diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index 51f053c9eda..6a826b5a126 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -300,7 +300,7 @@ if ($type == 'directory') { // Automatic list if (in_array($module, $automodules)) { - $param .= '&module='.$module; + $param .= '&module='.urlencode($module); if (isset($search_doc_ref) && $search_doc_ref != '') { $param .= '&search_doc_ref='.urlencode($search_doc_ref); } diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 16e56bdff81..a6012f37864 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -250,7 +250,7 @@ function dol_dir_list($utf8_path, $types = "all", $recursive = 0, $filter = "", * Scan a directory and return a list of files/directories. * Content for string is UTF8 and dir separator is "/". * - * @param string $path Starting path from which to search. Example: 'produit/MYPROD' + * @param string $path Starting path from which to search. Example: 'produit/MYPROD' or 'produit/%' * @param string $filter Regex filter to restrict list. This regex value must be escaped for '/', since this char is used for preg_match function * @param string[]|null $excludefilter Array of Regex for exclude filter (example: array('(\.meta|_preview.*\.png)$','^\.')) * @param string $sortcriteria Sort criteria ("","fullname","name","date","size") @@ -272,9 +272,9 @@ function dol_dir_list_in_database($path, $filter = "", $excludefilter = null, $s $sql .= ", description"; } $sql .= " FROM ".MAIN_DB_PREFIX."ecm_files"; - $sql .= " WHERE entity = ".$conf->entity; + $sql .= " WHERE entity = ".((int) $conf->entity); if (preg_match('/%$/', $path)) { - $sql .= " AND filepath LIKE '".$db->escape($path)."'"; + $sql .= " AND (filepath LIKE '".$db->escape($path)."' OR filepath = '".$db->escape(preg_replace('/\/%$/', '', $path))."')"; } else { $sql .= " AND filepath = '".$db->escape($path)."'"; }