dolibarr 21.0.4
actions_setmoduleoptions.inc.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2014-2017 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
4 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 * or see https://www.gnu.org/
19 */
20
26// $error must have been initialized to 0
27// $action must be defined
28// $arrayofparameters must be set to list of parameters to update for action 'update' on constants
29// $nomessageinupdate can be set to 1
30// $nomessageinsetmoduleoptions can be set to 1
31// $formSetup may be defined
44'
45@phan-var-force FormSetup $formSetup
46';
47
48if ($action == 'update' && !empty($formSetup) && is_object($formSetup) && !empty($user->admin)) {
49 $formSetup->saveConfFromPost();
50 return;
51}
52
53$upload_dir = null;
54
55if ($action == 'update' && !empty($arrayofparameters) && is_array($arrayofparameters) && !empty($user->admin)) {
56 $db->begin();
57
58 foreach ($arrayofparameters as $key => $val) {
59 // Modify constant only if key was posted (avoid resetting key to the null value)
60 if (GETPOSTISSET($key)) {
61 if (!empty($val['type']) && preg_match('/category:/', $val['type'])) {
62 if (GETPOSTINT($key) == '-1') {
63 $val_const = '';
64 } else {
65 $val_const = GETPOSTINT($key);
66 }
67 } elseif ($val['type'] == 'html') {
68 $val_const = GETPOST($key, 'restricthtml');
69 } else {
70 $val_const = GETPOST($key, 'alpha');
71 }
72
73 $result = dolibarr_set_const($db, $key, $val_const, 'chaine', 0, '', $conf->entity);
74 if ($result < 0) {
75 $error++;
76 break;
77 }
78 }
79 }
80
81 if (!$error) {
82 $db->commit();
83 if (empty($nomessageinupdate)) {
84 setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
85 }
86 } else {
87 $db->rollback();
88 if (empty($nomessageinupdate)) {
89 setEventMessages($langs->trans("SetupNotSaved"), null, 'errors');
90 }
91 }
92}
93
94if ($action == 'deletefile' && $modulepart == 'doctemplates' && !empty($user->admin)) {
95 include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
96 $keyforuploaddir = GETPOST('keyforuploaddir', 'aZ09');
97 $listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim(getDolGlobalString($keyforuploaddir))));
98
99 foreach ($listofdir as $key => $tmpdir) {
100 $tmpdir = preg_replace('/DOL_DATA_ROOT\/*/', '', $tmpdir); // Clean string if we found a hardcoded DOL_DATA_ROOT
101 if (!$tmpdir) {
102 unset($listofdir[$key]);
103 continue;
104 }
105 $tmpdir = DOL_DATA_ROOT.'/'.$tmpdir; // Complete with DOL_DATA_ROOT. Only files into DOL_DATA_ROOT can be reach/set
106 if (!is_dir($tmpdir)) {
107 if (empty($nomessageinsetmoduleoptions)) {
108 setEventMessages($langs->trans("ErrorDirNotFound", $tmpdir), null, 'warnings');
109 }
110 } else {
111 $upload_dir = $tmpdir;
112 break; // So we take the first directory found into setup $conf->global->$keyforuploaddir
113 }
114 }
115
116 $filetodelete = $tmpdir.'/'.GETPOST('file');
117 $result = dol_delete_file($filetodelete);
118 if ($result > 0) {
119 setEventMessages($langs->trans("FileWasRemoved", GETPOST('file')), null, 'mesgs');
120 }
121}
122
123// Define constants for submodules that contains parameters (forms with param1, param2, ... and value1, value2, ...)
124if ($action == 'setModuleOptions' && !empty($user->admin)) {
125 $db->begin();
126
127 // Process common param fields
128 if (is_array($_POST)) {
129 foreach ($_POST as $key => $val) {
130 $reg = array();
131 if (preg_match('/^param(\d*)$/', $key, $reg)) { // Works for POST['param'], POST['param1'], POST['param2'], ...
132 $param = GETPOST("param".$reg[1], 'aZ09');
133 $value = GETPOST("value".$reg[1], 'alpha');
134 if ($param) {
135 $res = dolibarr_set_const($db, $param, $value, 'chaine', 0, '', $conf->entity);
136 if (!($res > 0)) {
137 $error++;
138 }
139
140 // Case we modify the list of directories for ODT templases, we want to be sure directory exists
141 if (preg_match('/_ADDON_PDF_ODT_PATH$/', $param) && preg_match('/^DOL_DATA_ROOT/', $value)) {
142 $tmpdir = preg_replace('/^DOL_DATA_ROOT/', DOL_DATA_ROOT, $value);
143 dol_mkdir($tmpdir, DOL_DATA_ROOT);
144 }
145 }
146 }
147 }
148 }
149
150 // Process upload fields
151 if (GETPOST('upload', 'alpha') && GETPOST('keyforuploaddir', 'aZ09')) {
152 include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
153 $keyforuploaddir = GETPOST('keyforuploaddir', 'aZ09');
154 $listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim(getDolGlobalString($keyforuploaddir))));
155
156 foreach ($listofdir as $key => $tmpdir) {
157 $tmpdir = trim($tmpdir);
158 $tmpdir = preg_replace('/DOL_DATA_ROOT\/*/', '', $tmpdir); // Clean string if we found a hardcoded DOL_DATA_ROOT
159 if (!$tmpdir) {
160 unset($listofdir[$key]);
161 continue;
162 }
163 $tmpdir = DOL_DATA_ROOT.'/'.$tmpdir; // Complete with DOL_DATA_ROOT. Only files into DOL_DATA_ROOT can be reach/set
164 if (!is_dir($tmpdir)) {
165 if (empty($nomessageinsetmoduleoptions)) {
166 setEventMessages($langs->trans("ErrorDirNotFound", $tmpdir), null, 'warnings');
167 }
168 } else {
169 $upload_dir = $tmpdir;
170 break; // So we take the first directory found into setup $conf->global->$keyforuploaddir
171 }
172 }
173
174 // Restrict uploads for ODT template setup pages.
175 if (preg_match('/_ADDON_PDF_ODT_PATH$/', $keyforuploaddir) && !empty($_FILES['uploadfile'])) {
176 $allowedext = array('odt', 'ods');
177 $allowedmimes = array(
178 'application/vnd.oasis.opendocument.text',
179 'application/vnd.oasis.opendocument.spreadsheet',
180 'application/zip',
181 'application/x-zip-compressed',
182 'application/octet-stream'
183 );
184 $files = $_FILES['uploadfile'];
185 if (!is_array($files['name'])) {
186 foreach ($files as $key => &$val) {
187 $val = array($val);
188 }
189 unset($val);
190 }
191 foreach ($files['name'] as $idx => $filename) {
192 if (empty($filename)) {
193 continue;
194 }
195
196 $extension = strtolower(pathinfo((string) $filename, PATHINFO_EXTENSION));
197 if (!in_array($extension, $allowedext, true)) {
198 $error++;
199 setEventMessages($langs->trans("ErrorFileNotUploaded").' (Only .odt/.ods templates are allowed)', null, 'errors');
200 dol_syslog(__FILE__." ODT template upload refused on extension filename=".$filename, LOG_WARNING);
201 break;
202 }
203
204 $detectedmime = '';
205 if (!empty($files['tmp_name'][$idx]) && function_exists('finfo_open')) {
206 $finfo = finfo_open(FILEINFO_MIME_TYPE);
207 if ($finfo) {
208 $detectedmime = (string) finfo_file($finfo, $files['tmp_name'][$idx]);
209 finfo_close($finfo);
210 }
211 }
212 if (!empty($detectedmime) && !in_array(strtolower($detectedmime), $allowedmimes, true)) {
213 $error++;
214 setEventMessages($langs->trans("ErrorFileNotUploaded").' (Invalid MIME type for ODT/ODS template)', null, 'errors');
215 dol_syslog(__FILE__." ODT template upload refused on mime filename=".$filename." mime=".$detectedmime, LOG_WARNING);
216 break;
217 }
218 }
219 }
220
221 if ($upload_dir && !$error) {
222 $result = dol_add_file_process($upload_dir, 1, 1, 'uploadfile', '');
223 if ($result <= 0) {
224 $error++;
225 }
226 }
227 }
228
229 if (!$error) {
230 $db->commit();
231 if (empty($nomessageinsetmoduleoptions)) {
232 setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
233 }
234 } else {
235 $db->rollback();
236 if (empty($nomessageinsetmoduleoptions)) {
237 setEventMessages($langs->trans("SetupNotSaved"), null, 'errors');
238 }
239 }
240}
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition admin.lib.php:673
dol_delete_file
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1, $nolog=0)
Remove a file or several files with a mask.
Definition files.lib.php:1515
dol_add_file_process
dol_add_file_process($upload_dir, $allowoverwrite=0, $updatesessionordb=0, $varfiles='addedfile', $savingdocmask='', $link=null, $trackid='', $generatethumbs=1, $object=null, $forceFullTextIndexation='')
Get and save an upload file (for example after submitting a new file a mail form).
Definition files.lib.php:1927
setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
Definition functions.lib.php:10201
GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:1137
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:802
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:228
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2382
dol_mkdir
dol_mkdir($dir, $dataroot='', $newmask='')
Creation of a directory (this can create recursive subdir)
Definition functions.lib.php:8092
$conf
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
Definition member.php:79
Generated on Fri Mar 6 2026 01:00:22 for dolibarr by Doxygen 1.11.0