dolibarr 22.0.5
actions_setmoduleoptions.inc.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2014-2017 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
4 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 * or see https://www.gnu.org/
19 */
20
26// $error must have been initialized to 0
27// $action must be defined
28// $arrayofparameters must be set to list of parameters to update for action 'update' on constants
29// $nomessageinupdate can be set to 1
30// $nomessageinsetmoduleoptions can be set to 1
31// $formSetup may be defined
32
49'
50@phan-var-force FormSetup $formSetup
51';
52
53if (($action == 'update' || !empty($websitetemplateconf)) && !empty($formSetup) && is_object($formSetup) && !empty($user->admin)) {
54 $formSetup->saveConfFromPost();
55 return;
56}
57
58$upload_dir = null;
59
60if (($action == 'update' || !empty($websitetemplateconf)) && !empty($arrayofparameters) && is_array($arrayofparameters) && !empty($user->admin)) {
61 $db->begin();
62
63 foreach ($arrayofparameters as $key => $val) {
64 // Modify constant only if key was posted (avoid resetting key to the null value)
65 if (GETPOSTISSET($key)) {
66 if (isset($val['type']) && preg_match('/category:/', $val['type'])) {
67 if (GETPOSTINT($key) == '-1') {
68 $val_const = '';
69 } else {
70 $val_const = GETPOSTINT($key);
71 }
72 } elseif (isset($val['type']) && $val['type'] == 'html') {
73 $val_const = GETPOST($key, 'restricthtml');
74 } else {
75 $val_const = GETPOST($key, 'alpha');
76 }
77
78 $result = dolibarr_set_const($db, $key, $val_const, 'chaine', 0, '', $conf->entity);
79 if ($result < 0) {
80 $error++;
81 break;
82 }
83 }
84 }
85
86 if (!$error) {
87 $db->commit();
88 if (empty($nomessageinupdate)) {
89 setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
90 }
91 } else {
92 $db->rollback();
93 if (empty($nomessageinupdate)) {
94 setEventMessages($langs->trans("SetupNotSaved"), null, 'errors');
95 }
96 }
97}
98
99if ($action == 'deletefile' && $modulepart == 'doctemplates' && !empty($user->admin)) {
100 include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
101 $keyforuploaddir = GETPOST('keyforuploaddir', 'aZ09');
102 $listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim(getDolGlobalString($keyforuploaddir))));
103
104 foreach ($listofdir as $key => $tmpdir) {
105 $tmpdir = preg_replace('/DOL_DATA_ROOT\/*/', '', $tmpdir); // Clean string if we found a hardcoded DOL_DATA_ROOT
106 if (!$tmpdir) {
107 unset($listofdir[$key]);
108 continue;
109 }
110 $tmpdir = DOL_DATA_ROOT.'/'.$tmpdir; // Complete with DOL_DATA_ROOT. Only files into DOL_DATA_ROOT can be reach/set
111 if (!is_dir($tmpdir)) {
112 if (empty($nomessageinsetmoduleoptions)) {
113 setEventMessages($langs->trans("ErrorDirNotFound", $tmpdir), null, 'warnings');
114 }
115 } else {
116 $upload_dir = $tmpdir;
117 break; // So we take the first directory found into setup $conf->global->$keyforuploaddir
118 }
119 }
120
121 $filetodelete = $tmpdir.'/'.GETPOST('file');
122 $result = dol_delete_file($filetodelete);
123 if ($result > 0) {
124 setEventMessages($langs->trans("FileWasRemoved", GETPOST('file')), null, 'mesgs');
125 }
126}
127
128// Define constants for submodules that contains parameters (forms with param1, param2, ... and value1, value2, ...)
129if ($action == 'setModuleOptions' && !empty($user->admin)) {
130 $db->begin();
131
132 // Process common param fields
133 if (is_array($_POST)) {
134 foreach ($_POST as $key => $val) {
135 $reg = array();
136 if (preg_match('/^param(\d*)$/', $key, $reg)) { // Works for POST['param'], POST['param1'], POST['param2'], ...
137 $param = GETPOST("param".$reg[1], 'aZ09');
138 $value = GETPOST("value".$reg[1], 'alpha');
139 if ($param) {
140 $res = dolibarr_set_const($db, $param, $value, 'chaine', 0, '', $conf->entity);
141 if (!($res > 0)) {
142 $error++;
143 }
144
145 // Case we modify the list of directories for ODT templases, we want to be sure directory exists
146 if (preg_match('/_ADDON_PDF_ODT_PATH$/', $param) && preg_match('/^DOL_DATA_ROOT/', $value)) {
147 $tmpdir = preg_replace('/^DOL_DATA_ROOT/', DOL_DATA_ROOT, $value);
148 dol_mkdir($tmpdir, DOL_DATA_ROOT);
149 }
150 }
151 }
152 }
153 }
154
155 // Process upload fields
156 if (GETPOST('upload', 'alpha') && GETPOST('keyforuploaddir', 'aZ09')) {
157 include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
158 $keyforuploaddir = GETPOST('keyforuploaddir', 'aZ09');
159 $listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim(getDolGlobalString($keyforuploaddir))));
160
161 foreach ($listofdir as $key => $tmpdir) {
162 $tmpdir = trim($tmpdir);
163 $tmpdir = preg_replace('/DOL_DATA_ROOT\/*/', '', $tmpdir); // Clean string if we found a hardcoded DOL_DATA_ROOT
164 if (!$tmpdir) {
165 unset($listofdir[$key]);
166 continue;
167 }
168 $tmpdir = DOL_DATA_ROOT.'/'.$tmpdir; // Complete with DOL_DATA_ROOT. Only files into DOL_DATA_ROOT can be reach/set
169 if (!is_dir($tmpdir)) {
170 if (empty($nomessageinsetmoduleoptions)) {
171 setEventMessages($langs->trans("ErrorDirNotFound", $tmpdir), null, 'warnings');
172 }
173 } else {
174 $upload_dir = $tmpdir;
175 break; // So we take the first directory found into setup $conf->global->$keyforuploaddir
176 }
177 }
178
179 // Restrict uploads for ODT template setup pages.
180 if (preg_match('/_ADDON_PDF_ODT_PATH$/', $keyforuploaddir) && !empty($_FILES['uploadfile'])) {
181 $allowedext = array('odt', 'ods');
182 $allowedmimes = array(
183 'application/vnd.oasis.opendocument.text',
184 'application/vnd.oasis.opendocument.spreadsheet',
185 'application/zip',
186 'application/x-zip-compressed',
187 'application/octet-stream'
188 );
189 $files = $_FILES['uploadfile'];
190 if (!is_array($files['name'])) {
191 foreach ($files as $key => &$val) {
192 $val = array($val);
193 }
194 unset($val);
195 }
196 foreach ($files['name'] as $idx => $filename) {
197 if (empty($filename)) {
198 continue;
199 }
200
201 $extension = strtolower(pathinfo((string) $filename, PATHINFO_EXTENSION));
202 if (!in_array($extension, $allowedext, true)) {
203 $error++;
204 setEventMessages($langs->trans("ErrorFileNotUploaded").' (Only .odt/.ods templates are allowed)', null, 'errors');
205 dol_syslog(__FILE__." ODT template upload refused on extension filename=".$filename, LOG_WARNING);
206 break;
207 }
208
209 $detectedmime = '';
210 if (!empty($files['tmp_name'][$idx]) && function_exists('finfo_open')) {
211 $finfo = finfo_open(FILEINFO_MIME_TYPE);
212 if ($finfo) {
213 $detectedmime = (string) finfo_file($finfo, $files['tmp_name'][$idx]);
214 finfo_close($finfo);
215 }
216 }
217 if (!empty($detectedmime) && !in_array(strtolower($detectedmime), $allowedmimes, true)) {
218 $error++;
219 setEventMessages($langs->trans("ErrorFileNotUploaded").' (Invalid MIME type for ODT/ODS template)', null, 'errors');
220 dol_syslog(__FILE__." ODT template upload refused on mime filename=".$filename." mime=".$detectedmime, LOG_WARNING);
221 break;
222 }
223 }
224 }
225
226 if ($upload_dir && !$error) {
227 $result = dol_add_file_process($upload_dir, 1, 1, 'uploadfile', '');
228 if ($result <= 0) {
229 $error++;
230 }
231 }
232 }
233
234 if (!$error) {
235 $db->commit();
236 if (empty($nomessageinsetmoduleoptions)) {
237 setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
238 }
239 } else {
240 $db->rollback();
241 if (empty($nomessageinsetmoduleoptions)) {
242 setEventMessages($langs->trans("SetupNotSaved"), null, 'errors');
243 }
244 }
245}
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition admin.lib.php:676
dol_add_file_process
dol_add_file_process($upload_dir, $allowoverwrite=0, $updatesessionordb=0, $keyforsourcefile='addedfile', $savingdocmask='', $link=null, $trackid='', $generatethumbs=1, $object=null, $forceFullTextIndexation='', $mode=0)
Get and save an upload file (for example after submitting a new file in a mail form).
Definition files.lib.php:2010
dol_delete_file
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1, $nolog=0)
Remove a file or several files with a mask.
Definition files.lib.php:1596
setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
Definition functions.lib.php:10455
GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:1187
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:851
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:229
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2519
dol_mkdir
dol_mkdir($dir, $dataroot='', $newmask='')
Creation of a directory (this can create recursive subdir)
Definition functions.lib.php:8289
$conf
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
Definition member.php:79
Generated on Sun Jun 7 2026 01:00:19 for dolibarr by Doxygen 1.11.0