d6/de7/export__files_8php_source.html

<?php

/* Copyright (C) 2006-2014  Laurent Destailleur <eldy@users.sourceforge.net>

 * Copyright (C) 2011       Juanjo Menent       <jmenent@2byte.es>

 * Copyright (C) 2015       Raphaël Doursenaud  <rdoursenaud@gpcsolutions.fr>

 * Copyright (C) 2021   Regis Houssin   <regis.houssin@inodbox.com>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


if (! defined('CSRFCHECK_WITH_TOKEN')) {

  define('CSRFCHECK_WITH_TOKEN', '1');    // Force use of CSRF protection with tokens even for GET

}


// Load Dolibarr environment

require '../../main.inc.php';

require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';

require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';

require_once DOL_DOCUMENT_ROOT.'/core/class/utils.class.php';

require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';


$langs->load("admin");


$action = GETPOST('action', 'aZ09');

$what = GETPOST('what', 'alpha');

$export_type = GETPOST('export_type', 'alpha');

$file = trim(GETPOST('zipfilename_template', 'alpha'));

$compression = GETPOST('compression', 'aZ09');


$file = dol_sanitizeFileName($file);

$file = preg_replace('/(\.zip|\.tar|\.tgz|\.gz|\.tar\.gz|\.bz2|\.zst)$/i', '', $file);


$sortfield = GETPOST('sortfield', 'aZ09comma');

$sortorder = GETPOST('sortorder', 'aZ09comma');

$page = GETPOSTISSET('pageplusone') ? (GETPOSTINT('pageplusone') - 1) : GETPOSTINT("page");

if (!$sortorder) {

  $sortorder = "DESC";

}

if (!$sortfield) {

  $sortfield = "date";

}

if ($page < 0) {

  $page = 0;

} elseif (empty($page)) {

  $page = 0;

}

$limit = GETPOSTINT('limit') ? GETPOSTINT('limit') : $conf->liste_limit;

$offset = $limit * $page;


if (!$user->admin) {

  accessforbidden();

}


$errormsg = '';


/*

 * Actions

 */


if ($action == 'delete') {

  $filerelative = dol_sanitizeFileName(GETPOST('urlfile', 'alpha'));

  $filepath = $conf->admin->dir_output.'/'.$filerelative;

  $ret = dol_delete_file($filepath, 1);

  if ($ret) {

    setEventMessages($langs->trans("FileWasRemoved", $filerelative), null, 'mesgs');

  } else {

    setEventMessages($langs->trans("ErrorFailToDeleteFile", $filerelative), null, 'errors');

  }

  $action = '';

}


/*

 * View

 */


// Increase limit of time. Works only if we are not in safe mode

$ExecTimeLimit = 1800; // 30mn

if (!empty($ExecTimeLimit)) {

  $err = error_reporting();

  error_reporting(0); // Disable all errors

  //error_reporting(E_ALL);

  @set_time_limit($ExecTimeLimit); // Need more than 240 on Windows 7/64

  error_reporting($err);

}


/* If value has been forced with a php_admin_value, this has no effect. Example of value: '512M' */

$MemoryLimit = getDolGlobalString('MAIN_MEMORY_LIMIT_ARCHIVE_DATAROOT');

if (!empty($MemoryLimit)) {

  @ini_set('memory_limit', $MemoryLimit);

}


$form = new Form($db);

$formfile = new FormFile($db);


//$help_url='EN:Backups|FR:Sauvegardes|ES:Copias_de_seguridad';

//llxHeader('','',$help_url);


//print load_fiche_titre($langs->trans("Backup"),'','title_setup');


// Start with empty buffer

$dump_buffer = '';

$dump_buffer_len = 0;


// We will send fake headers to avoid browser timeout when buffering

$time_start = time();


$outputdir  = $conf->admin->dir_output.'/documents';

$result = dol_mkdir($outputdir);


$utils = new Utils($db);


if ($export_type == 'externalmodule' && !empty($what)) {

  $fulldirtocompress = DOL_DOCUMENT_ROOT.'/custom/'.dol_sanitizeFileName($what);

} else {

  $fulldirtocompress = DOL_DATA_ROOT;

}

$dirtoswitch = dirname($fulldirtocompress);

$dirtocompress = basename($fulldirtocompress);


if ($compression == 'zip') {

  $file .= '.zip';


  $excludefiles = '/(\.back|\.old|\.log|\.pdf_preview-.*\.png|[\/\\\]temp[\/\\\]|[\/\\\]admin[\/\\\]documents[\/\\\])/i';


  //var_dump($fulldirtocompress);

  //var_dump($outputdir."/".$file);exit;


  $rootdirinzip = '';

  if ($export_type == 'externalmodule' && !empty($what)) {

    $rootdirinzip = $what;


    global $dolibarr_allow_download_external_modules;

    if (empty($dolibarr_allow_download_external_modules)) {

      print 'Download of external modules is not allowed by $dolibarr_allow_download_external_modules in conf.php file';

      $db->close();

      exit();

    }

  }


  $ret = dol_compress_dir($fulldirtocompress, $outputdir."/".$file, $compression, $excludefiles, $rootdirinzip);

  if ($ret < 0) {

    if ($ret == -2) {

      $langs->load("errors");

      $errormsg = $langs->trans("ErrNoZipEngine");

    } else {

      $langs->load("errors");

      $errormsg = $langs->trans("ErrorFailedToWriteInDir", $outputdir);

    }

  }

} elseif (in_array($compression, array('gz', 'bz', 'zstd'))) {

  $userlogin = ($user->login ? $user->login : 'unknown');


  $outputfile = $conf->admin->dir_temp.'/export_files.'.$userlogin.'.out'; // File used with popen method


  $file .= '.tar';


  // We also exclude '/temp/' dir and 'documents/admin/documents'

  // We make escapement here and call executeCLI without escapement because we don't want to have the '*.log' escaped.

  $cmd = "tar -cf '".escapeshellcmd($outputdir."/".$file)."' --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'";


  $result = $utils->executeCLI($cmd, $outputfile, 0, null, 1);


  $retval = $result['error'];

  if ($result['result'] || !empty($retval)) {

    $langs->load("errors");

    dol_syslog("Documents tar retval after exec=".$retval, LOG_ERR);

    $errormsg = 'Error tar generation return '.$retval;

  } else {

    if ($compression == 'gz') {

      $cmd = "gzip -f ".$outputdir."/".$file;

    } elseif ($compression == 'bz') {

      $cmd = "bzip2 -f ".$outputdir."/".$file;

    } elseif ($compression == 'zstd') {

      $cmd = "zstd -z -9 -q --rm ".$outputdir."/".$file;

    }


    $result = $utils->executeCLI($cmd, $outputfile);


    $retval = $result['error'];

    if ($result['result'] || !empty($retval)) {

      $errormsg = 'Error '.$compression.' generation return '.$retval;

      unlink($outputdir."/".$file);

    }

  }

} else {

  $errormsg = 'Bad value for compression method';

  print $errormsg;

}


// Output export


if ($export_type != 'externalmodule' || empty($what)) {

  top_httphead();


  if ($errormsg) {

    setEventMessages($langs->trans("Error")." : ".$errormsg, null, 'errors');

  } else {

    setEventMessages($langs->trans("BackupFileSuccessfullyCreated").'.<br>'.$langs->trans("YouCanDownloadBackupFile"), null, 'mesgs');

  }


  $db->close();


  // Redirect to calling page

  $returnto = 'dolibarr_export.php';


  header("Location: ".$returnto);


  exit();

} else {

  top_httphead('application/zip');


  $zipname = $outputdir."/".$file;


  // Then download the zipped file.


  header('Content-disposition: attachment; filename='.basename($zipname));

  header('Content-Length: '.filesize($zipname));

  readfile($zipname);


  dol_delete_file($zipname);


  $db->close();


  exit();

}

FormFile
Class to offer components to list and upload files.
Definition html.formfile.class.php:38

Form
Class to manage generation of HTML components Only common components must be here.
Definition html.form.class.php:56

Utils
Class to manage utility methods.
Definition utils.class.php:34

dol_delete_file
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1, $nolog=0)
Remove a file or several files with a mask.
Definition files.lib.php:1469

GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:1075

GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:752

setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
Definition functions.lib.php:9733

dol_sanitizeFileName
dol_sanitizeFileName($str, $newstr='_', $unaccent=1)
Clean a string to use it as a file name.
Definition functions.lib.php:1577

getDolGlobalString
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
Definition functions.lib.php:215

dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2146

dol_sanitizePathName
dol_sanitizePathName($str, $newstr='_', $unaccent=1)
Clean a string to use it as a path name.
Definition functions.lib.php:1604

dol_mkdir
dol_mkdir($dir, $dataroot='', $newmask='')
Creation of a directory (this can create recursive subdir)
Definition functions.lib.php:7720

top_httphead
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition main.inc.php:1657

accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1204