d6/de7/export__files_8php_source.html

<?php

/* Copyright (C) 2006-2014  Laurent Destailleur <eldy@users.sourceforge.net>

 * Copyright (C) 2011       Juanjo Menent       <jmenent@2byte.es>

 * Copyright (C) 2015       Raphaël Doursenaud  <rdoursenaud@gpcsolutions.fr>

 * Copyright (C) 2021   Regis Houssin   <regis.houssin@inodbox.com>

 * Copyright (C) 2024-2025  Frédéric France         <frederic.france@free.fr>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


if (! defined('CSRFCHECK_WITH_TOKEN')) {

  define('CSRFCHECK_WITH_TOKEN', '1');    // Force use of CSRF protection with tokens even for GET

}


// Load Dolibarr environment

require '../../main.inc.php';

require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';

require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';

require_once DOL_DOCUMENT_ROOT.'/core/class/utils.class.php';

require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';


$langs->load("admin");


$action = GETPOST('action', 'aZ09');

$what = GETPOST('what', 'alpha');

$export_type = GETPOST('export_type', 'alpha');

$file = trim(GETPOST('zipfilename_template', 'alpha'));

$compression = GETPOST('compression', 'aZ09');


$file = dol_sanitizeFileName($file, '_', 1, 1);

$file = preg_replace('/(\.zip|\.tar|\.tgz|\.gz|\.tar\.gz|\.bz2|\.zst)$/i', '', $file);


$sortfield = GETPOST('sortfield', 'aZ09comma');

$sortorder = GETPOST('sortorder', 'aZ09comma');

$page = GETPOSTISSET('pageplusone') ? (GETPOSTINT('pageplusone') - 1) : GETPOSTINT("page");

if (!$sortorder) {

  $sortorder = "DESC";

}

if (!$sortfield) {

  $sortfield = "date";

}

if ($page < 0) {

  $page = 0;

} elseif (empty($page)) {

  $page = 0;

}

$limit = GETPOSTINT('limit') ? GETPOSTINT('limit') : $conf->liste_limit;

$offset = $limit * $page;


if (!$user->admin) {

  accessforbidden();

}


$errormsg = '';


/*

 * Actions

 */


if ($action == 'delete') {

  $filerelative = dol_sanitizeFileName(GETPOST('urlfile', 'alpha'));

  $filepath = $conf->admin->dir_output.'/'.$filerelative;

  $ret = dol_delete_file($filepath, 1);

  if ($ret) {

    setEventMessages($langs->trans("FileWasRemoved", $filerelative), null, 'mesgs');

  } else {

    setEventMessages($langs->trans("ErrorFailToDeleteFile", $filerelative), null, 'errors');

  }

  $action = '';

}


/*

 * View

 */


// Increase limit of time. Works only if we are not in safe mode

$ExecTimeLimit = getDolGlobalInt('MAIN_ADMIN_TOOLS_EXPORT_FILES_EXEC_TIME_LIMIT', 1800);; // 30mn

if (!empty($ExecTimeLimit)) {

  $err = error_reporting();

  error_reporting(0); // Disable all errors

  //error_reporting(E_ALL);

  @set_time_limit($ExecTimeLimit); // Need more than 240 on Windows 7/64

  error_reporting($err);

}


/* If value has been forced with a php_admin_value, this has no effect. Example of value: '512M' */

$MemoryLimit = getDolGlobalString('MAIN_MEMORY_LIMIT_ARCHIVE_DATAROOT');

if (!empty($MemoryLimit)) {

  @ini_set('memory_limit', $MemoryLimit);

}


$form = new Form($db);

$formfile = new FormFile($db);


//$help_url='EN:Backups|FR:Sauvegardes|ES:Copias_de_seguridad';

//llxHeader('','',$help_url);


//print load_fiche_titre($langs->trans("Backup"),'','title_setup');


// Start with empty buffer

$dump_buffer = '';

$dump_buffer_len = 0;


// We will send fake headers to avoid browser timeout when buffering

$time_start = time();


$outputdir  = $conf->admin->dir_output.'/documents';

$result = dol_mkdir($outputdir);


$utils = new Utils($db);


if ($export_type == 'externalmodule' && !empty($what)) {

  $fulldirtocompress = DOL_DOCUMENT_ROOT.'/custom/'.dol_sanitizeFileName($what);

} else {

  $fulldirtocompress = DOL_DATA_ROOT;

}

$dirtoswitch = dirname($fulldirtocompress);

$dirtocompress = basename($fulldirtocompress);


if ($compression == 'zip') {

  $file .= '.zip';


  $excludefiles = '/(\.back|\.old|\.log|\.pdf_preview-.*\.png|[\/\\\]temp[\/\\\]|[\/\\\]admin[\/\\\]documents[\/\\\])/i';


  //var_dump($fulldirtocompress);

  //var_dump($outputdir."/".$file);exit;


  $rootdirinzip = '';

  if ($export_type == 'externalmodule' && !empty($what)) {

    $rootdirinzip = $what;


    global $dolibarr_allow_download_external_modules;

    if (empty($dolibarr_allow_download_external_modules)) {

      print 'Download of external modules is not allowed by $dolibarr_allow_download_external_modules in conf.php file';

      $db->close();

      exit();

    }

  }


  global $errormsg;

  $ret = dol_compress_dir($fulldirtocompress, $outputdir."/".$file, $compression, $excludefiles, $rootdirinzip);  // Can modify $errormsg

  if ($ret < 0) {

    if ($ret == -2) {

      $langs->load("errors");

      $errormsg = $langs->trans("ErrNoZipEngine");

    } else {

      $langs->load("errors");

      // @phpstan-ignore-next-line The $errormsg can have been modified by the dol_compress_dir function.

      $errormsg = $langs->trans("ErrorFailedToWriteInDir", $outputdir).($errormsg ? "\n" . $errormsg : "");

    }

  }

} elseif (in_array($compression, array('gz', 'bz', 'zstd'))) {

  $userlogin = ($user->login ? $user->login : 'unknown');


  $outputfile = $conf->admin->dir_temp.'/'.dol_sanitizeFileName('export_files.'.$userlogin.'.out'); // File used with popen method


  $file .= '.tar';


  // Write the tar into a temp directory outside the documents tree.

  // If we wrote it directly under $outputdir (= DOL_DATA_ROOT/admin/documents),

  // tar would notice its own output directory growing as it reads the source

  // and exit with code 1 / 'file changed as we read it', even though the archive

  // is complete. The error short-circuited compression at line 194 and left

  // users with an uncompressed .tar plus a misleading error (#37266).

  $tmpfile = $conf->admin->dir_temp.'/'.dol_sanitizeFileName($file);


  // We also exclude '/temp/' dir and 'documents/admin/documents'

  // We make escapement here and call executeCLI without escapement because we don't want to have the '*.log' escaped.

  $cmd = "tar -cf '".escapeshellcmd($tmpfile)."' --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'";


  $result = $utils->executeCLI($cmd, $outputfile, 0, null, 1);


  $retval = $result['error'];

  if ($result['result'] || !empty($retval)) {

    $langs->load("errors");

    dol_syslog("Documents tar retval after exec=".$retval, LOG_ERR);

    $errormsg = 'Error tar generation return '.$retval;

    if (file_exists($tmpfile)) {

      unlink($tmpfile);

    }

  } else {

    $compressedtmpfile = $tmpfile;

    if ($compression == 'gz') {

      $cmd = "gzip -f ".$tmpfile;

      $compressedtmpfile = $tmpfile.'.gz';

    } elseif ($compression == 'bz') {

      $cmd = "bzip2 -f ".$tmpfile;

      $compressedtmpfile = $tmpfile.'.bz2';

    } elseif ($compression == 'zstd') {

      $cmd = "zstd -z -9 -q --rm ".$tmpfile;

      $compressedtmpfile = $tmpfile.'.zst';

    }


    $result = $utils->executeCLI($cmd, $outputfile);


    $retval = $result['error'];

    if ($result['result'] || !empty($retval)) {

      $errormsg = 'Error '.$compression.' generation return '.$retval;

      if (file_exists($tmpfile)) {

        unlink($tmpfile);

      }

      if (file_exists($compressedtmpfile)) {

        unlink($compressedtmpfile);

      }

    } else {

      // Move the compressed archive from temp to the final outputdir.

      $finalfile = $outputdir.'/'.basename($compressedtmpfile);

      if (!@rename($compressedtmpfile, $finalfile)) {

        $errormsg = 'Error moving generated archive to '.$outputdir;

        if (file_exists($compressedtmpfile)) {

          unlink($compressedtmpfile);

        }

      } else {

        $file = basename($compressedtmpfile);

      }

    }

  }

} else {

  $errormsg = 'Bad value for compression method';

  print $errormsg;

}


// Output export


if ($export_type != 'externalmodule' || empty($what)) {

  top_httphead();


  if ($errormsg) {

    setEventMessages($langs->trans("Error")." : ".$errormsg, null, 'errors');

  } else {

    setEventMessages($langs->trans("BackupFileSuccessfullyCreated").'.<br>'.$langs->trans("YouCanDownloadBackupFile"), null, 'mesgs');

  }


  $db->close();


  // Redirect to calling page

  $returnto = 'dolibarr_export.php';


  header("Location: ".$returnto);


  exit();

} else {

  top_httphead('application/zip');


  $zipname = $outputdir."/".$file;


  // Then download the zipped file.


  header('Content-disposition: attachment; filename='.basename($zipname));

  header('Content-Length: '.filesize($zipname));

  readfile($zipname);


  dol_delete_file($zipname);


  $db->close();


  exit();

}

FormFile
Class to offer components to list and upload files.
Definition html.formfile.class.php:39

Form
Class to manage generation of HTML components Only common components must be here.
Definition html.form.class.php:59

Utils
Class to manage utility methods.
Definition utils.class.php:34

$conf
if(!isModEnabled('ai')||!getDolGlobalString('AI_ASSISTANT_ENABLED')) global $conf
The main.inc.php has been included so the following variable are now defined:
Definition execute_tool.php:50

$db
if(!isModEnabled('ai')||!getDolGlobalString('AI_ASSISTANT_ENABLED')) global $db
API class for accounts.
Definition execute_tool.php:46

dol_delete_file
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1, $nolog=0)
Remove a file or several files with a mask.
Definition files.lib.php:1644

setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
Definition functions.lib.php:11394

GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:951

dol_sanitizePathName
dol_sanitizePathName($str, $newstr='_', $unaccent=0, $allowdash=0)
Clean a string to use it as a path name.
Definition functions.lib.php:1963

dol_sanitizeFileName
dol_sanitizeFileName($str, $newstr='_', $unaccent=1, $includequotes=0, $allowdash=0)
Clean a string to use it as a file name.
Definition functions.lib.php:1925

getDolGlobalInt
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
Definition functions.lib.php:321

GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:1082

getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:286

dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2754

dol_mkdir
dol_mkdir($dir, $dataroot='', $newmask='')
Creation of a directory (this can create recursive subdir)
Definition functions.lib.php:8938

top_httphead
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition main.inc.php:1512

accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1097