From 8be0a6d470ed5d7f7326dd6ad711582d4d20447d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 12 Nov 2019 00:43:26 +0100 Subject: [PATCH] Fix: Can set savingdocmask by caller. Fix permissions names. Fix: Disable crop on svg images. --- htdocs/core/lib/images.lib.php | 2 + .../tpl/document_actions_post_headers.tpl.php | 56 ++++++++++++++----- htdocs/mrp/mo_document.php | 6 +- htdocs/zapier/hook_document.php | 12 ---- 4 files changed, 45 insertions(+), 31 deletions(-) diff --git a/htdocs/core/lib/images.lib.php b/htdocs/core/lib/images.lib.php index d8163e7f763..4c089640915 100644 --- a/htdocs/core/lib/images.lib.php +++ b/htdocs/core/lib/images.lib.php @@ -40,6 +40,7 @@ function image_format_supported($file) $regeximgext='\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.xpm|\.xbm|\.svg'; // See also into product.class.php // Case filename is not a format image + $reg = array(); if (! preg_match('/('.$regeximgext.')$/i', $file, $reg)) return -1; // Case filename is a format image but not supported by this PHP @@ -51,6 +52,7 @@ function image_format_supported($file) if (strtolower($reg[1]) == '.bmp') $imgfonction = 'imagecreatefromwbmp'; if (strtolower($reg[1]) == '.xpm') $imgfonction = 'imagecreatefromxpm'; if (strtolower($reg[1]) == '.xbm') $imgfonction = 'imagecreatefromxbm'; + if (strtolower($reg[1]) == '.svg') $imgfonction = 'imagecreatefromsvg'; // Never available if ($imgfonction) { if (! function_exists($imgfonction)) diff --git a/htdocs/core/tpl/document_actions_post_headers.tpl.php b/htdocs/core/tpl/document_actions_post_headers.tpl.php index f2d84a3a796..3261cde553a 100644 --- a/htdocs/core/tpl/document_actions_post_headers.tpl.php +++ b/htdocs/core/tpl/document_actions_post_headers.tpl.php @@ -20,10 +20,13 @@ */ // Following var can be set -// $permission = permission or not to add a file -// $permtoedit = permission or not to edit file name, crop file +// $permissiontoadd = permission or not to add a file (can use also $permission) and permission or not to edit file name or crop file (can use also $permtoedit) // $modulepart = for download // $param = param to add to download links +// $upload_dir +// $object +// $filearray +// $savingdocmask = dol_sanitizeFileName($object->ref).'-__file__'; // Protection to avoid direct call of template if (empty($langs) || ! is_object($langs)) @@ -35,7 +38,9 @@ if (empty($langs) || ! is_object($langs)) $langs->load("link"); if (empty($relativepathwithnofile)) $relativepathwithnofile=''; -if (empty($permtoedit)) $permtoedit=-1; + +if (! isset($permission)) $permission = $permissiontoadd; +if (! isset($permtoedit)) $permtoedit = $permissiontoadd; // Drag and drop for up and down allowed on product, thirdparty, ... // The drag and drop call the page core/ajax/row.php @@ -66,19 +71,40 @@ if ($action == 'delete') $formfile=new FormFile($db); -// We define var to enable the feature to add prefix of uploaded files -$savingdocmask=''; -if (empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_PREFIX)) -{ - //var_dump($modulepart); - if (in_array($modulepart, array('facture_fournisseur','commande_fournisseur','facture','commande','propal','supplier_proposal','ficheinter','contract','expedition','project','project_task','expensereport','tax', 'produit', 'product_batch'))) - { - $savingdocmask=dol_sanitizeFileName($object->ref).'-__file__'; +// We define var to enable the feature to add prefix of uploaded files. +// Caller of this include can make +// $savingdocmask=dol_sanitizeFileName($object->ref).'-__file__'; +if (!isset($savingdocmask) || !empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_PREFIX)) { + $savingdocmask=''; + if (empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_PREFIX)) { + //var_dump($modulepart); + if (in_array($modulepart, array( + 'facture_fournisseur', + 'commande_fournisseur', + 'facture', + 'commande', + 'propal', + 'supplier_proposal', + 'ficheinter', + 'contract', + 'expedition', + 'project', + 'project_task', + 'expensereport', + 'tax', + 'produit', + 'product_batch', + 'bom', + 'mrp' + ))) + { + $savingdocmask=dol_sanitizeFileName($object->ref).'-__file__'; + } + /*if (in_array($modulepart,array('member'))) + { + $savingdocmask=$object->login.'___file__'; + }*/ } - /*if (in_array($modulepart,array('member'))) - { - $savingdocmask=$object->login.'___file__'; - }*/ } // Show upload form (document and links) diff --git a/htdocs/mrp/mo_document.php b/htdocs/mrp/mo_document.php index 2c4d1b36c99..72fab7c3517 100644 --- a/htdocs/mrp/mo_document.php +++ b/htdocs/mrp/mo_document.php @@ -133,10 +133,8 @@ if ($object->id) dol_fiche_end(); $modulepart = 'mrp'; - //$permission = $user->rights->mrp->create; - $permission = 1; - //$permtoedit = $user->rights->mrp->create; - $permtoedit = 1; + $permission = $user->rights->mrp->write; + $permtoedit = $user->rights->mrp->write; $param = '&id=' . $object->id; //$relativepathwithnofile='mo/' . dol_sanitizeFileName($object->id).'/'; diff --git a/htdocs/zapier/hook_document.php b/htdocs/zapier/hook_document.php index 6ad31221cc4..b081a60b3ae 100644 --- a/htdocs/zapier/hook_document.php +++ b/htdocs/zapier/hook_document.php @@ -144,18 +144,6 @@ if ($object->id) print ''; dol_fiche_end(); - - $modulepart = 'mymodule'; - //$permission = $user->rights->mymodule->create; - $permission = 1; - //$permtoedit = $user->rights->mymodule->create; - $permtoedit = 1; - $param = '&id=' . $object->id; - - //$relativepathwithnofile='myobject/' . dol_sanitizeFileName($object->id).'/'; - $relativepathwithnofile='myobject/' . dol_sanitizeFileName($object->ref).'/'; - - include_once DOL_DOCUMENT_ROOT . '/core/tpl/document_actions_post_headers.tpl.php'; } else {