63function dol_dir_list($utf8_path, $types =
"all", $recursive = 0, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0, $nohook = 0, $relativename =
"", $donotfollowsymlinks = 0, $nbsecondsold = 0)
65 global $db, $hookmanager;
68 if ($recursive <= 1) {
73 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
74 foreach ((array($filter) + $exclude_array) as $f) {
76 if ((
int) preg_match(
'/(?:^|[^\\\\])\//', $f) > 0) {
78 $error_info .=
" error='$f unescaped_slash'";
82 dol_syslog(
"files.lib.php::dol_dir_list path=".$utf8_path.
" types=".$types.
" recursive=".$recursive.
" filter=".$filter.
" excludefilter=".json_encode($excludefilter).$error_info);
90 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
94 $excludefilterarray = array_merge(array(
'^\.'), $exclude_array);
96 $loaddate = ($mode == 1 || $mode == 2 || $nbsecondsold != 0 || $sortcriteria ==
'date');
97 $loadsize = ($mode == 1 || $mode == 3 || $sortcriteria ==
'size');
98 $loadperm = ($mode == 1 || $mode == 4 || $sortcriteria ==
'perm');
101 $utf8_path = preg_replace(
'/([\\/]+)$/',
'', $utf8_path);
106 $file_list = array();
108 if (!$nohook && $hookmanager instanceof
HookManager) {
109 $hookmanager->resArray = array();
111 $hookmanager->initHooks(array(
'fileslib'));
116 'recursive' => $recursive,
118 'excludefilter' => $exclude_array,
119 'sortcriteria' => $sortcriteria,
120 'sortorder' => $sortorder,
121 'loaddate' => $loaddate,
122 'loadsize' => $loadsize,
125 $reshook = $hookmanager->executeHooks(
'getDirList', $parameters,
$object);
129 if (empty($reshook)) {
130 if (!is_dir($os_path)) {
134 if (($dir = opendir($os_path)) ===
false) {
141 while (
false !== ($os_file = readdir($dir))) {
142 $os_fullpathfile = ($os_path ? $os_path.
'/' :
'').$os_file;
145 $utf8_file = mb_convert_encoding($os_file,
'UTF-8',
'ISO-8859-1');
147 $utf8_file = $os_file;
152 $utf8_fullpathfile =
"$utf8_path/$utf8_file";
155 foreach ($excludefilterarray as $filt) {
156 if (preg_match(
'/'.$filt.
'/i', $utf8_file) || preg_match(
'/'.$filt.
'/i', $utf8_fullpathfile)) {
164 $isdir = is_dir($os_fullpathfile);
168 if (($types ==
"directories") || ($types ==
"all")) {
169 if ($loaddate || $sortcriteria ==
'date') {
172 if ($loadsize || $sortcriteria ==
'size') {
175 if ($loadperm || $sortcriteria ==
'perm') {
179 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
181 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
182 $level1name = (isset($reg[1]) ? $reg[1] :
'');
183 $file_list[] = array(
184 "name" => $utf8_file,
185 "path" => $utf8_path,
186 "level1name" => $level1name,
187 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
188 "fullname" => $utf8_fullpathfile,
198 if ($recursive > 0) {
199 if (empty($donotfollowsymlinks) || !is_link($os_fullpathfile)) {
201 $file_list = array_merge($file_list,
dol_dir_list($utf8_fullpathfile, $types, $recursive + 1, $filter, $exclude_array, $sortcriteria, $sortorder, $mode, $nohook, ($relativename !=
'' ? $relativename.
'/' :
'').$utf8_file, $donotfollowsymlinks, $nbsecondsold));
204 } elseif (in_array($types, array(
"files",
"all"))) {
206 if ($loaddate || $sortcriteria ==
'date') {
209 if ($loadsize || $sortcriteria ==
'size') {
213 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
214 if (empty($nbsecondsold) || $filedate <= ($now - $nbsecondsold)) {
215 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
216 $level1name = (isset($reg[1]) ? $reg[1] :
'');
217 $file_list[] = array(
218 "name" => $utf8_file,
219 "path" => $utf8_path,
220 "level1name" => $level1name,
221 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
222 "fullname" => $utf8_fullpathfile,
235 if (!empty($sortcriteria) && $sortorder) {
236 $file_list =
dol_sort_array($file_list, $sortcriteria, ($sortorder == SORT_ASC ?
'asc' :
'desc'));
241 if ($hookmanager instanceof
HookManager && is_array($hookmanager->resArray)) {
242 $file_list = array_merge($file_list, $hookmanager->resArray);
1011function dol_move($srcfile, $destfile, $newmask =
'0', $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 1, $moreinfo = array())
1013 global $user, $db, $conf;
1016 dol_syslog(
"files.lib.php::dol_move srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwritifexists=".$overwriteifexists);
1021 dol_syslog(
"files.lib.php::dol_move srcfile does not exists. we ignore the move request.");
1025 if ($overwriteifexists || !$destexists) {
1030 $testvirusarray = array();
1033 $testvirusarray =
dolCheckVirus($newpathofsrcfile, $newpathofdestfile);
1034 if (count($testvirusarray)) {
1035 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1041 if (count($testvirusarray)) {
1042 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1047 global $dolibarr_main_restrict_os_commands;
1048 if (!empty($dolibarr_main_restrict_os_commands)) {
1049 $arrayofallowedcommand = explode(
',', $dolibarr_main_restrict_os_commands);
1050 $arrayofallowedcommand = array_map(
'trim', $arrayofallowedcommand);
1051 if (in_array(basename($destfile), $arrayofallowedcommand)) {
1054 dol_syslog(
"files.lib.php::dol_move canceled because target filename ".basename($destfile).
" is using a reserved command name. we ignore the move request.", LOG_WARNING);
1059 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1062 dol_syslog(
"files.lib.php::dol_move Failed. We try to delete target first and move after.", LOG_WARNING);
1065 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1067 dol_syslog(
"files.lib.php::dol_move Failed.", LOG_WARNING);
1072 if ($result && $indexdatabase) {
1074 $rel_filetorenamebefore = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $srcfile);
1075 $rel_filetorenameafter = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $destfile);
1076 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) {
1077 $rel_filetorenamebefore = preg_replace(
'/^[\\/]/',
'', $rel_filetorenamebefore);
1078 $rel_filetorenameafter = preg_replace(
'/^[\\/]/',
'', $rel_filetorenameafter);
1081 dol_syslog(
"Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore.
" after = ".$rel_filetorenameafter, LOG_DEBUG);
1082 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1084 $ecmfiletarget =
new EcmFiles($db);
1085 $resultecmtarget = $ecmfiletarget->fetch(0,
'', $rel_filetorenameafter);
1086 if ($resultecmtarget > 0) {
1087 $ecmfiletarget->delete($user);
1091 $resultecm = $ecmfile->fetch(0,
'', $rel_filetorenamebefore);
1092 if ($resultecm > 0) {
1093 $filename = basename($rel_filetorenameafter);
1094 $rel_dir = dirname($rel_filetorenameafter);
1095 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1096 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1098 $ecmfile->filepath = $rel_dir;
1099 $ecmfile->filename = $filename;
1101 $resultecm = $ecmfile->update($user);
1102 } elseif ($resultecm == 0) {
1103 $filename = basename($rel_filetorenameafter);
1104 $rel_dir = dirname($rel_filetorenameafter);
1105 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1106 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1108 $ecmfile->filepath = $rel_dir;
1109 $ecmfile->filename = $filename;
1111 $ecmfile->fullpath_orig = basename($srcfile);
1112 $ecmfile->gen_or_uploaded =
'uploaded';
1113 if (!empty($moreinfo) && !empty($moreinfo[
'description'])) {
1114 $ecmfile->description = $moreinfo[
'description'];
1116 $ecmfile->description =
'';
1118 if (!empty($moreinfo) && !empty($moreinfo[
'keywords'])) {
1119 $ecmfile->keywords = $moreinfo[
'keywords'];
1121 $ecmfile->keywords =
'';
1123 if (!empty($moreinfo) && !empty($moreinfo[
'note_private'])) {
1124 $ecmfile->note_private = $moreinfo[
'note_private'];
1126 if (!empty($moreinfo) && !empty($moreinfo[
'note_public'])) {
1127 $ecmfile->note_public = $moreinfo[
'note_public'];
1129 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_type'])) {
1130 $ecmfile->src_object_type = $moreinfo[
'src_object_type'];
1132 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_id'])) {
1133 $ecmfile->src_object_id = $moreinfo[
'src_object_id'];
1136 $resultecm = $ecmfile->create($user);
1137 if ($resultecm < 0) {
1140 } elseif ($resultecm < 0) {
1144 if ($resultecm > 0) {
1152 if (empty($newmask)) {
1159 dolChmod($newpathofdestfile, $newmask);
2739 global $conf, $db, $user, $hookmanager;
2740 global $dolibarr_main_data_root, $dolibarr_main_document_root_alt;
2743 if (!is_object($fuser)) {
2747 if (empty($modulepart)) {
2748 return 'ErrorBadParameter';
2750 if (empty($entity)) {
2751 if (!isModEnabled(
'multicompany')) {
2758 if ($modulepart ==
'facture') {
2759 $modulepart =
'invoice';
2760 } elseif ($modulepart ==
'users') {
2761 $modulepart =
'user';
2762 } elseif ($modulepart ==
'tva') {
2763 $modulepart =
'tax-vat';
2764 } elseif ($modulepart ==
'expedition' && strpos($original_file,
'receipt/') === 0) {
2766 $modulepart =
'delivery';
2770 dol_syslog(
'dol_check_secure_access_document modulepart='.$modulepart.
' original_file='.$original_file.
' entity='.$entity);
2774 $sqlprotectagainstexternals =
'';
2778 if (empty($refname)) {
2779 $refname = basename(dirname($original_file).
"/");
2780 if ($refname ==
'thumbs' || $refname ==
'temp') {
2782 $refname = basename(dirname(dirname($original_file)).
"/");
2789 $download =
'download';
2790 if ($mode ==
'write') {
2793 $download =
'upload';
2797 if ($modulepart ==
'common') {
2800 $original_file = DOL_DOCUMENT_ROOT.
'/public/theme/common/'.$original_file;
2801 } elseif ($modulepart ==
'medias' && !empty($dolibarr_main_data_root)) {
2802 if (empty($entity) || empty($conf->medias->multidir_output[$entity])) {
2803 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
2806 $original_file = $conf->medias->multidir_output[$entity].
'/'.$original_file;
2807 } elseif ($modulepart ==
'logs' && !empty($dolibarr_main_data_root)) {
2809 $accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match(
'/^dolibarr.*\.(log|json)$/', basename($original_file)));
2810 $original_file = $dolibarr_main_data_root.
'/'.$original_file;
2811 } elseif ($modulepart ==
'doctemplates' && !empty($dolibarr_main_data_root)) {
2813 $accessallowed = $user->admin;
2814 $original_file = $dolibarr_main_data_root.
'/doctemplates/'.$original_file;
2815 } elseif ($modulepart ==
'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
2817 $accessallowed = ($fuser->hasRight(
'website',
'write') && preg_match(
'/\.jpg$/i', basename($original_file)));
2818 $original_file = $dolibarr_main_data_root.
'/doctemplates/websites/'.$original_file;
2819 } elseif ($modulepart ==
'packages' && !empty($dolibarr_main_data_root)) {
2822 $tmp = explode(
',', $dolibarr_main_document_root_alt);
2825 $accessallowed = ($user->admin && preg_match(
'/^module_.*\.zip$/', basename($original_file)));
2826 $original_file = $dirins.
'/'.$original_file;
2827 } elseif ($modulepart ==
'mycompany' && !empty($conf->mycompany->dir_output)) {
2830 $original_file = $conf->mycompany->dir_output.
'/'.$original_file;
2831 } elseif ($modulepart ==
'userphoto' && !empty($conf->user->dir_output)) {
2834 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2837 $original_file = $conf->user->dir_output.
'/'.$original_file;
2838 } elseif ($modulepart ==
'userphotopublic' && !empty($conf->user->dir_output)) {
2843 if (preg_match(
'/^(\d+)\/photos\//', $original_file, $reg)) {
2845 $tmpobject =
new User($db);
2846 $tmpobject->fetch($reg[1],
'',
'', 1);
2848 $securekey =
GETPOST(
'securekey',
'alpha', 1);
2850 global $dolibarr_main_cookie_cryptkey, $dolibarr_main_instance_unique_id;
2851 $valuetouse = $dolibarr_main_instance_unique_id ? $dolibarr_main_instance_unique_id : $dolibarr_main_cookie_cryptkey;
2852 $encodedsecurekey =
dol_hash($valuetouse.
'uservirtualcard'.$tmpobject->id.
'-'.$tmpobject->login,
'md5');
2853 if ($encodedsecurekey == $securekey) {
2862 $original_file = $conf->user->dir_output.
'/'.$original_file;
2863 } elseif (($modulepart ==
'companylogo') && !empty($conf->mycompany->dir_output)) {
2866 $original_file = $conf->mycompany->dir_output.
'/logos/'.$original_file;
2867 } elseif ($modulepart ==
'memberphoto' && !empty($conf->member->dir_output)) {
2870 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2873 $original_file = $conf->member->dir_output.
'/'.$original_file;
2874 } elseif ($modulepart ==
'apercufacture' && !empty($conf->invoice->multidir_output[$entity])) {
2876 if ($fuser->hasRight(
'facture', $lire)) {
2879 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
2880 } elseif ($modulepart ==
'apercupropal' && !empty($conf->propal->multidir_output[$entity])) {
2882 if ($fuser->hasRight(
'propal', $lire)) {
2885 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2886 } elseif ($modulepart ==
'apercucommande' && !empty($conf->order->multidir_output[$entity])) {
2888 if ($fuser->hasRight(
'commande', $lire)) {
2891 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
2892 } elseif (($modulepart ==
'apercufichinter' || $modulepart ==
'apercuficheinter') && !empty($conf->ficheinter->dir_output)) {
2894 if ($fuser->hasRight(
'ficheinter', $lire)) {
2897 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2898 } elseif (($modulepart ==
'apercucontract') && !empty($conf->contract->multidir_output[$entity])) {
2900 if ($fuser->hasRight(
'contrat', $lire)) {
2903 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
2904 } elseif (($modulepart ==
'apercusupplier_proposal' || $modulepart ==
'apercusupplier_proposal') && !empty($conf->supplier_proposal->dir_output)) {
2906 if ($fuser->hasRight(
'supplier_proposal', $lire)) {
2909 $original_file = $conf->supplier_proposal->dir_output.
'/'.$original_file;
2910 } elseif (($modulepart ==
'apercusupplier_order' || $modulepart ==
'apercusupplier_order') && !empty($conf->fournisseur->commande->dir_output)) {
2912 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2915 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2916 } elseif (($modulepart ==
'apercusupplier_invoice' || $modulepart ==
'apercusupplier_invoice') && !empty($conf->fournisseur->facture->dir_output)) {
2918 if ($fuser->hasRight(
'fournisseur', $lire)) {
2921 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2922 } elseif (($modulepart ==
'holiday') && !empty($conf->holiday->dir_output)) {
2923 if ($fuser->hasRight(
'holiday', $read) || $fuser->hasRight(
'holiday',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2926 if ($refname && !$fuser->hasRight(
'holiday',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2927 include_once DOL_DOCUMENT_ROOT.
'/holiday/class/holiday.class.php';
2928 $tmpholiday =
new Holiday($db);
2929 $tmpholiday->fetch(
'', $refname);
2930 $accessallowed =
checkUserAccessToObject($user, array(
'holiday'), $tmpholiday,
'holiday',
'',
'',
'rowid',
'');
2933 $original_file = $conf->holiday->dir_output.
'/'.$original_file;
2934 } elseif (($modulepart ==
'expensereport') && !empty($conf->expensereport->dir_output)) {
2935 if ($fuser->hasRight(
'expensereport', $lire) || $fuser->hasRight(
'expensereport',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2938 if ($refname && !$fuser->hasRight(
'expensereport',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2939 include_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
2941 $tmpexpensereport->fetch(
'', $refname);
2942 $accessallowed =
checkUserAccessToObject($user, array(
'expensereport'), $tmpexpensereport,
'expensereport',
'',
'',
'rowid',
'');
2945 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2946 } elseif (($modulepart ==
'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
2948 if ($fuser->hasRight(
'expensereport', $lire)) {
2951 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2952 } elseif ($modulepart ==
'propalstats' && !empty($conf->propal->multidir_temp[$entity])) {
2954 if ($fuser->hasRight(
'propal', $lire)) {
2957 $original_file = $conf->propal->multidir_temp[$entity].
'/'.$original_file;
2958 } elseif ($modulepart ==
'orderstats' && !empty($conf->order->dir_temp)) {
2960 if ($fuser->hasRight(
'commande', $lire)) {
2963 $original_file = $conf->order->dir_temp.
'/'.$original_file;
2964 } elseif ($modulepart ==
'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2965 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2968 $original_file = $conf->fournisseur->commande->dir_temp.
'/'.$original_file;
2969 } elseif ($modulepart ==
'billstats' && !empty($conf->invoice->dir_temp)) {
2971 if ($fuser->hasRight(
'facture', $lire)) {
2974 $original_file = $conf->invoice->dir_temp.
'/'.$original_file;
2975 } elseif ($modulepart ==
'billstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2976 if ($fuser->hasRight(
'fournisseur',
'facture', $lire)) {
2979 $original_file = $conf->fournisseur->facture->dir_temp.
'/'.$original_file;
2980 } elseif ($modulepart ==
'expeditionstats' && !empty($conf->expedition->dir_temp)) {
2982 if ($fuser->hasRight(
'expedition', $lire)) {
2985 $original_file = $conf->expedition->dir_temp.
'/'.$original_file;
2986 } elseif ($modulepart ==
'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) {
2988 if ($fuser->hasRight(
'deplacement', $lire)) {
2991 $original_file = $conf->deplacement->dir_temp.
'/'.$original_file;
2992 } elseif ($modulepart ==
'memberstats' && !empty($conf->member->dir_temp)) {
2994 if ($fuser->hasRight(
'adherent', $lire)) {
2997 $original_file = $conf->member->dir_temp.
'/'.$original_file;
2998 } elseif (preg_match(
'/^productstats_/i', $modulepart) && !empty($conf->product->dir_temp)) {
3000 if ($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) {
3003 $original_file = (!empty($conf->product->multidir_temp[$entity]) ? $conf->product->multidir_temp[$entity] : $conf->service->multidir_temp[$entity]).
'/'.$original_file;
3004 } elseif (in_array($modulepart, array(
'tax',
'tax-vat',
'tva')) && !empty($conf->tax->dir_output)) {
3006 if ($fuser->hasRight(
'tax',
'charges', $lire)) {
3009 $modulepartsuffix = str_replace(
'tax-',
'', $modulepart);
3010 $original_file = $conf->tax->dir_output.
'/'.($modulepartsuffix !=
'tax' ? $modulepartsuffix.
'/' :
'').$original_file;
3011 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
3013 if ($fuser->hasRight(
'agenda',
'myactions', $read)) {
3016 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3017 include_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
3019 $tmpobject->fetch((
int) $refname);
3020 $accessallowed =
checkUserAccessToObject($user, array(
'agenda'), $tmpobject->id,
'actioncomm&societe',
'myactions|allactions',
'fk_soc',
'id',
'');
3021 if ($user->socid && $tmpobject->socid) {
3026 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
3027 } elseif ($modulepart ==
'category' && !empty($conf->categorie->multidir_output[$entity])) {
3029 if (empty($entity) || empty($conf->categorie->multidir_output[$entity])) {
3030 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3032 if ($fuser->hasRight(
"categorie", $lire) || $fuser->hasRight(
"takepos",
"run")) {
3035 $original_file = $conf->categorie->multidir_output[$entity].
'/'.$original_file;
3036 } elseif ($modulepart ==
'prelevement' && !empty($conf->prelevement->dir_output)) {
3038 if ($fuser->hasRight(
'prelevement',
'bons', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3041 $original_file = $conf->prelevement->dir_output.
'/'.$original_file;
3042 } elseif ($modulepart ==
'graph_stock' && !empty($conf->stock->dir_temp)) {
3045 $original_file = $conf->stock->dir_temp.
'/'.$original_file;
3046 } elseif ($modulepart ==
'graph_fourn' && !empty($conf->fournisseur->dir_temp)) {
3049 $original_file = $conf->fournisseur->dir_temp.
'/'.$original_file;
3050 } elseif ($modulepart ==
'graph_product' && !empty($conf->product->dir_temp)) {
3053 $original_file = $conf->product->multidir_temp[$entity].
'/'.$original_file;
3054 } elseif ($modulepart ==
'barcode') {
3059 $original_file =
'';
3060 } elseif ($modulepart ==
'iconmailing' && !empty($conf->mailing->dir_temp)) {
3063 $original_file = $conf->mailing->dir_temp.
'/'.$original_file;
3064 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
3067 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3068 } elseif ($modulepart ==
'fckeditor' && !empty($conf->fckeditor->dir_output)) {
3071 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3072 } elseif ($modulepart ==
'user' && !empty($conf->user->dir_output)) {
3074 $canreaduser = (!empty($fuser->admin) || $fuser->rights->user->user->{$lire});
3075 if ($fuser->id == (
int) $refname) {
3078 if ($canreaduser || preg_match(
'/^specimen/i', $original_file)) {
3081 $original_file = $conf->user->dir_output.
'/'.$original_file;
3082 } elseif (($modulepart ==
'company' || $modulepart ==
'societe' || $modulepart ==
'thirdparty') && !empty($conf->societe->multidir_output[$entity])) {
3084 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3085 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3087 if ($fuser->hasRight(
'societe', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3090 $original_file = $conf->societe->multidir_output[$entity].
'/'.$original_file;
3091 $sqlprotectagainstexternals =
"SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX.
"societe WHERE rowid='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'societe').
")";
3092 } elseif ($modulepart ==
'contact' && !empty($conf->societe->multidir_output[$entity])) {
3094 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3095 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3097 if ($fuser->hasRight(
'societe', $lire)) {
3100 $original_file = $conf->societe->multidir_output[$entity].
'/contact/'.$original_file;
3101 } elseif (($modulepart ==
'facture' || $modulepart ==
'invoice') && !empty($conf->invoice->multidir_output[$entity])) {
3103 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3106 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
3107 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'invoice').
")";
3108 } elseif ($modulepart ==
'massfilesarea_proposals' && !empty($conf->propal->multidir_output[$entity])) {
3110 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3113 $original_file = $conf->propal->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3114 } elseif ($modulepart ==
'massfilesarea_orders') {
3115 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3118 $original_file = $conf->order->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3119 } elseif ($modulepart ==
'massfilesarea_sendings') {
3120 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3123 $original_file = $conf->expedition->dir_output.
'/sending/temp/massgeneration/'.$user->id.
'/'.$original_file;
3124 } elseif ($modulepart ==
'massfilesarea_receipts') {
3125 if ($fuser->hasRight(
'reception', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3128 $original_file = $conf->reception->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3129 } elseif ($modulepart ==
'massfilesarea_invoices') {
3130 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3133 $original_file = $conf->invoice->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3134 } elseif ($modulepart ==
'massfilesarea_expensereport') {
3135 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3138 $original_file = $conf->expensereport->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3139 } elseif ($modulepart ==
'massfilesarea_interventions') {
3140 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3143 $original_file = $conf->ficheinter->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3144 } elseif ($modulepart ==
'massfilesarea_supplier_proposal' && !empty($conf->supplier_proposal->dir_output)) {
3145 if ($fuser->hasRight(
'supplier_proposal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3148 $original_file = $conf->supplier_proposal->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3149 } elseif ($modulepart ==
'massfilesarea_supplier_order') {
3150 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3153 $original_file = $conf->fournisseur->commande->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3154 } elseif ($modulepart ==
'massfilesarea_supplier_invoice') {
3155 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3158 $original_file = $conf->fournisseur->facture->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3159 } elseif ($modulepart ==
'massfilesarea_contract' && !empty($conf->contract->dir_output)) {
3160 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3163 $original_file = $conf->contract->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3164 } elseif (($modulepart ==
'fichinter' || $modulepart ==
'ficheinter') && !empty($conf->ficheinter->dir_output)) {
3166 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3169 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
3170 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"fichinter WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3171 } elseif ($modulepart ==
'deplacement' && !empty($conf->deplacement->dir_output)) {
3173 if ($fuser->hasRight(
'deplacement', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3176 $original_file = $conf->deplacement->dir_output.
'/'.$original_file;
3178 } elseif (($modulepart ==
'propal' || $modulepart ==
'propale') && isset($conf->propal->multidir_output[$entity])) {
3180 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3183 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
3184 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"propal WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'propal').
")";
3185 } elseif (($modulepart ==
'commande' || $modulepart ==
'order') && !empty($conf->order->multidir_output[$entity])) {
3187 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3190 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
3191 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'order').
")";
3192 } elseif ($modulepart ==
'project' && !empty($conf->project->multidir_output[$entity])) {
3194 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3197 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3198 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
3199 $tmpproject =
new Project($db);
3200 $tmpproject->fetch(
'', $refname);
3201 $accessallowed =
checkUserAccessToObject($user, array(
'projet'), $tmpproject->id,
'projet&project',
'',
'',
'rowid',
'');
3204 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3205 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3206 } elseif ($modulepart ==
'project_task' && !empty($conf->project->multidir_output[$entity])) {
3207 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3210 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3211 include_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
3212 $tmptask =
new Task($db);
3213 $tmptask->fetch(
'', $refname);
3214 $accessallowed =
checkUserAccessToObject($user, array(
'projet_task'), $tmptask->id,
'projet_task&project',
'',
'',
'rowid',
'');
3217 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3218 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3219 } elseif (($modulepart ==
'commande_fournisseur' || $modulepart ==
'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) {
3221 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3224 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
3225 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande_fournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3226 } elseif (($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) {
3228 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3231 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
3232 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture_fourn WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3233 } elseif ($modulepart ==
'supplier_payment') {
3235 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3238 $original_file = $conf->fournisseur->payment->dir_output.
'/'.$original_file;
3239 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"paiementfournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3240 } elseif ($modulepart ==
'payment') {
3242 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3245 $original_file = $conf->compta->payment->dir_output.
'/'.$original_file;
3246 } elseif ($modulepart ==
'facture_paiement' && !empty($conf->invoice->dir_output)) {
3248 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3251 if ($fuser->socid > 0) {
3252 $original_file = $conf->invoice->dir_output.
'/payments/private/'.$fuser->id.
'/'.$original_file;
3254 $original_file = $conf->invoice->dir_output.
'/payments/'.$original_file;
3256 } elseif ($modulepart ==
'export_compta' && !empty($conf->accounting->dir_output)) {
3258 if ($fuser->hasRight(
'accounting',
'bind',
'write') || preg_match(
'/^specimen/i', $original_file)) {
3261 $original_file = $conf->accounting->dir_output.
'/'.$original_file;
3262 } elseif (($modulepart ==
'expedition' || $modulepart ==
'shipment') && !empty($conf->expedition->dir_output)) {
3264 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3267 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'sending/') === 0 ?
'' :
'sending/').$original_file;
3269 } elseif (($modulepart ==
'livraison' || $modulepart ==
'delivery') && !empty($conf->expedition->dir_output)) {
3271 if ($fuser->hasRight(
'expedition',
'delivery', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3274 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'receipt/') === 0 ?
'' :
'receipt/').$original_file;
3275 } elseif ($modulepart ==
'actionsreport' && !empty($conf->agenda->dir_temp)) {
3277 if ($fuser->hasRight(
'agenda',
'allactions', $read) || preg_match(
'/^specimen/i', $original_file)) {
3280 $original_file = $conf->agenda->dir_temp.
"/".$original_file;
3281 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
3283 if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
3284 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3286 if (($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3289 if (isModEnabled(
"product")) {
3290 $original_file = $conf->product->multidir_output[$entity].
'/'.$original_file;
3291 } elseif (isModEnabled(
"service")) {
3292 $original_file = $conf->service->multidir_output[$entity].
'/'.$original_file;
3294 } elseif ($modulepart ==
'product_batch' || $modulepart ==
'produitlot') {
3296 if (empty($entity) || (empty($conf->productbatch->multidir_output[$entity]))) {
3297 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3299 if (($fuser->hasRight(
'produit', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3302 if (isModEnabled(
'productbatch')) {
3303 $original_file = $conf->productbatch->multidir_output[$entity].
'/'.$original_file;
3305 } elseif ($modulepart ==
'movement' || $modulepart ==
'mouvement') {
3307 if (empty($entity) || empty($conf->stock->multidir_output[$entity])) {
3308 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3310 if (($fuser->hasRight(
'stock', $lire) || $fuser->hasRight(
'stock',
'movement', $lire) || $fuser->hasRight(
'stock',
'mouvement', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3313 if (isModEnabled(
'stock')) {
3314 $original_file = $conf->stock->multidir_output[$entity].
'/movement/'.$original_file;
3316 } elseif ($modulepart ==
'contract' && !empty($conf->contract->multidir_output[$entity])) {
3318 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3321 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
3322 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"contrat WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'contract').
")";
3323 } elseif ($modulepart ==
'donation' && !empty($conf->don->dir_output)) {
3325 if ($fuser->hasRight(
'don', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3328 $original_file = $conf->don->dir_output.
'/'.$original_file;
3329 } elseif ($modulepart ==
'dolresource' && !empty($conf->resource->dir_output)) {
3331 if ($fuser->hasRight(
'resource', $read) || preg_match(
'/^specimen/i', $original_file)) {
3334 $original_file = $conf->resource->dir_output.
'/'.$original_file;
3335 } elseif (($modulepart ==
'remisecheque' || $modulepart ==
'chequereceipt') && !empty($conf->bank->dir_output)) {
3337 if ($fuser->hasRight(
'banque', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3340 $original_file = $conf->bank->dir_output.
'/checkdeposits/'.$original_file;
3341 } elseif (($modulepart ==
'banque' || $modulepart ==
'bank') && !empty($conf->bank->dir_output)) {
3343 if ($fuser->hasRight(
'banque', $lire)) {
3346 $original_file = $conf->bank->dir_output.
'/'.$original_file;
3347 } elseif ($modulepart ==
'export' && !empty($conf->export->dir_temp)) {
3350 $accessallowed = $user->hasRight(
'export',
'lire');
3351 $original_file = $conf->export->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3352 } elseif ($modulepart ==
'import' && !empty($conf->import->dir_temp)) {
3354 $accessallowed = $user->hasRight(
'import',
'run');
3355 $original_file = $conf->import->dir_temp.
'/'.$original_file;
3356 } elseif ($modulepart ==
'recruitment' && !empty($conf->recruitment->dir_output)) {
3358 $accessallowed = $user->hasRight(
'recruitment',
'recruitmentjobposition',
'read');
3359 $original_file = $conf->recruitment->dir_output.
'/'.$original_file;
3360 } elseif ($modulepart ==
'editor' && !empty($conf->fckeditor->dir_output)) {
3363 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3364 } elseif ($modulepart ==
'systemtools' && !empty($conf->admin->dir_output)) {
3366 if ($fuser->admin) {
3369 $original_file = $conf->admin->dir_output.
'/'.$original_file;
3370 } elseif ($modulepart ==
'admin_temp' && !empty($conf->admin->dir_temp)) {
3372 if ($fuser->admin) {
3375 $original_file = $conf->admin->dir_temp.
'/'.$original_file;
3376 } elseif ($modulepart ==
'bittorrent' && !empty($conf->bittorrent->dir_output)) {
3380 if (
dol_mimetype($original_file) ==
'application/x-bittorrent') {
3383 $original_file = $conf->bittorrent->dir_output.
'/'.$dir.
'/'.$original_file;
3384 } elseif ($modulepart ==
'member' && !empty($conf->member->dir_output)) {
3386 if ($fuser->hasRight(
'adherent', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3389 $original_file = $conf->member->dir_output.
'/'.$original_file;
3399 if (preg_match(
'/^specimen/i', $original_file)) {
3402 if ($fuser->admin) {
3406 $tmpmodulepart = explode(
'-', $modulepart);
3407 if (!empty($tmpmodulepart[1])) {
3408 $modulepart = $tmpmodulepart[0];
3409 $original_file = $tmpmodulepart[1].
'/'.$original_file;
3414 if (preg_match(
'/^([a-z]+)_user_temp$/i', $modulepart, $reg)) {
3415 $tmpmodule = $reg[1];
3416 if (empty($conf->$tmpmodule->dir_temp)) {
3417 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3420 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3423 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3424 } elseif (preg_match(
'/^([a-z]+)_temp$/i', $modulepart, $reg)) {
3425 $tmpmodule = $reg[1];
3426 if (empty($conf->$tmpmodule->dir_temp)) {
3427 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3430 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3433 $original_file = $conf->$tmpmodule->dir_temp.
'/'.$original_file;
3434 } elseif (preg_match(
'/^([a-z]+)_user$/i', $modulepart, $reg)) {
3435 $tmpmodule = $reg[1];
3436 if (empty($conf->$tmpmodule->dir_output)) {
3437 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3440 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3443 $original_file = $conf->$tmpmodule->dir_output.
'/'.$fuser->id.
'/'.$original_file;
3444 } elseif (preg_match(
'/^massfilesarea_([a-z]+)$/i', $modulepart, $reg)) {
3445 $tmpmodule = $reg[1];
3446 if (empty($conf->$tmpmodule->dir_output)) {
3447 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3450 if ($fuser->hasRight($tmpmodule, $lire) || preg_match(
'/^specimen/i', $original_file)) {
3453 $original_file = $conf->$tmpmodule->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3455 if (empty($conf->$modulepart->dir_output)) {
3456 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
'). The module for this modulepart value may not be activated.');
3461 $partsofdirinoriginalfile = explode(
'/', $original_file);
3462 if (!empty($partsofdirinoriginalfile[1])) {
3463 $partofdirinoriginalfile = $partsofdirinoriginalfile[0];
3464 if ($partofdirinoriginalfile && ($fuser->hasRight($modulepart, $partofdirinoriginalfile,
'lire') || $fuser->hasRight($modulepart, $partofdirinoriginalfile,
'read'))) {
3468 if ($fuser->hasRight($modulepart, $lire) || $fuser->hasRight($modulepart, $read)) {
3472 if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) {
3473 $original_file = $conf->$modulepart->multidir_output[$entity].
'/'.$original_file;
3475 $original_file = $conf->$modulepart->dir_output.
'/'.$original_file;
3479 $parameters = array(
3480 'modulepart' => $modulepart,
3481 'original_file' => $original_file,
3482 'entity' => $entity,
3487 $reshook = $hookmanager->executeHooks(
'checkSecureAccess', $parameters,
$object);
3489 if (!empty($hookmanager->resArray[
'original_file'])) {
3490 $original_file = $hookmanager->resArray[
'original_file'];
3492 if (!empty($hookmanager->resArray[
'accessallowed'])) {
3493 $accessallowed = $hookmanager->resArray[
'accessallowed'];
3495 if (!empty($hookmanager->resArray[
'sqlprotectagainstexternals'])) {
3496 $sqlprotectagainstexternals = $hookmanager->resArray[
'sqlprotectagainstexternals'];
3502 'accessallowed' => ($accessallowed ? 1 : 0),
3503 'sqlprotectagainstexternals' => $sqlprotectagainstexternals,
3504 'original_file' => $original_file