Dolibarr /
dolibarr
@@ -17,10 +17,10 @@ |
||
| 17 | 17 | */ |
| 18 | 18 | |
| 19 | 19 | /** |
| 20 | - * \file htdocs/webportal/controllers/document.controller.class.php |
|
| 21 | - * \ingroup webportal |
|
| 22 | - * \brief This file is a controller for documents |
|
| 23 | - */ |
|
| 20 | + * \file htdocs/webportal/controllers/document.controller.class.php |
|
| 21 | + * \ingroup webportal |
|
| 22 | + * \brief This file is a controller for documents |
|
| 23 | + */ |
|
| 24 | 24 | |
| 25 | 25 | require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; |
| 26 | 26 | |
@@ -22,7 +22,7 @@ discard block |
||
| 22 | 22 | * \brief This file is a controller for documents |
| 23 | 23 | */ |
| 24 | 24 | |
| 25 | -require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; |
|
| 25 | +require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; |
|
| 26 | 26 | |
| 27 | 27 | |
| 28 | 28 | /** |
@@ -153,7 +153,7 @@ discard block |
||
| 153 | 153 | } |
| 154 | 154 | |
| 155 | 155 | // Security: Delete string ../ or ..\ into $original_file |
| 156 | - $original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' |
|
| 156 | + $original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '... or more' with '..' |
|
| 157 | 157 | $original_file = str_replace('../', '/', $original_file); |
| 158 | 158 | $original_file = str_replace('..\\', '/', $original_file); |
| 159 | 159 | |
@@ -170,13 +170,13 @@ discard block |
||
| 170 | 170 | // check config access |
| 171 | 171 | // and file mime type (only PDF) |
| 172 | 172 | // and check login access |
| 173 | - if (getDolGlobalInt('WEBPORTAL_' . $moduleNameUpperEn . '_LIST_ACCESS') |
|
| 173 | + if (getDolGlobalInt('WEBPORTAL_'.$moduleNameUpperEn.'_LIST_ACCESS') |
|
| 174 | 174 | && in_array($type, array('application/pdf')) |
| 175 | 175 | && ($context->logged_thirdparty && $context->logged_thirdparty->id > 0) |
| 176 | 176 | && $context->logged_thirdparty->id == $socId |
| 177 | 177 | ) { |
| 178 | 178 | if (isModEnabled($moduleName) && isset($conf->{$moduleName}->multidir_output[$entity])) { |
| 179 | - $original_file = $conf->{$moduleName}->multidir_output[$entity] . '/' . $original_file; |
|
| 179 | + $original_file = $conf->{$moduleName}->multidir_output[$entity].'/'.$original_file; |
|
| 180 | 180 | $accessallowed = 1; |
| 181 | 181 | } |
| 182 | 182 | } |
@@ -191,13 +191,13 @@ discard block |
||
| 191 | 191 | // Security: |
| 192 | 192 | // We refuse directory transversal change and pipes in file names |
| 193 | 193 | if (preg_match('/\.\./', $fullpath_original_file) || preg_match('/[<>|]/', $fullpath_original_file)) { |
| 194 | - dol_syslog("Refused to deliver file " . $fullpath_original_file); |
|
| 195 | - print "ErrorFileNameInvalid: " . dol_escape_htmltag($original_file); |
|
| 194 | + dol_syslog("Refused to deliver file ".$fullpath_original_file); |
|
| 195 | + print "ErrorFileNameInvalid: ".dol_escape_htmltag($original_file); |
|
| 196 | 196 | exit; |
| 197 | 197 | } |
| 198 | 198 | |
| 199 | 199 | // Find the subdirectory name as the reference |
| 200 | - $refname = basename(dirname($original_file) . "/"); |
|
| 200 | + $refname = basename(dirname($original_file)."/"); |
|
| 201 | 201 | |
| 202 | 202 | $filename = basename($fullpath_original_file); |
| 203 | 203 | $filename = preg_replace('/\.noexe$/i', '', $filename); |
@@ -208,8 +208,8 @@ discard block |
||
| 208 | 208 | |
| 209 | 209 | // This test if file exists should be useless. We keep it to find bug more easily |
| 210 | 210 | if (!file_exists($fullpath_original_file_osencoded)) { |
| 211 | - dol_syslog("ErrorFileDoesNotExists: " . $fullpath_original_file); |
|
| 212 | - print "ErrorFileDoesNotExists: " . $original_file; |
|
| 211 | + dol_syslog("ErrorFileDoesNotExists: ".$fullpath_original_file); |
|
| 212 | + print "ErrorFileDoesNotExists: ".$original_file; |
|
| 213 | 213 | exit; |
| 214 | 214 | } |
| 215 | 215 | |
@@ -217,8 +217,8 @@ discard block |
||
| 217 | 217 | $fileSizeMaxDefault = 20 * 1024; // 20 Mo by default |
| 218 | 218 | $fileSizeMax = getDolGlobalInt('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED', $fileSizeMaxDefault); |
| 219 | 219 | if ($fileSize > $fileSizeMax) { |
| 220 | - dol_syslog('ErrorFileSizeTooLarge: ' . $fileSize); |
|
| 221 | - print 'ErrorFileSizeTooLarge: ' . $fileSize . ' (max ' . $fileSizeMax . ')'; |
|
| 220 | + dol_syslog('ErrorFileSizeTooLarge: '.$fileSize); |
|
| 221 | + print 'ErrorFileSizeTooLarge: '.$fileSize.' (max '.$fileSizeMax.')'; |
|
| 222 | 222 | exit; |
| 223 | 223 | } |
| 224 | 224 | |
@@ -230,9 +230,9 @@ discard block |
||
| 230 | 230 | $object = new stdClass(); |
| 231 | 231 | $reshook = $hookmanager->executeHooks('downloadDocument', $parameters, $object, $action); // Note that $action and $object may have been |
| 232 | 232 | if ($reshook < 0) { |
| 233 | - $errors = $hookmanager->error . (is_array($hookmanager->errors) ? (!empty($hookmanager->error) ? ', ' : '') . implode(', ', $hookmanager->errors) : ''); |
|
| 234 | - dol_syslog("document.php - Errors when executing the hook 'downloadDocument' : " . $errors); |
|
| 235 | - print "ErrorDownloadDocumentHooks: " . $errors; |
|
| 233 | + $errors = $hookmanager->error.(is_array($hookmanager->errors) ? (!empty($hookmanager->error) ? ', ' : '').implode(', ', $hookmanager->errors) : ''); |
|
| 234 | + dol_syslog("document.php - Errors when executing the hook 'downloadDocument' : ".$errors); |
|
| 235 | + print "ErrorDownloadDocumentHooks: ".$errors; |
|
| 236 | 236 | exit; |
| 237 | 237 | } |
| 238 | 238 | |
@@ -310,19 +310,19 @@ discard block |
||
| 310 | 310 | top_httphead($type); |
| 311 | 311 | header('Content-Description: File Transfer'); |
| 312 | 312 | if ($encoding) { |
| 313 | - header('Content-Encoding: ' . $encoding); |
|
| 313 | + header('Content-Encoding: '.$encoding); |
|
| 314 | 314 | } |
| 315 | 315 | // Add MIME Content-Disposition from RFC 2183 (inline=automatically displayed, attachment=need user action to open) |
| 316 | 316 | if ($attachment) { |
| 317 | - header('Content-Disposition: attachment; filename="' . $filename . '"'); |
|
| 317 | + header('Content-Disposition: attachment; filename="'.$filename.'"'); |
|
| 318 | 318 | } else { |
| 319 | - header('Content-Disposition: inline; filename="' . $filename . '"'); |
|
| 319 | + header('Content-Disposition: inline; filename="'.$filename.'"'); |
|
| 320 | 320 | } |
| 321 | 321 | header('Cache-Control: Public, must-revalidate'); |
| 322 | 322 | header('Pragma: public'); |
| 323 | 323 | |
| 324 | 324 | // Send file now |
| 325 | - header('Content-Length: ' . dol_filesize($fullpath_original_file)); |
|
| 325 | + header('Content-Length: '.dol_filesize($fullpath_original_file)); |
|
| 326 | 326 | readfileLowMemory($fullpath_original_file_osencoded); |
| 327 | 327 | } |
| 328 | 328 | } |
@@ -18,10 +18,10 @@ |
||
| 18 | 18 | */ |
| 19 | 19 | |
| 20 | 20 | /** |
| 21 | - * \file htdocs/ai/class/ai.class.php |
|
| 22 | - * \ingroup ai |
|
| 23 | - * \brief Class files with common methods for Ai |
|
| 24 | - */ |
|
| 21 | + * \file htdocs/ai/class/ai.class.php |
|
| 22 | + * \ingroup ai |
|
| 23 | + * \brief Class files with common methods for Ai |
|
| 24 | + */ |
|
| 25 | 25 | |
| 26 | 26 | require_once DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php"; |
| 27 | 27 | require_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php'; |
@@ -627,7 +627,7 @@ discard block |
||
| 627 | 627 | $moduleNameInConf = 'supplier_proposal'; |
| 628 | 628 | } |
| 629 | 629 | |
| 630 | - unset($conf->modules[$moduleNameInConf]); // Add this module in list of enabled modules so isModEnabled() will work (conf->module->enabled must no more be used) |
|
| 630 | + unset($conf->modules[$moduleNameInConf]); // Add this module in list of enabled modules so isModEnabled() will work (conf->module->enabled must no more be used) |
|
| 631 | 631 | |
| 632 | 632 | return 1; |
| 633 | 633 | } else { |
@@ -723,7 +723,7 @@ discard block |
||
| 723 | 723 | $pathoffile = $this->getDescLongReadmeFound(); |
| 724 | 724 | |
| 725 | 725 | if ($pathoffile) { // Mostly for external modules |
| 726 | - $content = file_get_contents($pathoffile, false, null, 0, 1024 * 1024); // Max size loaded 1Mb |
|
| 726 | + $content = file_get_contents($pathoffile, false, null, 0, 1024 * 1024); // Max size loaded 1Mb |
|
| 727 | 727 | |
| 728 | 728 | if ((float) DOL_VERSION >= 6.0) { |
| 729 | 729 | @include_once DOL_DOCUMENT_ROOT.'/core/lib/parsemd.lib.php'; |
@@ -1488,7 +1488,7 @@ discard block |
||
| 1488 | 1488 | |
| 1489 | 1489 | $sql = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def"; |
| 1490 | 1490 | $sql .= " WHERE file = '".$this->db->escape($file)."'"; |
| 1491 | - $sql .= " AND entity = ".$conf->entity; // Do not use getEntity here, we want to delete only in current company |
|
| 1491 | + $sql .= " AND entity = ".$conf->entity; // Do not use getEntity here, we want to delete only in current company |
|
| 1492 | 1492 | |
| 1493 | 1493 | dol_syslog(get_class($this)."::delete_boxes", LOG_DEBUG); |
| 1494 | 1494 | $resql = $this->db->query($sql); |
@@ -1900,7 +1900,7 @@ discard block |
||
| 1900 | 1900 | |
| 1901 | 1901 | // If the module is active |
| 1902 | 1902 | foreach ($this->rights as $key => $value) { |
| 1903 | - $r_id = $this->rights[$key][0]; // permission id in llx_rights_def (not unique because primary key is couple id-entity) |
|
| 1903 | + $r_id = $this->rights[$key][0]; // permission id in llx_rights_def (not unique because primary key is couple id-entity) |
|
| 1904 | 1904 | $r_desc = $this->rights[$key][1]; |
| 1905 | 1905 | $r_type = isset($this->rights[$key][2]) ? $this->rights[$key][2] : ''; |
| 1906 | 1906 | $r_def = empty($this->rights[$key][3]) ? 0 : $this->rights[$key][3]; |
@@ -2530,36 +2530,36 @@ discard block |
||
| 2530 | 2530 | } |
| 2531 | 2531 | |
| 2532 | 2532 | if ($this->isCoreOrExternalModule() == 'external' || preg_match('/development|experimental|deprecated/i', $version)) { |
| 2533 | - $versionTitle = $langs->trans("Version").' '.$this->getVersion(1); |
|
| 2533 | + $versionTitle = $langs->trans("Version").' '.$this->getVersion(1); |
|
| 2534 | 2534 | if ($this->needUpdate) { |
| 2535 | 2535 | $versionTitle .= '<br>'.$langs->trans('ModuleUpdateAvailable').' : '.$this->lastVersion; |
| 2536 | 2536 | } |
| 2537 | 2537 | |
| 2538 | - $return .= '<span class="info-box-icon-version'.($versiontrans ? ' '.$versiontrans : '').' classfortooltip" title="'.dol_escape_js($versionTitle).'" >'; |
|
| 2539 | - $return .= $this->getVersion(1); |
|
| 2540 | - $return .= '</span>'; |
|
| 2538 | + $return .= '<span class="info-box-icon-version'.($versiontrans ? ' '.$versiontrans : '').' classfortooltip" title="'.dol_escape_js($versionTitle).'" >'; |
|
| 2539 | + $return .= $this->getVersion(1); |
|
| 2540 | + $return .= '</span>'; |
|
| 2541 | 2541 | } |
| 2542 | 2542 | |
| 2543 | - $return .= '</div> |
|
| 2543 | + $return .= '</div> |
|
| 2544 | 2544 | <div class="info-box-content info-box-text-module'.(!getDolGlobalString($const_name) ? '' : ' info-box-module-enabled'.($versiontrans ? ' info-box-content-warning' : '')).'"> |
| 2545 | 2545 | <span class="info-box-title">'.$this->getName().'</span> |
| 2546 | 2546 | <span class="info-box-desc twolinesmax opacitymedium" title="'.dol_escape_htmltag($this->getDesc()).'">'.nl2br($this->getDesc()).'</span>'; |
| 2547 | 2547 | |
| 2548 | - $return .= '<div class="valignmiddle inline-block info-box-more">'; |
|
| 2548 | + $return .= '<div class="valignmiddle inline-block info-box-more">'; |
|
| 2549 | 2549 | //if ($versiontrans) print img_warning($langs->trans("Version").' '.$this->getVersion(1)).' '; |
| 2550 | - $return .= '<a class="valignmiddle inline-block" href="javascript:document_preview(\''.DOL_URL_ROOT.'/admin/modulehelp.php?id='.((int) $this->numero).'\',\'text/html\',\''.dol_escape_js($langs->trans("Module")).'\')">'.img_picto(($this->isCoreOrExternalModule() == 'external' ? $langs->trans("ExternalModule").' - ' : '').$langs->trans("ClickToShowDescription"), $imginfo).'</a>'; |
|
| 2551 | - $return .= '</div><br>'; |
|
| 2552 | - |
|
| 2553 | - $return .= '<div class="valignmiddle inline-block info-box-actions">'; |
|
| 2554 | - $return .= '<div class="valignmiddle inline-block info-box-setup">'; |
|
| 2555 | - $return .= $codetoconfig; |
|
| 2556 | - $return .= '</div>'; |
|
| 2557 | - $return .= '<div class="valignmiddle inline-block marginleftonly marginrightonly">'; |
|
| 2558 | - $return .= $codeenabledisable; |
|
| 2559 | - $return .= '</div>'; |
|
| 2560 | - $return .= '</div>'; |
|
| 2561 | - |
|
| 2562 | - $return .= ' |
|
| 2550 | + $return .= '<a class="valignmiddle inline-block" href="javascript:document_preview(\''.DOL_URL_ROOT.'/admin/modulehelp.php?id='.((int) $this->numero).'\',\'text/html\',\''.dol_escape_js($langs->trans("Module")).'\')">'.img_picto(($this->isCoreOrExternalModule() == 'external' ? $langs->trans("ExternalModule").' - ' : '').$langs->trans("ClickToShowDescription"), $imginfo).'</a>'; |
|
| 2551 | + $return .= '</div><br>'; |
|
| 2552 | + |
|
| 2553 | + $return .= '<div class="valignmiddle inline-block info-box-actions">'; |
|
| 2554 | + $return .= '<div class="valignmiddle inline-block info-box-setup">'; |
|
| 2555 | + $return .= $codetoconfig; |
|
| 2556 | + $return .= '</div>'; |
|
| 2557 | + $return .= '<div class="valignmiddle inline-block marginleftonly marginrightonly">'; |
|
| 2558 | + $return .= $codeenabledisable; |
|
| 2559 | + $return .= '</div>'; |
|
| 2560 | + $return .= '</div>'; |
|
| 2561 | + |
|
| 2562 | + $return .= ' |
|
| 2563 | 2563 | </div><!-- /.info-box-content --> |
| 2564 | 2564 | </div><!-- /.info-box --> |
| 2565 | 2565 | </div>'; |
@@ -2578,7 +2578,7 @@ discard block |
||
| 2578 | 2578 | { |
| 2579 | 2579 | require_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php'; |
| 2580 | 2580 | if (!empty($this->url_last_version)) { |
| 2581 | - $lastVersion = getURLContent($this->url_last_version, 'GET', '', 1, array(), array('http', 'https'), 0); // Accept http or https links on external remote server only |
|
| 2581 | + $lastVersion = getURLContent($this->url_last_version, 'GET', '', 1, array(), array('http', 'https'), 0); // Accept http or https links on external remote server only |
|
| 2582 | 2582 | if (isset($lastVersion['content']) && strlen($lastVersion['content']) < 30) { |
| 2583 | 2583 | // Security warning : be careful with remote data content, the module editor could be hacked (or evil) so limit to a-z A-Z 0-9 _ . - |
| 2584 | 2584 | $this->lastVersion = preg_replace("/[^a-zA-Z0-9_\.\-]+/", "", $lastVersion['content']); |
