lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: Documents links was bad if ref contains special chars

Browse Source
This commit is contained in:
Laurent Destailleur 2008-07-10 17:11:04 +00:00
parent 94dce9cbac
commit 12279fddec
8 changed files with 177 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
htdocs/comm/action/document.php
View File

@ -21,9 +21,9 @@
*/
/**
\file htdocs/product/document.php
\ingroup product
\brief Page des documents joints sur les produits
\file htdocs/comm/action/document.php
\ingroup agenda
\brief Page des documents joints sur les actions
\version $Id$
*/
@ -40,7 +40,7 @@ $langs->load("other");
$langs->load("bills");
if (isset($_GET["error"])) $error=$_GET["error"];
$upload_dir = $conf->actions->dir_output.'/'.$_GET['id'];
$objectid = isset($_GET["id"])?$_GET["id"]:'';
// Security check
if ($user->societe_id > 0)
@ -71,11 +71,12 @@ if ( $_POST["sendit"] && $conf->upload )
/*
* Creation répertoire si n'existe pas
*/
if (! is_dir($upload_dir)) create_exdir($upload_dir);
$upload_dir = $conf->actions->dir_output.'/'.sanitize_string($objectid);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0))
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);
@ -94,6 +95,7 @@ if ( $_POST["sendit"] && $conf->upload )
*/
if ($_GET["action"] == 'delete')
{
$upload_dir = $conf->actions->dir_output.'/'.sanitize_string($objectid);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
}
@ -106,86 +108,93 @@ if ($_GET["action"] == 'delete')
llxHeader();
if ($_GET["id"] > 0)
if ($objectid > 0)
{
$act = new ActionComm($db);
$act->fetch($_GET["id"]);
$res=$act->societe->fetch($act->societe->id);
$res=$act->author->fetch(); // Le paramètre est le login, hors seul l'id est chargé.
$res=$act->contact->fetch($act->contact->id);
$h=0;
$head[$h][0] = DOL_URL_ROOT.'/comm/action/fiche.php?id='.$_GET["id"];
$head[$h][1] = $langs->trans("CardAction");
$hselected=$h;
$h++;
$head[$h][0] = DOL_URL_ROOT.'/comm/action/document.php?id='.$_GET["id"];
$head[$h][1] = $langs->trans('Documents');
$hselected=$h;
$h++;
$head[$h][0] = DOL_URL_ROOT.'/comm/action/info.php?id='.$_GET["id"];
$head[$h][1] = $langs->trans('Info');
$h++;
dolibarr_fiche_head($head, $hselected, $langs->trans("Action"));
// Affichage fiche action en mode visu
print '<table class="border" width="100%"';
// Ref
print '<tr><td width="30%">'.$langs->trans("Ref").'</td><td colspan="3">'.$act->id.'</td></tr>';
// Type
print '<tr><td>'.$langs->trans("Type").'</td><td colspan="3">'.$act->type.'</td></tr>';
// Libelle
print '<tr><td>'.$langs->trans("Title").'</td><td colspan="3">'.$act->label.'</td></tr>';
// Societe - contact
print '<tr><td>'.$langs->trans("Company").'</td><td>'.$act->societe->getNomUrl(1).'</td>';
print '<td>'.$langs->trans("Contact").'</td>';
print '<td>';
if ($act->contact->id > 0)
if ($act->fetch($objectid))
{
print $act->contact->getNomUrl(1);
$upload_dir = $conf->actions->dir_output.'/'.sanitize_string($objectid);
$res=$act->societe->fetch($act->societe->id);
$res=$act->author->fetch(); // Le paramètre est le login, hors seul l'id est chargé.
$res=$act->contact->fetch($act->contact->id);
$h=0;
$head[$h][0] = DOL_URL_ROOT.'/comm/action/fiche.php?id='.$objectid;
$head[$h][1] = $langs->trans("CardAction");
$hselected=$h;
$h++;
$head[$h][0] = DOL_URL_ROOT.'/comm/action/document.php?id='.$objectid;
$head[$h][1] = $langs->trans('Documents');
$hselected=$h;
$h++;
$head[$h][0] = DOL_URL_ROOT.'/comm/action/info.php?id='.$objectid;
$head[$h][1] = $langs->trans('Info');
$h++;
dolibarr_fiche_head($head, $hselected, $langs->trans("Action"));
// Affichage fiche action en mode visu
print '<table class="border" width="100%"';
// Ref
print '<tr><td width="30%">'.$langs->trans("Ref").'</td><td colspan="3">'.$act->id.'</td></tr>';
// Type
print '<tr><td>'.$langs->trans("Type").'</td><td colspan="3">'.$act->type.'</td></tr>';
// Libelle
print '<tr><td>'.$langs->trans("Title").'</td><td colspan="3">'.$act->label.'</td></tr>';
// Societe - contact
print '<tr><td>'.$langs->trans("Company").'</td><td>'.$act->societe->getNomUrl(1).'</td>';
print '<td>'.$langs->trans("Contact").'</td>';
print '<td>';
if ($act->contact->id > 0)
{
print $act->contact->getNomUrl(1);
}
else
{
print $langs->trans("None");
}
print '</td></tr>';
// Construit liste des fichiers
$filearray=dol_dir_list($upload_dir,"files",0,'','\.meta$',$sortfield,(strtolower($sortorder)=='desc'?SORT_ASC:SORT_DESC),1);
$totalsize=0;
foreach($filearray as $key => $file)
{
$totalsize+=$file['size'];
}
print '<tr><td>'.$langs->trans("NbOfAttachedFiles").'</td><td colspan="3">'.sizeof($filearray).'</td></tr>';
print '<tr><td>'.$langs->trans("TotalSizeOfAttachedFiles").'</td><td colspan="3">'.$totalsize.' '.$langs->trans("bytes").'</td></tr>';
print '</table>';
print '</div>';
if ($mesg) { print $mesg."<br>"; }
// Affiche formulaire upload
$formfile=new FormFile($db);
$formfile->form_attach_new_file(DOL_URL_ROOT.'/comm/action/document.php?id='.$act->id);
// List of document
$param='&id='.$act->id;
$formfile->list_of_documents($filearray,$act,'actions',$param);
}
else
{
print $langs->trans("None");
}
print '</td></tr>';
// Construit liste des fichiers
$filearray=dol_dir_list($upload_dir,"files",0,'','\.meta$',$sortfield,(strtolower($sortorder)=='desc'?SORT_ASC:SORT_DESC),1);
$totalsize=0;
foreach($filearray as $key => $file)
{
$totalsize+=$file['size'];
}
print '<tr><td>'.$langs->trans("NbOfAttachedFiles").'</td><td colspan="3">'.sizeof($filearray).'</td></tr>';
print '<tr><td>'.$langs->trans("TotalSizeOfAttachedFiles").'</td><td colspan="3">'.$totalsize.' '.$langs->trans("bytes").'</td></tr>';
print '</table>';
print '</div>';
if ($mesg) { print $mesg."<br>"; }
// Affiche formulaire upload
$formfile=new FormFile($db);
$formfile->form_attach_new_file(DOL_URL_ROOT.'/comm/action/document.php?id='.$act->id);
// List of document
$param='&id='.$act->id;
$formfile->list_of_documents($filearray,$act,'actions',$param);
dolibarr_print_error($db);
}
}
else
{

11
htdocs/comm/propal/document.php
View File

@ -72,12 +72,12 @@ if ($_POST["sendit"] && $conf->upload)
if ($propal->fetch($propalid))
{
$upload_dir = $conf->propal->dir_output . "/" . $propal->ref;
$upload_dir = $conf->propal->dir_output . "/" . sanitize_string($propal->ref);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0))
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);
@ -100,7 +100,7 @@ if ($action=='delete')
$propalid=$_GET["id"];
if ($propal->fetch($propalid))
{
$upload_dir = $conf->propal->dir_output . "/" . $propal->ref;
$upload_dir = $conf->propal->dir_output . "/" . sanitize_string($propal->ref);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
@ -117,12 +117,9 @@ llxHeader();
if ($propalid > 0)
{
$propal = new Propal($db);
if ($propal->fetch($propalid))
{
$propref = sanitize_string($propal->ref);
$upload_dir = $conf->propal->dir_output.'/'.$propref;
$upload_dir = $conf->propal->dir_output.'/'.sanitize_string($propal->ref);
$societe = new Societe($db);
$societe->fetch($propal->socid);

10
htdocs/commande/document.php
View File

@ -74,12 +74,12 @@ if (!$commande->fetch($id)) {
// Envoi fichier
if ($_POST["sendit"] && $conf->upload)
{
$upload_dir = $conf->commande->dir_output . "/" . $commande->ref;
$upload_dir = $conf->commande->dir_output . "/" . sanitize_string($commande->ref);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0))
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);
@ -96,7 +96,7 @@ if ($_POST["sendit"] && $conf->upload)
// Delete
if ($action=='delete')
{
$upload_dir = $conf->commande->dir_output . "/" . $commande->ref;
$upload_dir = $conf->commande->dir_output . "/" . sanitize_string($commande->ref);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
@ -110,9 +110,7 @@ if ($id > 0)
{
llxHeader();
$commanderef = sanitize_string($commande->ref);
$upload_dir = $conf->commande->dir_output.'/'.$commanderef;
$upload_dir = $conf->commande->dir_output.'/'.sanitize_string($commande->ref);
$societe = new Societe($db);
$societe->fetch($commande->socid);

136
htdocs/compta/facture/document.php
View File

@ -20,11 +20,11 @@
*/
/**
\file htdocs/compta/facture/document.php
\ingroup facture
\brief Page de gestion des documents attachées à une facture
\version $Id$
*/
\file htdocs/compta/facture/document.php
\ingroup facture
\brief Page de gestion des documents attachées à une facture
\version $Id$
*/
require('./pre.inc.php');
require_once(DOL_DOCUMENT_ROOT."/facture.class.php");
@ -37,16 +37,16 @@ $langs->load('compta');
$langs->load('other');
if (!$user->rights->facture->lire)
accessforbidden();
accessforbidden();
$facid=empty($_GET['facid']) ? 0 : intVal($_GET['facid']);
$action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action'];
// Security check
if ($user->societe_id > 0)
if ($user->societe_id > 0)
{
unset($_GET["action"]);
$action='';
$action='';
$socid = $user->societe_id;
}
@ -66,107 +66,103 @@ $pagenext = $page + 1;
/*
* Actions
*/
// Envoi fichier
if ($_POST["sendit"] && $conf->upload)
{
$facture = new Facture($db);
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output . "/" . $facture->ref;
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0))
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);
}
else
{
// Echec transfert (fichier dépassant la limite ?)
$mesg = '<div class="error">'.$langs->trans("ErrorFileNotUploaded").'</div>';
// print_r($_FILES);
}
}
}
$facture = new Facture($db);
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output . "/" . sanitize_string($facture->ref);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);
}
else
{
// Echec transfert (fichier dépassant la limite ?)
$mesg = '<div class="error">'.$langs->trans("ErrorFileNotUploaded").'</div>';
// print_r($_FILES);
}
}
}
}
// Delete
if ($action=='delete')
{
$facture = new Facture($db);
$facid=$_GET["id"];
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output . "/" . $facture->ref;
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
}
$facture = new Facture($db);
$facid=$_GET["id"];
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output . "/" . sanitize_string($facture->ref);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
}
}
/*
* Affichage
*/
llxHeader();
if ($facid > 0)
{
$facture = new Facture($db);
if ($facture->fetch($facid))
{
$facref = sanitize_string($facture->ref);
$upload_dir = $conf->facture->dir_output.'/'.$facref;
$upload_dir = $conf->facture->dir_output.'/'.sanitize_string($facture->ref);
$societe = new Societe($db);
$societe->fetch($facture->socid);
$head = facture_prepare_head($facture);
dolibarr_fiche_head($head, 'documents', $langs->trans('InvoiceCustomer'));
// Construit liste des fichiers
$filearray=dol_dir_list($upload_dir,"files",0,'','\.meta$',$sortfield,(strtolower($sortorder)=='desc'?SORT_ASC:SORT_DESC),1);
$totalsize=0;
foreach($filearray as $key => $file)
{
$totalsize+=$file['size'];
}
// Construit liste des fichiers
$filearray=dol_dir_list($upload_dir,"files",0,'','\.meta$',$sortfield,(strtolower($sortorder)=='desc'?SORT_ASC:SORT_DESC),1);
$totalsize=0;
foreach($filearray as $key => $file)
{
$totalsize+=$file['size'];
}
print '<table class="border"width="100%">';
// Ref
print '<tr><td width="30%">'.$langs->trans('Ref').'</td><td colspan="3">'.$facture->ref.'</td></tr>';
// Société
print '<tr><td>'.$langs->trans('Company').'</td><td colspan="3">'.$societe->getNomUrl(1).'</td></tr>';
print '<tr><td>'.$langs->trans("NbOfAttachedFiles").'</td><td colspan="3">'.sizeof($filearray).'</td></tr>';
print '<tr><td>'.$langs->trans("TotalSizeOfAttachedFiles").'</td><td colspan="3">'.$totalsize.' '.$langs->trans("bytes").'</td></tr>';
print "</table>\n";
print '<tr><td>'.$langs->trans("TotalSizeOfAttachedFiles").'</td><td colspan="3">'.$totalsize.' '.$langs->trans("bytes").'</td></tr>';
print "</table>\n";
print "</div>\n";
if ($mesg) { print $mesg."<br>"; }
// Affiche formulaire upload
$formfile=new FormFile($db);
$formfile=new FormFile($db);
$formfile->form_attach_new_file(DOL_URL_ROOT.'/compta/facture/document.php?facid='.$facture->id);
// List of document
$param='&facid='.$facture->id;
$param='&facid='.$facture->id;
$formfile->list_of_documents($filearray,$facture,'facture',$param);
}
else
{
@ -175,7 +171,7 @@ if ($facid > 0)
}
else
{
print $langs->trans("UnkownError");
print $langs->trans("UnkownError");
}
$db->close();

5
htdocs/contrat/document.php
View File

@ -63,8 +63,7 @@ $pagenext = $page + 1;
$contrat = new Contrat($db);
$contrat->fetch($_GET["id"]);
$contratref = sanitize_string($contrat->ref);
$upload_dir = $conf->contrat->dir_output.'/'.$contratref;
$upload_dir = $conf->contrat->dir_output.'/'.sanitize_string($contrat->ref);
$modulepart='contract';
@ -80,7 +79,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0))
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);

16
htdocs/fourn/facture/document.php
View File

@ -73,16 +73,15 @@ $pagenext = $page + 1;
if ($_POST['sendit'] && $conf->upload)
{
$facture = new FactureFournisseur($db);
if ($facture->fetch($facid))
{
$ref = sanitize_string($facture->ref);
$upload_dir = $conf->fournisseur->facture->dir_output.'/'.get_exdir($facture->id,2).$facture->id;
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . '/' . $_FILES['userfile']['name'],0))
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . '/' . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans('FileTransferComplete').'</div>';
//print_r($_FILES);
@ -100,14 +99,14 @@ if ($_POST['sendit'] && $conf->upload)
// Delete
if ($action=='delete')
{
$facture = new FactureFournisseur($db);
$facid=$_GET["id"];
$facture = new FactureFournisseur($db);
if ($facture->fetch($facid))
{
$ref = sanitize_string($facture->ref);
$upload_dir = $conf->fournisseur->facture->dir_output.'/'.get_exdir($facture->id,2).$facture->id;
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans('FileWasRemoved').'</div>';
}
@ -123,13 +122,12 @@ llxHeader();
if ($facid > 0)
{
$facture = new FactureFournisseur($db);
if ($facture->fetch($facid))
{
$facture->fetch_fournisseur();
$facref = sanitize_string($facture->ref);
$upload_dir = $conf->fournisseur->facture->dir_output.'/'.get_exdir($facture->id,2).$facture->id;
$head = facturefourn_prepare_head($facture);
dolibarr_fiche_head($head, 'documents', $langs->trans('SupplierInvoice'));

5
htdocs/product/document.php
View File

@ -68,8 +68,7 @@ if ($_GET['id'] || $_GET["ref"])
if ($_GET["ref"]) $result = $product->fetch('',$_GET["ref"]);
if ($_GET["id"]) $result = $product->fetch($_GET["id"]);
$prodref = sanitize_string($product->ref);
$upload_dir = $conf->produit->dir_output.'/'.$prodref;
$upload_dir = $conf->produit->dir_output.'/'.sanitize_string($product->ref);
}
$modulepart='produit';
@ -86,7 +85,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0))
if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);

5
htdocs/societe/document.php
View File

@ -62,12 +62,13 @@ $sortfield=$_GET["sortfield"];
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="name";
$upload_dir = $conf->societe->dir_output . "/" . $socid ;
$courrier_dir = $conf->societe->dir_output . "/courrier/" . get_exdir($socid) ;
/*
* Actions
*/
$upload_dir = $conf->societe->dir_output . "/" . $socid ;
$courrier_dir = $conf->societe->dir_output . "/courrier/" . get_exdir($socid) ;
// Envoie fichier
if ( $_POST["sendit"] && $conf->upload != 0)