From 7288c18574c7a7873e374ff3367e0d4d89896895 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 18 Nov 2017 15:41:30 +0100 Subject: [PATCH] Work on generic filemanager component --- htdocs/core/actions_linkedfiles.inc.php | 134 +++++++++++++--------- htdocs/core/ajax/ajaxdirpreview.php | 3 +- htdocs/core/class/html.form.class.php | 2 +- htdocs/core/class/html.formfile.class.php | 2 +- htdocs/ecm/index.php | 26 +++-- htdocs/ecm/tpl/enablefiletreeajax.tpl.php | 1 + htdocs/website/index.php | 77 ++++++++++++- 7 files changed, 174 insertions(+), 71 deletions(-) diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index ea5d6c3db26..a0fa0291a70 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -24,29 +24,51 @@ //var_dump($upload_dir); //var_dump($upload_dirold); + // Submit file/link -if (GETPOST('sendit') && ! empty($conf->global->MAIN_UPLOAD_DOC)) +if (GETPOST('sendit','none') && ! empty($conf->global->MAIN_UPLOAD_DOC)) { - if ($object->id) - { - if (! empty($upload_dirold) && ! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) - $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); - else - $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); - } + if (! empty($_FILES)) + { + if (is_array($_FILES['userfile']['tmp_name'])) $userfiles=$_FILES['userfile']['tmp_name']; + else $userfiles=array($_FILES['userfile']['tmp_name']); + + foreach($userfiles as $key => $userfile) + { + if (empty($_FILES['userfile']['tmp_name'][$key])) + { + $error++; + if ($_FILES['userfile']['error'][$key] == 1 || $_FILES['userfile']['error'][$key] == 2){ + setEventMessages($langs->trans('ErrorFileSizeTooLarge'), null, 'errors'); + } + else { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("File")), null, 'errors'); + } + } + } + + if (! $error) + { + if (! empty($upload_dirold) && ! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) + { + $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); + } + elseif (! empty($upload_dir)) + { + $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); + } + } + } } -elseif (GETPOST('linkit') && ! empty($conf->global->MAIN_UPLOAD_DOC)) +elseif (GETPOST('linkit','none') && ! empty($conf->global->MAIN_UPLOAD_DOC)) { - if ($object->id) + $link = GETPOST('link', 'alpha'); + if ($link) { - $link = GETPOST('link', 'alpha'); - if ($link) - { - if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://') { - $link = 'http://' . $link; - } - dol_add_file_process($upload_dir, 0, 1, 'userfile', null, $link); + if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://') { + $link = 'http://' . $link; } + dol_add_file_process($upload_dir, 0, 1, 'userfile', null, $link); } } @@ -54,8 +76,6 @@ elseif (GETPOST('linkit') && ! empty($conf->global->MAIN_UPLOAD_DOC)) // Delete file/link if ($action == 'confirm_deletefile' && $confirm == 'yes') { - if ($object->id) - { $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). if (GETPOST('section', 'alpha')) $file = $upload_dir . "/" . $urlfile; // For a delete of GED module urlfile contains full path from upload_dir else // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. @@ -71,8 +91,8 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') $dir = dirname($file).'/'; // Chemin du dossier contenant l'image d'origine $dirthumb = $dir.'/thumbs/'; // Chemin du dossier contenant la vignette - $ret = dol_delete_file($file, 0, 0, 0, $object); - if (! empty($fileold)) dol_delete_file($fileold, 0, 0, 0, $object); // Delete file using old path + $ret = dol_delete_file($file, 0, 0, 0, (is_object($object)?$object:null)); + if (! empty($fileold)) dol_delete_file($fileold, 0, 0, 0, (is_object($object)?$object:null)); // Delete file using old path // Si elle existe, on efface la vignette if (preg_match('/(\.jpg|\.jpeg|\.bmp|\.gif|\.png|\.tiff)$/i',$file,$regs)) @@ -112,9 +132,12 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') } } } - header('Location: ' . $_SERVER["PHP_SELF"] . '?id=' . $object->id.(!empty($withproject)?'&withproject=1':'')); - exit; - } + + if (is_object($object)) + { + header('Location: ' . $_SERVER["PHP_SELF"] . '?id=' . $object->id.(!empty($withproject)?'&withproject=1':'')); + exit; + } } elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('link', 'alpha')) { @@ -142,45 +165,44 @@ elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('l //error fetching } } -elseif ($action == 'renamefile' && GETPOST('renamefilesave')) +elseif (($action == 'renamefile' || $action == 'file_manager') && GETPOST('renamefilesave','alpha')) { - if ($object->id) + // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. + if (! empty($upload_dir)) { - // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. - //var_dump($upload_dir);exit; - if (! empty($upload_dir)) + $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha')); + $filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha')); + + // Security: + // Disallow file with some extensions. We rename them. + // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code. + if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED)) { - $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha')); - $filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha')); + $filenameto.= '.noexe'; + } - // Security: - // Disallow file with some extensions. We rename them. - // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code. - if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED)) + if ($filenamefrom && $filenameto) + { + $srcpath = $upload_dir.'/'.$filenamefrom; + $destpath = $upload_dir.'/'.$filenameto; + + $result = dol_move($srcpath, $destpath); + if ($result) { - $filenameto.= '.noexe'; + if ($object->id) + { + $object->addThumbs($destpath); + } + + // TODO Add revert function of addThumbs to remove for old name + //$object->delThumbs($srcpath); + + setEventMessages($langs->trans("FileRenamed"), null); } - - if ($filenamefrom && $filenameto) + else { - $srcpath = $upload_dir.'/'.$filenamefrom; - $destpath = $upload_dir.'/'.$filenameto; - - $result = dol_move($srcpath, $destpath); - if ($result) - { - $object->addThumbs($destpath); - - // TODO Add revert function of addThumbs - //$object->delThumbs($srcpath); - - setEventMessages($langs->trans("FileRenamed"), null); - } - else - { - $langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now. - setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors'); - } + $langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now. + setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors'); } } } diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index 90e5bc1521f..dc781e16287 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -229,7 +229,7 @@ if ($type == 'directory') $relativepath=GETPOST('file','alpha'); if ($relativepath && $relativepath!= '/') $relativepath.='/'; $upload_dir = $dolibarr_main_data_root.'/'.$module.'/'.$relativepath; - if (GETPOSTISSET('website')) + if (GETPOSTISSET('website') || GETPOSTISSET('file_manager')) { $param.='&file_manager=1'; if (!preg_match('/website=/',$param)) $param.='&website='.urlencode(GETPOST('website','alpha')); @@ -310,6 +310,7 @@ if ($type == 'directory') 'urlfile'=>array('type'=>'hidden','value'=>$urlfile,'name'=>'urlfile'), 'section'=>array('type'=>'hidden','value'=>$section,'name'=>'section') ); + print $form->formconfirm($url,$langs->trans("DeleteFile"),$langs->trans("ConfirmDeleteFile"),'confirm_deletefile',$formquestion,"no",($useajax?'deletefile':0)); } diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 74b1416ec08..bb520c13d77 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -3542,7 +3542,7 @@ class Form * print '});'."\n"; * print ''."\n"; * - * @param string $page Url of page to call if confirmation is OK + * @param string $page Url of page to call if confirmation is OK. Can contains paramaters (param 'action' and 'confirm' will be reformated) * @param string $title Title * @param string $question Question * @param string $action Action diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index ee49d15cfac..3b6cf90d71d 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -55,7 +55,7 @@ class FormFile /** - * Show form to upload a new file + * Show form to upload a new file. * * @param string $url Url * @param string $title Title zone (Title or '' or 'none') diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 8841778ce26..837e52a2763 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -77,8 +77,8 @@ $error=0; * Actions */ -// Upload file -if (GETPOST("sendit") && ! empty($conf->global->MAIN_UPLOAD_DOC)) +// Upload file (code similar but different than actions_linkedfiles.inc.php) +if (GETPOST("sendit",'none') && ! empty($conf->global->MAIN_UPLOAD_DOC)) { // Define relativepath and upload_dir $relativepath=''; @@ -86,14 +86,20 @@ if (GETPOST("sendit") && ! empty($conf->global->MAIN_UPLOAD_DOC)) else $relativepath=$section_dir; $upload_dir = $conf->ecm->dir_output.'/'.$relativepath; - if (empty($_FILES['userfile']['tmp_name'])) + if (is_array($_FILES['userfile']['tmp_name'])) $userfiles=$_FILES['userfile']['tmp_name']; + else $userfiles=array($_FILES['userfile']['tmp_name']); + + foreach($userfiles as $key => $userfile) { - $error++; - if($_FILES['userfile']['error'] == 1 || $_FILES['userfile']['error'] == 2){ - setEventMessages($langs->trans('ErrorFileSizeTooLarge'),null, 'errors'); - } - else { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("File")), null, 'errors'); + if (empty($_FILES['userfile']['tmp_name'][$key])) + { + $error++; + if ($_FILES['userfile']['error'][$key] == 1 || $_FILES['userfile']['error'][$key] == 2){ + setEventMessages($langs->trans('ErrorFileSizeTooLarge'), null, 'errors'); + } + else { + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("File")), null, 'errors'); + } } } @@ -107,8 +113,6 @@ if (GETPOST("sendit") && ! empty($conf->global->MAIN_UPLOAD_DOC)) } } - - // Add directory if ($action == 'add' && $user->rights->ecm->setup) { diff --git a/htdocs/ecm/tpl/enablefiletreeajax.tpl.php b/htdocs/ecm/tpl/enablefiletreeajax.tpl.php index 3e77c0acd92..90424c10bd6 100644 --- a/htdocs/ecm/tpl/enablefiletreeajax.tpl.php +++ b/htdocs/ecm/tpl/enablefiletreeajax.tpl.php @@ -44,6 +44,7 @@ $(document).ready(function() { }, // Called if we click on a dir (not a file) function(elem) { + console.log("We click on a dir, we save dir name or id into _section_... with name section_..."); id=elem.attr('id').substr(12); // We get id that is 'fmdirlia_id_xxx' (id we want is xxx) jQuery("#_section_dir").val(elem.attr('rel')); jQuery("#_section_id").val(id); diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 11e74067e61..34d7e812316 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -52,6 +52,8 @@ $pageid=GETPOST('pageid', 'int'); $pageref=GETPOST('pageref', 'aZ09'); $action=GETPOST('action','alpha'); +$section_dir = GETPOST('section_dir', 'alpha'); + if (GETPOST('delete')) { $action='delete'; } if (GETPOST('preview')) $action='preview'; if (GETPOST('createsite')) { $action='createsite'; } @@ -122,10 +124,78 @@ $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current +$permtouploadfile = $user->rights->website->write; +$diroutput = $conf->medias->multidir_output[$conf->entity]; + +$relativepath=$section_dir; +$upload_dir = $diroutput.'/'.$relativepath; + + /* * Actions */ +include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; + +// Add directory +if ($action == 'add' && $permtouploadfile) +{ + $ecmdir->ref = 'NOTUSEDYET'; + $ecmdir->label = GETPOST("label"); + $ecmdir->description = GETPOST("desc"); + + //$id = $ecmdir->create($user); + if ($id > 0) + { + header("Location: ".$_SERVER["PHP_SELF"]); + exit; + } + else + { + setEventMessages('Error '.$langs->trans($ecmdir->error), null, 'errors'); + $action = "create"; + } + + clearstatcache(); +} + +// Remove file +if ($action == 'confirm_deletefile') +{ + if (GETPOST('confirm') == 'yes') + { + // GETPOST('urlfile','alpha') is full relative URL from ecm root dir. Contains path of all sections. + //var_dump(GETPOST('urlfile'));exit; + + $upload_dir = $diroutput.($relativepath?'/'.$relativepath:''); + $file = $upload_dir . "/" . GETPOST('urlfile','alpha'); // Do not use urldecode here ($_GET and $_POST are already decoded by PHP). + //var_dump($file);exit; + + $ret=dol_delete_file($file); // This include also the delete from file index in database. + if ($ret) + { + setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile','alpha')), null, 'mesgs'); + } + else + { + setEventMessages($langs->trans("ErrorFailToDeleteFile", GETPOST('urlfile','alpha')), null, 'errors'); + } + + clearstatcache(); + } + $action='file_manager'; +} + +// Remove directory +if ($action == 'confirm_deletesection' && GETPOST('confirm') == 'yes') +{ + //$result=$ecmdir->delete($user); + setEventMessages($langs->trans("ECMSectionWasRemoved", $ecmdir->label), null, 'mesgs'); + + clearstatcache(); +} + + if (GETPOST('refreshsite')) // If we change the site, we reset the pageid and cancel addsite action. { $pageid=0; @@ -1117,7 +1187,7 @@ $moreheadjs.=''."\n"; llxHeader($moreheadcss.$moreheadjs, $langs->trans("websiteetup"), $help_url, '', 0, 0, $arrayofjs, $arrayofcss, '', '', ''."\n".'
'); -print "\n".'
'; +print "\n".''; print ''; if ($action == 'createsite') @@ -1156,6 +1226,10 @@ if ($action == 'edit') { print ''; } +if ($action == 'file_manager') +{ + print ''; +} print '
'; @@ -1829,6 +1903,7 @@ if ($action == 'file_manager') //print '
'.$langs->trans("FeatureNotYetAvailable").''; $module = 'medias'; + //if (empty($url)) $url=DOL_URL_ROOT.'/website/index.php?file_manager=1&website='.$website.'&pageid='.$pageid; if (empty($url)) $url=DOL_URL_ROOT.'/website/index.php'; include DOL_DOCUMENT_ROOT.'/ecm/tpl/filemanager.tpl.php';