_output)) {
2865 $original_file = $conf->mycompany->dir_output.
'/logos/'.$original_file;
2866 } elseif ($modulepart ==
'memberphoto' && !empty($conf->member->dir_output)) {
2869 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2872 $original_file = $conf->member->dir_output.
'/'.$original_file;
2873 } elseif ($modulepart ==
'apercufacture' && !empty($conf->invoice->multidir_output[$entity])) {
2875 if ($fuser->hasRight(
'facture', $lire)) {
2878 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
2879 } elseif ($modulepart ==
'apercupropal' && !empty($conf->propal->multidir_output[$entity])) {
2881 if ($fuser->hasRight(
'propal', $lire)) {
2884 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2885 } elseif ($modulepart ==
'apercucommande' && !empty($conf->order->multidir_output[$entity])) {
2887 if ($fuser->hasRight(
'commande', $lire)) {
2890 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
2891 } elseif (($modulepart ==
'apercufichinter' || $modulepart ==
'apercuficheinter') && !empty($conf->ficheinter->dir_output)) {
2893 if ($fuser->hasRight(
'ficheinter', $lire)) {
2896 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2897 } elseif (($modulepart ==
'apercucontract') && !empty($conf->contract->multidir_output[$entity])) {
2899 if ($fuser->hasRight(
'contrat', $lire)) {
2902 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
2903 } elseif (($modulepart ==
'apercusupplier_proposal' || $modulepart ==
'apercusupplier_proposal') && !empty($conf->supplier_proposal->dir_output)) {
2905 if ($fuser->hasRight(
'supplier_proposal', $lire)) {
2908 $original_file = $conf->supplier_proposal->dir_output.
'/'.$original_file;
2909 } elseif (($modulepart ==
'apercusupplier_order' || $modulepart ==
'apercusupplier_order') && !empty($conf->fournisseur->commande->dir_output)) {
2911 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2914 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2915 } elseif (($modulepart ==
'apercusupplier_invoice' || $modulepart ==
'apercusupplier_invoice') && !empty($conf->fournisseur->facture->dir_output)) {
2917 if ($fuser->hasRight(
'fournisseur', $lire)) {
2920 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2921 } elseif (($modulepart ==
'holiday') && !empty($conf->holiday->dir_output)) {
2922 if ($fuser->hasRight(
'holiday', $read) || $fuser->hasRight(
'holiday',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2925 if ($refname && !$fuser->hasRight(
'holiday',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2926 include_once DOL_DOCUMENT_ROOT.
'/holiday/class/holiday.class.php';
2927 $tmpholiday =
new Holiday($db);
2928 $tmpholiday->fetch(
'', $refname);
2929 $accessallowed =
checkUserAccessToObject($user, array(
'holiday'), $tmpholiday,
'holiday',
'',
'',
'rowid',
'');
2932 $original_file = $conf->holiday->dir_output.
'/'.$original_file;
2933 } elseif (($modulepart ==
'expensereport') && !empty($conf->expensereport->dir_output)) {
2934 if ($fuser->hasRight(
'expensereport', $lire) || $fuser->hasRight(
'expensereport',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2937 if ($refname && !$fuser->hasRight(
'expensereport',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2938 include_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
2940 $tmpexpensereport->fetch(
'', $refname);
2941 $accessallowed =
checkUserAccessToObject($user, array(
'expensereport'), $tmpexpensereport,
'expensereport',
'',
'',
'rowid',
'');
2944 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2945 } elseif (($modulepart ==
'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
2947 if ($fuser->hasRight(
'expensereport', $lire)) {
2950 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2951 } elseif ($modulepart ==
'propalstats' && !empty($conf->propal->multidir_temp[$entity])) {
2953 if ($fuser->hasRight(
'propal', $lire)) {
2956 $original_file = $conf->propal->multidir_temp[$entity].
'/'.$original_file;
2957 } elseif ($modulepart ==
'orderstats' && !empty($conf->order->dir_temp)) {
2959 if ($fuser->hasRight(
'commande', $lire)) {
2962 $original_file = $conf->order->dir_temp.
'/'.$original_file;
2963 } elseif ($modulepart ==
'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2964 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2967 $original_file = $conf->fournisseur->commande->dir_temp.
'/'.$original_file;
2968 } elseif ($modulepart ==
'billstats' && !empty($conf->invoice->dir_temp)) {
2970 if ($fuser->hasRight(
'facture', $lire)) {
2973 $original_file = $conf->invoice->dir_temp.
'/'.$original_file;
2974 } elseif ($modulepart ==
'billstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2975 if ($fuser->hasRight(
'fournisseur',
'facture', $lire)) {
2978 $original_file = $conf->fournisseur->facture->dir_temp.
'/'.$original_file;
2979 } elseif ($modulepart ==
'expeditionstats' && !empty($conf->expedition->dir_temp)) {
2981 if ($fuser->hasRight(
'expedition', $lire)) {
2984 $original_file = $conf->expedition->dir_temp.
'/'.$original_file;
2985 } elseif ($modulepart ==
'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) {
2987 if ($fuser->hasRight(
'deplacement', $lire)) {
2990 $original_file = $conf->deplacement->dir_temp.
'/'.$original_file;
2991 } elseif ($modulepart ==
'memberstats' && !empty($conf->member->dir_temp)) {
2993 if ($fuser->hasRight(
'adherent', $lire)) {
2996 $original_file = $conf->member->dir_temp.
'/'.$original_file;
2997 } elseif (preg_match(
'/^productstats_/i', $modulepart) && !empty($conf->product->dir_temp)) {
2999 if ($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) {
3002 $original_file = (!empty($conf->product->multidir_temp[$entity]) ? $conf->product->multidir_temp[$entity] : $conf->service->multidir_temp[$entity]).
'/'.$original_file;
3003 } elseif (in_array($modulepart, array(
'tax',
'tax-vat',
'tva')) && !empty($conf->tax->dir_output)) {
3005 if ($fuser->hasRight(
'tax',
'charges', $lire)) {
3008 $modulepartsuffix = str_replace(
'tax-',
'', $modulepart);
3009 $original_file = $conf->tax->dir_output.
'/'.($modulepartsuffix !=
'tax' ? $modulepartsuffix.
'/' :
'').$original_file;
3010 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
3012 if ($fuser->hasRight(
'agenda',
'myactions', $read)) {
3015 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3016 include_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
3018 $tmpobject->fetch((
int) $refname);
3019 $accessallowed =
checkUserAccessToObject($user, array(
'agenda'), $tmpobject->id,
'actioncomm&societe',
'myactions|allactions',
'fk_soc',
'id',
'');
3020 if ($user->socid && $tmpobject->socid) {
3025 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
3026 } elseif ($modulepart ==
'category' && !empty($conf->categorie->multidir_output[$entity])) {
3028 if (empty($entity) || empty($conf->categorie->multidir_output[$entity])) {
3029 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3031 if ($fuser->hasRight(
"categorie", $lire) || $fuser->hasRight(
"takepos",
"run")) {
3034 $original_file = $conf->categorie->multidir_output[$entity].
'/'.$original_file;
3035 } elseif ($modulepart ==
'prelevement' && !empty($conf->prelevement->dir_output)) {
3037 if ($fuser->hasRight(
'prelevement',
'bons', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3040 $original_file = $conf->prelevement->dir_output.
'/'.$original_file;
3041 } elseif ($modulepart ==
'graph_stock' && !empty($conf->stock->dir_temp)) {
3044 $original_file = $conf->stock->dir_temp.
'/'.$original_file;
3045 } elseif ($modulepart ==
'graph_fourn' && !empty($conf->fournisseur->dir_temp)) {
3048 $original_file = $conf->fournisseur->dir_temp.
'/'.$original_file;
3049 } elseif ($modulepart ==
'graph_product' && !empty($conf->product->dir_temp)) {
3052 $original_file = $conf->product->multidir_temp[$entity].
'/'.$original_file;
3053 } elseif ($modulepart ==
'barcode') {
3058 $original_file =
'';
3059 } elseif ($modulepart ==
'iconmailing' && !empty($conf->mailing->dir_temp)) {
3062 $original_file = $conf->mailing->dir_temp.
'/'.$original_file;
3063 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
3066 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3067 } elseif ($modulepart ==
'fckeditor' && !empty($conf->fckeditor->dir_output)) {
3070 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3071 } elseif ($modulepart ==
'user' && !empty($conf->user->dir_output)) {
3073 $canreaduser = (!empty($fuser->admin) || $fuser->rights->user->user->{$lire});
3074 if ($fuser->id == (
int) $refname) {
3077 if ($canreaduser || preg_match(
'/^specimen/i', $original_file)) {
3080 $original_file = $conf->user->dir_output.
'/'.$original_file;
3081 } elseif (($modulepart ==
'company' || $modulepart ==
'societe' || $modulepart ==
'thirdparty') && !empty($conf->societe->multidir_output[$entity])) {
3083 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3084 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3086 if ($fuser->hasRight(
'societe', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3089 $original_file = $conf->societe->multidir_output[$entity].
'/'.$original_file;
3090 $sqlprotectagainstexternals =
"SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX.
"societe WHERE rowid='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'societe').
")";
3091 } elseif ($modulepart ==
'contact' && !empty($conf->societe->multidir_output[$entity])) {
3093 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3094 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3096 if ($fuser->hasRight(
'societe', $lire)) {
3099 $original_file = $conf->societe->multidir_output[$entity].
'/contact/'.$original_file;
3100 } elseif (($modulepart ==
'facture' || $modulepart ==
'invoice') && !empty($conf->invoice->multidir_output[$entity])) {
3102 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3105 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
3106 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'invoice').
")";
3107 } elseif ($modulepart ==
'massfilesarea_proposals' && !empty($conf->propal->multidir_output[$entity])) {
3109 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3112 $original_file = $conf->propal->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3113 } elseif ($modulepart ==
'massfilesarea_orders') {
3114 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3117 $original_file = $conf->order->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3118 } elseif ($modulepart ==
'massfilesarea_sendings') {
3119 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3122 $original_file = $conf->expedition->dir_output.
'/sending/temp/massgeneration/'.$user->id.
'/'.$original_file;
3123 } elseif ($modulepart ==
'massfilesarea_receipts') {
3124 if ($fuser->hasRight(
'reception', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3127 $original_file = $conf->reception->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3128 } elseif ($modulepart ==
'massfilesarea_invoices') {
3129 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3132 $original_file = $conf->invoice->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3133 } elseif ($modulepart ==
'massfilesarea_expensereport') {
3134 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3137 $original_file = $conf->expensereport->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3138 } elseif ($modulepart ==
'massfilesarea_interventions') {
3139 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3142 $original_file = $conf->ficheinter->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3143 } elseif ($modulepart ==
'massfilesarea_supplier_proposal' && !empty($conf->supplier_proposal->dir_output)) {
3144 if ($fuser->hasRight(
'supplier_proposal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3147 $original_file = $conf->supplier_proposal->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3148 } elseif ($modulepart ==
'massfilesarea_supplier_order') {
3149 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3152 $original_file = $conf->fournisseur->commande->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3153 } elseif ($modulepart ==
'massfilesarea_supplier_invoice') {
3154 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3157 $original_file = $conf->fournisseur->facture->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3158 } elseif ($modulepart ==
'massfilesarea_contract' && !empty($conf->contract->dir_output)) {
3159 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3162 $original_file = $conf->contract->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3163 } elseif (($modulepart ==
'fichinter' || $modulepart ==
'ficheinter') && !empty($conf->ficheinter->dir_output)) {
3165 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3168 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
3169 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"fichinter WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3170 } elseif ($modulepart ==
'deplacement' && !empty($conf->deplacement->dir_output)) {
3172 if ($fuser->hasRight(
'deplacement', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3175 $original_file = $conf->deplacement->dir_output.
'/'.$original_file;
3177 } elseif (($modulepart ==
'propal' || $modulepart ==
'propale') && isset($conf->propal->multidir_output[$entity])) {
3179 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3182 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
3183 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"propal WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'propal').
")";
3184 } elseif (($modulepart ==
'commande' || $modulepart ==
'order') && !empty($conf->order->multidir_output[$entity])) {
3186 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3189 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
3190 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'order').
")";
3191 } elseif ($modulepart ==
'project' && !empty($conf->project->multidir_output[$entity])) {
3193 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3196 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3197 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
3198 $tmpproject =
new Project($db);
3199 $tmpproject->fetch(
'', $refname);
3200 $accessallowed =
checkUserAccessToObject($user, array(
'projet'), $tmpproject->id,
'projet&project',
'',
'',
'rowid',
'');
3203 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3204 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3205 } elseif ($modulepart ==
'project_task' && !empty($conf->project->multidir_output[$entity])) {
3206 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3209 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3210 include_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
3211 $tmptask =
new Task($db);
3212 $tmptask->fetch(
'', $refname);
3213 $accessallowed =
checkUserAccessToObject($user, array(
'projet_task'), $tmptask->id,
'projet_task&project',
'',
'',
'rowid',
'');
3216 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3217 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3218 } elseif (($modulepart ==
'commande_fournisseur' || $modulepart ==
'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) {
3220 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3223 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
3224 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande_fournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3225 } elseif (($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) {
3227 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3230 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
3231 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture_fourn WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3232 } elseif ($modulepart ==
'supplier_payment') {
3234 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3237 $original_file = $conf->fournisseur->payment->dir_output.
'/'.$original_file;
3238 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"paiementfournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3239 } elseif ($modulepart ==
'payment') {
3241 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3244 $original_file = $conf->compta->payment->dir_output.
'/'.$original_file;
3245 } elseif ($modulepart ==
'facture_paiement' && !empty($conf->invoice->dir_output)) {
3247 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3250 if ($fuser->socid > 0) {
3251 $original_file = $conf->invoice->dir_output.
'/payments/private/'.$fuser->id.
'/'.$original_file;
3253 $original_file = $conf->invoice->dir_output.
'/payments/'.$original_file;
3255 } elseif ($modulepart ==
'export_compta' && !empty($conf->accounting->dir_output)) {
3257 if ($fuser->hasRight(
'accounting',
'bind',
'write') || preg_match(
'/^specimen/i', $original_file)) {
3260 $original_file = $conf->accounting->dir_output.
'/'.$original_file;
3261 } elseif (($modulepart ==
'expedition' || $modulepart ==
'shipment') && !empty($conf->expedition->dir_output)) {
3263 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3266 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'sending/') === 0 ?
'' :
'sending/').$original_file;
3268 } elseif (($modulepart ==
'livraison' || $modulepart ==
'delivery') && !empty($conf->expedition->dir_output)) {
3270 if ($fuser->hasRight(
'expedition',
'delivery', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3273 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'receipt/') === 0 ?
'' :
'receipt/').$original_file;
3274 } elseif ($modulepart ==
'actionsreport' && !empty($conf->agenda->dir_temp)) {
3276 if ($fuser->hasRight(
'agenda',
'allactions', $read) || preg_match(
'/^specimen/i', $original_file)) {
3279 $original_file = $conf->agenda->dir_temp.
"/".$original_file;
3280 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
3282 if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
3283 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3285 if (($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3288 if (isModEnabled(
"product")) {
3289 $original_file = $conf->product->multidir_output[$entity].
'/'.$original_file;
3290 } elseif (isModEnabled(
"service")) {
3291 $original_file = $conf->service->multidir_output[$entity].
'/'.$original_file;
3293 } elseif ($modulepart ==
'product_batch' || $modulepart ==
'produitlot') {
3295 if (empty($entity) || (empty($conf->productbatch->multidir_output[$entity]))) {
3296 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3298 if (($fuser->hasRight(
'produit', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3301 if (isModEnabled(
'productbatch')) {
3302 $original_file = $conf->productbatch->multidir_output[$entity].
'/'.$original_file;
3304 } elseif ($modulepart ==
'movement' || $modulepart ==
'mouvement') {
3306 if (empty($entity) || empty($conf->stock->multidir_output[$entity])) {
3307 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3309 if (($fuser->hasRight(
'stock', $lire) || $fuser->hasRight(
'stock',
'movement', $lire) || $fuser->hasRight(
'stock',
'mouvement', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3312 if (isModEnabled(
'stock')) {
3313 $original_file = $conf->stock->multidir_output[$entity].
'/movement/'.$original_file;
3315 } elseif ($modulepart ==
'contract' && !empty($conf->contract->multidir_output[$entity])) {
3317 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3320 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
3321 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"contrat WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'contract').
")";
3322 } elseif ($modulepart ==
'donation' && !empty($conf->don->dir_output)) {
3324 if ($fuser->hasRight(
'don', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3327 $original_file = $conf->don->dir_output.
'/'.$original_file;
3328 } elseif ($modulepart ==
'dolresource' && !empty($conf->resource->dir_output)) {
3330 if ($fuser->hasRight(
'resource', $read) || preg_match(
'/^specimen/i', $original_file)) {
3333 $original_file = $conf->resource->dir_output.
'/'.$original_file;
3334 } elseif (($modulepart ==
'remisecheque' || $modulepart ==
'chequereceipt') && !empty($conf->bank->dir_output)) {
3336 if ($fuser->hasRight(
'banque', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3339 $original_file = $conf->bank->dir_output.
'/checkdeposits/'.$original_file;
3340 } elseif (($modulepart ==
'banque' || $modulepart ==
'bank') && !empty($conf->bank->dir_output)) {
3342 if ($fuser->hasRight(
'banque', $lire)) {
3345 $original_file = $conf->bank->dir_output.
'/'.$original_file;
3346 } elseif ($modulepart ==
'export' && !empty($conf->export->dir_temp)) {
3349 $accessallowed = $user->hasRight(
'export',
'lire');
3350 $original_file = $conf->export->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3351 } elseif ($modulepart ==
'import' && !empty($conf->import->dir_temp)) {
3353 $accessallowed = $user->hasRight(
'import',
'run');
3354 $original_file = $conf->import->dir_temp.
'/'.$original_file;
3355 } elseif ($modulepart ==
'recruitment' && !empty($conf->recruitment->dir_output)) {
3357 $accessallowed = $user->hasRight(
'recruitment',
'recruitmentjobposition',
'read');
3358 $original_file = $conf->recruitment->dir_output.
'/'.$original_file;
3359 } elseif ($modulepart ==
'editor' && !empty($conf->fckeditor->dir_output)) {
3362 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3363 } elseif ($modulepart ==
'systemtools' && !empty($conf->admin->dir_output)) {
3365 if ($fuser->admin) {
3368 $original_file = $conf->admin->dir_output.
'/'.$original_file;
3369 } elseif ($modulepart ==
'admin_temp' && !empty($conf->admin->dir_temp)) {
3371 if ($fuser->admin) {
3374 $original_file = $conf->admin->dir_temp.
'/'.$original_file;
3375 } elseif ($modulepart ==
'bittorrent' && !empty($conf->bittorrent->dir_output)) {
3379 if (
dol_mimetype($original_file) ==
'application/x-bittorrent') {
3382 $original_file = $conf->bittorrent->dir_output.
'/'.$dir.
'/'.$original_file;
3383 } elseif ($modulepart ==
'member' && !empty($conf->member->dir_output)) {
3385 if ($fuser->hasRight(
'adherent', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3388 $original_file = $conf->member->dir_output.
'/'.$original_file;
3398 if (preg_match(
'/^specimen/i', $original_file)) {
3401 if ($fuser->admin) {
3405 $tmpmodulepart = explode(
'-', $modulepart);
3406 if (!empty($tmpmodulepart[1])) {
3407 $modulepart = $tmpmodulepart[0];
3408 $original_file = $tmpmodulepart[1].
'/'.$original_file;
3413 if (preg_match(
'/^([a-z]+)_user_temp$/i', $modulepart, $reg)) {
3414 $tmpmodule = $reg[1];
3415 if (empty($conf->$tmpmodule->dir_temp)) {
3416 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3419 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3422 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3423 } elseif (preg_match(
'/^([a-z]+)_temp$/i', $modulepart, $reg)) {
3424 $tmpmodule = $reg[1];
3425 if (empty($conf->$tmpmodule->dir_temp)) {
3426 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3429 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3432 $original_file = $conf->$tmpmodule->dir_temp.
'/'.$original_file;
3433 } elseif (preg_match(
'/^([a-z]+)_user$/i', $modulepart, $reg)) {
3434 $tmpmodule = $reg[1];
3435 if (empty($conf->$tmpmodule->dir_output)) {
3436 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3439 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3442 $original_file = $conf->$tmpmodule->dir_output.
'/'.$fuser->id.
'/'.$original_file;
3443 } elseif (preg_match(
'/^massfilesarea_([a-z]+)$/i', $modulepart, $reg)) {
3444 $tmpmodule = $reg[1];
3445 if (empty($conf->$tmpmodule->dir_output)) {
3446 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3449 if ($fuser->hasRight($tmpmodule, $lire) || preg_match(
'/^specimen/i', $original_file)) {
3452 $original_file = $conf->$tmpmodule->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3454 if (empty($conf->$modulepart->dir_output)) {
3455 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
'). The module for this modulepart value may not be activated.');
3460 $partsofdirinoriginalfile = explode(
'/', $original_file);
3461 if (!empty($partsofdirinoriginalfile[1])) {
3462 $partofdirinoriginalfile = $partsofdirinoriginalfile[0];
3463 if ($partofdirinoriginalfile && ($fuser->hasRight($modulepart, $partofdirinoriginalfile,
'lire') || $fuser->hasRight($modulepart, $partofdirinoriginalfile,
'read'))) {
3467 if ($fuser->hasRight($modulepart, $lire) || $fuser->hasRight($modulepart, $read)) {
3471 if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) {
3472 $original_file = $conf->$modulepart->multidir_output[$entity].
'/'.$original_file;
3474 $original_file = $conf->$modulepart->dir_output.
'/'.$original_file;
3478 $parameters = array(
3479 'modulepart' => $modulepart,
3480 'original_file' => $original_file,
3481 'entity' => $entity,
3486 $reshook = $hookmanager->executeHooks(
'checkSecureAccess', $parameters,
$object);
3488 if (!empty($hookmanager->resArray[
'original_file'])) {
3489 $original_file = $hookmanager->resArray[
'original_file'];
3491 if (!empty($hookmanager->resArray[
'accessallowed'])) {
3492 $accessallowed = $hookmanager->resArray[
'accessallowed'];
3494 if (!empty($hookmanager->resArray[
'sqlprotectagainstexternals'])) {
3495 $sqlprotectagainstexternals = $hookmanager->resArray[
'sqlprotectagainstexternals'];
3501 'accessallowed' => ($accessallowed ? 1 : 0),
3502 'sqlprotectagainstexternals' => $sqlprotectagainstexternals,
3503 'original_file' => $original_file