forked from Wavyzz/dolibarr
FIX #hunterb812ea22-0c02-46fe-b89f-04519dfb1ebd
This commit is contained in:
Laurent Destailleur
@@ -9095,13 +9095,13 @@ class Form
|
|||||||
if (!empty($object->photo)) {
|
if (!empty($object->photo)) {
|
||||||
if (dolIsAllowedForPreview($object->photo)) {
|
if (dolIsAllowedForPreview($object->photo)) {
|
||||||
if ((string) $imagesize == 'mini') {
|
if ((string) $imagesize == 'mini') {
|
||||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini');
|
$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.getImageFileNameForSize($object->photo, '_mini');
|
||||||
} elseif ((string) $imagesize == 'small') {
|
} elseif ((string) $imagesize == 'small') {
|
||||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small');
|
$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.getImageFileNameForSize($object->photo, '_small');
|
||||||
} else {
|
} else {
|
||||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
|
$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->photo;
|
||||||
}
|
}
|
||||||
$originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
|
$originalfile = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->photo;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {
|
if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {
|
||||||
|
|||||||
@@ -2348,15 +2348,15 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
|
|||||||
$accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match('/^dolibarr.*\.log$/', basename($original_file)));
|
$accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match('/^dolibarr.*\.log$/', basename($original_file)));
|
||||||
$original_file = $dolibarr_main_data_root.'/'.$original_file;
|
$original_file = $dolibarr_main_data_root.'/'.$original_file;
|
||||||
} elseif ($modulepart == 'doctemplates' && !empty($dolibarr_main_data_root)) {
|
} elseif ($modulepart == 'doctemplates' && !empty($dolibarr_main_data_root)) {
|
||||||
// Wrapping for *.log files, like when used with url http://.../document.php?modulepart=logs&file=dolibarr.log
|
// Wrapping for doctemplates
|
||||||
$accessallowed = $user->admin;
|
$accessallowed = $user->admin;
|
||||||
$original_file = $dolibarr_main_data_root.'/doctemplates/'.$original_file;
|
$original_file = $dolibarr_main_data_root.'/doctemplates/'.$original_file;
|
||||||
} elseif ($modulepart == 'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
|
} elseif ($modulepart == 'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
|
||||||
// Wrapping for *.zip files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
|
// Wrapping for doctemplates of websites
|
||||||
$accessallowed = ($fuser->rights->website->write && preg_match('/\.jpg$/i', basename($original_file)));
|
$accessallowed = ($fuser->rights->website->write && preg_match('/\.jpg$/i', basename($original_file)));
|
||||||
$original_file = $dolibarr_main_data_root.'/doctemplates/websites/'.$original_file;
|
$original_file = $dolibarr_main_data_root.'/doctemplates/websites/'.$original_file;
|
||||||
} elseif ($modulepart == 'packages' && !empty($dolibarr_main_data_root)) {
|
} elseif ($modulepart == 'packages' && !empty($dolibarr_main_data_root)) {
|
||||||
// Wrapping for *.zip files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
|
// Wrapping for *.zip package files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
|
||||||
// Dir for custom dirs
|
// Dir for custom dirs
|
||||||
$tmp = explode(',', $dolibarr_main_document_root_alt);
|
$tmp = explode(',', $dolibarr_main_document_root_alt);
|
||||||
$dirins = $tmp[0];
|
$dirins = $tmp[0];
|
||||||
@@ -2369,11 +2369,17 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
|
|||||||
$original_file = $conf->mycompany->dir_output.'/'.$original_file;
|
$original_file = $conf->mycompany->dir_output.'/'.$original_file;
|
||||||
} elseif ($modulepart == 'userphoto' && !empty($conf->user->dir_output)) {
|
} elseif ($modulepart == 'userphoto' && !empty($conf->user->dir_output)) {
|
||||||
// Wrapping for users photos
|
// Wrapping for users photos
|
||||||
$accessallowed = 1;
|
$accessallowed = 0;
|
||||||
|
if (preg_match('/^\d+\/photos\//', $original_file)) {
|
||||||
|
$accessallowed = 1;
|
||||||
|
}
|
||||||
$original_file = $conf->user->dir_output.'/'.$original_file;
|
$original_file = $conf->user->dir_output.'/'.$original_file;
|
||||||
} elseif ($modulepart == 'memberphoto' && !empty($conf->adherent->dir_output)) {
|
} elseif ($modulepart == 'memberphoto' && !empty($conf->adherent->dir_output)) {
|
||||||
// Wrapping for members photos
|
// Wrapping for members photos
|
||||||
$accessallowed = 1;
|
$accessallowed = 0;
|
||||||
|
if (preg_match('/^\d+\/photos\//', $original_file)) {
|
||||||
|
$accessallowed = 1;
|
||||||
|
}
|
||||||
$original_file = $conf->adherent->dir_output.'/'.$original_file;
|
$original_file = $conf->adherent->dir_output.'/'.$original_file;
|
||||||
} elseif ($modulepart == 'apercufacture' && !empty($conf->facture->multidir_output[$entity])) {
|
} elseif ($modulepart == 'apercufacture' && !empty($conf->facture->multidir_output[$entity])) {
|
||||||
// Wrapping pour les apercu factures
|
// Wrapping pour les apercu factures
|
||||||
@@ -2448,7 +2454,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
|
|||||||
}
|
}
|
||||||
$original_file = $conf->expensereport->dir_output.'/'.$original_file;
|
$original_file = $conf->expensereport->dir_output.'/'.$original_file;
|
||||||
} elseif (($modulepart == 'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
|
} elseif (($modulepart == 'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
|
||||||
// Wrapping pour les apercu supplier invoice
|
// Wrapping pour les apercu expense report
|
||||||
if ($fuser->rights->expensereport->{$lire}) {
|
if ($fuser->rights->expensereport->{$lire}) {
|
||||||
$accessallowed = 1;
|
$accessallowed = 1;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -456,6 +456,13 @@ if (!GETPOST('action', 'aZ09') || preg_match('/upgrade/i', GETPOST('action', 'aZ
|
|||||||
migrate_export_import_profiles('export');
|
migrate_export_import_profiles('export');
|
||||||
migrate_export_import_profiles('import');
|
migrate_export_import_profiles('import');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Scripts for 16.0
|
||||||
|
$afterversionarray = explode('.', '15.0.9');
|
||||||
|
$beforeversionarray = explode('.', '16.0.9');
|
||||||
|
if (versioncompare($versiontoarray, $afterversionarray) >= 0 && versioncompare($versiontoarray, $beforeversionarray) <= 0) {
|
||||||
|
migrate_user_photospath2();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -4505,8 +4512,7 @@ function migrate_user_photospath()
|
|||||||
}
|
}
|
||||||
// dol_delete_dir($origin.'/'.$file);
|
// dol_delete_dir($origin.'/'.$file);
|
||||||
}
|
}
|
||||||
} else // it is a file
|
} else { // it is a file
|
||||||
{
|
|
||||||
if (!dol_is_file($destin.'/'.$file)) {
|
if (!dol_is_file($destin.'/'.$file)) {
|
||||||
//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
|
//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
|
||||||
print '.';
|
print '.';
|
||||||
@@ -4524,6 +4530,94 @@ function migrate_user_photospath()
|
|||||||
print '</td></tr>';
|
print '</td></tr>';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Migrate file from old path users/99/file.jpg into users/99/photos/file.jpg
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
function migrate_user_photospath2()
|
||||||
|
{
|
||||||
|
global $conf, $db, $langs, $user;
|
||||||
|
|
||||||
|
print '<tr><td colspan="4">';
|
||||||
|
|
||||||
|
print '<b>'.$langs->trans('MigrationUserPhotoPath')."</b><br>\n";
|
||||||
|
|
||||||
|
include_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
|
||||||
|
$fuser = new User($db);
|
||||||
|
|
||||||
|
if (!is_object($user)) {
|
||||||
|
$user = $fuser; // To avoid error during migration
|
||||||
|
}
|
||||||
|
|
||||||
|
$sql = "SELECT rowid as uid from ".MAIN_DB_PREFIX."user"; // Get list of all users
|
||||||
|
$resql = $db->query($sql);
|
||||||
|
if ($resql) {
|
||||||
|
while ($obj = $db->fetch_object($resql)) {
|
||||||
|
$fuser->fetch($obj->uid);
|
||||||
|
//echo '<hr>'.$fuser->id.' -> '.$fuser->entity;
|
||||||
|
$entity = (empty($fuser->entity) ? 1 : $fuser->entity);
|
||||||
|
if ($entity > 1) {
|
||||||
|
$dir = DOL_DATA_ROOT.'/'.$entity.'/users';
|
||||||
|
} else {
|
||||||
|
$dir = $conf->user->multidir_output[$entity]; // $conf->user->multidir_output[] for each entity is construct by the multicompany module
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($dir) {
|
||||||
|
//print "Process user id ".$fuser->id."<br>\n";
|
||||||
|
$origin = $dir.'/'.$fuser->id;
|
||||||
|
$destin = $dir.'/'.$fuser->id.'/photos';
|
||||||
|
|
||||||
|
$origin_osencoded = dol_osencode($origin);
|
||||||
|
|
||||||
|
dol_mkdir($destin);
|
||||||
|
|
||||||
|
//echo '<hr>'.$origin.' -> '.$destin;
|
||||||
|
if (dol_is_dir($origin)) {
|
||||||
|
$handle = opendir($origin_osencoded);
|
||||||
|
if (is_resource($handle)) {
|
||||||
|
while (($file = readdir($handle)) !== false) {
|
||||||
|
if ($file == '.' || $file == '..' || $file == 'photos') {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (!empty($fuser->photo) && ($file != $fuser->photo && $file != 'thumbs')) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (dol_is_dir($origin.'/'.$file)) { // it is a dir (like 'thumbs')
|
||||||
|
$thumbs = opendir($origin_osencoded.'/'.$file);
|
||||||
|
if (is_resource($thumbs)) {
|
||||||
|
dol_mkdir($destin.'/'.$file);
|
||||||
|
while (($thumb = readdir($thumbs)) !== false) {
|
||||||
|
if (!dol_is_file($destin.'/'.$file.'/'.$thumb)) {
|
||||||
|
if ($thumb == '.' || $thumb == '..') {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
//print $origin.'/'.$file.'/'.$thumb.' -> '.$destin.'/'.$file.'/'.$thumb.'<br>'."\n";
|
||||||
|
print '.';
|
||||||
|
dol_copy($origin.'/'.$file.'/'.$thumb, $destin.'/'.$file.'/'.$thumb, 0, 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// dol_delete_dir($origin.'/'.$file);
|
||||||
|
}
|
||||||
|
} else { // it is a file
|
||||||
|
if (!dol_is_file($destin.'/'.$file)) {
|
||||||
|
//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
|
||||||
|
print '.';
|
||||||
|
dol_copy($origin.'/'.$file, $destin.'/'.$file, 0, 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
print '</td></tr>';
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* A faire egalement: Modif statut paye et fk_facture des factures payes completement
|
/* A faire egalement: Modif statut paye et fk_facture des factures payes completement
|
||||||
|
|
||||||
|
|||||||
@@ -543,14 +543,14 @@ if (empty($reshook)) {
|
|||||||
|
|
||||||
if (!$error && !count($object->errors)) {
|
if (!$error && !count($object->errors)) {
|
||||||
if (GETPOST('deletephoto') && $object->oldcopy->photo) {
|
if (GETPOST('deletephoto') && $object->oldcopy->photo) {
|
||||||
$fileimg = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').$object->oldcopy->photo;
|
$fileimg = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->oldcopy->photo;
|
||||||
$dirthumbs = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'/thumbs';
|
$dirthumbs = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'photos/thumbs';
|
||||||
dol_delete_file($fileimg);
|
dol_delete_file($fileimg);
|
||||||
dol_delete_dir_recursive($dirthumbs);
|
dol_delete_dir_recursive($dirthumbs);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
|
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
|
||||||
$dir = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'user');
|
$dir = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'user').'/photos';
|
||||||
|
|
||||||
dol_mkdir($dir);
|
dol_mkdir($dir);
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user