New: Possibilit de mettre une photo sur les fiches utilisateurs.
New: Les images sont affiches travers le wrapper viewimage pour viter visualitaion sans droits.
This commit is contained in:
Laurent Destailleur
parent
529b20da91
commit
6365f76bb3
@ -147,7 +147,8 @@ if ($_GET["facid"] > 0)
|
||||
$filedetail = $conf->facture->dir_output . "/" . $facref . "/" . $facref . "-detail.pdf";
|
||||
$relativepath = "${facref}/${facref}.pdf";
|
||||
$relativepathdetail = "${facref}/${facref}-detail.pdf";
|
||||
|
||||
$relativepathimage = "${facref}/${facref}.pdf.png";
|
||||
|
||||
$fileimage = $file.".png";
|
||||
|
||||
$var=true;
|
||||
@ -156,7 +157,7 @@ if ($_GET["facid"] > 0)
|
||||
if (file_exists($file))
|
||||
{
|
||||
$encfile = urlencode($file);
|
||||
print_titre("Documents");
|
||||
print_titre($langs->trans("Documents"));
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
print "<tr $bc[$var]><td>".$langs->trans("Bill")." PDF</td>";
|
||||
@ -220,33 +221,32 @@ if ($_GET["facid"] > 0)
|
||||
|
||||
print "<tr><td height=\"10\">".$langs->trans("Author")."</td><td colspan=\"3\">$author->fullname</td>";
|
||||
|
||||
print '<tr><td height=\"10\">Remise globale</td>';
|
||||
print '<tr><td height=\"10\">'.$langs->trans("GlobalDiscount").'</td>';
|
||||
print '<td align="right" colspan="2">'.$fac->remise_percent.'</td>';
|
||||
print '<td>%</td></tr>';
|
||||
|
||||
print '<tr><td height=\"10\">'.$langs->trans("AmountHT").'</td>';
|
||||
print '<td align="right" colspan="2"><b>'.price($fac->total_ht).'</b></td>';
|
||||
print '<td>'.$conf->monnaie.' HT</td></tr>';
|
||||
print '<td>'.$conf->monnaie.'</td></tr>';
|
||||
|
||||
print "</table><br>";
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Facture non trouvée */
|
||||
// Facture non trouvée
|
||||
print $langs->trans("ErrorBillNotFound");
|
||||
}
|
||||
}
|
||||
|
||||
print 'xxxxxxxxxximg src="'.DOL_URL_ROOT . '/viewimage.php?modulepart=apercufacture&file='.urlencode($relativepathimage).'"';
|
||||
if (file_exists($fileimage))
|
||||
{
|
||||
print '<img src="'.DOL_URL_ROOT . '/viewimage.php?file='.urlencode($fileimage).'">';
|
||||
print '<img src="'.DOL_URL_ROOT . '/viewimage.php?modulepart=apercufacture&file='.urlencode($relativepathimage).'">';
|
||||
}
|
||||
print '</div>';
|
||||
|
||||
|
||||
$db->close();
|
||||
|
||||
llxFooter("<em>Dernière modification $Date$ révision $Revision$</em>");
|
||||
|
||||
@ -38,4 +38,5 @@ LastUsersCreated=Last %s users created
|
||||
ShowGroup=Show group
|
||||
ShowUser=Show user
|
||||
NonAffectedUsers=Non affected users
|
||||
UserModified=User modified successfully
|
||||
UserModified=User modified successfully
|
||||
PhotoFile=Fichier photo
|
||||
@ -40,3 +40,4 @@ ShowGroup=Afficher groupe
|
||||
ShowUser=Afficher utilisateur
|
||||
NonAffectedUsers=Utilisateurs non affectés au groupe
|
||||
UserModified=Utilisateur modifié avec succès
|
||||
PhotoFile=Fichier photo
|
||||
|
||||
@ -173,6 +173,8 @@ $langs = new Translate(DOL_DOCUMENT_ROOT ."/langs", $conf->langage);
|
||||
|
||||
|
||||
|
||||
$conf->users->dir_output=DOL_DATA_ROOT."/users";
|
||||
|
||||
/*
|
||||
* Activation des modules
|
||||
* et inclusion de librairies dépendantes
|
||||
|
||||
@ -108,8 +108,10 @@ if ($_POST["action"] == 'add' && $user->admin)
|
||||
|
||||
if ($_POST["action"] == 'update' && $user->admin)
|
||||
{
|
||||
$db->begin();
|
||||
$message="";
|
||||
|
||||
$db->begin();
|
||||
|
||||
$edituser = new User($db, $_GET["id"]);
|
||||
$edituser->fetch();
|
||||
|
||||
@ -124,18 +126,33 @@ if ($_POST["action"] == 'update' && $user->admin)
|
||||
$ret=$edituser->update();
|
||||
if ($ret < 0)
|
||||
{
|
||||
$message='<div class="error">'.$edituser->error.'</div>';
|
||||
$message.='<div class="error">'.$edituser->error.'</div>';
|
||||
}
|
||||
if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='' )
|
||||
{
|
||||
$ret=$edituser->password($user,$password,$conf->password_encrypted);
|
||||
if ($ret < 0) {
|
||||
$message='<div class="error">'.$edituser->error.'</div>';
|
||||
$message.='<div class="error">'.$edituser->error.'</div>';
|
||||
}
|
||||
}
|
||||
|
||||
if ($_FILES['photo']['tmp_name']) {
|
||||
// Si une photo est fournie avec le formulaire
|
||||
if (! is_dir($conf->users->dir_output))
|
||||
{
|
||||
mkdir($conf->users->dir_output);
|
||||
}
|
||||
if (is_dir($conf->users->dir_output)) {
|
||||
$newfile=$conf->users->dir_output . "/" . $edituser->id . ".jpg";
|
||||
if (! doliMoveFileUpload($_FILES['photo']['tmp_name'],$newfile))
|
||||
{
|
||||
$message .= '<div class="error">'.$langs->trans("ErrorFailedToSaveFile").'</div>';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($ret >= 0) {
|
||||
$message.='<div class="ok">'.$langs->trans("UserModififed").'</div>';
|
||||
$message.='<div class="ok">'.$langs->trans("UserModified").'</div>';
|
||||
$db->commit();
|
||||
} else {
|
||||
$db->rollback;
|
||||
@ -170,7 +187,7 @@ if ($action == 'create')
|
||||
print "<br>";
|
||||
if ($message) { print $message."<br>"; }
|
||||
|
||||
print '<form action="fiche.php" method="post">';
|
||||
print '<form action="fiche.php" method="post" name="createuser>';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
@ -274,7 +291,7 @@ else
|
||||
print '<td align="center" valign="middle" width="25%" rowspan="8">';
|
||||
if (file_exists($conf->users->dir_output."/".$fuser->id.".jpg"))
|
||||
{
|
||||
print '<img src="'.DOL_URL_ROOT.'/image.php?modulepart=userphoto&file='.$fuser->id.'.jpg">';
|
||||
print '<img width="100" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=userphoto&file='.$fuser->id.'.jpg">';
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -379,7 +396,7 @@ else
|
||||
if ($_GET["action"] == 'edit' && $user->admin)
|
||||
{
|
||||
|
||||
print '<form action="fiche.php?id='.$fuser->id.'" method="post">';
|
||||
print '<form action="fiche.php?id='.$fuser->id.'" method="post" name="updateuser" enctype="multipart/form-data">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<table width="100%" class="border">';
|
||||
|
||||
@ -388,12 +405,13 @@ else
|
||||
print '<td align="center" valign="middle" width="25%" rowspan="6">';
|
||||
if (file_exists($conf->users->dir_output."/".$fuser->id.".jpg"))
|
||||
{
|
||||
print '<img src="'.DOL_URL_ROOT.'/image.php?modulepart=userphoto&file='.$fuser->id.'.jpg">';
|
||||
print '<img width="100" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=userphoto&file='.$fuser->id.'.jpg">';
|
||||
}
|
||||
else
|
||||
{
|
||||
print '<img src="'.DOL_URL_ROOT.'/theme/nophoto.jpg">';
|
||||
}
|
||||
print '<br><br><table class="noborder"><tr><td>'.$langs->trans("PhotoFile").'</td></tr><tr><td><input type="file" name="photo" class="flat"></td></tr></table>';
|
||||
print '</td></tr>';
|
||||
|
||||
print "<tr>".'<td valign="top">'.$langs->trans("Firstname").'</td>';
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
<?php
|
||||
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
|
||||
* Copyright (C) 2005 Laurent Destailleur <eldy@users.sourceforge.net>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
@ -21,25 +22,67 @@
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
require_once("main.inc.php");
|
||||
|
||||
|
||||
// C'est un wrapper, donc header vierge
|
||||
function llxHeader() { }
|
||||
|
||||
|
||||
|
||||
$original_file = urldecode($_GET["file"]);
|
||||
$modulepart = urldecode($_GET["modulepart"]);
|
||||
$type = urldecode($_GET["type"]);
|
||||
|
||||
$filename = basename ($original_file);
|
||||
|
||||
//$filename = "/home/www/dolibarr/documents/facture/297459847084/297459847084.pdf.png";
|
||||
|
||||
$accessallowed=0;
|
||||
if ($modulepart)
|
||||
{
|
||||
// On fait une vérification des droits et on définit le répertoire concerné
|
||||
|
||||
header('Content-type: image/png');
|
||||
|
||||
//header('Content-Disposition: attachment; filename="'.$filename.'"');
|
||||
|
||||
// The PDF source is in original.pdf
|
||||
//readfile($filename);
|
||||
|
||||
|
||||
if ($fh = @fopen($original_file, "rb")) {
|
||||
|
||||
fpassthru($fh);
|
||||
fclose($fh);
|
||||
// Wrapping pour les photo utilisateurs
|
||||
if ($modulepart == 'userphoto')
|
||||
{
|
||||
//$user->getrights('facture');
|
||||
//if ($user->rights->facture->lire)
|
||||
//{
|
||||
$accessallowed=1;
|
||||
//}
|
||||
$original_file=$conf->users->dir_output.'/'.$original_file;
|
||||
}
|
||||
|
||||
// Wrapping pour les apercu factures
|
||||
if ($modulepart == 'apercufacture')
|
||||
{
|
||||
$user->getrights('facture');
|
||||
if ($user->rights->facture->lire)
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
$original_file=$conf->facture->dir_output.'/'.$original_file;
|
||||
}
|
||||
}
|
||||
|
||||
// Limite accès si droits non corrects
|
||||
if (! $accessallowed) { accessforbidden(); }
|
||||
|
||||
|
||||
$filename = basename($original_file);
|
||||
if (! file_exists($original_file)) { dolibarr_print_error(0,$langs->trans("FileDoesNotExist",$original_file)); exit; }
|
||||
|
||||
// Les drois sont ok et fichier trouvé
|
||||
if ($type)
|
||||
{
|
||||
header('Content-type: '.$type);
|
||||
}
|
||||
else
|
||||
{
|
||||
header('Content-type: image/png');
|
||||
}
|
||||
|
||||
readfile($original_file);
|
||||
|
||||
?>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user