63function dol_dir_list($utf8_path, $types =
"all", $recursive = 0, $filter =
"", $excludefilter =
null, $sortcriteria =
"name", $sortorder = SORT_ASC, $mode = 0, $nohook = 0, $relativename =
"", $donotfollowsymlinks = 0, $nbsecondsold = 0)
65 global $db, $hookmanager;
68 if ($recursive <= 1) {
73 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
74 foreach ((array($filter) + $exclude_array) as $f) {
76 if ((
int) preg_match(
'/(?:^|[^\\\\])\//', $f) > 0) {
78 $error_info .=
" error='$f unescaped_slash'";
82 dol_syslog(
"files.lib.php::dol_dir_list path=".$utf8_path.
" types=".$types.
" recursive=".$recursive.
" filter=".$filter.
" excludefilter=".json_encode($excludefilter).$error_info);
90 $exclude_array = ($excludefilter ===
null || $excludefilter ===
'') ? array() : (is_array($excludefilter) ? $excludefilter : array($excludefilter));
94 $excludefilterarray = array_merge(array(
'^\.'), $exclude_array);
96 $loaddate = ($mode == 1 || $mode == 2 || $nbsecondsold != 0 || $sortcriteria ==
'date');
97 $loadsize = ($mode == 1 || $mode == 3 || $sortcriteria ==
'size');
98 $loadperm = ($mode == 1 || $mode == 4 || $sortcriteria ==
'perm');
101 $utf8_path = preg_replace(
'/([\\/]+)$/',
'', $utf8_path);
106 $file_list = array();
108 if (!$nohook && $hookmanager instanceof
HookManager) {
109 $hookmanager->resArray = array();
111 $hookmanager->initHooks(array(
'fileslib'));
116 'recursive' => $recursive,
118 'excludefilter' => $exclude_array,
119 'sortcriteria' => $sortcriteria,
120 'sortorder' => $sortorder,
121 'loaddate' => $loaddate,
122 'loadsize' => $loadsize,
125 $reshook = $hookmanager->executeHooks(
'getDirList', $parameters,
$object);
129 if (empty($reshook)) {
130 if (!is_dir($os_path)) {
134 if (($dir = opendir($os_path)) ===
false) {
141 while (
false !== ($os_file = readdir($dir))) {
142 $os_fullpathfile = ($os_path ? $os_path.
'/' :
'').$os_file;
145 $utf8_file = mb_convert_encoding($os_file,
'UTF-8',
'ISO-8859-1');
147 $utf8_file = $os_file;
152 $utf8_fullpathfile =
"$utf8_path/$utf8_file";
155 foreach ($excludefilterarray as $filt) {
156 if (preg_match(
'/'.$filt.
'/i', $utf8_file) || preg_match(
'/'.$filt.
'/i', $utf8_fullpathfile)) {
164 $isdir = is_dir($os_fullpathfile);
168 if (($types ==
"directories") || ($types ==
"all")) {
169 if ($loaddate || $sortcriteria ==
'date') {
172 if ($loadsize || $sortcriteria ==
'size') {
175 if ($loadperm || $sortcriteria ==
'perm') {
179 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
181 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
182 $level1name = (isset($reg[1]) ? $reg[1] :
'');
183 $file_list[] = array(
184 "name" => $utf8_file,
185 "path" => $utf8_path,
186 "level1name" => $level1name,
187 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
188 "fullname" => $utf8_fullpathfile,
198 if ($recursive > 0) {
199 if (empty($donotfollowsymlinks) || !is_link($os_fullpathfile)) {
201 $file_list = array_merge($file_list,
dol_dir_list($utf8_fullpathfile, $types, $recursive + 1, $filter, $exclude_array, $sortcriteria, $sortorder, $mode, $nohook, ($relativename !=
'' ? $relativename.
'/' :
'').$utf8_file, $donotfollowsymlinks, $nbsecondsold));
204 } elseif (in_array($types, array(
"files",
"all"))) {
206 if ($loaddate || $sortcriteria ==
'date') {
209 if ($loadsize || $sortcriteria ==
'size') {
213 if (!$filter || preg_match(
'/'.$filter.
'/i', $utf8_file)) {
214 if (empty($nbsecondsold) || $filedate <= ($now - $nbsecondsold)) {
215 preg_match(
'/([^\/]+)\/[^\/]+$/', $utf8_fullpathfile, $reg);
216 $level1name = (isset($reg[1]) ? $reg[1] :
'');
217 $file_list[] = array(
218 "name" => $utf8_file,
219 "path" => $utf8_path,
220 "level1name" => $level1name,
221 "relativename" => ($relativename ? $relativename.
'/' :
'').$utf8_file,
222 "fullname" => $utf8_fullpathfile,
235 if (!empty($sortcriteria) && $sortorder) {
236 $file_list =
dol_sort_array($file_list, $sortcriteria, ($sortorder == SORT_ASC ?
'asc' :
'desc'));
241 if ($hookmanager instanceof
HookManager && is_array($hookmanager->resArray)) {
242 $file_list = array_merge($file_list, $hookmanager->resArray);
1011function dol_move($srcfile, $destfile, $newmask =
'0', $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 1, $moreinfo = array())
1013 global $user, $db, $conf;
1016 dol_syslog(
"files.lib.php::dol_move srcfile=".$srcfile.
" destfile=".$destfile.
" newmask=".$newmask.
" overwritifexists=".$overwriteifexists);
1021 dol_syslog(
"files.lib.php::dol_move srcfile does not exists. we ignore the move request.");
1025 if ($overwriteifexists || !$destexists) {
1030 $testvirusarray = array();
1033 $testvirusarray =
dolCheckVirus($newpathofsrcfile, $newpathofdestfile);
1034 if (count($testvirusarray)) {
1035 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1041 if (count($testvirusarray)) {
1042 dol_syslog(
"files.lib.php::dol_move canceled because a virus was found into source file. We ignore the move request.", LOG_WARNING);
1047 global $dolibarr_main_restrict_os_commands;
1048 if (!empty($dolibarr_main_restrict_os_commands)) {
1049 $arrayofallowedcommand = explode(
',', $dolibarr_main_restrict_os_commands);
1050 $arrayofallowedcommand = array_map(
'trim', $arrayofallowedcommand);
1051 if (in_array(basename($destfile), $arrayofallowedcommand)) {
1054 dol_syslog(
"files.lib.php::dol_move canceled because target filename ".basename($destfile).
" is using a reserved command name. we ignore the move request.", LOG_WARNING);
1059 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1062 dol_syslog(
"files.lib.php::dol_move Failed. We try to delete target first and move after.", LOG_WARNING);
1065 $result = @rename($newpathofsrcfile, $newpathofdestfile);
1067 dol_syslog(
"files.lib.php::dol_move Failed.", LOG_WARNING);
1072 if ($result && $indexdatabase) {
1074 $rel_filetorenamebefore = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $srcfile);
1075 $rel_filetorenameafter = preg_replace(
'/^'.preg_quote(DOL_DATA_ROOT,
'/').
'/',
'', $destfile);
1076 if (!preg_match(
'/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) {
1077 $rel_filetorenamebefore = preg_replace(
'/^[\\/]/',
'', $rel_filetorenamebefore);
1078 $rel_filetorenameafter = preg_replace(
'/^[\\/]/',
'', $rel_filetorenameafter);
1081 dol_syslog(
"Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore.
" after = ".$rel_filetorenameafter, LOG_DEBUG);
1082 include_once DOL_DOCUMENT_ROOT.
'/ecm/class/ecmfiles.class.php';
1084 $ecmfiletarget =
new EcmFiles($db);
1085 $resultecmtarget = $ecmfiletarget->fetch(0,
'', $rel_filetorenameafter);
1086 if ($resultecmtarget > 0) {
1087 $ecmfiletarget->delete($user);
1091 $resultecm = $ecmfile->fetch(0,
'', $rel_filetorenamebefore);
1092 if ($resultecm > 0) {
1093 $filename = basename($rel_filetorenameafter);
1094 $rel_dir = dirname($rel_filetorenameafter);
1095 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1096 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1098 $ecmfile->filepath = $rel_dir;
1099 $ecmfile->filename = $filename;
1101 $resultecm = $ecmfile->update($user);
1102 } elseif ($resultecm == 0) {
1103 $filename = basename($rel_filetorenameafter);
1104 $rel_dir = dirname($rel_filetorenameafter);
1105 $rel_dir = preg_replace(
'/[\\/]$/',
'', $rel_dir);
1106 $rel_dir = preg_replace(
'/^[\\/]/',
'', $rel_dir);
1108 $ecmfile->filepath = $rel_dir;
1109 $ecmfile->filename = $filename;
1111 $ecmfile->fullpath_orig = basename($srcfile);
1112 $ecmfile->gen_or_uploaded =
'uploaded';
1113 if (!empty($moreinfo) && !empty($moreinfo[
'description'])) {
1114 $ecmfile->description = $moreinfo[
'description'];
1116 $ecmfile->description =
'';
1118 if (!empty($moreinfo) && !empty($moreinfo[
'keywords'])) {
1119 $ecmfile->keywords = $moreinfo[
'keywords'];
1121 $ecmfile->keywords =
'';
1123 if (!empty($moreinfo) && !empty($moreinfo[
'note_private'])) {
1124 $ecmfile->note_private = $moreinfo[
'note_private'];
1126 if (!empty($moreinfo) && !empty($moreinfo[
'note_public'])) {
1127 $ecmfile->note_public = $moreinfo[
'note_public'];
1129 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_type'])) {
1130 $ecmfile->src_object_type = $moreinfo[
'src_object_type'];
1132 if (!empty($moreinfo) && !empty($moreinfo[
'src_object_id'])) {
1133 $ecmfile->src_object_id = $moreinfo[
'src_object_id'];
1136 $resultecm = $ecmfile->create($user);
1137 if ($resultecm < 0) {
1140 } elseif ($resultecm < 0) {
1144 if ($resultecm > 0) {
1152 if (empty($newmask)) {
1159 dolChmod($newpathofdestfile, $newmask);
2735 global $conf, $db, $user, $hookmanager;
2736 global $dolibarr_main_data_root, $dolibarr_main_document_root_alt;
2739 if (!is_object($fuser)) {
2743 if (empty($modulepart)) {
2744 return 'ErrorBadParameter';
2746 if (empty($entity)) {
2747 if (!isModEnabled(
'multicompany')) {
2754 if ($modulepart ==
'facture') {
2755 $modulepart =
'invoice';
2756 } elseif ($modulepart ==
'users') {
2757 $modulepart =
'user';
2758 } elseif ($modulepart ==
'tva') {
2759 $modulepart =
'tax-vat';
2760 } elseif ($modulepart ==
'expedition' && strpos($original_file,
'receipt/') === 0) {
2762 $modulepart =
'delivery';
2766 dol_syslog(
'dol_check_secure_access_document modulepart='.$modulepart.
' original_file='.$original_file.
' entity='.$entity);
2770 $sqlprotectagainstexternals =
'';
2774 if (empty($refname)) {
2775 $refname = basename(dirname($original_file).
"/");
2776 if ($refname ==
'thumbs' || $refname ==
'temp') {
2778 $refname = basename(dirname(dirname($original_file)).
"/");
2785 $download =
'download';
2786 if ($mode ==
'write') {
2789 $download =
'upload';
2793 if ($modulepart ==
'common') {
2796 $original_file = DOL_DOCUMENT_ROOT.
'/public/theme/common/'.$original_file;
2797 } elseif ($modulepart ==
'medias' && !empty($dolibarr_main_data_root)) {
2798 if (empty($entity) || empty($conf->medias->multidir_output[$entity])) {
2799 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
2802 $original_file = $conf->medias->multidir_output[$entity].
'/'.$original_file;
2803 } elseif ($modulepart ==
'logs' && !empty($dolibarr_main_data_root)) {
2805 $accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match(
'/^dolibarr.*\.(log|json)$/', basename($original_file)));
2806 $original_file = $dolibarr_main_data_root.
'/'.$original_file;
2807 } elseif ($modulepart ==
'doctemplates' && !empty($dolibarr_main_data_root)) {
2809 $accessallowed = $user->admin;
2810 $original_file = $dolibarr_main_data_root.
'/doctemplates/'.$original_file;
2811 } elseif ($modulepart ==
'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
2813 $accessallowed = ($fuser->hasRight(
'website',
'write') && preg_match(
'/\.jpg$/i', basename($original_file)));
2814 $original_file = $dolibarr_main_data_root.
'/doctemplates/websites/'.$original_file;
2815 } elseif ($modulepart ==
'packages' && !empty($dolibarr_main_data_root)) {
2818 $tmp = explode(
',', $dolibarr_main_document_root_alt);
2821 $accessallowed = ($user->admin && preg_match(
'/^module_.*\.zip$/', basename($original_file)));
2822 $original_file = $dirins.
'/'.$original_file;
2823 } elseif ($modulepart ==
'mycompany' && !empty($conf->mycompany->dir_output)) {
2826 $original_file = $conf->mycompany->dir_output.
'/'.$original_file;
2827 } elseif ($modulepart ==
'userphoto' && !empty($conf->user->dir_output)) {
2830 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2833 $original_file = $conf->user->dir_output.
'/'.$original_file;
2834 } elseif ($modulepart ==
'userphotopublic' && !empty($conf->user->dir_output)) {
2839 if (preg_match(
'/^(\d+)\/photos\//', $original_file, $reg)) {
2841 $tmpobject =
new User($db);
2842 $tmpobject->fetch($reg[1],
'',
'', 1);
2844 $securekey =
GETPOST(
'securekey',
'alpha', 1);
2846 global $dolibarr_main_cookie_cryptkey, $dolibarr_main_instance_unique_id;
2847 $valuetouse = $dolibarr_main_instance_unique_id ? $dolibarr_main_instance_unique_id : $dolibarr_main_cookie_cryptkey;
2848 $encodedsecurekey =
dol_hash($valuetouse.
'uservirtualcard'.$tmpobject->id.
'-'.$tmpobject->login,
'md5');
2849 if ($encodedsecurekey == $securekey) {
2858 $original_file = $conf->user->dir_output.
'/'.$original_file;
2859 } elseif (($modulepart ==
'companylogo') && !empty($conf->mycompany->dir_output)) {
2862 $original_file = $conf->mycompany->dir_output.
'/logos/'.$original_file;
2863 } elseif ($modulepart ==
'memberphoto' && !empty($conf->member->dir_output)) {
2866 if (preg_match(
'/^\d+\/photos\//', $original_file)) {
2869 $original_file = $conf->member->dir_output.
'/'.$original_file;
2870 } elseif ($modulepart ==
'apercufacture' && !empty($conf->invoice->multidir_output[$entity])) {
2872 if ($fuser->hasRight(
'facture', $lire)) {
2875 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
2876 } elseif ($modulepart ==
'apercupropal' && !empty($conf->propal->multidir_output[$entity])) {
2878 if ($fuser->hasRight(
'propal', $lire)) {
2881 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
2882 } elseif ($modulepart ==
'apercucommande' && !empty($conf->order->multidir_output[$entity])) {
2884 if ($fuser->hasRight(
'commande', $lire)) {
2887 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
2888 } elseif (($modulepart ==
'apercufichinter' || $modulepart ==
'apercuficheinter') && !empty($conf->ficheinter->dir_output)) {
2890 if ($fuser->hasRight(
'ficheinter', $lire)) {
2893 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
2894 } elseif (($modulepart ==
'apercucontract') && !empty($conf->contract->multidir_output[$entity])) {
2896 if ($fuser->hasRight(
'contrat', $lire)) {
2899 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
2900 } elseif (($modulepart ==
'apercusupplier_proposal' || $modulepart ==
'apercusupplier_proposal') && !empty($conf->supplier_proposal->dir_output)) {
2902 if ($fuser->hasRight(
'supplier_proposal', $lire)) {
2905 $original_file = $conf->supplier_proposal->dir_output.
'/'.$original_file;
2906 } elseif (($modulepart ==
'apercusupplier_order' || $modulepart ==
'apercusupplier_order') && !empty($conf->fournisseur->commande->dir_output)) {
2908 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2911 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
2912 } elseif (($modulepart ==
'apercusupplier_invoice' || $modulepart ==
'apercusupplier_invoice') && !empty($conf->fournisseur->facture->dir_output)) {
2914 if ($fuser->hasRight(
'fournisseur', $lire)) {
2917 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
2918 } elseif (($modulepart ==
'holiday') && !empty($conf->holiday->dir_output)) {
2919 if ($fuser->hasRight(
'holiday', $read) || $fuser->hasRight(
'holiday',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2922 if ($refname && !$fuser->hasRight(
'holiday',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2923 include_once DOL_DOCUMENT_ROOT.
'/holiday/class/holiday.class.php';
2924 $tmpholiday =
new Holiday($db);
2925 $tmpholiday->fetch(
'', $refname);
2926 $accessallowed =
checkUserAccessToObject($user, array(
'holiday'), $tmpholiday,
'holiday',
'',
'',
'rowid',
'');
2929 $original_file = $conf->holiday->dir_output.
'/'.$original_file;
2930 } elseif (($modulepart ==
'expensereport') && !empty($conf->expensereport->dir_output)) {
2931 if ($fuser->hasRight(
'expensereport', $lire) || $fuser->hasRight(
'expensereport',
'readall') || preg_match(
'/^specimen/i', $original_file)) {
2934 if ($refname && !$fuser->hasRight(
'expensereport',
'readall') && !preg_match(
'/^specimen/i', $original_file)) {
2935 include_once DOL_DOCUMENT_ROOT.
'/expensereport/class/expensereport.class.php';
2937 $tmpexpensereport->fetch(
'', $refname);
2938 $accessallowed =
checkUserAccessToObject($user, array(
'expensereport'), $tmpexpensereport,
'expensereport',
'',
'',
'rowid',
'');
2941 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2942 } elseif (($modulepart ==
'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
2944 if ($fuser->hasRight(
'expensereport', $lire)) {
2947 $original_file = $conf->expensereport->dir_output.
'/'.$original_file;
2948 } elseif ($modulepart ==
'propalstats' && !empty($conf->propal->multidir_temp[$entity])) {
2950 if ($fuser->hasRight(
'propal', $lire)) {
2953 $original_file = $conf->propal->multidir_temp[$entity].
'/'.$original_file;
2954 } elseif ($modulepart ==
'orderstats' && !empty($conf->order->dir_temp)) {
2956 if ($fuser->hasRight(
'commande', $lire)) {
2959 $original_file = $conf->order->dir_temp.
'/'.$original_file;
2960 } elseif ($modulepart ==
'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2961 if ($fuser->hasRight(
'fournisseur',
'commande', $lire)) {
2964 $original_file = $conf->fournisseur->commande->dir_temp.
'/'.$original_file;
2965 } elseif ($modulepart ==
'billstats' && !empty($conf->invoice->dir_temp)) {
2967 if ($fuser->hasRight(
'facture', $lire)) {
2970 $original_file = $conf->invoice->dir_temp.
'/'.$original_file;
2971 } elseif ($modulepart ==
'billstatssupplier' && !empty($conf->fournisseur->dir_output)) {
2972 if ($fuser->hasRight(
'fournisseur',
'facture', $lire)) {
2975 $original_file = $conf->fournisseur->facture->dir_temp.
'/'.$original_file;
2976 } elseif ($modulepart ==
'expeditionstats' && !empty($conf->expedition->dir_temp)) {
2978 if ($fuser->hasRight(
'expedition', $lire)) {
2981 $original_file = $conf->expedition->dir_temp.
'/'.$original_file;
2982 } elseif ($modulepart ==
'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) {
2984 if ($fuser->hasRight(
'deplacement', $lire)) {
2987 $original_file = $conf->deplacement->dir_temp.
'/'.$original_file;
2988 } elseif ($modulepart ==
'memberstats' && !empty($conf->member->dir_temp)) {
2990 if ($fuser->hasRight(
'adherent', $lire)) {
2993 $original_file = $conf->member->dir_temp.
'/'.$original_file;
2994 } elseif (preg_match(
'/^productstats_/i', $modulepart) && !empty($conf->product->dir_temp)) {
2996 if ($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) {
2999 $original_file = (!empty($conf->product->multidir_temp[$entity]) ? $conf->product->multidir_temp[$entity] : $conf->service->multidir_temp[$entity]).
'/'.$original_file;
3000 } elseif (in_array($modulepart, array(
'tax',
'tax-vat',
'tva')) && !empty($conf->tax->dir_output)) {
3002 if ($fuser->hasRight(
'tax',
'charges', $lire)) {
3005 $modulepartsuffix = str_replace(
'tax-',
'', $modulepart);
3006 $original_file = $conf->tax->dir_output.
'/'.($modulepartsuffix !=
'tax' ? $modulepartsuffix.
'/' :
'').$original_file;
3007 } elseif ($modulepart ==
'actions' && !empty($conf->agenda->dir_output)) {
3009 if ($fuser->hasRight(
'agenda',
'myactions', $read)) {
3012 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3013 include_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
3015 $tmpobject->fetch((
int) $refname);
3016 $accessallowed =
checkUserAccessToObject($user, array(
'agenda'), $tmpobject->id,
'actioncomm&societe',
'myactions|allactions',
'fk_soc',
'id',
'');
3017 if ($user->socid && $tmpobject->socid) {
3022 $original_file = $conf->agenda->dir_output.
'/'.$original_file;
3023 } elseif ($modulepart ==
'category' && !empty($conf->categorie->multidir_output[$entity])) {
3025 if (empty($entity) || empty($conf->categorie->multidir_output[$entity])) {
3026 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3028 if ($fuser->hasRight(
"categorie", $lire) || $fuser->hasRight(
"takepos",
"run")) {
3031 $original_file = $conf->categorie->multidir_output[$entity].
'/'.$original_file;
3032 } elseif ($modulepart ==
'prelevement' && !empty($conf->prelevement->dir_output)) {
3034 if ($fuser->hasRight(
'prelevement',
'bons', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3037 $original_file = $conf->prelevement->dir_output.
'/'.$original_file;
3038 } elseif ($modulepart ==
'graph_stock' && !empty($conf->stock->dir_temp)) {
3041 $original_file = $conf->stock->dir_temp.
'/'.$original_file;
3042 } elseif ($modulepart ==
'graph_fourn' && !empty($conf->fournisseur->dir_temp)) {
3045 $original_file = $conf->fournisseur->dir_temp.
'/'.$original_file;
3046 } elseif ($modulepart ==
'graph_product' && !empty($conf->product->dir_temp)) {
3049 $original_file = $conf->product->multidir_temp[$entity].
'/'.$original_file;
3050 } elseif ($modulepart ==
'barcode') {
3055 $original_file =
'';
3056 } elseif ($modulepart ==
'iconmailing' && !empty($conf->mailing->dir_temp)) {
3059 $original_file = $conf->mailing->dir_temp.
'/'.$original_file;
3060 } elseif ($modulepart ==
'scanner_user_temp' && !empty($conf->scanner->dir_temp)) {
3063 $original_file = $conf->scanner->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3064 } elseif ($modulepart ==
'fckeditor' && !empty($conf->fckeditor->dir_output)) {
3067 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3068 } elseif ($modulepart ==
'user' && !empty($conf->user->dir_output)) {
3070 $canreaduser = (!empty($fuser->admin) || $fuser->rights->user->user->{$lire});
3071 if ($fuser->id == (
int) $refname) {
3074 if ($canreaduser || preg_match(
'/^specimen/i', $original_file)) {
3077 $original_file = $conf->user->dir_output.
'/'.$original_file;
3078 } elseif (($modulepart ==
'company' || $modulepart ==
'societe' || $modulepart ==
'thirdparty') && !empty($conf->societe->multidir_output[$entity])) {
3080 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3081 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3083 if ($fuser->hasRight(
'societe', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3086 $original_file = $conf->societe->multidir_output[$entity].
'/'.$original_file;
3087 $sqlprotectagainstexternals =
"SELECT rowid as fk_soc FROM ".MAIN_DB_PREFIX.
"societe WHERE rowid='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'societe').
")";
3088 } elseif ($modulepart ==
'contact' && !empty($conf->societe->multidir_output[$entity])) {
3090 if (empty($entity) || empty($conf->societe->multidir_output[$entity])) {
3091 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3093 if ($fuser->hasRight(
'societe', $lire)) {
3096 $original_file = $conf->societe->multidir_output[$entity].
'/contact/'.$original_file;
3097 } elseif (($modulepart ==
'facture' || $modulepart ==
'invoice') && !empty($conf->invoice->multidir_output[$entity])) {
3099 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3102 $original_file = $conf->invoice->multidir_output[$entity].
'/'.$original_file;
3103 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'invoice').
")";
3104 } elseif ($modulepart ==
'massfilesarea_proposals' && !empty($conf->propal->multidir_output[$entity])) {
3106 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3109 $original_file = $conf->propal->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3110 } elseif ($modulepart ==
'massfilesarea_orders') {
3111 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3114 $original_file = $conf->order->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3115 } elseif ($modulepart ==
'massfilesarea_sendings') {
3116 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3119 $original_file = $conf->expedition->dir_output.
'/sending/temp/massgeneration/'.$user->id.
'/'.$original_file;
3120 } elseif ($modulepart ==
'massfilesarea_receipts') {
3121 if ($fuser->hasRight(
'reception', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3124 $original_file = $conf->reception->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3125 } elseif ($modulepart ==
'massfilesarea_invoices') {
3126 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3129 $original_file = $conf->invoice->multidir_output[$entity].
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3130 } elseif ($modulepart ==
'massfilesarea_expensereport') {
3131 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3134 $original_file = $conf->expensereport->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3135 } elseif ($modulepart ==
'massfilesarea_interventions') {
3136 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3139 $original_file = $conf->ficheinter->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3140 } elseif ($modulepart ==
'massfilesarea_supplier_proposal' && !empty($conf->supplier_proposal->dir_output)) {
3141 if ($fuser->hasRight(
'supplier_proposal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3144 $original_file = $conf->supplier_proposal->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3145 } elseif ($modulepart ==
'massfilesarea_supplier_order') {
3146 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3149 $original_file = $conf->fournisseur->commande->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3150 } elseif ($modulepart ==
'massfilesarea_supplier_invoice') {
3151 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3154 $original_file = $conf->fournisseur->facture->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3155 } elseif ($modulepart ==
'massfilesarea_contract' && !empty($conf->contract->dir_output)) {
3156 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3159 $original_file = $conf->contract->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3160 } elseif (($modulepart ==
'fichinter' || $modulepart ==
'ficheinter') && !empty($conf->ficheinter->dir_output)) {
3162 if ($fuser->hasRight(
'ficheinter', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3165 $original_file = $conf->ficheinter->dir_output.
'/'.$original_file;
3166 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"fichinter WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3167 } elseif ($modulepart ==
'deplacement' && !empty($conf->deplacement->dir_output)) {
3169 if ($fuser->hasRight(
'deplacement', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3172 $original_file = $conf->deplacement->dir_output.
'/'.$original_file;
3174 } elseif (($modulepart ==
'propal' || $modulepart ==
'propale') && isset($conf->propal->multidir_output[$entity])) {
3176 if ($fuser->hasRight(
'propal', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3179 $original_file = $conf->propal->multidir_output[$entity].
'/'.$original_file;
3180 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"propal WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'propal').
")";
3181 } elseif (($modulepart ==
'commande' || $modulepart ==
'order') && !empty($conf->order->multidir_output[$entity])) {
3183 if ($fuser->hasRight(
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3186 $original_file = $conf->order->multidir_output[$entity].
'/'.$original_file;
3187 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'order').
")";
3188 } elseif ($modulepart ==
'project' && !empty($conf->project->multidir_output[$entity])) {
3190 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3193 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3194 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
3195 $tmpproject =
new Project($db);
3196 $tmpproject->fetch(
'', $refname);
3197 $accessallowed =
checkUserAccessToObject($user, array(
'projet'), $tmpproject->id,
'projet&project',
'',
'',
'rowid',
'');
3200 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3201 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3202 } elseif ($modulepart ==
'project_task' && !empty($conf->project->multidir_output[$entity])) {
3203 if ($fuser->hasRight(
'projet', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3206 if ($refname && !preg_match(
'/^specimen/i', $original_file)) {
3207 include_once DOL_DOCUMENT_ROOT.
'/projet/class/task.class.php';
3208 $tmptask =
new Task($db);
3209 $tmptask->fetch(
'', $refname);
3210 $accessallowed =
checkUserAccessToObject($user, array(
'projet_task'), $tmptask->id,
'projet_task&project',
'',
'',
'rowid',
'');
3213 $original_file = $conf->project->multidir_output[$entity].
'/'.$original_file;
3214 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"projet WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'project').
")";
3215 } elseif (($modulepart ==
'commande_fournisseur' || $modulepart ==
'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) {
3217 if ($fuser->hasRight(
'fournisseur',
'commande', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3220 $original_file = $conf->fournisseur->commande->dir_output.
'/'.$original_file;
3221 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"commande_fournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3222 } elseif (($modulepart ==
'facture_fournisseur' || $modulepart ==
'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) {
3224 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3227 $original_file = $conf->fournisseur->facture->dir_output.
'/'.$original_file;
3228 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"facture_fourn WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3229 } elseif ($modulepart ==
'supplier_payment') {
3231 if ($fuser->hasRight(
'fournisseur',
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3234 $original_file = $conf->fournisseur->payment->dir_output.
'/'.$original_file;
3235 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"paiementfournisseur WHERE ref='".$db->escape($refname).
"' AND entity=".$conf->entity;
3236 } elseif ($modulepart ==
'payment') {
3238 if ($fuser->rights->facture->{$lire} || preg_match(
'/^specimen/i', $original_file)) {
3241 $original_file = $conf->compta->payment->dir_output.
'/'.$original_file;
3242 } elseif ($modulepart ==
'facture_paiement' && !empty($conf->invoice->dir_output)) {
3244 if ($fuser->hasRight(
'facture', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3247 if ($fuser->socid > 0) {
3248 $original_file = $conf->invoice->dir_output.
'/payments/private/'.$fuser->id.
'/'.$original_file;
3250 $original_file = $conf->invoice->dir_output.
'/payments/'.$original_file;
3252 } elseif ($modulepart ==
'export_compta' && !empty($conf->accounting->dir_output)) {
3254 if ($fuser->hasRight(
'accounting',
'bind',
'write') || preg_match(
'/^specimen/i', $original_file)) {
3257 $original_file = $conf->accounting->dir_output.
'/'.$original_file;
3258 } elseif (($modulepart ==
'expedition' || $modulepart ==
'shipment') && !empty($conf->expedition->dir_output)) {
3260 if ($fuser->hasRight(
'expedition', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3263 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'sending/') === 0 ?
'' :
'sending/').$original_file;
3265 } elseif (($modulepart ==
'livraison' || $modulepart ==
'delivery') && !empty($conf->expedition->dir_output)) {
3267 if ($fuser->hasRight(
'expedition',
'delivery', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3270 $original_file = $conf->expedition->dir_output.
"/".(strpos($original_file,
'receipt/') === 0 ?
'' :
'receipt/').$original_file;
3271 } elseif ($modulepart ==
'actionsreport' && !empty($conf->agenda->dir_temp)) {
3273 if ($fuser->hasRight(
'agenda',
'allactions', $read) || preg_match(
'/^specimen/i', $original_file)) {
3276 $original_file = $conf->agenda->dir_temp.
"/".$original_file;
3277 } elseif ($modulepart ==
'product' || $modulepart ==
'produit' || $modulepart ==
'service' || $modulepart ==
'produit|service') {
3279 if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
3280 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3282 if (($fuser->hasRight(
'produit', $lire) || $fuser->hasRight(
'service', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3285 if (isModEnabled(
"product")) {
3286 $original_file = $conf->product->multidir_output[$entity].
'/'.$original_file;
3287 } elseif (isModEnabled(
"service")) {
3288 $original_file = $conf->service->multidir_output[$entity].
'/'.$original_file;
3290 } elseif ($modulepart ==
'product_batch' || $modulepart ==
'produitlot') {
3292 if (empty($entity) || (empty($conf->productbatch->multidir_output[$entity]))) {
3293 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3295 if (($fuser->hasRight(
'produit', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3298 if (isModEnabled(
'productbatch')) {
3299 $original_file = $conf->productbatch->multidir_output[$entity].
'/'.$original_file;
3301 } elseif ($modulepart ==
'movement' || $modulepart ==
'mouvement') {
3303 if (empty($entity) || empty($conf->stock->multidir_output[$entity])) {
3304 return array(
'accessallowed' => 0,
'error' =>
'Value entity must be provided');
3306 if (($fuser->hasRight(
'stock', $lire) || $fuser->hasRight(
'stock',
'movement', $lire) || $fuser->hasRight(
'stock',
'mouvement', $lire)) || preg_match(
'/^specimen/i', $original_file)) {
3309 if (isModEnabled(
'stock')) {
3310 $original_file = $conf->stock->multidir_output[$entity].
'/movement/'.$original_file;
3312 } elseif ($modulepart ==
'contract' && !empty($conf->contract->multidir_output[$entity])) {
3314 if ($fuser->hasRight(
'contrat', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3317 $original_file = $conf->contract->multidir_output[$entity].
'/'.$original_file;
3318 $sqlprotectagainstexternals =
"SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX.
"contrat WHERE ref='".$db->escape($refname).
"' AND entity IN (".
getEntity(
'contract').
")";
3319 } elseif ($modulepart ==
'donation' && !empty($conf->don->dir_output)) {
3321 if ($fuser->hasRight(
'don', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3324 $original_file = $conf->don->dir_output.
'/'.$original_file;
3325 } elseif ($modulepart ==
'dolresource' && !empty($conf->resource->dir_output)) {
3327 if ($fuser->hasRight(
'resource', $read) || preg_match(
'/^specimen/i', $original_file)) {
3330 $original_file = $conf->resource->dir_output.
'/'.$original_file;
3331 } elseif (($modulepart ==
'remisecheque' || $modulepart ==
'chequereceipt') && !empty($conf->bank->dir_output)) {
3333 if ($fuser->hasRight(
'banque', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3336 $original_file = $conf->bank->dir_output.
'/checkdeposits/'.$original_file;
3337 } elseif (($modulepart ==
'banque' || $modulepart ==
'bank') && !empty($conf->bank->dir_output)) {
3339 if ($fuser->hasRight(
'banque', $lire)) {
3342 $original_file = $conf->bank->dir_output.
'/'.$original_file;
3343 } elseif ($modulepart ==
'export' && !empty($conf->export->dir_temp)) {
3346 $accessallowed = $user->hasRight(
'export',
'lire');
3347 $original_file = $conf->export->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3348 } elseif ($modulepart ==
'import' && !empty($conf->import->dir_temp)) {
3350 $accessallowed = $user->hasRight(
'import',
'run');
3351 $original_file = $conf->import->dir_temp.
'/'.$original_file;
3352 } elseif ($modulepart ==
'recruitment' && !empty($conf->recruitment->dir_output)) {
3354 $accessallowed = $user->hasRight(
'recruitment',
'recruitmentjobposition',
'read');
3355 $original_file = $conf->recruitment->dir_output.
'/'.$original_file;
3356 } elseif ($modulepart ==
'editor' && !empty($conf->fckeditor->dir_output)) {
3359 $original_file = $conf->fckeditor->dir_output.
'/'.$original_file;
3360 } elseif ($modulepart ==
'systemtools' && !empty($conf->admin->dir_output)) {
3362 if ($fuser->admin) {
3365 $original_file = $conf->admin->dir_output.
'/'.$original_file;
3366 } elseif ($modulepart ==
'admin_temp' && !empty($conf->admin->dir_temp)) {
3368 if ($fuser->admin) {
3371 $original_file = $conf->admin->dir_temp.
'/'.$original_file;
3372 } elseif ($modulepart ==
'bittorrent' && !empty($conf->bittorrent->dir_output)) {
3376 if (
dol_mimetype($original_file) ==
'application/x-bittorrent') {
3379 $original_file = $conf->bittorrent->dir_output.
'/'.$dir.
'/'.$original_file;
3380 } elseif ($modulepart ==
'member' && !empty($conf->member->dir_output)) {
3382 if ($fuser->hasRight(
'adherent', $lire) || preg_match(
'/^specimen/i', $original_file)) {
3385 $original_file = $conf->member->dir_output.
'/'.$original_file;
3395 if (preg_match(
'/^specimen/i', $original_file)) {
3398 if ($fuser->admin) {
3402 $tmpmodulepart = explode(
'-', $modulepart);
3403 if (!empty($tmpmodulepart[1])) {
3404 $modulepart = $tmpmodulepart[0];
3405 $original_file = $tmpmodulepart[1].
'/'.$original_file;
3410 if (preg_match(
'/^([a-z]+)_user_temp$/i', $modulepart, $reg)) {
3411 $tmpmodule = $reg[1];
3412 if (empty($conf->$tmpmodule->dir_temp)) {
3413 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3416 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3419 $original_file = $conf->{$reg[1]}->dir_temp.
'/'.$fuser->id.
'/'.$original_file;
3420 } elseif (preg_match(
'/^([a-z]+)_temp$/i', $modulepart, $reg)) {
3421 $tmpmodule = $reg[1];
3422 if (empty($conf->$tmpmodule->dir_temp)) {
3423 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3426 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3429 $original_file = $conf->$tmpmodule->dir_temp.
'/'.$original_file;
3430 } elseif (preg_match(
'/^([a-z]+)_user$/i', $modulepart, $reg)) {
3431 $tmpmodule = $reg[1];
3432 if (empty($conf->$tmpmodule->dir_output)) {
3433 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3436 if ($fuser->hasRight($tmpmodule, $lire) || $fuser->hasRight($tmpmodule, $read) || $fuser->hasRight($tmpmodule, $download)) {
3439 $original_file = $conf->$tmpmodule->dir_output.
'/'.$fuser->id.
'/'.$original_file;
3440 } elseif (preg_match(
'/^massfilesarea_([a-z]+)$/i', $modulepart, $reg)) {
3441 $tmpmodule = $reg[1];
3442 if (empty($conf->$tmpmodule->dir_output)) {
3443 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
')');
3446 if ($fuser->hasRight($tmpmodule, $lire) || preg_match(
'/^specimen/i', $original_file)) {
3449 $original_file = $conf->$tmpmodule->dir_output.
'/temp/massgeneration/'.$user->id.
'/'.$original_file;
3451 if (empty($conf->$modulepart->dir_output)) {
3452 dol_print_error(
null,
'Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.
'). The module for this modulepart value may not be activated.');
3457 $partsofdirinoriginalfile = explode(
'/', $original_file);
3458 if (!empty($partsofdirinoriginalfile[1])) {
3459 $partofdirinoriginalfile = $partsofdirinoriginalfile[0];
3460 if ($partofdirinoriginalfile && ($fuser->hasRight($modulepart, $partofdirinoriginalfile,
'lire') || $fuser->hasRight($modulepart, $partofdirinoriginalfile,
'read'))) {
3464 if ($fuser->hasRight($modulepart, $lire) || $fuser->hasRight($modulepart, $read)) {
3468 if (is_array($conf->$modulepart->multidir_output) && !empty($conf->$modulepart->multidir_output[$entity])) {
3469 $original_file = $conf->$modulepart->multidir_output[$entity].
'/'.$original_file;
3471 $original_file = $conf->$modulepart->dir_output.
'/'.$original_file;
3475 $parameters = array(
3476 'modulepart' => $modulepart,
3477 'original_file' => $original_file,
3478 'entity' => $entity,
3483 $reshook = $hookmanager->executeHooks(
'checkSecureAccess', $parameters,
$object);
3485 if (!empty($hookmanager->resArray[
'original_file'])) {
3486 $original_file = $hookmanager->resArray[
'original_file'];
3488 if (!empty($hookmanager->resArray[
'accessallowed'])) {
3489 $accessallowed = $hookmanager->resArray[
'accessallowed'];
3491 if (!empty($hookmanager->resArray[
'sqlprotectagainstexternals'])) {
3492 $sqlprotectagainstexternals = $hookmanager->resArray[
'sqlprotectagainstexternals'];
3498 'accessallowed' => ($accessallowed ? 1 : 0),
3499 'sqlprotectagainstexternals' => $sqlprotectagainstexternals,
3500 'original_file' => $original_file