From 99e53f6b183efb2da6fdcc9ecf066705541b0e50 Mon Sep 17 00:00:00 2001
From: ptibogxiv <support@ptibogxiv.net>
Date: Fri, 3 Apr 2020 13:12:00 +0200
Subject: [PATCH 1/3] FIX preg_math

---
 htdocs/api/class/api_setup.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php
index 1b619acfeb7..5dbccb69fb4 100644
--- a/htdocs/api/class/api_setup.class.php
+++ b/htdocs/api/class/api_setup.class.php
@@ -1426,7 +1426,7 @@ class Setup extends DolibarrApi
     		throw new RestException(403, 'Error API open to admin users only or to the login user defined with constant API_LOGIN_ALLOWED_FOR_ADMIN_CHECK');
     	}
 
-    	if (! preg_match('/[^a-zA-Z0-9_]/', $confname) || ! isset($conf->global->$confname)) {
+    	if (! preg_match('/[a-zA-Z0-9_]/', $confname) || ! isset($conf->global->$confname)) {
     		throw new RestException(500, 'Error Bad or unknown value for constname');
     	}
     	if (preg_match('/(_pass|password|secret|_key|key$)/i', $confname)) {

From 7818b1515142a38bd9aeaa03531241dce28bd06a Mon Sep 17 00:00:00 2001
From: ptibogxiv <support@ptibogxiv.net>
Date: Sun, 5 Apr 2020 10:50:38 +0200
Subject: [PATCH 2/3] Update api_setup.class.php

---
 htdocs/api/class/api_setup.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php
index 5dbccb69fb4..7b47c59dbb7 100644
--- a/htdocs/api/class/api_setup.class.php
+++ b/htdocs/api/class/api_setup.class.php
@@ -1426,7 +1426,7 @@ class Setup extends DolibarrApi
     		throw new RestException(403, 'Error API open to admin users only or to the login user defined with constant API_LOGIN_ALLOWED_FOR_ADMIN_CHECK');
     	}
 
-    	if (! preg_match('/[a-zA-Z0-9_]/', $confname) || ! isset($conf->global->$confname)) {
+    	if (! preg_match('/^[a-zA-Z0-9_]+$/', $confname) || ! isset($conf->global->$confname)) {
     		throw new RestException(500, 'Error Bad or unknown value for constname');
     	}
     	if (preg_match('/(_pass|password|secret|_key|key$)/i', $confname)) {

From 6be12efd61601a523271a80f9457fadbb3a962fd Mon Sep 17 00:00:00 2001
From: ptibogxiv <support@ptibogxiv.net>
Date: Sun, 5 Apr 2020 11:20:24 +0200
Subject: [PATCH 3/3] NEW get documents for categories with RESP API

---
 htdocs/api/class/api_documents.class.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/htdocs/api/class/api_documents.class.php b/htdocs/api/class/api_documents.class.php
index e58ebf7d280..a6f48df1026 100644
--- a/htdocs/api/class/api_documents.class.php
+++ b/htdocs/api/class/api_documents.class.php
@@ -457,6 +457,22 @@ class Documents extends DolibarrApi
 
 			$upload_dir = $conf->expensereport->dir_output.'/'.dol_sanitizeFileName($object->ref);
 		}
+		elseif ($modulepart == 'categorie' || $modulepart == 'category')
+		{
+			require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
+
+			if (!DolibarrApiAccess::$user->rights->categorie->lire) {
+				throw new RestException(401);
+			}
+
+			$object = new Categorie($this->db);
+			$result = $object->fetch($id, $ref);
+			if (!$result) {
+				throw new RestException(404, 'Category not found');
+			}
+
+			$upload_dir = $conf->categorie->multidir_output[$object->entity].'/'.get_exdir($object->id, 2, 0, 0, $object, 'category').$object->id."/photos/".dol_sanitizeFileName($object->ref);
+		}
 		else
 		{
 			throw new RestException(500, 'Modulepart '.$modulepart.' not implemented yet.');