d0/d7c/upload__page_8php_source.html

<?php

/* Copyright (C) 2005-2017  Laurent Destailleur     <eldy@users.sourceforge.net>

 * Copyright (C) 2024-2025  Frédéric France     <frederic.france@free.fr>

 * Copyright (C) 2024   MDW           <mdeweerd@users.noreply.github.com>

 *

 * This file is a modified version of datepicker.php from phpBSM to fix some

 * bugs, to add new features and to dramatically increase speed.

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


require_once '../main.inc.php';

require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';

require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';


if (GETPOST('lang', 'aZ09')) {

  $langs->setDefaultLang(GETPOST('lang', 'aZ09')); // If language was forced on URL by the main.inc.php

}


$langs->loadLangs(array("main", "other"));


$action = GETPOST('action', 'aZ09');

$modulepart = GETPOST('modulepart', 'aZ09');


$upload_dir = $conf->admin->dir_temp.'/import';


// Delete the temporary files that are used when uploading files

dol_delete_file($upload_dir.'/upload_page-by'.$user->id.'-*');


$error = 0;


/*

 * Actions

 */


if (getDolGlobalString('MAIN_USE_TOP_MENU_IMPORT_FILE') && !is_numeric(getDolGlobalString('MAIN_USE_TOP_MENU_IMPORT_FILE'))) {

  $urlforuploadpage = getDolGlobalString('MAIN_USE_TOP_MENU_IMPORT_FILE');


  header("Location: ".$urlforuploadpage);

  exit(1);

}


if ($action == 'uploadfile') {  // Test on permission not required here. Done later

  if (!$modulepart) {     // Should not happen

    print 'Error, modulepart param is empty';

    exit(1);

  }


  $arrayobject = getElementProperties($modulepart);


  $module = $arrayobject['module'];

  $element = $arrayobject['element'];

  $dir_output = $arrayobject['dir_output'];

  $dir_temp = $arrayobject['dir_temp'];


  $permlevel1 = 'read';

  $permlevel2 = '';

  $fileprefix = 'unknown';

  if (in_array($modulepart, array('fournisseur', 'invoice_supplier'))) {

    $permlevel1 = 'facture';

    $permlevel2 = 'read';

    $fileprefix = 'upload_page-by'.$user->id.'-'.$modulepart.'-'.(GETPOSTINT('socid') > 0 ? GETPOSTINT('socid') : 0).'-'.(GETPOSTINT('search_prodid') > 0 ? GETPOSTINT('search_prodid') : 0);

  } elseif ($modulepart == 'expensereport') {

    $fileprefix = 'upload_page-by'.$user->id.'-'.$modulepart.'-'.(GETPOSTINT('userexpensereportid') > 0 ? GETPOSTINT('userexpensereportid') : 0).'-'.(GETPOSTINT('search_prodid') > 0 ? GETPOSTINT('search_prodid') : 0);

  } elseif ($modulepart == 'salaries') {

    $fileprefix = 'upload_page-by'.$user->id.'-'.$modulepart.'-'.(GETPOSTINT('usersalaryid') > 0 ? GETPOSTINT('usersalaryid') : 0);

  }


  if ($permlevel2) {

    $permissiontoadd = $user->hasRight($module, $permlevel1, $permlevel2);  // Used by actions_linkedfiles

  } else {

    $permissiontoadd = $user->hasRight($module, $permlevel1);       // Used by actions_linkedfiles

  }

  $forceFullTextIndexation = '0';                       // Used by actions_linkedfiles


  if (!empty($_FILES['userfile']['name'])) {

    $_FILES['userfile']['name'] = $fileprefix.'-'.$_FILES['userfile']['name'];


    include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';


    // @phpstan-ignore-next-line $error may have been modified by actions_linkedfiles.inc.php

    if (!$error) {

      header("Location: ".DOL_URL_ROOT.'/core/upload_page2.php?file='.urlencode($fileprefix));

      exit;

    }

  }

}


/*

 * View

 */


$form = new Form($db);


// Important: Following code is to avoid page request by browser and PHP CPU at each Dolibarr page access.

/*

if (empty($dolibarr_nocache) && GETPOSTINT('cache')) {

  header('Cache-Control: max-age='.GETPOSTINT('cache').', public');

  // For a .php, we must set an Expires to avoid to have it forced to an expired value by the web server

  header('Expires: '.gmdate('D, d M Y H:i:s', dol_now('gmt') + GETPOSTINT('cache')).' GMT');

  // HTTP/1.0

  header('Pragma: token=public');

} else {

  // HTTP/1.0

  header('Cache-Control: no-cache');

}

*/


$title = $langs->trans("UploadFile");

$help_url = '';


$arrayofjs = array();

$arrayofcss = array();


llxHeader('', $title, $help_url, '', 0, 0, $arrayofjs, $arrayofcss, '', 'mod-upload page-card');


print load_fiche_titre('', '', '', 0, '', '', '<h2>'.img_picto('', 'upload').' '.$title.'</h2>');


// Instantiate hooks of thirdparty module

$hookmanager->initHooks(array('uploadform'));


// Define $uploadform

$uploadform = '';


$uploadform = '<div class="display-flex">';


// Form to upload a supplier invoice

if (isModEnabled('supplier_invoice')) {

  $langs->load("bills");

  $uploadform .= '

  <div id="supplierinvoice" class="flex-item flex-item-uploadfile">'.img_picto('', 'bill', 'class="fa-2x"').'<br>

  <div>'.$langs->trans("SupplierInvoice").'<br><br>';


  $uploadform .= img_picto('', 'company', 'class="pictofixedwidth"');

  $uploadform .= $form->select_company(GETPOSTINT('socid'), 'socid', '(statut:=:0)', $langs->transnoentitiesnoconv("Supplier"), 0, 0, array(), 0, 'maxwidth200 disableautoopen');


  $uploadform .= '<br>';


  $prodid = GETPOSTINT('prodid');

  $prodtext = $langs->trans("RefOrLabel");


  //$uploadform .= $form->select_produits_fournisseurs(0, $prodid, 'prodid', '', 0, 0, 1, 2, $prodtext, 0, array(), GETPOSTINT('socid'), '1', 0, 'maxwidth200 disableautoopen', 0, '', null, 1);

  $uploadform .= img_picto('', 'product', 'class="pictofixedwidth"');

  $uploadform .= $form->select_produits_fournisseurs(0, $prodid, 'prodid', '', '', array(), 1, 1, 'maxwidth200 disableautoopen', $prodtext, 1);


  $uploadform .= '<br>';


  $uploadform .= '<br>

  <small class="opacitymedium">'.$langs->trans("OrClickToSelectAFile").'...</small>

  </div>

  </div>';

}


// Form to upload an expense report

if (isModEnabled('expensereport')) {

  $langs->load("expensereport");

  $uploadform .= '

  <div id="userexpensereport" class="flex-item flex-item-uploadfile">'.img_picto('', 'expensereport', 'class="fa-2x"').'<br>

  <div>'.$langs->trans("ExpenseReport").'<br><br>';


  $uploadform .= img_picto('', 'user', 'class="pictofixedwidth"');

  //$uploadform .= '<span class="disableautoopen">';

  $uploadform .= $form->select_dolusers(GETPOSTINT('userexpensereportid') > 0 ? GETPOSTINT('userexpensereportid') : $user->id, 'userexpensereportid', $langs->transnoentitiesnoconv("User"), null, 0, 'hierarchyme', '', '', 0, 0, '', 0, '', 'maxwidth200 disableautoopen', 1);

  //$uploadform .= '</span>';


  $uploadform .= '<br>';


  $uploadform .= '<br>

  <small class="opacitymedium">'.$langs->trans("OrClickToSelectAFile").'...</small>

  </div>

  </div>';

}


// Form to upload a salary document

if (isModEnabled('salaries')) {

  $langs->load("salaries");

  $uploadform .= '

  <div id="userpayroll" class="flex-item flex-item-uploadfile">'.img_picto('', 'salary', 'class="fa-2x"').'<br>

  <div>'.$langs->trans("UserPaySlip").'<br><br>';


  $uploadform .= img_picto('', 'user', 'class="pictofixedwidth"');

  //$uploadform .= '<span class="disableautoopen">';

  $uploadform .= $form->select_dolusers(GETPOSTINT('usersalaryid') > 0 ? GETPOSTINT('usersalaryid') : $user->id, 'usersalaryid', $langs->transnoentitiesnoconv("Employee"), null, 0, 'hierarchyme', '', '', 0, 0, '', 0, '', 'maxwidth200 disableautoopen', 1);

  //$uploadform .= '</span>';


  $uploadform .= '<br>';


  $uploadform .= '<br>

  <small class="opacitymedium">'.$langs->trans("OrClickToSelectAFile").'...</small>

  </div>

  </div>';

}


$uploadform .= '</div>';


// Execute hook printSearchForm

$parameters = array('uploadform' => $uploadform);

$reshook = $hookmanager->executeHooks('printUploadForm', $parameters); // Note that $action and $object may have been modified by some hooks

if (empty($reshook)) {

  $uploadform .= $hookmanager->resPrint;

} else {

  $uploadform = $hookmanager->resPrint;

}


$uploadform .= '<br>';


// Show all forms

print "\n";

print "<!-- Begin UploadForm -->\n";

print '<form id="uploadform" enctype="multipart/form-data" method="POST" action="'.dolBuildUrl($_SERVER["PHP_SELF"]).'">';

print '<input type="hidden" name="token" value="'.newToken().'">';

print '<input type="hidden" name="action" value="uploadfile">';

print '<input type="hidden" name="sendit" value="1">';

print '<input type="hidden" name="modulepart" id="modulepart" value="">';

print '<input type="hidden" name="overwritefile" value="1">';


print '<div class="center"><div class="center" style="padding: 10px;">';

print '<style>.menu_titre { padding-top: 7px; }</style>';

print '<div id="blockupload" class="center">'."\n";

//print '<input name="filenamePDF" id="filenamePDF" type="hideobject">';

print $uploadform;


$accept = '.pdf,image/*';

$disablemulti = 1;

$perm = 1;

$capture = 1;


$maxfilesizearray = getMaxFileSizeArray();

$max = $maxfilesizearray['max'];

$maxmin = $maxfilesizearray['maxmin'];

$maxphptoshow = $maxfilesizearray['maxphptoshow'];

$maxphptoshowparam = $maxfilesizearray['maxphptoshowparam'];

$out = '';

if ($maxmin > 0) {

  $out .= '<input type="hidden" name="MAX_FILE_SIZE" value="'.($maxmin * 1024).'">';  // MAX_FILE_SIZE must precede the field type=file

}

$out .= '<input class="hideobject" type="file" id="fileInput" value=""';

// @phpstan-ignore-next-line

$out .= ((getDolGlobalString('MAIN_DISABLE_MULTIPLE_FILEUPLOAD') || $disablemulti) ? ' name="userfile"' : ' name="userfile[]" multiple');

// @phpstan-ignore-next-line

$out .= (!getDolGlobalString('MAIN_UPLOAD_DOC') || empty($perm) ? ' disabled' : '');

// @phpstan-ignore-next-line

$out .= (!empty($accept) ? ' accept="'.$accept.'"' : ' accept=""');

// @phpstan-ignore-next-line

$out .= (!empty($capture) ? ' capture="capture"' : '');

$out .= '>';


print $out;


print "<script>

$(document).ready(function() {

  jQuery('#supplierinvoice:not(.disableautoopen)').on('click', function(event) {

    console.log('Click on link supplierinvoice to open input file');

    console.log(event);

    if (!event.target.closest('.disableautoopen')) {

      $('#modulepart').val('invoice_supplier');

      $('#fileInput').click();

    }

  });


  jQuery('#userexpensereport:not(.disableautoopen)').on('click', function(event) {

    console.log('Click on link userexpensereport to open input file');

    console.log(event);

    if (!event.target.closest('.disableautoopen')) {

      $('#modulepart').val('expensereport');

      $('#fileInput').click();

    }

  });


  jQuery('#userpayroll:not(.disableautoopen)').on('click', function(event) {

    console.log('Click on link userpayroll to open input file');

    console.log(event);

    if (!event.target.closest('.disableautoopen')) {

      $('#modulepart').val('salaries');

      $('#fileInput').click();

    }

  });


  jQuery('#fileInput').on('change', function(event) {

    console.log(event);

    console.log('A file was selected, we submit the form');

    $('#uploadform').submit();

  });

});

</script>";


print '</div>'."\n";

print '</div></div>';


print '</form>';

print "\n<!-- End UploadForm -->\n";


// End of page

llxFooter();

$db->close();

llxFooter
llxFooter($comment='', $zone='private', $disabledoutputofmessages=0)
Empty footer.
Definition wrapper.php:91

llxHeader
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader($head='', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='', $morecssonbody='', $replacemainareaby='', $disablenofollow=0, $disablenoindex=0)
Empty header.
Definition wrapper.php:73

Form
Class to manage generation of HTML components Only common components must be here.
Definition html.form.class.php:57

dol_delete_file
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1, $nolog=0)
Remove a file or several files with a mask.
Definition files.lib.php:1598

img_picto
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2, $allowothertags=array())
Show picto whatever it's its name (generic function)
Definition functions.lib.php:5577

GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:902

getElementProperties
getElementProperties($elementType)
Get an array with properties of an element.
Definition functions.lib.php:14829

GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:1033

load_fiche_titre
load_fiche_titre($title, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='', $morecssonpicto='widthpictotitle')
Load a title with picto.
Definition functions.lib.php:7209

getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:258

isModEnabled
isModEnabled($module)
Is Dolibarr module enabled.
Definition functions.lib.php:440

getMaxFileSizeArray
getMaxFileSizeArray()
Return the max allowed for file upload.
Definition security.lib.php:1424