Fix: convert line delimiters
This commit is contained in:
Regis Houssin
parent
b75efdcf10
commit
7358223c8f
@ -568,7 +568,7 @@ function dol_unescapefile($filename)
|
||||
* @param int $nohook Disable all hooks
|
||||
* @param string $varfiles _FILES var name
|
||||
* @return int >0 if OK, <0 or string if KO
|
||||
* @see dolCheckUploadedFile, dol_move
|
||||
* @see dol_move
|
||||
*/
|
||||
function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disablevirusscan=0, $uploaderrorcode=0, $nohook=0, $varfiles='addedfile')
|
||||
{
|
||||
@ -579,121 +579,121 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
|
||||
$file_name = $dest_file;
|
||||
|
||||
if (empty($nohook))
|
||||
{
|
||||
// If an upload error has been reported
|
||||
if ($uploaderrorcode)
|
||||
{
|
||||
switch($uploaderrorcode)
|
||||
{
|
||||
case UPLOAD_ERR_INI_SIZE: // 1
|
||||
return 'ErrorFileSizeTooLarge';
|
||||
break;
|
||||
case UPLOAD_ERR_FORM_SIZE: // 2
|
||||
return 'ErrorFileSizeTooLarge';
|
||||
break;
|
||||
case UPLOAD_ERR_PARTIAL: // 3
|
||||
return 'ErrorPartialFile';
|
||||
break;
|
||||
case UPLOAD_ERR_NO_TMP_DIR: //
|
||||
return 'ErrorNoTmpDir';
|
||||
break;
|
||||
case UPLOAD_ERR_CANT_WRITE:
|
||||
return 'ErrorFailedToWriteInDir';
|
||||
break;
|
||||
case UPLOAD_ERR_EXTENSION:
|
||||
return 'ErrorUploadBlockedByAddon';
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// If we need to make a virus scan
|
||||
if (empty($disablevirusscan) && file_exists($src_file) && ! empty($conf->global->MAIN_ANTIVIRUS_COMMAND))
|
||||
{
|
||||
if (! class_exists('AntiVir')) {
|
||||
require DOL_DOCUMENT_ROOT.'/core/class/antivir.class.php';
|
||||
}
|
||||
$antivir=new AntiVir($db);
|
||||
$result = $antivir->dol_avscan_file($src_file);
|
||||
if ($result < 0) // If virus or error, we stop here
|
||||
{
|
||||
$reterrors=$antivir->errors;
|
||||
dol_syslog('Files.lib::dol_move_uploaded_file File "'.$src_file.'" (target name "'.$dest_file.'") KO with antivirus: result='.$result.' errors='.join(',',$antivir->errors), LOG_WARNING);
|
||||
return 'ErrorFileIsInfectedWithAVirus: '.join(',',$reterrors);
|
||||
}
|
||||
}
|
||||
|
||||
// Security:
|
||||
// Disallow file with some extensions. We renamed them.
|
||||
// Car si on a mis le rep documents dans un rep de la racine web (pas bien), cela permet d'executer du code a la demande.
|
||||
if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$dest_file))
|
||||
{
|
||||
$file_name.= '.noexe';
|
||||
}
|
||||
|
||||
// Security:
|
||||
// On interdit fichiers caches, remontees de repertoire ainsi que les pipes dans les noms de fichiers.
|
||||
if (preg_match('/^\./',$src_file) || preg_match('/\.\./',$src_file) || preg_match('/[<>|]/',$src_file))
|
||||
{
|
||||
dol_syslog("Refused to deliver file ".$src_file, LOG_WARNING);
|
||||
return -1;
|
||||
}
|
||||
|
||||
// Security:
|
||||
// On interdit fichiers caches, remontees de repertoire ainsi que les pipe dans
|
||||
// les noms de fichiers.
|
||||
if (preg_match('/^\./',$dest_file) || preg_match('/\.\./',$dest_file) || preg_match('/[<>|]/',$dest_file))
|
||||
{
|
||||
dol_syslog("Refused to deliver file ".$dest_file, LOG_WARNING);
|
||||
return -2;
|
||||
{
|
||||
// If an upload error has been reported
|
||||
if ($uploaderrorcode)
|
||||
{
|
||||
switch($uploaderrorcode)
|
||||
{
|
||||
case UPLOAD_ERR_INI_SIZE: // 1
|
||||
return 'ErrorFileSizeTooLarge';
|
||||
break;
|
||||
case UPLOAD_ERR_FORM_SIZE: // 2
|
||||
return 'ErrorFileSizeTooLarge';
|
||||
break;
|
||||
case UPLOAD_ERR_PARTIAL: // 3
|
||||
return 'ErrorPartialFile';
|
||||
break;
|
||||
case UPLOAD_ERR_NO_TMP_DIR: //
|
||||
return 'ErrorNoTmpDir';
|
||||
break;
|
||||
case UPLOAD_ERR_CANT_WRITE:
|
||||
return 'ErrorFailedToWriteInDir';
|
||||
break;
|
||||
case UPLOAD_ERR_EXTENSION:
|
||||
return 'ErrorUploadBlockedByAddon';
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (! is_object($hookmanager))
|
||||
{
|
||||
if (! class_exists('HookManager')) {
|
||||
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
|
||||
require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
|
||||
$hookmanager=new HookManager($db);
|
||||
}
|
||||
}
|
||||
$hookmanager->initHooks(array('fileslib'));
|
||||
|
||||
$parameters=array('filename' => $file_name, 'varfiles' => $varfiles, 'allowoverwrite' => $allowoverwrite);
|
||||
// If we need to make a virus scan
|
||||
if (empty($disablevirusscan) && file_exists($src_file) && ! empty($conf->global->MAIN_ANTIVIRUS_COMMAND))
|
||||
{
|
||||
if (! class_exists('AntiVir')) {
|
||||
require DOL_DOCUMENT_ROOT.'/core/class/antivir.class.php';
|
||||
}
|
||||
$antivir=new AntiVir($db);
|
||||
$result = $antivir->dol_avscan_file($src_file);
|
||||
if ($result < 0) // If virus or error, we stop here
|
||||
{
|
||||
$reterrors=$antivir->errors;
|
||||
dol_syslog('Files.lib::dol_move_uploaded_file File "'.$src_file.'" (target name "'.$dest_file.'") KO with antivirus: result='.$result.' errors='.join(',',$antivir->errors), LOG_WARNING);
|
||||
return 'ErrorFileIsInfectedWithAVirus: '.join(',',$reterrors);
|
||||
}
|
||||
}
|
||||
|
||||
// Security:
|
||||
// Disallow file with some extensions. We renamed them.
|
||||
// Car si on a mis le rep documents dans un rep de la racine web (pas bien), cela permet d'executer du code a la demande.
|
||||
if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$dest_file))
|
||||
{
|
||||
$file_name.= '.noexe';
|
||||
}
|
||||
|
||||
// Security:
|
||||
// On interdit fichiers caches, remontees de repertoire ainsi que les pipes dans les noms de fichiers.
|
||||
if (preg_match('/^\./',$src_file) || preg_match('/\.\./',$src_file) || preg_match('/[<>|]/',$src_file))
|
||||
{
|
||||
dol_syslog("Refused to deliver file ".$src_file, LOG_WARNING);
|
||||
return -1;
|
||||
}
|
||||
|
||||
// Security:
|
||||
// On interdit fichiers caches, remontees de repertoire ainsi que les pipe dans
|
||||
// les noms de fichiers.
|
||||
if (preg_match('/^\./',$dest_file) || preg_match('/\.\./',$dest_file) || preg_match('/[<>|]/',$dest_file))
|
||||
{
|
||||
dol_syslog("Refused to deliver file ".$dest_file, LOG_WARNING);
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (! is_object($hookmanager))
|
||||
{
|
||||
if (! class_exists('HookManager')) {
|
||||
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
|
||||
require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
|
||||
$hookmanager=new HookManager($db);
|
||||
}
|
||||
}
|
||||
$hookmanager->initHooks(array('fileslib'));
|
||||
|
||||
$parameters=array('filename' => $file_name, 'varfiles' => $varfiles, 'allowoverwrite' => $allowoverwrite);
|
||||
$reshook=$hookmanager->executeHooks('dolMoveUploadedFile', $parameters, $object);
|
||||
}
|
||||
|
||||
if (empty($reshook))
|
||||
{
|
||||
// The file functions must be in OS filesystem encoding.
|
||||
$src_file_osencoded=dol_osencode($src_file);
|
||||
$file_name_osencoded=dol_osencode($file_name);
|
||||
|
||||
// Check if destination dir is writable
|
||||
// TODO
|
||||
|
||||
// Check if destination file already exists
|
||||
if (! $allowoverwrite)
|
||||
{
|
||||
if (file_exists($file_name_osencoded))
|
||||
{
|
||||
dol_syslog("Files.lib::dol_move_uploaded_file File ".$file_name." already exists. Return 'ErrorFileAlreadyExists'", LOG_WARNING);
|
||||
return 'ErrorFileAlreadyExists';
|
||||
}
|
||||
}
|
||||
|
||||
// Move file
|
||||
$return=move_uploaded_file($src_file_osencoded, $file_name_osencoded);
|
||||
if ($return)
|
||||
{
|
||||
if (! empty($conf->global->MAIN_UMASK)) @chmod($file_name_osencoded, octdec($conf->global->MAIN_UMASK));
|
||||
dol_syslog("Files.lib::dol_move_uploaded_file Success to move ".$src_file." to ".$file_name." - Umask=".$conf->global->MAIN_UMASK, LOG_DEBUG);
|
||||
return 1; // Success
|
||||
}
|
||||
else
|
||||
{
|
||||
dol_syslog("Files.lib::dol_move_uploaded_file Failed to move ".$src_file." to ".$file_name, LOG_ERR);
|
||||
return -3; // Unknown error
|
||||
// The file functions must be in OS filesystem encoding.
|
||||
$src_file_osencoded=dol_osencode($src_file);
|
||||
$file_name_osencoded=dol_osencode($file_name);
|
||||
|
||||
// Check if destination dir is writable
|
||||
// TODO
|
||||
|
||||
// Check if destination file already exists
|
||||
if (! $allowoverwrite)
|
||||
{
|
||||
if (file_exists($file_name_osencoded))
|
||||
{
|
||||
dol_syslog("Files.lib::dol_move_uploaded_file File ".$file_name." already exists. Return 'ErrorFileAlreadyExists'", LOG_WARNING);
|
||||
return 'ErrorFileAlreadyExists';
|
||||
}
|
||||
}
|
||||
|
||||
// Move file
|
||||
$return=move_uploaded_file($src_file_osencoded, $file_name_osencoded);
|
||||
if ($return)
|
||||
{
|
||||
if (! empty($conf->global->MAIN_UMASK)) @chmod($file_name_osencoded, octdec($conf->global->MAIN_UMASK));
|
||||
dol_syslog("Files.lib::dol_move_uploaded_file Success to move ".$src_file." to ".$file_name." - Umask=".$conf->global->MAIN_UMASK, LOG_DEBUG);
|
||||
return 1; // Success
|
||||
}
|
||||
else
|
||||
{
|
||||
dol_syslog("Files.lib::dol_move_uploaded_file Failed to move ".$src_file." to ".$file_name, LOG_ERR);
|
||||
return -3; // Unknown error
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -713,26 +713,26 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n
|
||||
global $db, $conf, $user, $langs;
|
||||
global $hookmanager;
|
||||
|
||||
$langs->load("other");
|
||||
$langs->load("other");
|
||||
$langs->load("errors");
|
||||
|
||||
if (empty($nohook))
|
||||
{
|
||||
if (! is_object($hookmanager))
|
||||
{
|
||||
if (! class_exists('HookManager')) {
|
||||
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
|
||||
require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
|
||||
$hookmanager=new HookManager($db);
|
||||
}
|
||||
}
|
||||
$hookmanager->initHooks(array('fileslib'));
|
||||
|
||||
$parameters=array(
|
||||
'file' => $file,
|
||||
'disableglob'=> $disableglob,
|
||||
'nophperrors' => $nophperrors
|
||||
);
|
||||
if (! is_object($hookmanager))
|
||||
{
|
||||
if (! class_exists('HookManager')) {
|
||||
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
|
||||
require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
|
||||
$hookmanager=new HookManager($db);
|
||||
}
|
||||
}
|
||||
$hookmanager->initHooks(array('fileslib'));
|
||||
|
||||
$parameters=array(
|
||||
'file' => $file,
|
||||
'disableglob'=> $disableglob,
|
||||
'nophperrors' => $nophperrors
|
||||
);
|
||||
$reshook=$hookmanager->executeHooks('deleteFile', $parameters, $object);
|
||||
}
|
||||
|
||||
@ -742,33 +742,29 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n
|
||||
}
|
||||
else
|
||||
{
|
||||
$error=0;
|
||||
|
||||
//print "x".$file." ".$disableglob;
|
||||
$ok=true;
|
||||
$file_osencoded=dol_osencode($file); // New filename encoded in OS filesystem encoding charset
|
||||
if (empty($disableglob) && ! empty($file_osencoded))
|
||||
{
|
||||
foreach (glob($file_osencoded) as $filename)
|
||||
{
|
||||
if ($nophperrors) $ok=@unlink($filename); // The unlink encapsulated by dolibarr
|
||||
else $ok=unlink($filename); // The unlink encapsulated by dolibarr
|
||||
$error=0;
|
||||
|
||||
//print "x".$file." ".$disableglob;
|
||||
$ok=true;
|
||||
$file_osencoded=dol_osencode($file); // New filename encoded in OS filesystem encoding charset
|
||||
if (empty($disableglob) && ! empty($file_osencoded))
|
||||
{
|
||||
foreach (glob($file_osencoded) as $filename)
|
||||
{
|
||||
if ($nophperrors) $ok=@unlink($filename); // The unlink encapsulated by dolibarr
|
||||
else $ok=unlink($filename); // The unlink encapsulated by dolibarr
|
||||
if ($ok) dol_syslog("Removed file ".$filename, LOG_DEBUG);
|
||||
else dol_syslog("Failed to remove file ".$filename, LOG_WARNING);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($nophperrors) $ok=@unlink($file_osencoded); // The unlink encapsulated by dolibarr
|
||||
else $ok=unlink($file_osencoded); // The unlink encapsulated by dolibarr
|
||||
if ($ok) {
|
||||
dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG);
|
||||
}
|
||||
else {
|
||||
dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING);
|
||||
}
|
||||
}
|
||||
|
||||
else dol_syslog("Failed to remove file ".$filename, LOG_WARNING);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($nophperrors) $ok=@unlink($file_osencoded); // The unlink encapsulated by dolibarr
|
||||
else $ok=unlink($file_osencoded); // The unlink encapsulated by dolibarr
|
||||
if ($ok) dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG);
|
||||
else dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING);
|
||||
}
|
||||
|
||||
return $ok;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user