lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

No special chars in filename

Browse Source
This commit is contained in:
Laurent Destailleur 2008-10-25 21:18:53 +00:00
parent 5f55cb864e
commit dbae510665
64 changed files with 167 additions and 153 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
htdocs/chargesociales.class.php
View File

@ -24,15 +24,20 @@
\version $Id$
*/
require_once(DOL_DOCUMENT_ROOT."/commonobject.class.php");
/** \class ChargeSociales
\brief Classe permettant la gestion des paiements des charges
La tva collectée n'est calculée que sur les factures payées.
*/
class ChargeSociales
class ChargeSociales extends CommonObject
{
var $db;
var $error;
var $element='rowid';
var $table_element='chargesociales';
var $id;
var $date_ech;
var $lib;

6
htdocs/comm/action/document.php
View File

@ -71,7 +71,7 @@ if ( $_POST["sendit"] && $conf->upload )
/*
* Creation répertoire si n'existe pas
*/
$upload_dir = $conf->actions->dir_output.'/'.sanitize_string($objectid);
$upload_dir = $conf->actions->dir_output.'/'.sanitizeFileName($objectid);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
@ -95,7 +95,7 @@ if ( $_POST["sendit"] && $conf->upload )
*/
if ($_GET["action"] == 'delete')
{
$upload_dir = $conf->actions->dir_output.'/'.sanitize_string($objectid);
$upload_dir = $conf->actions->dir_output.'/'.sanitizeFileName($objectid);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
}
@ -113,7 +113,7 @@ if ($objectid > 0)
$act = new ActionComm($db);
if ($act->fetch($objectid))
{
$upload_dir = $conf->actions->dir_output.'/'.sanitize_string($objectid);
$upload_dir = $conf->actions->dir_output.'/'.sanitizeFileName($objectid);
$res=$act->societe->fetch($act->societe->id);
$res=$act->author->fetch(); // Le paramètre est le login, hors seul l'id est chargé.

8
htdocs/comm/index.php
View File

@ -457,8 +457,8 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
if ($obj->dp < (time() - $conf->propal->cloture->warning_delay)) print img_warning($langs->trans("Late"));
print '</td>';
print '<td width="16" align="center" class="nobordernopadding">';
$filename=sanitize_string($obj->ref);
$filedir=$conf->propal->dir_output . '/' . sanitize_string($obj->ref);
$filename=sanitizeFileName($obj->ref);
$filedir=$conf->propal->dir_output . '/' . sanitizeFileName($obj->ref);
$urlsource=$_SERVER['PHP_SELF'].'?propalid='.$obj->propalid;
$formfile->show_documents('propal',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';
@ -532,8 +532,8 @@ if ($conf->propal->enabled && $user->rights->propale->lire)
print '&nbsp;';
print '</td>';
print '<td width="16" align="center" class="nobordernopadding">';
$filename=sanitize_string($objp->ref);
$filedir=$conf->propal->dir_output . '/' . sanitize_string($objp->ref);
$filename=sanitizeFileName($objp->ref);
$filedir=$conf->propal->dir_output . '/' . sanitizeFileName($objp->ref);
$urlsource=$_SERVER['PHP_SELF'].'?propalid='.$objp->propalid;
$formfile->show_documents('propal',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';

14
htdocs/comm/propal.php
View File

@ -359,7 +359,7 @@ if ($_POST['action'] == 'send' && ! $_POST['addfile'] && ! $_POST['cancel'])
$propal= new Propal($db);
if ( $propal->fetch($_POST['propalid']) )
{
$propalref = sanitize_string($propal->ref);
$propalref = sanitizeFileName($propal->ref);
$file = $conf->propal->dir_output . '/' . $propalref . '/' . $propalref . '.pdf';
if (is_readable($file))
@ -1687,7 +1687,7 @@ if ($_GET['propalid'] > 0)
// Send
if ($propal->statut == 1 && $user->rights->propale->envoyer)
{
$propref = sanitize_string($propal->ref);
$propref = sanitizeFileName($propal->ref);
$file = $conf->propal->dir_output . '/'.$propref.'/'.$propref.'.pdf';
if (file_exists($file))
{
@ -1745,8 +1745,8 @@ if ($_GET['propalid'] > 0)
/*
* Documents generes
*/
$filename=sanitize_string($propal->ref);
$filedir=$conf->propal->dir_output . "/" . sanitize_string($propal->ref);
$filename=sanitizeFileName($propal->ref);
$filedir=$conf->propal->dir_output . "/" . sanitizeFileName($propal->ref);
$urlsource=$_SERVER["PHP_SELF"]."?propalid=".$propal->id;
$genallowed=$user->rights->propale->creer;
$delallowed=$user->rights->propale->supprimer;
@ -1806,7 +1806,7 @@ if ($_GET['propalid'] > 0)
*/
if ($_GET['action'] == 'presend')
{
$ref = sanitize_string($propal->ref);
$ref = sanitizeFileName($propal->ref);
$file = $conf->propal->dir_output . '/' . $ref . '/' . $ref . '.pdf';
print '<br>';
@ -2003,8 +2003,8 @@ else
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($objp->ref);
$filedir=$conf->propal->dir_output . '/' . sanitize_string($objp->ref);
$filename=sanitizeFileName($objp->ref);
$filedir=$conf->propal->dir_output . '/' . sanitizeFileName($objp->ref);
$urlsource=$_SERVER['PHP_SELF'].'?propalid='.$objp->propalid;
$formfile->show_documents('propal',$filename,$filedir,$urlsource,'','','','','',1);

2
htdocs/comm/propal/apercu.php
View File

@ -133,7 +133,7 @@ if ($_GET["propalid"] > 0)
/*
* Documents
*/
$propalref = sanitize_string($propal->ref);
$propalref = sanitizeFileName($propal->ref);
$dir_output = $conf->propal->dir_output . "/";
$filepath = $dir_output . $propalref . "/";
$file = $filepath . $propalref . ".pdf";

6
htdocs/comm/propal/document.php
View File

@ -72,7 +72,7 @@ if ($_POST["sendit"] && $conf->upload)
if ($propal->fetch($propalid))
{
$upload_dir = $conf->propal->dir_output . "/" . sanitize_string($propal->ref);
$upload_dir = $conf->propal->dir_output . "/" . sanitizeFileName($propal->ref);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
@ -100,7 +100,7 @@ if ($action=='delete')
$propalid=$_GET["id"];
if ($propal->fetch($propalid))
{
$upload_dir = $conf->propal->dir_output . "/" . sanitize_string($propal->ref);
$upload_dir = $conf->propal->dir_output . "/" . sanitizeFileName($propal->ref);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
@ -119,7 +119,7 @@ if ($propalid > 0)
$propal = new Propal($db);
if ($propal->fetch($propalid))
{
$upload_dir = $conf->propal->dir_output.'/'.sanitize_string($propal->ref);
$upload_dir = $conf->propal->dir_output.'/'.sanitizeFileName($propal->ref);
$societe = new Societe($db);
$societe->fetch($propal->socid);

2
htdocs/commande/apercu.php
View File

@ -135,7 +135,7 @@ if ($_GET["id"] > 0) {
/*
* Documents
*/
$commanderef = sanitize_string($commande->ref);
$commanderef = sanitizeFileName($commande->ref);
$dir_output = $conf->commande->dir_output . "/";
$filepath = $dir_output . $commanderef . "/";
$file = $filepath . $commanderef . ".pdf";

4
htdocs/commande/commande.class.php
View File

@ -248,7 +248,7 @@ class Commande extends CommonObject
// On efface le repertoire de pdf provisoire
if (eregi('^\(PROV', $this->ref))
{
$comref = sanitize_string($this->ref);
$comref = sanitizeFileName($this->ref);
if ($conf->commande->dir_output)
{
$dir = $conf->commande->dir_output . "/" . $comref ;
@ -1752,7 +1752,7 @@ class Commande extends CommonObject
}
// On efface le repertoire de pdf provisoire
$comref = sanitize_string($this->ref);
$comref = sanitizeFileName($this->ref);
if ($conf->commande->dir_output)
{
$dir = $conf->commande->dir_output . "/" . $comref ;

6
htdocs/commande/document.php
View File

@ -74,7 +74,7 @@ if (!$commande->fetch($id)) {
// Envoi fichier
if ($_POST["sendit"] && $conf->upload)
{
$upload_dir = $conf->commande->dir_output . "/" . sanitize_string($commande->ref);
$upload_dir = $conf->commande->dir_output . "/" . sanitizeFileName($commande->ref);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
@ -96,7 +96,7 @@ if ($_POST["sendit"] && $conf->upload)
// Delete
if ($action=='delete')
{
$upload_dir = $conf->commande->dir_output . "/" . sanitize_string($commande->ref);
$upload_dir = $conf->commande->dir_output . "/" . sanitizeFileName($commande->ref);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
@ -110,7 +110,7 @@ if ($id > 0)
{
llxHeader();
$upload_dir = $conf->commande->dir_output.'/'.sanitize_string($commande->ref);
$upload_dir = $conf->commande->dir_output.'/'.sanitizeFileName($commande->ref);
$societe = new Societe($db);
$societe->fetch($commande->socid);

8
htdocs/commande/fiche.php
View File

@ -676,7 +676,7 @@ if ($_POST['action'] == 'send' && ! $_POST['addfile'] && ! $_POST['cancel'])
$result=$commande->fetch($_POST['orderid']);
if ($result)
{
$ref = sanitize_string($commande->ref);
$ref = sanitizeFileName($commande->ref);
$file = $conf->commande->dir_output . '/' . $ref . '/' . $ref . '.pdf';
if (is_readable($file))
@ -1876,7 +1876,7 @@ else
{
if ($user->rights->commande->envoyer)
{
$comref = sanitize_string($commande->ref);
$comref = sanitizeFileName($commande->ref);
$file = $conf->commande->dir_output . '/'.$comref.'/'.$comref.'.pdf';
if (file_exists($file))
{
@ -1979,7 +1979,7 @@ else
* Documents generes
*
*/
$comref = sanitize_string($commande->ref);
$comref = sanitizeFileName($commande->ref);
$file = $conf->commande->dir_output . '/' . $comref . '/' . $comref . '.pdf';
$relativepath = $comref.'/'.$comref.'.pdf';
$filedir = $conf->commande->dir_output . '/' . $comref;
@ -2046,7 +2046,7 @@ else
*/
if ($_GET['action'] == 'presend')
{
$ref = sanitize_string($commande->ref);
$ref = sanitizeFileName($commande->ref);
$file = $conf->commande->dir_output . '/' . $ref . '/' . $ref . '.pdf';
print '<br>';

12
htdocs/commande/index.php
View File

@ -147,8 +147,8 @@ if ( $db->query($sql) )
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitize_string($obj->ref);
$filename=sanitizeFileName($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitizeFileName($obj->ref);
$urlsource=$_SERVER['PHP_SELF'].'?id='.$obj->rowid;
$formfile->show_documents('commande',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';
@ -210,8 +210,8 @@ if ( $db->query($sql) )
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitize_string($obj->ref);
$filename=sanitizeFileName($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitizeFileName($obj->ref);
$urlsource=$_SERVER['PHP_SELF'].'?id='.$obj->rowid;
$formfile->show_documents('commande',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';
@ -276,8 +276,8 @@ if ($resql)
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitize_string($obj->ref);
$filename=sanitizeFileName($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitizeFileName($obj->ref);
$urlsource=$_SERVER['PHP_SELF'].'?id='.$obj->rowid;
$formfile->show_documents('commande',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';

4
htdocs/commande/liste.php
View File

@ -208,8 +208,8 @@ if ($resql)
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($objp->ref);
$filedir=$conf->commande->dir_output . '/' . sanitize_string($objp->ref);
$filename=sanitizeFileName($objp->ref);
$filedir=$conf->commande->dir_output . '/' . sanitizeFileName($objp->ref);
$urlsource=$_SERVER['PHP_SELF'].'?id='.$objp->rowid;
$formfile->show_documents('commande',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';

2
htdocs/commonobject.class.php
View File

@ -507,7 +507,7 @@ class CommonObject
{
if (! $this->table_element)
{
dolibarr_syslog("CommonObject::load_previous_next was called on objet with property table_element not defined",LOG_ERR);
dolibarr_syslog("CommonObject::load_previous_next was called on objet with property table_element not defined", LOG_ERR);
return -1;
}

2
htdocs/compta/bank/fiche.php
View File

@ -42,7 +42,7 @@ if ($_POST["action"] == 'add')
// Creation compte
$account = new Account($db,0);
$account->ref = sanitize_string(trim($_POST["ref"]));
$account->ref = sanitizeFileName(trim($_POST["ref"]));
$account->label = trim($_POST["label"]);
$account->courant = $_POST["type"];
$account->clos = $_POST["clos"];

2
htdocs/compta/commande/fiche.php
View File

@ -503,7 +503,7 @@ if ($_GET["id"] > 0)
* Documents générés
*
*/
$comref = sanitize_string($commande->ref);
$comref = sanitizeFileName($commande->ref);
$file = $conf->commande->dir_output . '/' . $comref . '/' . $comref . '.pdf';
$relativepath = $comref.'/'.$comref.'.pdf';
$filedir = $conf->commande->dir_output . '/' . $comref;

4
htdocs/compta/commande/liste.php
View File

@ -146,8 +146,8 @@ if ($resql)
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($objp->ref);
$filedir=$conf->commande->dir_output . '/' . sanitize_string($objp->ref);
$filename=sanitizeFileName($objp->ref);
$filedir=$conf->commande->dir_output . '/' . sanitizeFileName($objp->ref);
$urlsource=$_SERVER['PHP_SELF'].'?id='.$objp->rowid;
$formfile->show_documents('commande',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';

2
htdocs/compta/dons/fiche.php
View File

@ -422,7 +422,7 @@ if ($_GET["rowid"] && $_GET["action"] != 'edit')
/*
* Documents générés
*/
$filename=sanitize_string($don->id);
$filename=sanitizeFileName($don->id);
$filedir=$conf->don->dir_output . '/' . get_exdir($filename,2);
$urlsource=$_SERVER['PHP_SELF'].'?rowid='.$don->id;
// $genallowed=($fac->statut == 1 && ($fac->paye == 0 || $user->admin) && $user->rights->facture->creer);

14
htdocs/compta/facture.php
View File

@ -1069,7 +1069,7 @@ if (($_POST['action'] == 'send' || $_POST['action'] == 'relance') && ! $_POST['a
$result=$fac->fetch($_POST['facid']);
if ($result)
{
$ref = sanitize_string($fac->ref);
$ref = sanitizeFileName($fac->ref);
$file = $conf->facture->dir_output . '/' . $ref . '/' . $ref . '.pdf';
if (is_readable($file))
@ -2996,8 +2996,8 @@ else
/*
* Documents générés
*/
$filename=sanitize_string($fac->ref);
$filedir=$conf->facture->dir_output . '/' . sanitize_string($fac->ref);
$filename=sanitizeFileName($fac->ref);
$filedir=$conf->facture->dir_output . '/' . sanitizeFileName($fac->ref);
$urlsource=$_SERVER['PHP_SELF'].'?facid='.$fac->id;
$genallowed=$user->rights->facture->creer;
$delallowed=$user->rights->facture->supprimer;
@ -3132,7 +3132,7 @@ else
*/
if ($_GET['action'] == 'presend')
{
$ref = sanitize_string($fac->ref);
$ref = sanitizeFileName($fac->ref);
$file = $conf->facture->dir_output . '/' . $ref . '/' . $ref . '.pdf';
// Construit PDF si non existant
@ -3198,7 +3198,7 @@ else
if ($_GET['action'] == 'prerelance')
{
$ref = sanitize_string($fac->ref);
$ref = sanitizeFileName($fac->ref);
$file = $conf->facture->dir_output . '/' . $ref . '/' . $ref . '.pdf';
// Construit PDF si non existant
@ -3442,8 +3442,8 @@ else
print '</td>';
}
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($objp->facnumber);
$filedir=$conf->facture->dir_output . '/' . sanitize_string($objp->facnumber);
$filename=sanitizeFileName($objp->facnumber);
$filedir=$conf->facture->dir_output . '/' . sanitizeFileName($objp->facnumber);
$urlsource=$_SERVER['PHP_SELF'].'?facid='.$objp->facid;
$formfile->show_documents('facture',$filename,$filedir,$urlsource,'','','','','',1);
print '</td>';

2
htdocs/compta/facture/apercu.php
View File

@ -129,7 +129,7 @@ if ($_GET["facid"] > 0)
/*
* Documents
*/
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$dir_output = $conf->facture->dir_output . "/";
$filepath = $dir_output . $facref . "/";
$file = $filepath . $facref . ".pdf";

6
htdocs/compta/facture/document.php
View File

@ -73,7 +73,7 @@ if ($_POST["sendit"] && $conf->upload)
$facture = new Facture($db);
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output . "/" . sanitize_string($facture->ref);
$upload_dir = $conf->facture->dir_output . "/" . sanitizeFileName($facture->ref);
if (! is_dir($upload_dir)) create_exdir($upload_dir);
if (is_dir($upload_dir))
@ -101,7 +101,7 @@ if ($action=='delete')
$facid=$_GET["id"];
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output . "/" . sanitize_string($facture->ref);
$upload_dir = $conf->facture->dir_output . "/" . sanitizeFileName($facture->ref);
$file = $upload_dir . '/' . urldecode($_GET['urlfile']);
dol_delete_file($file);
$mesg = '<div class="ok">'.$langs->trans("FileWasRemoved").'</div>';
@ -119,7 +119,7 @@ if ($facid > 0)
$facture = new Facture($db);
if ($facture->fetch($facid))
{
$upload_dir = $conf->facture->dir_output.'/'.sanitize_string($facture->ref);
$upload_dir = $conf->facture->dir_output.'/'.sanitizeFileName($facture->ref);
$societe = new Societe($db);
$societe->fetch($facture->socid);

8
htdocs/compta/facture/impayees.php
View File

@ -92,8 +92,8 @@ if ($_POST["action"] == "builddoc" && $user->rights->facture->lire)
create_exdir($diroutputpdf);
// enregistre le fichier pdf concatene
$filename=sanitize_string(strtolower($langs->transnoentities("Unpayed")));
if ($option=='late') $filename.='_'.sanitize_string(strtolower($langs->transnoentities("Late")));
$filename=sanitizeFileName(strtolower($langs->transnoentities("Unpayed")));
if ($option=='late') $filename.='_'.sanitizeFileName(strtolower($langs->transnoentities("Late")));
if ($pagecount)
{
$file=$diroutputpdf.'/'.$filename.'_'.dolibarr_print_date(mktime(),'dayhourlog').'.pdf';
@ -316,8 +316,8 @@ if ($result)
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($objp->facnumber);
$filedir=$conf->facture->dir_output . '/' . sanitize_string($objp->facnumber);
$filename=sanitizeFileName($objp->facnumber);
$filedir=$conf->facture->dir_output . '/' . sanitizeFileName($objp->facnumber);
$urlsource=$_SERVER['PHP_SELF'].'?facid='.$objp->facid;
$formfile->show_documents('facture',$filename,$filedir,$urlsource,'','','','','',1);

8
htdocs/compta/index.php
View File

@ -519,8 +519,8 @@ if ($conf->facture->enabled && $conf->commande->enabled && $user->rights->comman
print '&nbsp;';
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitize_string($obj->ref);
$filename=sanitizeFileName($obj->ref);
$filedir=$conf->commande->dir_output . '/' . sanitizeFileName($obj->ref);
$urlsource=$_SERVER['PHP_SELF'].'?id='.$obj->rowid;
$formfile->show_documents('commande',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';
@ -614,8 +614,8 @@ if ($conf->facture->enabled && $user->rights->facture->lire)
if ($obj->datelimite < (time() - $conf->facture->client->warning_delay)) print img_warning($langs->trans("Late"));
print '</td>';
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($obj->facnumber);
$filedir=$conf->facture->dir_output . '/' . sanitize_string($obj->facnumber);
$filename=sanitizeFileName($obj->facnumber);
$filedir=$conf->facture->dir_output . '/' . sanitizeFileName($obj->facnumber);
$urlsource=$_SERVER['PHP_SELF'].'?facid='.$obj->rowid;
$formfile->show_documents('facture',$filename,$filedir,$urlsource,'','','','','',1);
print '</td></tr></table>';

8
htdocs/compta/propal.php
View File

@ -488,8 +488,8 @@ if ($_GET["propalid"] > 0)
/*
* Documents g<EFBFBD>n<EFBFBD>r<EFBFBD>s
*/
$filename=sanitize_string($propal->ref);
$filedir=$conf->propal->dir_output . "/" . sanitize_string($propal->ref);
$filename=sanitizeFileName($propal->ref);
$filedir=$conf->propal->dir_output . "/" . sanitizeFileName($propal->ref);
$urlsource=$_SERVER["PHP_SELF"]."?propalid=".$propal->id;
$genallowed=0;
$delallowed=0;
@ -758,8 +758,8 @@ else
print '<td width="16" align="right" class="nobordernopadding">';
$filename=sanitize_string($objp->ref);
$filedir=$conf->propal->dir_output . '/' . sanitize_string($objp->ref);
$filename=sanitizeFileName($objp->ref);
$filedir=$conf->propal->dir_output . '/' . sanitizeFileName($objp->ref);
$urlsource=$_SERVER['PHP_SELF'].'?propalid='.$objp->propalid;
$formfile->show_documents('propal',$filename,$filedir,$urlsource,'','','','','',1);

4
htdocs/contact/vcard.php
View File

@ -85,8 +85,8 @@ $db->close();
$output = $v->getVCard();
$filename =trim(urldecode($v->getFileName())); // "Nom prenom.vcf"
$filenameurlencoded = sanitize_string(urlencode($filename));
//$filename = sanitize_string($filename);
$filenameurlencoded = sanitizeFileName(urlencode($filename));
//$filename = sanitizeFileName($filename);
Header("Content-Disposition: attachment; filename=\"$filename\"");
Header("Content-Length: ".strlen($output));

2
htdocs/contrat/document.php
View File

@ -63,7 +63,7 @@ $pagenext = $page + 1;
$contrat = new Contrat($db);
$contrat->fetch($_GET["id"]);
$upload_dir = $conf->contrat->dir_output.'/'.sanitize_string($contrat->ref);
$upload_dir = $conf->contrat->dir_output.'/'.sanitizeFileName($contrat->ref);
$modulepart='contract';

4
htdocs/ecm/ecmdirectory.class.php
View File

@ -75,7 +75,7 @@ class EcmDirectory // extends CommonObject
$now=time();
// Clean parameters
$this->label=sanitize_string($this->label);
$this->label=sanitizeFileName($this->label);
$this->fk_parent=trim($this->fk_parent);
$this->description=trim($this->description);
if (! $this->cachenbofdoc) $this->cachenbofdoc=0;
@ -422,7 +422,7 @@ class EcmDirectory // extends CommonObject
if ($cursorindex >= 0)
{
// Path is label sanitized (no space and no special char) and concatenated
$ret=sanitize_string($this->cats[$cursorindex]['label']).'/'.$ret;
$ret=sanitizeFileName($this->cats[$cursorindex]['label']).'/'.$ret;
$idtosearch=$this->cats[$cursorindex]['id_mere'];
$i++;

24
htdocs/expedition/expedition.class.php
View File

@ -84,8 +84,8 @@ class Expedition extends CommonObject
$this->user = $user;
$this->expedition_method = sanitize_string($this->expedition_method);
$this->tracking_number = sanitize_string($this->tracking_number);
$this->expedition_method = sanitizeFileName($this->expedition_method);
$this->tracking_number = sanitizeFileName($this->tracking_number);
$this->db->begin();
@ -359,9 +359,9 @@ class Expedition extends CommonObject
while($i < $num)
{
dolibarr_syslog("Expedition::valid movment nb ".$i);
$obj = $this->db->fetch_object($resql);
$mouvS = new MouvementStock($this->db);
$result=$mouvS->livraison($user, $obj->fk_product, $obj->fk_entrepot, $obj->qty);
if ($result < 0)
@ -371,7 +371,7 @@ class Expedition extends CommonObject
dolibarr_syslog("Expedition::valid ".$this->error);
return -3;
}
$i++;
}
@ -386,7 +386,7 @@ class Expedition extends CommonObject
}
// On efface le répertoire de pdf provisoire
$expeditionref = sanitize_string($provref);
$expeditionref = sanitizeFileName($provref);
if ($conf->expedition->dir_output)
{
$dir = $conf->expedition->dir_output . "/" . $expeditionref;
@ -513,11 +513,11 @@ class Expedition extends CommonObject
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."expedition WHERE rowid = ".$this->id;
if ( $this->db->query($sql) )
{
$this->db->commit();
{
$this->db->commit();
// On efface le répertoire de pdf provisoire
$expref = sanitize_string($this->ref);
$expref = sanitizeFileName($this->ref);
if ($conf->expedition->dir_output)
{
$dir = $conf->expedition->dir_output . "/" . $expref ;
@ -740,7 +740,7 @@ class Expedition extends CommonObject
}
/*
Fetch deliveries method and return an array
*/
*/
function fetch_delivery_methods()
{
$meths = array();
@ -760,7 +760,7 @@ class Expedition extends CommonObject
}
/*
Get tracking url status
*/
*/
function GetUrlTrackingStatus()
{
$sql = "SELECT em.code";

2
htdocs/expedition/fiche.php
View File

@ -736,7 +736,7 @@ else
*/
if ($conf->expedition_bon->enabled)
{
$expeditionref = sanitize_string($expedition->ref);
$expeditionref = sanitizeFileName($expedition->ref);
$filedir = $conf->expedition_bon->dir_output . "/" .$expeditionref;
$urlsource = $_SERVER["PHP_SELF"]."?id=".$expedition->id;

4
htdocs/facture.class.php
View File

@ -1114,8 +1114,8 @@ class Facture extends CommonObject
{
// On renomme repertoire facture ($this->ref = ancienne ref, $numfa = nouvelle ref)
// afin de ne pas perdre les fichiers attachés
$facref = sanitize_string($this->ref);
$snumfa = sanitize_string($numfa);
$facref = sanitizeFileName($this->ref);
$snumfa = sanitizeFileName($numfa);
$dirsource = $conf->facture->dir_output.'/'.$facref;
$dirdest = $conf->facture->dir_output.'/'.$snumfa;
if (file_exists($dirsource))

2
htdocs/fichinter/apercu.php
View File

@ -109,7 +109,7 @@ if ($_GET["id"] > 0) {
/*
* Documents
*/
$fichinterref = sanitize_string($fichinter->ref);
$fichinterref = sanitizeFileName($fichinter->ref);
$dir_output = $conf->fichinter->dir_output . "/";
$filepath = $dir_output . $fichinterref . "/";
$file = $filepath . $fichinterref . ".pdf";

4
htdocs/fichinter/fiche.php
View File

@ -888,9 +888,9 @@ elseif ($_GET["id"] > 0)
print '<table width="100%"><tr><td width="50%" valign="top">';
/*
* Documents g<EFBFBD>n<EFBFBD>r<EFBFBD>s
* Built documents
*/
$filename=sanitize_string($fichinter->ref);
$filename=sanitizeFileName($fichinter->ref);
$filedir=$conf->fichinter->dir_output . "/".$fichinter->ref;
$urlsource=$_SERVER["PHP_SELF"]."?id=".$fichinter->id;
$genallowed=$user->rights->ficheinter->creer;

2
htdocs/fichinter/fichinter.class.php
View File

@ -461,7 +461,7 @@ class Fichinter extends CommonObject
{
// Remove directory with files
$fichinterref = sanitize_string($this->ref);
$fichinterref = sanitizeFileName($this->ref);
if ($conf->fichinter->dir_output)
{
$dir = $conf->fichinter->dir_output . "/" . $fichinterref ;

2
htdocs/fourn/commande/fiche.php
View File

@ -973,7 +973,7 @@ if ($id > 0)
* Documents generes
*
*/
$comfournref = sanitize_string($commande->ref);
$comfournref = sanitizeFileName($commande->ref);
$file = $conf->fournisseur->commande->dir_output . '/' . $comfournref . '/' . $comfournref . '.pdf';
$relativepath = $comfournref.'/'.$comfournref.'.pdf';
$filedir = $conf->fournisseur->commande->dir_output . '/' . $comfournref;

2
htdocs/fourn/commande/modules/modules_commandefournisseur.php
View File

@ -212,7 +212,7 @@ function supplier_order_delete_preview($db, $propalid)
if ($conf->fournisseur->commande->dir_output)
{
$comfournref = sanitize_string($comfourn->ref);
$comfournref = sanitizeFileName($comfourn->ref);
$dir = $conf->commande->dir_output . "/" . $comfournref ;
$file = $dir . "/" . $comfournref . ".pdf.png";

2
htdocs/fourn/commande/modules/pdf/pdf_muscadet.modules.php
View File

@ -142,7 +142,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders
}
else
{
$comref = sanitize_string($com->ref);
$comref = sanitizeFileName($com->ref);
$dir = $conf->fournisseur->commande->dir_output . "/" . $comref;
$file = $dir . "/" . $comref . ".pdf";
}

5
htdocs/html.form.class.php
View File

@ -2991,8 +2991,9 @@ class Form
* \param paramid Nom du parametre a utiliser pour nommer id dans liens URL
* \param morehtml Code html supplementaire a afficher avant barre nav
* \param shownav Show Condition
* \param fieldid Nom du champ a utiliser pour select next et previous
* \return string Portion HTML avec ref + boutons nav
* \param fieldid Nom du champ id a utiliser pour select next et previous
* \param fieldref Nom du champ ref a utiliser pour select next et previous
* \return string Portion HTML avec ref + boutons nav
*/
function showrefnav($object,$paramid,$morehtml='',$shownav=1,$fieldid='rowid',$fieldref='ref')
{

4
htdocs/html.formfile.class.php
View File

@ -142,7 +142,7 @@ class FormFile
$forcenomultilang=0;
}
$filename = sanitize_string($filename);
$filename = sanitizeFileName($filename);
$headershown=0;
$i=0;
@ -418,7 +418,7 @@ class FormFile
// Define relative path used to store the file
if (! $relativepath)
{
$relativepath=sanitize_string($object->ref).'/';
$relativepath=sanitizeFileName($object->ref).'/';
if ($modulepart == 'facture_fournisseur') $relativepath=get_exdir($object->id,2).$relativepath;
}

2
htdocs/includes/modules/commande/modules_commande.php
View File

@ -249,7 +249,7 @@ function commande_delete_preview($db, $commandeid, $commanderef='')
if ($conf->commande->dir_output)
{
$comref = sanitize_string($commanderef);
$comref = sanitizeFileName($commanderef);
$dir = $conf->commande->dir_output . "/" . $comref ;
$file = $dir . "/" . $comref . ".pdf.png";
$multiple = $file . ".";

2
htdocs/includes/modules/commande/pdf_edison.modules.php
View File

@ -117,7 +117,7 @@ class pdf_edison extends ModelePDFCommandes
}
else
{
$comref = sanitize_string($com->ref);
$comref = sanitizeFileName($com->ref);
$dir = $conf->commande->dir_output . "/" . $comref;
$file = $dir . "/" . $comref . ".pdf";
}

2
htdocs/includes/modules/commande/pdf_einstein.modules.php
View File

@ -140,7 +140,7 @@ class pdf_einstein extends ModelePDFCommandes
}
else
{
$comref = sanitize_string($com->ref);
$comref = sanitizeFileName($com->ref);
$dir = $conf->commande->dir_output . "/" . $comref;
$file = $dir . "/" . $comref . ".pdf";
}

2
htdocs/includes/modules/dons/html_cerfafr.modules.php
View File

@ -89,7 +89,7 @@ class html_cerfafr extends ModeleDon
}
else
{
$donref = sanitize_string($don->ref);
$donref = sanitizeFileName($don->ref);
$dir = $conf->don->dir_output . "/" . get_exdir($donref,2);
$file = $dir . "/" . $donref . ".html";
}

2
htdocs/includes/modules/expedition/pdf/pdf_expedition_merou.modules.php
View File

@ -124,7 +124,7 @@ Class pdf_expedition_merou extends ModelePdfExpedition
}
else
{
$expref = sanitize_string($this->expe->ref);
$expref = sanitizeFileName($this->expe->ref);
$dir = $conf->expedition_bon->dir_output . "/" . $expref;
$file = $dir . "/" . $expref . ".pdf";
}

2
htdocs/includes/modules/expedition/pdf/pdf_expedition_rouget.modules.php
View File

@ -144,7 +144,7 @@ Class pdf_expedition_rouget extends ModelePdfExpedition
}
else
{
$expref = sanitize_string($this->expe->ref);
$expref = sanitizeFileName($this->expe->ref);
$dir = $conf->expedition_bon->dir_output . "/" . $expref;
$file = $dir . "/" . $expref . ".pdf";
}

4
htdocs/includes/modules/facture/modules_facture.php
View File

@ -237,7 +237,7 @@ function facture_meta_create($db, $facid, $message="")
if ($conf->facture->dir_output)
{
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$dir = $conf->facture->dir_output . "/" . $facref ;
$file = $dir . "/" . $facref . ".meta";
@ -291,7 +291,7 @@ function facture_delete_preview($db, $facid)
if ($conf->facture->dir_output)
{
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$dir = $conf->facture->dir_output . "/" . $facref ;
$file = $dir . "/" . $facref . ".pdf.png";

2
htdocs/includes/modules/facture/pdf_crabe.modules.php
View File

@ -142,7 +142,7 @@ class pdf_crabe extends ModelePDFFactures
}
else
{
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$dir = $conf->facture->dir_output . "/" . $facref;
$file = $dir . "/" . $facref . ".pdf";
}

2
htdocs/includes/modules/facture/pdf_huitre.modules.php
View File

@ -122,7 +122,7 @@ class pdf_huitre extends ModelePDFFactures
}
else
{
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$dir = $conf->facture->dir_output . "/" . $facref;
$file = $dir . "/" . $facref . ".pdf";
}

2
htdocs/includes/modules/facture/pdf_oursin.modules.php
View File

@ -130,7 +130,7 @@ class pdf_oursin extends ModelePDFFactures
}
else
{
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$dir = $conf->facture->dir_output . "/" . $facref;
$file = $dir . "/" . $facref . ".pdf";
}

2
htdocs/includes/modules/fichinter/modules_fichinter.php
View File

@ -234,7 +234,7 @@ function fichinter_delete_preview($db, $fichinterid, $fichinterref='')
if ($conf->fichinter->dir_output)
{
$fichinterref = sanitize_string($fichinterref);
$fichinterref = sanitizeFileName($fichinterref);
$dir = $conf->fichinter->dir_output . "/" . $fichinterref ;
$file = $dir . "/" . $fichinterref . ".pdf.png";
$multiple = $file . ".";

2
htdocs/includes/modules/fichinter/pdf_soleil.modules.php
View File

@ -107,7 +107,7 @@ class pdf_soleil extends ModelePDFFicheinter
}
}
$fichref = sanitize_string($fichinter->ref);
$fichref = sanitizeFileName($fichinter->ref);
$dir = $conf->fichinter->dir_output;
if (! eregi('specimen',$fichref)) $dir.= "/" . $fichref;
$file = $dir . "/" . $fichref . ".pdf";

2
htdocs/includes/modules/livraison/modules_livraison.php
View File

@ -217,7 +217,7 @@ function delivery_order_delete_preview($db, $deliveryid)
if ($conf->livraison->dir_output)
{
$deliveryref = sanitize_string($delivery->ref);
$deliveryref = sanitizeFileName($delivery->ref);
$dir = $conf->livraison->dir_output . "/" . $deliveryref ;
$file = $dir . "/" . $deliveryref . ".pdf.png";

2
htdocs/includes/modules/livraison/pdf/pdf_sirocco.modules.php
View File

@ -115,7 +115,7 @@ class pdf_sirocco extends ModelePDFDeliveryOrder
}
}
$deliveryref = sanitize_string($delivery->ref);
$deliveryref = sanitizeFileName($delivery->ref);
$dir = $conf->livraison_bon->dir_output;
if (! eregi('specimen',$deliveryref)) $dir.= "/" . $deliveryref;
$file = $dir . "/" . $deliveryref . ".pdf";

2
htdocs/includes/modules/livraison/pdf/pdf_typhon.modules.php
View File

@ -142,7 +142,7 @@ class pdf_typhon extends ModelePDFDeliveryOrder
$nblignes = sizeof($delivery->lignes);
$deliveryref = sanitize_string($delivery->ref);
$deliveryref = sanitizeFileName($delivery->ref);
$dir = $conf->livraison_bon->dir_output;
if (! eregi('specimen',$deliveryref)) $dir.= "/" . $deliveryref;
$file = $dir . "/" . $deliveryref . ".pdf";

2
htdocs/includes/modules/propale/modules_propale.php
View File

@ -246,7 +246,7 @@ function propale_delete_preview($db, $propalid, $propalref='')
if ($conf->propal->dir_output)
{
$propalref = sanitize_string($propalref);
$propalref = sanitizeFileName($propalref);
$dir = $conf->propal->dir_output . "/" . $propalref ;
$file = $dir . "/" . $propalref . ".pdf.png";
$multiple = $file . ".";

2
htdocs/includes/modules/propale/pdf_propale_azur.modules.php
View File

@ -140,7 +140,7 @@ class pdf_propale_azur extends ModelePDFPropales
}
else
{
$propref = sanitize_string($propale->ref);
$propref = sanitizeFileName($propale->ref);
$dir = $conf->propal->dir_output . "/" . $propref;
$file = $dir . "/" . $propref . ".pdf";
}

2
htdocs/includes/modules/propale/pdf_propale_jaune.modules.php
View File

@ -124,7 +124,7 @@ class pdf_propale_jaune extends ModelePDFPropales
}
else
{
$propref = sanitize_string($propale->ref);
$propref = sanitizeFileName($propale->ref);
$dir = $conf->propal->dir_output . "/" . $propref;
$file = $dir . "/" . $propref . ".pdf";
}

6
htdocs/includes/triggers/interface_modNotification_Notification.class.php
View File

@ -106,7 +106,7 @@ class InterfaceNotification
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
$action_notify = 2;
$ref = sanitize_string($object->ref);
$ref = sanitizeFileName($object->ref);
$filepdf = $conf->facture->dir_output . '/' . $ref . '/' . $ref . '.pdf';
$mesg = 'La facture '.$object->ref." a été validée.\n";
@ -119,7 +119,7 @@ class InterfaceNotification
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
$action_notify = 1;
$ref = sanitize_string($object->ref);
$ref = sanitizeFileName($object->ref);
$filepdf = $conf->facture->dir_output . '/' . $ref . '/' . $ref . '.pdf';
$mesg = 'La fiche intervention '.$object->ref." a été validée.\n";
@ -132,7 +132,7 @@ class InterfaceNotification
dolibarr_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
$action_notify = 3;
$ref = sanitize_string($object->ref);
$ref = sanitizeFileName($object->ref);
$filepdf = $conf->fournisseur->commande->dir_output . '/' . $ref . '/' . $ref . '.pdf';
$mesg = 'La commande fournisseur '.$object->ref." a été validée.\n";

44
htdocs/lib/functions.lib.php
View File

@ -75,29 +75,26 @@ function check_mail ($mail)
}
/**
\brief Nettoie chaine de caractere iso des accents
\brief Nettoie chaine de caractere des accents
\param str Chaine a nettoyer
\return string Chaine nettoyee
*/
function unaccent_isostring($str)
{
$translation = array(
"\xE0" => "a",
"\xE1" => "a",
"\xE2" => "a",
"\xE8" => "e",
"\xE9" => "e",
"\xEA" => "e",
"\xEB" => "e",
"\xEE" => "i",
"\xEF" => "i",
"\xF4" => "o",
"\xF6" => "o",
"\xFB" => "u",
"\xFC" => "u"
);
return str_replace(array_keys($translation), array_values($translation), $str);
if (utf8_check($str))
{
// TODO add utf8 convertion
$translationutf=array( );
return str_replace(array_keys($translationutf), array_values($translationutf), $str);
}
else
{
$translationiso=array( "\xE0" => "a", "\xE1" => "a", "\xE2" => "a",
"\xE8" => "e", "\xE9" => "e", "\xEA" => "e", "\xEB" => "e",
"\xEE" => "i", "\xEF" => "i",
"\xF4" => "o", "\xF6" => "o", "\xFB" => "u", "\xFC" => "u");
return str_replace(array_keys($translationiso), array_values($translationiso), $str);
}
}
/**
@ -116,6 +113,17 @@ function sanitize_string($str,$newstr='_')
return str_replace($forbidden_chars_to_underscore,$newstr,str_replace($forbidden_chars_to_remove,"",$str));
}
/**
* \brief Nettoie chaine de caractere de ces caracteres speciaux
* \remarks Fonction appelee par exemple pour definir un nom de fichier depuis un identifiant chaine libre
* \param str String to clean
* \param newstr String to replace bad chars by
* \return string String cleaned (a-zA-Z_)
*/
function sanitizeFileName($str,$newstr='_')
{
return sanitize_string(unaccent_isostring($str,$newstr));
}
/**
* \brief Returns text escaped for inclusion in javascript code

2
htdocs/livraison/fiche.php
View File

@ -565,7 +565,7 @@ else
* Documents generated
*/
$livraisonref = sanitize_string($livraison->ref);
$livraisonref = sanitizeFileName($livraison->ref);
$filedir = $conf->livraison_bon->dir_output . '/' . $livraisonref;
$urlsource = $_SERVER["PHP_SELF"]."?id=".$livraison->id;

4
htdocs/livraison/livraison.class.php
View File

@ -422,7 +422,7 @@ class Livraison extends CommonObject
}
// On efface le repertoire de pdf provisoire
$livraisonref = sanitize_string($this->ref);
$livraisonref = sanitizeFileName($this->ref);
if ($conf->expedition->dir_output)
{
$dir = $conf->livraison->dir_output . "/" . $livraisonref ;
@ -561,7 +561,7 @@ class Livraison extends CommonObject
$this->db->commit();
// On efface le repertoire de pdf provisoire
$livref = sanitize_string($this->ref);
$livref = sanitizeFileName($this->ref);
if ($conf->livraison->dir_output)
{
$dir = $conf->livraison->dir_output . "/" . $livref ;

2
htdocs/product.class.php
View File

@ -131,7 +131,7 @@ class Product extends CommonObject
*/
function check()
{
$this->ref = sanitize_string(stripslashes($this->ref));
$this->ref = sanitizeFileName(stripslashes($this->ref));
$err = 0;
if (strlen(trim($this->ref)) == 0)

2
htdocs/product/document.php
View File

@ -68,7 +68,7 @@ if ($_GET['id'] || $_GET["ref"])
if ($_GET["ref"]) $result = $product->fetch('',$_GET["ref"]);
if ($_GET["id"]) $result = $product->fetch($_GET["id"]);
$upload_dir = $conf->produit->dir_output.'/'.sanitize_string($product->ref);
$upload_dir = $conf->produit->dir_output.'/'.sanitizeFileName($product->ref);
}
$modulepart='produit';

2
htdocs/propal.class.php
View File

@ -1418,7 +1418,7 @@ class Propal extends CommonObject
{
// On efface le r<>pertoire du pdf
$propalref = sanitize_string($this->ref);
$propalref = sanitizeFileName($this->ref);
if ($conf->propal->dir_output)
{
$dir = $conf->propal->dir_output . "/" . $propalref ;

14
htdocs/societe.class.php
View File

@ -23,18 +23,18 @@
*/
/**
\file htdocs/societe.class.php
\ingroup societe
\brief Fichier de la classe des societes
\version $Id$
* \file htdocs/societe.class.php
* \ingroup societe
* \brief Fichier de la classe des societes
* \version $Id$
*/
require_once(DOL_DOCUMENT_ROOT."/commonobject.class.php");
/**
\class Societe
\brief Classe permettant la gestion des societes
* \class Societe
* \brief Classe permettant la gestion des societes
*/
class Societe extends CommonObject
{
@ -336,7 +336,7 @@ class Societe extends CommonObject
$this->prefix_comm=trim($this->prefix_comm);
$this->tva_assuj=trim($this->tva_assuj);
$this->tva_intra=sanitize_string($this->tva_intra,'');
$this->tva_intra=sanitizeFileName($this->tva_intra,'');
$this->capital=trim($this->capital);
if (strlen($this->capital) == 0) $this->capital = 0;

4
htdocs/telephonie/client/facture.php
View File

@ -62,7 +62,7 @@ if ($_POST["action"] == 'send' || $_POST["action"] == 'relance')
$fac = new Facture($db,"",$_POST["facid"]);
if ( $fac->fetch($_POST["facid"]) )
{
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$file = $conf->facture->dir_output . "/" . $facref . "/" . $facref . ".pdf";
if (is_readable($file))
@ -497,7 +497,7 @@ if ($_GET["facid"] > 0)
* REFFACTURE-XXXXXX-detail.pdf ou XXXXX est une forme diverse
*/
$facref = sanitize_string($fac->ref);
$facref = sanitizeFileName($fac->ref);
$file = $conf->facture->dir_output . "/" . $facref . "/" . $facref . ".pdf";
$relativepath = "${facref}/${facref}.pdf";