lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Restriction on name of files

Browse Source
This commit is contained in:
Laurent Destailleur 2021-04-07 19:38:54 +02:00
parent 3315bf6c00
commit 1e1b963ca7
3 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
htdocs/admin/system/filecheck.php
View File

@ -78,10 +78,10 @@ print '<br>';
$file_list = array('missing' => array(), 'updated' => array());
// Local file to compare to
$xmlshortfile = GETPOST('xmlshortfile', 'alpha') ?GETPOST('xmlshortfile', 'alpha') : '/install/filelist-'.DOL_VERSION.(empty($conf->global->MAIN_FILECHECK_LOCAL_SUFFIX) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_SUFFIX).'.xml'.(empty($conf->global->MAIN_FILECHECK_LOCAL_EXT) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_EXT);
$xmlfile = DOL_DOCUMENT_ROOT.$xmlshortfile;
$xmlshortfile = dol_sanitizeFileName(GETPOST('xmlshortfile', 'alpha') ? GETPOST('xmlshortfile', 'alpha') : 'filelist-'.DOL_VERSION.(empty($conf->global->MAIN_FILECHECK_LOCAL_SUFFIX) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_SUFFIX).'.xml'.(empty($conf->global->MAIN_FILECHECK_LOCAL_EXT) ? '' : $conf->global->MAIN_FILECHECK_LOCAL_EXT));
$xmlfile = DOL_DOCUMENT_ROOT.'/install/'.$xmlshortfile;
// Remote file to compare to
$xmlremote = GETPOST('xmlremote');
$xmlremote = GETPOST('xmlremote', 'alphanohtml');
if (empty($xmlremote) && !empty($conf->global->MAIN_FILECHECK_URL)) {
$xmlremote = $conf->global->MAIN_FILECHECK_URL;
}
@ -92,7 +92,13 @@ if (empty($xmlremote) && !empty($conf->global->$param)) {
if (empty($xmlremote)) {
$xmlremote = 'https://www.dolibarr.org/files/stable/signatures/filelist-'.DOL_VERSION.'.xml';
}
if ($xmlremote && !preg_match('/^https?:\/\//', $xmlremote)) {
}
if ($xmlremote && !preg_match('/^https?:\/\//', $xmlremote)) {
$langs->load("errors");
setEventMessages($langs->trans("ErrorURLMustStartWithHttp", $xmlremote), '', 'errors');
$error++;
}
// Test if remote test is ok
$enableremotecheck = true;
@ -147,7 +153,7 @@ if (GETPOST('target') == 'local') {
}
$xml = simplexml_load_file($xmlfile);
} else {
print $langs->trans('XmlNotFound').': '.$xmlfile;
print '<div class="warning">'.$langs->trans('XmlNotFound').': '.$xmlfile.'</span>';
$error++;
}
}

1
htdocs/core/boxes/box_external_rss.php
View File

@ -77,6 +77,7 @@ class box_external_rss extends ModeleBoxes
$this->max = $max;
// On recupere numero de param de la boite
$reg = array();
preg_match('/^([0-9]+) /', $this->paramdef, $reg);
$site = $reg[1];

1
htdocs/core/modules/modExternalRss.class.php
View File

@ -100,6 +100,7 @@ class modExternalRss extends DolibarrModules
$result = $this->db->query($sql);
if ($result) {
while ($obj = $this->db->fetch_object($result)) {
$reg = array();
if (preg_match('/EXTERNAL_RSS_TITLE_([0-9]+)/i', $obj->name, $reg)) {
// Definie la boite si on a trouvee une ancienne configuration
//$this->boxes[$reg[1]][0] = "(ExternalRSSInformations)";