dolibarr  13.0.2
server_other.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2006-2016 Laurent Destailleur <eldy@users.sourceforge.net>
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 3 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program. If not, see <https://www.gnu.org/licenses/>.
16  */
17 
23 if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", '1');
24 
25 require '../master.inc.php';
26 require_once NUSOAP_PATH.'/nusoap.php'; // Include SOAP
27 require_once DOL_DOCUMENT_ROOT.'/core/lib/ws.lib.php';
28 require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
29 require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
30 require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
31 
32 
33 dol_syslog("Call Dolibarr webservices interfaces");
34 
35 $langs->load("main");
36 
37 // Enable and test if module web services is enabled
38 if (empty($conf->global->MAIN_MODULE_WEBSERVICES))
39 {
40  $langs->load("admin");
41  dol_syslog("Call Dolibarr webservices interfaces with module webservices disabled");
42  print $langs->trans("WarningModuleNotActive", 'WebServices').'.<br><br>';
43  print $langs->trans("ToActivateModule");
44  exit;
45 }
46 
47 // Create the soap Object
48 $server = new nusoap_server();
49 $server->soap_defencoding = 'UTF-8';
50 $server->decode_utf8 = false;
51 $ns = 'http://www.dolibarr.org/ns/';
52 $server->configureWSDL('WebServicesDolibarrOther', $ns);
53 $server->wsdl->schemaTargetNamespace = $ns;
54 
55 
56 // Define WSDL Authentication object
57 $server->wsdl->addComplexType(
58  'authentication',
59  'complexType',
60  'struct',
61  'all',
62  '',
63  array(
64  'dolibarrkey' => array('name'=>'dolibarrkey', 'type'=>'xsd:string'),
65  'sourceapplication' => array('name'=>'sourceapplication', 'type'=>'xsd:string'),
66  'login' => array('name'=>'login', 'type'=>'xsd:string'),
67  'password' => array('name'=>'password', 'type'=>'xsd:string'),
68  'entity' => array('name'=>'entity', 'type'=>'xsd:string'),
69  )
70 );
71 // Define WSDL Return object
72 $server->wsdl->addComplexType(
73  'result',
74  'complexType',
75  'struct',
76  'all',
77  '',
78  array(
79  'result_code' => array('name'=>'result_code', 'type'=>'xsd:string'),
80  'result_label' => array('name'=>'result_label', 'type'=>'xsd:string'),
81  )
82 );
83 
84 // Define WSDL Return object for document
85 $server->wsdl->addComplexType(
86  'document',
87  'complexType',
88  'struct',
89  'all',
90  '',
91  array(
92  'filename' => array('name'=>'filename', 'type'=>'xsd:string'),
93  'mimetype' => array('name'=>'mimetype', 'type'=>'xsd:string'),
94  'content' => array('name'=>'content', 'type'=>'xsd:string'),
95  'length' => array('name'=>'length', 'type'=>'xsd:string')
96  )
97 );
98 
99 // Define other specific objects
100 // None
101 
102 
103 // 5 styles: RPC/encoded, RPC/literal, Document/encoded (not WS-I compliant), Document/literal, Document/literal wrapped
104 // Style merely dictates how to translate a WSDL binding to a SOAP message. Nothing more. You can use either style with any programming model.
105 // http://www.ibm.com/developerworks/webservices/library/ws-whichwsdl/
106 $styledoc = 'rpc'; // rpc/document (document is an extend into SOAP 1.0 to support unstructured messages)
107 $styleuse = 'encoded'; // encoded/literal/literal wrapped
108 // Better choice is document/literal wrapped but literal wrapped not supported by nusoap.
109 
110 // Register WSDL
111 $server->register(
112  'getVersions',
113  // Entry values
114  array('authentication'=>'tns:authentication'),
115  // Exit values
116  array('result'=>'tns:result', 'dolibarr'=>'xsd:string', 'os'=>'xsd:string', 'php'=>'xsd:string', 'webserver'=>'xsd:string'),
117  $ns,
118  $ns.'#getVersions',
119  $styledoc,
120  $styleuse,
121  'WS to get Versions'
122 );
123 
124 // Register WSDL
125 $server->register(
126  'getDocument',
127  // Entry values
128  array('authentication'=>'tns:authentication', 'modulepart'=>'xsd:string', 'file'=>'xsd:string'),
129  // Exit values
130  array('result'=>'tns:result', 'document'=>'tns:document'),
131  $ns,
132  $ns.'#getDocument',
133  $styledoc,
134  $styleuse,
135  'WS to get document'
136 );
137 
138 
139 
146 function getVersions($authentication)
147 {
148  global $conf;
149 
150  dol_syslog("Function: getVersions login=".$authentication['login']);
151 
152  if ($authentication['entity']) $conf->entity = $authentication['entity'];
153 
154  // Init and check authentication
155  $objectresp = array();
156  $errorcode = ''; $errorlabel = '';
157  $error = 0;
158  $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
159  // Check parameters
160 
161 
162  if (!$error)
163  {
164  $objectresp['result'] = array('result_code'=>'OK', 'result_label'=>'');
165  $objectresp['dolibarr'] = version_dolibarr();
166  $objectresp['os'] = version_os();
167  $objectresp['php'] = version_php();
168  $objectresp['webserver'] = version_webserver();
169  }
170 
171  if ($error)
172  {
173  $objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
174  }
175 
176  return $objectresp;
177 }
178 
179 
189 function getDocument($authentication, $modulepart, $file, $refname = '')
190 {
191  global $db, $conf;
192 
193  dol_syslog("Function: getDocument login=".$authentication['login'].' - modulepart='.$modulepart.' - file='.$file);
194 
195  if ($authentication['entity']) $conf->entity = $authentication['entity'];
196 
197  $objectresp = array();
198  $errorcode = ''; $errorlabel = '';
199  $error = 0;
200 
201  // Properties of doc
202  $original_file = $file;
203  $type = dol_mimetype($original_file);
204  //$relativefilepath = $ref . "/";
205  //$relativepath = $relativefilepath . $ref.'.pdf';
206 
207  $accessallowed = 0;
208 
209  $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
210 
211  if ($fuser->socid) $socid = $fuser->socid;
212 
213  // Check parameters
214  if (!$error && (!$file || !$modulepart))
215  {
216  $error++;
217  $errorcode = 'BAD_PARAMETERS'; $errorlabel = "Parameter file and modulepart must be both provided.";
218  }
219 
220  if (!$error)
221  {
222  $fuser->getrights();
223 
224  // Suppression de la chaine de caractere ../ dans $original_file
225  $original_file = str_replace("../", "/", $original_file);
226 
227  // find the subdirectory name as the reference
228  if (empty($refname)) $refname = basename(dirname($original_file)."/");
229 
230  // Security check
231  $check_access = dol_check_secure_access_document($modulepart, $original_file, $conf->entity, $fuser, $refname);
232  $accessallowed = $check_access['accessallowed'];
233  $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
234  $original_file = $check_access['original_file'];
235 
236  // Basic protection (against external users only)
237  if ($fuser->socid > 0)
238  {
239  if ($sqlprotectagainstexternals)
240  {
241  $resql = $db->query($sqlprotectagainstexternals);
242  if ($resql)
243  {
244  $num = $db->num_rows($resql);
245  $i = 0;
246  while ($i < $num)
247  {
248  $obj = $db->fetch_object($resql);
249  if ($fuser->socid != $obj->fk_soc)
250  {
251  $accessallowed = 0;
252  break;
253  }
254  $i++;
255  }
256  }
257  }
258  }
259 
260  // Security:
261  // Limite acces si droits non corrects
262  if (!$accessallowed)
263  {
264  $errorcode = 'NOT_PERMITTED';
265  $errorlabel = 'Access not allowed';
266  $error++;
267  }
268 
269  // Security:
270  // On interdit les remontees de repertoire ainsi que les pipe dans
271  // les noms de fichiers.
272  if (preg_match('/\.\./', $original_file) || preg_match('/[<>|]/', $original_file))
273  {
274  dol_syslog("Refused to deliver file ".$original_file);
275  $errorcode = 'REFUSED';
276  $errorlabel = '';
277  $error++;
278  }
279 
280  clearstatcache();
281 
282  if (!$error)
283  {
284  if (file_exists($original_file))
285  {
286  dol_syslog("Function: getDocument $original_file content-type=$type");
287 
288  $f = fopen($original_file, 'r');
289  $content_file = fread($f, filesize($original_file));
290 
291  $objectret = array(
292  'filename' => basename($original_file),
293  'mimetype' => dol_mimetype($original_file),
294  'content' => base64_encode($content_file),
295  'length' => filesize($original_file)
296  );
297 
298  // Create return object
299  $objectresp = array(
300  'result'=>array('result_code'=>'OK', 'result_label'=>''),
301  'document'=>$objectret
302  );
303  }
304  else {
305  dol_syslog("File doesn't exist ".$original_file);
306  $errorcode = 'NOT_FOUND';
307  $errorlabel = '';
308  $error++;
309  }
310  }
311  }
312 
313  if ($error)
314  {
315  $objectresp = array(
316  'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel)
317  );
318  }
319 
320  return $objectresp;
321 }
322 
323 // Return the results.
324 $server->service(file_get_contents("php://input"));
check_authentication
check_authentication($authentication, &$error, &$errorcode, &$errorlabel)
Check authentication array and set error, errorcode, errorlabel.
Definition: ws.lib.php:35
getVersions
getVersions($authentication)
Full methods code.
Definition: server_other.php:146
version_webserver
version_webserver()
Return web server version.
Definition: functions2.lib.php:1548
version_os
version_os($option= '')
Return OS version.
Definition: functions2.lib.php:1514
dol_check_secure_access_document
dol_check_secure_access_document($modulepart, $original_file, $entity, $fuser= '', $refname= '', $mode= 'read')
Security check when accessing to a document (used by document.php, viewimage.php and webservices) ...
Definition: files.lib.php:2230
dol_mimetype
dol_mimetype($file, $default= 'application/octet-stream', $mode=0)
Return mime type of a file.
Definition: functions.lib.php:8315
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename= '', $restricttologhandler= '', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1208
version_dolibarr
version_dolibarr()
Return Dolibarr version.
Definition: functions2.lib.php:1538
version_php
version_php()
Return PHP version.
Definition: functions2.lib.php:1527
print
print
Draft customers invoices.
Definition: index.php:89
$resql
if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if((!empty($conf->fournisseur->enabled)&&empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)||!empty($conf->supplier_invoice->enabled))&&$user->rights->fournisseur->facture->lire) if(!empty($conf->don->enabled)&&$user->rights->don->lire) if(!empty($conf->tax->enabled)&&$user->rights->tax->charges->lire) if(!empty($conf->facture->enabled)&&!empty($conf->commande->enabled)&&$user->rights->commande->lire &&empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if((!empty($conf->fournisseur->enabled)&&empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)||!empty($conf->supplier_invoice->enabled))&&$user->rights->fournisseur->facture->lire) $resql
Social contributions to pay.
Definition: index.php:1232
getDocument
getDocument($authentication, $modulepart, $file, $refname= '')
Method to get a document by webservice.
Definition: server_other.php:189
Generated on Sat Aug 23 2025 13:17:40 for dolibarr by Doxygen 1.8.5