From 7358223c8fbd8c9fffbf059eda6bb87faf745990 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 12 Sep 2012 12:41:44 +0200 Subject: [PATCH] Fix: convert line delimiters --- htdocs/core/lib/files.lib.php | 298 +++++++++++++++++----------------- 1 file changed, 147 insertions(+), 151 deletions(-) diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index fa9c9de437d..fc4ebd4c25f 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -568,7 +568,7 @@ function dol_unescapefile($filename) * @param int $nohook Disable all hooks * @param string $varfiles _FILES var name * @return int >0 if OK, <0 or string if KO - * @see dolCheckUploadedFile, dol_move + * @see dol_move */ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disablevirusscan=0, $uploaderrorcode=0, $nohook=0, $varfiles='addedfile') { @@ -579,121 +579,121 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable $file_name = $dest_file; if (empty($nohook)) - { - // If an upload error has been reported - if ($uploaderrorcode) - { - switch($uploaderrorcode) - { - case UPLOAD_ERR_INI_SIZE: // 1 - return 'ErrorFileSizeTooLarge'; - break; - case UPLOAD_ERR_FORM_SIZE: // 2 - return 'ErrorFileSizeTooLarge'; - break; - case UPLOAD_ERR_PARTIAL: // 3 - return 'ErrorPartialFile'; - break; - case UPLOAD_ERR_NO_TMP_DIR: // - return 'ErrorNoTmpDir'; - break; - case UPLOAD_ERR_CANT_WRITE: - return 'ErrorFailedToWriteInDir'; - break; - case UPLOAD_ERR_EXTENSION: - return 'ErrorUploadBlockedByAddon'; - break; - default: - break; - } - } - - // If we need to make a virus scan - if (empty($disablevirusscan) && file_exists($src_file) && ! empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) - { - if (! class_exists('AntiVir')) { - require DOL_DOCUMENT_ROOT.'/core/class/antivir.class.php'; - } - $antivir=new AntiVir($db); - $result = $antivir->dol_avscan_file($src_file); - if ($result < 0) // If virus or error, we stop here - { - $reterrors=$antivir->errors; - dol_syslog('Files.lib::dol_move_uploaded_file File "'.$src_file.'" (target name "'.$dest_file.'") KO with antivirus: result='.$result.' errors='.join(',',$antivir->errors), LOG_WARNING); - return 'ErrorFileIsInfectedWithAVirus: '.join(',',$reterrors); - } - } - - // Security: - // Disallow file with some extensions. We renamed them. - // Car si on a mis le rep documents dans un rep de la racine web (pas bien), cela permet d'executer du code a la demande. - if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$dest_file)) - { - $file_name.= '.noexe'; - } - - // Security: - // On interdit fichiers caches, remontees de repertoire ainsi que les pipes dans les noms de fichiers. - if (preg_match('/^\./',$src_file) || preg_match('/\.\./',$src_file) || preg_match('/[<>|]/',$src_file)) - { - dol_syslog("Refused to deliver file ".$src_file, LOG_WARNING); - return -1; - } - - // Security: - // On interdit fichiers caches, remontees de repertoire ainsi que les pipe dans - // les noms de fichiers. - if (preg_match('/^\./',$dest_file) || preg_match('/\.\./',$dest_file) || preg_match('/[<>|]/',$dest_file)) - { - dol_syslog("Refused to deliver file ".$dest_file, LOG_WARNING); - return -2; + { + // If an upload error has been reported + if ($uploaderrorcode) + { + switch($uploaderrorcode) + { + case UPLOAD_ERR_INI_SIZE: // 1 + return 'ErrorFileSizeTooLarge'; + break; + case UPLOAD_ERR_FORM_SIZE: // 2 + return 'ErrorFileSizeTooLarge'; + break; + case UPLOAD_ERR_PARTIAL: // 3 + return 'ErrorPartialFile'; + break; + case UPLOAD_ERR_NO_TMP_DIR: // + return 'ErrorNoTmpDir'; + break; + case UPLOAD_ERR_CANT_WRITE: + return 'ErrorFailedToWriteInDir'; + break; + case UPLOAD_ERR_EXTENSION: + return 'ErrorUploadBlockedByAddon'; + break; + default: + break; + } } - if (! is_object($hookmanager)) - { - if (! class_exists('HookManager')) { - // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array - require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; - $hookmanager=new HookManager($db); - } - } - $hookmanager->initHooks(array('fileslib')); - - $parameters=array('filename' => $file_name, 'varfiles' => $varfiles, 'allowoverwrite' => $allowoverwrite); + // If we need to make a virus scan + if (empty($disablevirusscan) && file_exists($src_file) && ! empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) + { + if (! class_exists('AntiVir')) { + require DOL_DOCUMENT_ROOT.'/core/class/antivir.class.php'; + } + $antivir=new AntiVir($db); + $result = $antivir->dol_avscan_file($src_file); + if ($result < 0) // If virus or error, we stop here + { + $reterrors=$antivir->errors; + dol_syslog('Files.lib::dol_move_uploaded_file File "'.$src_file.'" (target name "'.$dest_file.'") KO with antivirus: result='.$result.' errors='.join(',',$antivir->errors), LOG_WARNING); + return 'ErrorFileIsInfectedWithAVirus: '.join(',',$reterrors); + } + } + + // Security: + // Disallow file with some extensions. We renamed them. + // Car si on a mis le rep documents dans un rep de la racine web (pas bien), cela permet d'executer du code a la demande. + if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$dest_file)) + { + $file_name.= '.noexe'; + } + + // Security: + // On interdit fichiers caches, remontees de repertoire ainsi que les pipes dans les noms de fichiers. + if (preg_match('/^\./',$src_file) || preg_match('/\.\./',$src_file) || preg_match('/[<>|]/',$src_file)) + { + dol_syslog("Refused to deliver file ".$src_file, LOG_WARNING); + return -1; + } + + // Security: + // On interdit fichiers caches, remontees de repertoire ainsi que les pipe dans + // les noms de fichiers. + if (preg_match('/^\./',$dest_file) || preg_match('/\.\./',$dest_file) || preg_match('/[<>|]/',$dest_file)) + { + dol_syslog("Refused to deliver file ".$dest_file, LOG_WARNING); + return -2; + } + + if (! is_object($hookmanager)) + { + if (! class_exists('HookManager')) { + // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array + require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; + $hookmanager=new HookManager($db); + } + } + $hookmanager->initHooks(array('fileslib')); + + $parameters=array('filename' => $file_name, 'varfiles' => $varfiles, 'allowoverwrite' => $allowoverwrite); $reshook=$hookmanager->executeHooks('dolMoveUploadedFile', $parameters, $object); } if (empty($reshook)) { - // The file functions must be in OS filesystem encoding. - $src_file_osencoded=dol_osencode($src_file); - $file_name_osencoded=dol_osencode($file_name); - - // Check if destination dir is writable - // TODO - - // Check if destination file already exists - if (! $allowoverwrite) - { - if (file_exists($file_name_osencoded)) - { - dol_syslog("Files.lib::dol_move_uploaded_file File ".$file_name." already exists. Return 'ErrorFileAlreadyExists'", LOG_WARNING); - return 'ErrorFileAlreadyExists'; - } - } - - // Move file - $return=move_uploaded_file($src_file_osencoded, $file_name_osencoded); - if ($return) - { - if (! empty($conf->global->MAIN_UMASK)) @chmod($file_name_osencoded, octdec($conf->global->MAIN_UMASK)); - dol_syslog("Files.lib::dol_move_uploaded_file Success to move ".$src_file." to ".$file_name." - Umask=".$conf->global->MAIN_UMASK, LOG_DEBUG); - return 1; // Success - } - else - { - dol_syslog("Files.lib::dol_move_uploaded_file Failed to move ".$src_file." to ".$file_name, LOG_ERR); - return -3; // Unknown error + // The file functions must be in OS filesystem encoding. + $src_file_osencoded=dol_osencode($src_file); + $file_name_osencoded=dol_osencode($file_name); + + // Check if destination dir is writable + // TODO + + // Check if destination file already exists + if (! $allowoverwrite) + { + if (file_exists($file_name_osencoded)) + { + dol_syslog("Files.lib::dol_move_uploaded_file File ".$file_name." already exists. Return 'ErrorFileAlreadyExists'", LOG_WARNING); + return 'ErrorFileAlreadyExists'; + } + } + + // Move file + $return=move_uploaded_file($src_file_osencoded, $file_name_osencoded); + if ($return) + { + if (! empty($conf->global->MAIN_UMASK)) @chmod($file_name_osencoded, octdec($conf->global->MAIN_UMASK)); + dol_syslog("Files.lib::dol_move_uploaded_file Success to move ".$src_file." to ".$file_name." - Umask=".$conf->global->MAIN_UMASK, LOG_DEBUG); + return 1; // Success + } + else + { + dol_syslog("Files.lib::dol_move_uploaded_file Failed to move ".$src_file." to ".$file_name, LOG_ERR); + return -3; // Unknown error } } } @@ -713,26 +713,26 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n global $db, $conf, $user, $langs; global $hookmanager; - $langs->load("other"); + $langs->load("other"); $langs->load("errors"); if (empty($nohook)) { - if (! is_object($hookmanager)) - { - if (! class_exists('HookManager')) { - // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array - require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; - $hookmanager=new HookManager($db); - } - } - $hookmanager->initHooks(array('fileslib')); - - $parameters=array( - 'file' => $file, - 'disableglob'=> $disableglob, - 'nophperrors' => $nophperrors - ); + if (! is_object($hookmanager)) + { + if (! class_exists('HookManager')) { + // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array + require DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; + $hookmanager=new HookManager($db); + } + } + $hookmanager->initHooks(array('fileslib')); + + $parameters=array( + 'file' => $file, + 'disableglob'=> $disableglob, + 'nophperrors' => $nophperrors + ); $reshook=$hookmanager->executeHooks('deleteFile', $parameters, $object); } @@ -742,33 +742,29 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n } else { - $error=0; - - //print "x".$file." ".$disableglob; - $ok=true; - $file_osencoded=dol_osencode($file); // New filename encoded in OS filesystem encoding charset - if (empty($disableglob) && ! empty($file_osencoded)) - { - foreach (glob($file_osencoded) as $filename) - { - if ($nophperrors) $ok=@unlink($filename); // The unlink encapsulated by dolibarr - else $ok=unlink($filename); // The unlink encapsulated by dolibarr + $error=0; + + //print "x".$file." ".$disableglob; + $ok=true; + $file_osencoded=dol_osencode($file); // New filename encoded in OS filesystem encoding charset + if (empty($disableglob) && ! empty($file_osencoded)) + { + foreach (glob($file_osencoded) as $filename) + { + if ($nophperrors) $ok=@unlink($filename); // The unlink encapsulated by dolibarr + else $ok=unlink($filename); // The unlink encapsulated by dolibarr if ($ok) dol_syslog("Removed file ".$filename, LOG_DEBUG); - else dol_syslog("Failed to remove file ".$filename, LOG_WARNING); - } - } - else - { - if ($nophperrors) $ok=@unlink($file_osencoded); // The unlink encapsulated by dolibarr - else $ok=unlink($file_osencoded); // The unlink encapsulated by dolibarr - if ($ok) { - dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG); - } - else { - dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING); - } - } - + else dol_syslog("Failed to remove file ".$filename, LOG_WARNING); + } + } + else + { + if ($nophperrors) $ok=@unlink($file_osencoded); // The unlink encapsulated by dolibarr + else $ok=unlink($file_osencoded); // The unlink encapsulated by dolibarr + if ($ok) dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG); + else dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING); + } + return $ok; } }