dolibarr  13.0.2
commands.php
1 <?php
2 /*
3  * FCKeditor - The text editor for Internet - http://www.fckeditor.net
4  * Copyright (C) 2003-2010 Frederico Caldeira Knabben
5  *
6  * == BEGIN LICENSE ==
7  *
8  * Licensed under the terms of any of the following licenses at your
9  * choice:
10  *
11  * - GNU General Public License Version 2 or later (the "GPL")
12  * https://www.gnu.org/licenses/gpl.html
13  *
14  * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15  * https://www.gnu.org/licenses/lgpl.html
16  *
17  * - Mozilla Public License Version 1.1 or later (the "MPL")
18  * http://www.mozilla.org/MPL/MPL-1.1.html
19  *
20  * == END LICENSE ==
21  *
22  * This is the File Manager Connector for PHP.
23  */
24 
32 function GetFolders($resourceType, $currentFolder)
33 {
34  // Map the virtual path to the local server path.
35  $sServerDir = ServerMapFolder($resourceType, $currentFolder, 'GetFolders');
36 
37  // Array that will hold the folders names.
38  $aFolders = array();
39 
40  $oCurrentFolder = @opendir($sServerDir);
41 
42  if ($oCurrentFolder !== false)
43  {
44  while ($sFile = readdir($oCurrentFolder))
45  {
46  if ($sFile != '.' && $sFile != '..' && is_dir($sServerDir.$sFile))
47  $aFolders[] = '<Folder name="'.ConvertToXmlAttribute($sFile).'" />';
48  }
49  closedir($oCurrentFolder);
50  }
51 
52  // Open the "Folders" node.
53  echo "<Folders>";
54 
55  natcasesort($aFolders);
56  foreach ($aFolders as $sFolder)
57  echo $sFolder;
58 
59  // Close the "Folders" node.
60  echo "</Folders>";
61 }
62 
70 function GetFoldersAndFiles($resourceType, $currentFolder)
71 {
72  // Map the virtual path to the local server path.
73  $sServerDir = ServerMapFolder($resourceType, $currentFolder, 'GetFoldersAndFiles');
74 
75  // Arrays that will hold the folders and files names.
76  $aFolders = array();
77  $aFiles = array();
78 
79  $oCurrentFolder = @opendir($sServerDir);
80 
81  if ($oCurrentFolder !== false)
82  {
83  while ($sFile = readdir($oCurrentFolder))
84  {
85  if ($sFile != '.' && $sFile != '..')
86  {
87  if (is_dir($sServerDir.$sFile))
88  $aFolders[] = '<Folder name="'.ConvertToXmlAttribute($sFile).'" />';
89  else {
90  $iFileSize = @filesize($sServerDir.$sFile);
91  if (!$iFileSize) {
92  $iFileSize = 0;
93  }
94  if ($iFileSize > 0)
95  {
96  $iFileSize = round($iFileSize / 1024);
97  if ($iFileSize < 1)
98  $iFileSize = 1;
99  }
100 
101  $aFiles[] = '<File name="'.ConvertToXmlAttribute($sFile).'" size="'.$iFileSize.'" />';
102  }
103  }
104  }
105  closedir($oCurrentFolder);
106  }
107 
108  // Send the folders
109  natcasesort($aFolders);
110  echo '<Folders>';
111 
112  foreach ($aFolders as $sFolder)
113  echo $sFolder;
114 
115  echo '</Folders>';
116 
117  // Send the files
118  natcasesort($aFiles);
119  echo '<Files>';
120 
121  foreach ($aFiles as $sFiles)
122  echo $sFiles;
123 
124  echo '</Files>';
125 }
126 
134 function CreateFolder($resourceType, $currentFolder)
135 {
136  if (!isset($_GET)) {
137  global $_GET;
138  }
139  $sErrorNumber = '0';
140  $sErrorMsg = '';
141 
142  if (isset($_GET['NewFolderName']))
143  {
144  $sNewFolderName = $_GET['NewFolderName'];
145  $sNewFolderName = SanitizeFolderName($sNewFolderName);
146 
147  if (strpos($sNewFolderName, '..') !== false)
148  $sErrorNumber = '102'; // Invalid folder name.
149  else {
150  // Map the virtual path to the local server path of the current folder.
151  $sServerDir = ServerMapFolder($resourceType, $currentFolder, 'CreateFolder');
152 
153  if (is_writable($sServerDir))
154  {
155  $sServerDir .= $sNewFolderName;
156 
157  $sErrorMsg = CreateServerFolder($sServerDir);
158 
159  switch ($sErrorMsg)
160  {
161  case '':
162  $sErrorNumber = '0';
163  break;
164  case 'Invalid argument' :
165  case 'No such file or directory' :
166  $sErrorNumber = '102'; // Path too long.
167  break;
168  default:
169  $sErrorNumber = '110';
170  break;
171  }
172  } else $sErrorNumber = '103';
173  }
174  } else $sErrorNumber = '102';
175 
176  // Create the "Error" node.
177  echo '<Error number="'.$sErrorNumber.'" />';
178 }
179 
180 // @CHANGE
181 //function FileUpload( $resourceType, $currentFolder, $sCommand )
191 function FileUpload($resourceType, $currentFolder, $sCommand, $CKEcallback = '')
192 {
193  if (!isset($_FILES)) {
194  global $_FILES;
195  }
196  $sErrorNumber = '0';
197  $sFileName = '';
198 
199  if (isset($_FILES['NewFile']) && !is_null($_FILES['NewFile']['tmp_name'])
200  // This is for the QuickUpload tab box
201  or (isset($_FILES['upload']) && !is_null($_FILES['upload']['tmp_name'])))
202  {
203  global $Config;
204 
205  $oFile = isset($_FILES['NewFile']) ? $_FILES['NewFile'] : $_FILES['upload'];
206 
207  // Map the virtual path to the local server path.
208  $sServerDir = ServerMapFolder($resourceType, $currentFolder, $sCommand);
209 
210  // Get the uploaded file name.
211  $sFileName = $oFile['name'];
212  $sFileName = SanitizeFileName($sFileName);
213 
214  $sOriginalFileName = $sFileName;
215 
216  // Get the extension.
217  $sExtension = substr($sFileName, (strrpos($sFileName, '.') + 1));
218  $sExtension = strtolower($sExtension);
219 
220  if (isset($Config['SecureImageUploads']))
221  {
222  if (($isImageValid = IsImageValid($oFile['tmp_name'], $sExtension)) === false)
223  {
224  $sErrorNumber = '202';
225  }
226  }
227 
228  if (isset($Config['HtmlExtensions']))
229  {
230  if (!IsHtmlExtension($sExtension, $Config['HtmlExtensions']) &&
231  ($detectHtml = DetectHtml($oFile['tmp_name'])) === true)
232  {
233  $sErrorNumber = '202';
234  }
235  }
236 
237  // Check if it is an allowed extension.
238  if (!$sErrorNumber && IsAllowedExt($sExtension, $resourceType))
239  {
240  $iCounter = 0;
241 
242  while (true)
243  {
244  $sFilePath = $sServerDir.$sFileName;
245 
246  if (is_file($sFilePath))
247  {
248  $iCounter++;
249  $sFileName = RemoveExtension($sOriginalFileName).'('.$iCounter.').'.$sExtension;
250  $sErrorNumber = '201';
251  } else {
252  move_uploaded_file($oFile['tmp_name'], $sFilePath);
253 
254  if (is_file($sFilePath))
255  {
256  if (isset($Config['ChmodOnUpload']) && !$Config['ChmodOnUpload'])
257  {
258  break;
259  }
260 
261  $permissions = '0777';
262  if (isset($Config['ChmodOnUpload']) && $Config['ChmodOnUpload'])
263  {
264  $permissions = (string) $Config['ChmodOnUpload'];
265  }
266  $permissionsdec = octdec($permissions);
267  dol_syslog("commands.php permission = ".$permissions." ".$permissionsdec." ".decoct($permissionsdec));
268  $oldumask = umask(0);
269  chmod($sFilePath, $permissionsdec);
270  umask($oldumask);
271  }
272 
273  break;
274  }
275  }
276 
277  if (file_exists($sFilePath))
278  {
279  //previous checks failed, try once again
280  if (isset($isImageValid) && $isImageValid === -1 && IsImageValid($sFilePath, $sExtension) === false)
281  {
282  @unlink($sFilePath);
283  $sErrorNumber = '202';
284  } elseif (isset($detectHtml) && $detectHtml === -1 && DetectHtml($sFilePath) === true)
285  {
286  @unlink($sFilePath);
287  $sErrorNumber = '202';
288  }
289  }
290  } else $sErrorNumber = '202';
291  } else $sErrorNumber = '202';
292 
293 
294  $sFileUrl = CombinePaths(GetResourceTypePath($resourceType, $sCommand), $currentFolder);
295  $sFileUrl = CombinePaths($sFileUrl, $sFileName);
296 
297 
298  // @CHANGE
299  //SendUploadResults( $sErrorNumber, $sFileUrl, $sFileName );
300  if ($CKEcallback == '')
301  {
302  // this line already exists so wrap the if block around it
303  SendUploadResults($sErrorNumber, $sFileUrl, $sFileName);
304  } else {
305  //issue the CKEditor Callback
306  SendCKEditorResults(
307  $CKEcallback,
308  $sFileUrl,
309  ($sErrorNumber != 0 ? 'Error '.$sErrorNumber.' upload failed.' : 'Upload Successful')
310  );
311  }
312 
313  exit;
314 }
FileUpload
This class is used to manage file upload using ajax.
Definition: fileupload.class.php:31
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename= '', $restricttologhandler= '', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1208
Generated on Sat Aug 23 2025 13:17:19 for dolibarr by Doxygen 1.8.5