diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 9e578a0fe86..91cff366642 100755 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -42,13 +42,26 @@ $langs->load("bills"); if (isset($_GET["error"])) $error=$_GET["error"]; $upload_dir = $conf->actions->dir_output.'/'.$_GET['id']; -// Sécurité accés client +// Security check if ($user->societe_id > 0) { - $action = ''; - $socid = $user->societe_id; + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; } +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + /* * Action envoie fichier @@ -170,7 +183,8 @@ if ($_GET["id"] > 0) // List of document - $formfile->list_of_documents($upload_dir,$act,'actions'); + $param='&id='.$act->id; + $formfile->list_of_documents($filearray,$act,'actions',$param); } else diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php index 40842022ff7..239358af0c5 100644 --- a/htdocs/comm/propal/document.php +++ b/htdocs/comm/propal/document.php @@ -40,9 +40,26 @@ $action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action' $propalid = isset($_GET["propalid"])?$_GET["propalid"]:''; // Security check -if ($user->societe_id) $socid=$user->societe_id; +if ($user->societe_id) +{ + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; +} $result = restrictedArea($user, 'propale', $propalid, 'propal'); +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + /* * Actions @@ -80,6 +97,7 @@ if ($action=='delete') { $propal = new Propal($db); + $propalid=$_GET["id"]; if ($propal->fetch($propalid)) { $upload_dir = $conf->propal->dir_output . "/" . $propal->ref; @@ -145,7 +163,8 @@ if ($propalid > 0) // List of document - $formfile->list_of_documents($upload_dir,$propal,'propal'); + $param='&propalid='.$propal->id; + $formfile->list_of_documents($filearray,$propal,'propal',$param); } else diff --git a/htdocs/commande/document.php b/htdocs/commande/document.php index 3f9c2a3f86a..36fb13cb510 100644 --- a/htdocs/commande/document.php +++ b/htdocs/commande/document.php @@ -41,13 +41,27 @@ $langs->load('other'); $id=empty($_GET['id']) ? 0 : intVal($_GET['id']); $action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action']; -// Securite acces +// Security check if ($user->societe_id > 0) { - unset($_GET["action"]); - $socid = $user->societe_id; + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; } +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + + $commande = new Commande($db); if (!$commande->fetch($id)) { dolibarr_print_error($db); @@ -136,7 +150,8 @@ if ($id > 0) // List of document - $formfile->list_of_documents($upload_dir,$commande,'commande'); + $param='&id='.$commande->id; + $formfile->list_of_documents($filearray,$commande,'commande',$param); } else diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php index 6d032003543..d9d08d95870 100644 --- a/htdocs/compta/facture/document.php +++ b/htdocs/compta/facture/document.php @@ -42,6 +42,26 @@ if (!$user->rights->facture->lire) $facid=empty($_GET['facid']) ? 0 : intVal($_GET['facid']); $action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action']; +// Security check +if ($user->societe_id > 0) +{ + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; +} + +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + /* * Actions @@ -144,7 +164,8 @@ if ($facid > 0) // List of document - $formfile->list_of_documents($upload_dir,$facture,'facture'); + $param='&facid='.$facture->id; + $formfile->list_of_documents($filearray,$facture,'facture',$param); } else diff --git a/htdocs/contrat/document.php b/htdocs/contrat/document.php index f7baed4f045..65ef1651e61 100644 --- a/htdocs/contrat/document.php +++ b/htdocs/contrat/document.php @@ -39,6 +39,26 @@ $langs->load("products"); if (!$user->rights->contrat->lire) accessforbidden(); +// Security check +if ($user->societe_id > 0) +{ + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; +} + +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + $contrat = new Contrat($db); $contrat->fetch($_GET["id"]); @@ -137,7 +157,8 @@ if ($contrat->id) // List of document - $formfile->list_of_documents($upload_dir,$contrat,'contract'); + $param='&id='.$contrat->id; + $formfile->list_of_documents($filearray,$contrat,'contract',$param); } else diff --git a/htdocs/ecm/docmine.php b/htdocs/ecm/docmine.php index f136b6142a4..6ee36b64e9d 100644 --- a/htdocs/ecm/docmine.php +++ b/htdocs/ecm/docmine.php @@ -41,11 +41,7 @@ $user->getrights('ecm'); // Security check -if ($user->societe_id > 0) -{ - $action = ''; - $socid = $user->societe_id; -} +if ($user->societe_id > 0) $socid = $user->societe_id; // Get parameters $page=$_GET["page"]; @@ -243,7 +239,7 @@ print ''; // Actions buttons -if ($_GET["action"] != 'edit' && $_GET['action'] != 'delete_dir' && $_GET['action'] != 'delete_file') +if ($_GET["action"] != 'edit' && $_GET['action'] != 'delete_dir' && $_GET['action'] != 'delete') { print '
'; @@ -274,7 +270,7 @@ if ($mesg) { print $mesg.'
'; } // Confirm remove file -if ($_GET['action'] == 'delete_file') +if ($_GET['action'] == 'delete') { $form->form_confirm($_SERVER["PHP_SELF"].'?section='.$_REQUEST["section"].'&urlfile='.urldecode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile'); print '
'; @@ -292,47 +288,11 @@ if ($_GET['action'] == 'delete_dir') $formfile=new FormFile($db); $formfile->form_attach_new_file(DOL_URL_ROOT.'/ecm/docmine.php','',0,$section); -// Affiche liste des documents existant -print_titre($langs->trans("AttachedFiles")); - -/** - * TODO Mettre cette section dans une zone AJAX - */ -$modulepart='ecm'; -$url=$_SERVER["PHP_SELF"]; -print ''; -print ''; +// List of document $param='&section='.$section; -print_liste_field_titre($langs->trans("Document"),$_SERVER["PHP_SELF"],"name","",$param,'align="left"',$sortfield,$sortorder); -print_liste_field_titre($langs->trans("Size"),$_SERVER["PHP_SELF"],"size","",$param,'align="right"',$sortfield,$sortorder); -print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"],"date","",$param,'align="center"',$sortfield,$sortorder); -print ''; -print ''; +$formfile->list_of_documents($filearray,'','ecm',$param,1,$relativepath); -$var=true; -foreach($filearray as $key => $file) -{ - if (!is_dir($dir.$file['name']) && substr($file['name'], 0, 1) <> '.' && substr($file['name'], 0, 3) <> 'CVS') - { - $var=!$var; - print "\n"; - print ''; - print ''; - print '\n"; - } -} -if (sizeof($filearray) == 0) print ''; -print "
 
"; - print ''; - print img_mime($file['name']).' '; - print $file['name']; - print ''; - print "'.dol_print_size($file['size']).''.dolibarr_print_date($file['date'],"dayhour").''; - //print ' '; - print ''.img_delete().''; - print "
'.$langs->trans("ECMNoFileFound").'
"; -// Fin de zone Ajax // End of page diff --git a/htdocs/fourn/facture/document.php b/htdocs/fourn/facture/document.php index e47b0e9c995..8bc5fed506a 100644 --- a/htdocs/fourn/facture/document.php +++ b/htdocs/fourn/facture/document.php @@ -43,6 +43,26 @@ if (!$user->rights->fournisseur->facture->lire) $facid=empty($_GET['facid']) ? 0 : intVal($_GET['facid']); $action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action']; +// Security check +if ($user->societe_id > 0) +{ + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; +} + +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + /* @@ -152,7 +172,8 @@ if ($facid > 0) // List of document - $formfile->list_of_documents($upload_dir,$facture,'facture_fournisseur'); + $param='&facid='.$facture->id; + $formfile->list_of_documents($filearray,$facture,'facture_fournisseur',$param); } else diff --git a/htdocs/html.formfile.class.php b/htdocs/html.formfile.class.php index 6a24a2f8dd0..d6f7e1e692f 100644 --- a/htdocs/html.formfile.class.php +++ b/htdocs/html.formfile.class.php @@ -365,6 +365,73 @@ class FormFile } + /** + * \brief Show list of documents in a directory + * \param filearray Array of files loaded by dol_dir_list function + * \param object Object on which document is linked to + * \param modulepart Value for modulepart used by download wrapper + * \param param Parameters on sort links + * \param forcedownload Mime type is forced to 'application/binary' to have a download + * \param relativepath Relative path of docs (autodefined if not provided) + * \return int <0 if KO, nb of files shown if OK + */ + function list_of_documents($filearray,$object,$modulepart,$param,$forcedownload=0,$relativepath='') + { + global $user, $conf, $langs; + global $bc; + global $sortfield, $sortorder; + + // Affiche liste des documents existant + print_titre($langs->trans("AttachedFiles")); + + $url=$_SERVER["PHP_SELF"]; + print ''; + print ''; + print_liste_field_titre($langs->trans("Document"),$_SERVER["PHP_SELF"],"name","",$param,'align="left"',$sortfield,$sortorder); + print_liste_field_titre($langs->trans("Size"),$_SERVER["PHP_SELF"],"size","",$param,'align="right"',$sortfield,$sortorder); + print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"],"date","",$param,'align="center"',$sortfield,$sortorder); + print ''; + print ''; + + $var=true; + foreach($filearray as $key => $file) + { + if (!is_dir($dir.$file['name']) + && $file['name'] != '.' + && $file['name'] != '..' + && $file['name'] != 'CVS' + && ! eregi('\.meta$',$file['name'])) + { + // Define relative path used to store the file + if (! $relativepath) + { + $relativepath=$object->ref.'/'; + if ($modulepart == 'facture_fournisseur') $relativepath=get_exdir($object->id,2).$relativepath; + } + + $var=!$var; + print "\n"; + print ''; + print ''; + print '\n"; + } + } + if (sizeof($filearray) == 0) print ''; + print "
 
"; + print ''; + print img_mime($file['name']).' '; + print $file['name']; + print ''; + print "'.dol_print_size($file['size']).''.dolibarr_print_date($file['date'],"dayhour").''; + //print ' '; + print ''.img_delete().''; + print "
'.$langs->trans("NoFileFound").'
"; + // Fin de zone + + } + /** * \brief Show list of documents in a directory * \param upload_dir Dir to scan @@ -372,7 +439,7 @@ class FormFile * \param modulepart Value for modulepart used by download wrapper * \return int <0 if KO, nb of files shown if OK */ - function list_of_documents($upload_dir,$object,$modulepart) + function list_of_documents2($upload_dir,$object,$modulepart) { global $user, $conf, $langs; global $bc; diff --git a/htdocs/langs/en_US/ecm.lang b/htdocs/langs/en_US/ecm.lang index 6483fe804ad..587ddef68d8 100644 --- a/htdocs/langs/en_US/ecm.lang +++ b/htdocs/langs/en_US/ecm.lang @@ -43,5 +43,4 @@ ShowECMSection=Show directory DeleteSection=Remove directory ConfirmDeleteSection=Can you confirm you want to delete the directory %s ? ECMDirectoryForFiles=Relative directory for files -CannotRemoveDirectoryContainsFiles=Removed not possible because it contains some files -ECMNoFileFound=No documents saved in this directory \ No newline at end of file +CannotRemoveDirectoryContainsFiles=Removed not possible because it contains some files \ No newline at end of file diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 325ea3bb2e3..0d3b7eed16b 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -423,6 +423,7 @@ MenuAWStats=AWStats MenuMembers=Members MenuAgendaGoogle=Google agenda ThisLimitIsDefinedInSetup=Dolibarr limit (Menu home-setup-security): %s Kb, PHP limit: %s Kb +NoFileFound=No documents saved in this directory # Week day Monday=Monday Tuesday=Tuesday diff --git a/htdocs/langs/fr_FR/ecm.lang b/htdocs/langs/fr_FR/ecm.lang index 04c99ef79d3..3150ae0c146 100644 --- a/htdocs/langs/fr_FR/ecm.lang +++ b/htdocs/langs/fr_FR/ecm.lang @@ -43,5 +43,4 @@ ShowECMSection=Afficher rubrique DeleteSection=Suppression rubrique ConfirmDeleteSection=Confirmez-vous la suppression de la rubrique %s ? ECMDirectoryForFiles=Répertoire relatif pour les fichiers -CannotRemoveDirectoryContainsFiles=Suppression impossible car des fichiers sont présents -ECMNoFileFound=Pas de documents stockés dans cette rubrique \ No newline at end of file +CannotRemoveDirectoryContainsFiles=Suppression impossible car des fichiers sont présents \ No newline at end of file diff --git a/htdocs/langs/fr_FR/main.lang b/htdocs/langs/fr_FR/main.lang index 95acc68f342..df6122b8c4e 100644 --- a/htdocs/langs/fr_FR/main.lang +++ b/htdocs/langs/fr_FR/main.lang @@ -425,6 +425,7 @@ MenuAWStats=AWStats MenuMembers=Adhérents MenuAgendaGoogle=Agenda Google ThisLimitIsDefinedInSetup=Limite Dolibarr (Menu accueil-configuration-sécurité): %s Ko, Limite PHP: %s Ko +NoFileFound=Pas de documents stockés dans cette rubrique # Week day Monday=Lundi Tuesday=Mardi diff --git a/htdocs/product/document.php b/htdocs/product/document.php index fa395098bcf..39a6ab9307f 100755 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -41,6 +41,27 @@ if (!$user->rights->produit->lire) $action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action']; +// Security check +if ($user->societe_id > 0) +{ + unset($_GET["action"]); + $action=''; + $socid = $user->societe_id; +} + +// Get parameters +$page=$_GET["page"]; +$sortorder=$_GET["sortorder"]; +$sortfield=$_GET["sortfield"]; + +if (! $sortorder) $sortorder="ASC"; +if (! $sortfield) $sortfield="name"; +if ($page == -1) { $page = 0 ; } +$offset = $conf->liste_limit * $page ; +$pageprev = $page - 1; +$pagenext = $page + 1; + + $product = new Product($db); if ($_GET['id'] || $_GET["ref"]) { @@ -159,7 +180,8 @@ if ($product->id) // List of document - $formfile->list_of_documents($upload_dir,$product,'produit'); + $param='&id='.$product->id; + $formfile->list_of_documents($filearray,$product,'produit',$param); } else