* Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /** * \file htdocs/core/ajax/ajaxdirtree.php * \ingroup ecm * \brief This script returns content of a directory for filetree */ // This script is called with a POST method. // Directory to scan (full path) is inside POST['dir'] and encode by js escape() if ajax is used or encoded by urlencode if mode=noajax if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL',1); // Disables token renewal if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); if (! isset($mode) || $mode != 'noajax') // For ajax call { $res=@include '../../main.inc.php'; include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; include_once DOL_DOCUMENT_ROOT.'/core/lib/treeview.lib.php'; include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php'; include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php'; //if (GETPOST('preopened')) { $_GET['dir'] = $_POST['dir'] = '/bbb/'; } $openeddir = GETPOST('openeddir'); $modulepart= GETPOST('modulepart'); $selecteddir = jsUnEscape(GETPOST('dir')); // relative path. We must decode using same encoding function used by javascript: escape() $preopened = GETPOST('preopened'); if ($selecteddir != '/') $selecteddir = preg_replace('/\/$/','',$selecteddir); // We removed last '/' except if it is '/' } else // For no ajax call { //if (GETPOST('preopened')) { $_GET['dir'] = $_POST['dir'] = GETPOST('preopened'); } $openeddir = GETPOST('openeddir'); $modulepart= GETPOST('modulepart'); $selecteddir = GETPOST('dir'); $preopened = GETPOST('preopened'); if ($selecteddir != '/') $selecteddir = preg_replace('/\/$/','',$selecteddir); // We removed last '/' except if it is '/' if (empty($url)) $url=DOL_URL_ROOT.'/ecm/index.php'; } // Load translation files required by the page $langs->load("ecm"); // Define fullpathselecteddir. $fullpathselecteddir=''; if ($modulepart == 'ecm') { $fullpathselecteddir=$conf->ecm->dir_output.'/'.($selecteddir != '/' ? $selecteddir : ''); $fullpathpreopened=$conf->ecm->dir_output.'/'.($preopened != '/' ? $preopened : ''); } elseif ($modulepart == 'medias') { $fullpathselecteddir=$dolibarr_main_data_root.'/medias/'.($selecteddir != '/' ? $selecteddir : ''); $fullpathpreopened=$dolibarr_main_data_root.'/medias/'.($preopened != '/' ? $preopened : ''); } // Security: // On interdit les remontees de repertoire ainsi que les pipe dans les noms de fichiers. if (preg_match('/\.\./',$fullpathselecteddir) || preg_match('/[<>|]/',$fullpathselecteddir)) { dol_syslog("Refused to deliver file ".$original_file); // Do no show plain path in shown error message dol_print_error(0,$langs->trans("ErrorFileNameInvalid",GETPOST("file"))); exit; } // Check permissions if ($modulepart == 'ecm') { if (! $user->rights->ecm->read) accessforbidden(); } elseif ($modulepart == 'medias') { // Always allowed } /* * View */ if (! isset($mode) || $mode != 'noajax') // if ajax mode { top_httphead(); } //print ''."\n"; $userstatic=new User($db); $form=new Form($db); $ecmdirstatic = new EcmDirectory($db); // Load full tree of ECM module from database. We will use it to define nbofsubdir and nboffilesinsubdir if (empty($sqltree)) $sqltree=$ecmdirstatic->get_full_arbo(0); // Try to find selected dir id into $sqltree and save it into $current_ecmdir_id $current_ecmdir_id=-1; foreach($sqltree as $keycursor => $val) { //print $val['fullrelativename']." == ".$selecteddir; if ($val['fullrelativename'] == $selecteddir) { $current_ecmdir_id = $keycursor; } } if (! empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_ECM_DISABLE_JS)) { treeOutputForAbsoluteDir($sqltree, $selecteddir, $fullpathselecteddir, $modulepart, $websitekey, $pageid, $preopened, $fullpathpreopened); // TODO Find a solution to not output this code for each leaf we open // Enable jquery handlers on new generated HTML objects (same code than into lib_footer.js.php) // Because the content is reloaded by ajax call, we must also reenable some jquery hooks print "\n\n"; print ''; // This ajax service is called only when a directory $selecteddir is opened but not when closed. //print ''; } if (empty($conf->use_javascript_ajax) || ! empty($conf->global->MAIN_ECM_DISABLE_JS)) { print '
    '; // Load full tree from database. We will use it to define nbofsubdir and nboffilesinsubdir if (empty($sqltree)) $sqltree=$ecmdirstatic->get_full_arbo(0); // Slow // ----- This section will show a tree from a fulltree array ----- // $section must also be defined // ---------------------------------------------------------------- // Define fullpathselected ( _x_y_z ) of $section parameter (!! not into ajaxdirtree) $fullpathselected=''; foreach($sqltree as $key => $val) { //print $val['id']."-".$section."
    "; if ($val['id'] == $section) { $fullpathselected=$val['fullpath']; break; } } //print "fullpathselected=".$fullpathselected."
    "; // Update expandedsectionarray in session $expandedsectionarray=array(); if (isset($_SESSION['dol_ecmexpandedsectionarray'])) $expandedsectionarray=explode(',',$_SESSION['dol_ecmexpandedsectionarray']); if ($section && GETPOST('sectionexpand') == 'true') { // We add all sections that are parent of opened section $pathtosection=explode('_',$fullpathselected); foreach($pathtosection as $idcursor) { if ($idcursor && ! in_array($idcursor,$expandedsectionarray)) // Not already in array { $expandedsectionarray[]=$idcursor; } } $_SESSION['dol_ecmexpandedsectionarray']=join(',',$expandedsectionarray); } if ($section && GETPOST('sectionexpand') == 'false') { // We removed all expanded sections that are child of the closed section $oldexpandedsectionarray=$expandedsectionarray; $expandedsectionarray=array(); // Reset foreach($oldexpandedsectionarray as $sectioncursor) { // TODO is_in_subtree(fulltree,sectionparent,sectionchild) does nox exists. Enable or remove this... //if ($sectioncursor && ! is_in_subtree($sqltree,$section,$sectioncursor)) $expandedsectionarray[]=$sectioncursor; } $_SESSION['dol_ecmexpandedsectionarray']=join(',',$expandedsectionarray); } //print $_SESSION['dol_ecmexpandedsectionarray'].'
    '; $nbofentries=0; $oldvallevel=0; foreach($sqltree as $key => $val) { $ecmdirstatic->id=$val['id']; $ecmdirstatic->ref=$val['label']; // Refresh cache if (preg_match('/refresh/i',$action)) { $result=$ecmdirstatic->fetch($val['id']); $ecmdirstatic->ref=$ecmdirstatic->label; $result=$ecmdirstatic->refreshcachenboffile(0); $val['cachenbofdoc']=$result; } //$fullpathparent=preg_replace('/(_[^_]+)$/i','',$val['fullpath']); // Define showline $showline=0; // If directory is son of expanded directory, we show line if (in_array($val['id_mere'],$expandedsectionarray)) $showline=4; // If directory is brother of selected directory, we show line elseif ($val['id'] != $section && $val['id_mere'] == $ecmdirstatic->motherof[$section]) $showline=3; // If directory is parent of selected directory or is selected directory, we show line elseif (preg_match('/'.$val['fullpath'].'_/i',$fullpathselected.'_')) $showline=2; // If we are level one we show line elseif ($val['level'] < 2) $showline=1; if ($showline) { if (in_array($val['id'],$expandedsectionarray)) $option='indexexpanded'; else $option='indexnotexpanded'; //print $option; print '\n"; } $oldvallevel=$val['level']; $nbofentries++; } // If nothing to show if ($nbofentries == 0) { print '\n"; } print '
'; } // Close db if mode is not noajax if ((! isset($mode) || $mode != 'noajax') && is_object($db)) $db->close(); /** * treeOutputForAbsoluteDir * * @param array $sqltree Sqltree * @param string $selecteddir Selected dir * @param string $fullpathselecteddir Full path of selected dir * @param string $modulepart Modulepart * @param string $websitekey Website key * @param int $pageid Page id * @param string $preopened Current open dir * @param string $fullpathpreopened Full path of current open dir * @param int $depth Depth * @return void */ function treeOutputForAbsoluteDir($sqltree, $selecteddir, $fullpathselecteddir, $modulepart, $websitekey, $pageid, $preopened, $fullpathpreopened, $depth = 0) { global $conf, $db, $langs, $form; global $dolibarr_main_data_root; $ecmdirstatic = new EcmDirectory($db); $userstatic = new User($db); if (file_exists($fullpathselecteddir)) { $files = @scandir($fullpathselecteddir); if (! empty($files)) { natcasesort($files); if (count($files) > 2) /* The 2 accounts for . and .. */ { echo '\n"; } } else print "PermissionDenied"; } }