mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-11 12:01:23 +01:00
FIX #hunterb812ea22-0c02-46fe-b89f-04519dfb1ebd
This commit is contained in:
Laurent Destailleur
@@ -9095,13 +9095,13 @@ class Form
|
||||
if (!empty($object->photo)) {
|
||||
if (dolIsAllowedForPreview($object->photo)) {
|
||||
if ((string) $imagesize == 'mini') {
|
||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini');
|
||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.getImageFileNameForSize($object->photo, '_mini');
|
||||
} elseif ((string) $imagesize == 'small') {
|
||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small');
|
||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.getImageFileNameForSize($object->photo, '_small');
|
||||
} else {
|
||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
|
||||
$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->photo;
|
||||
}
|
||||
$originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
|
||||
$originalfile = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->photo;
|
||||
}
|
||||
}
|
||||
if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {
|
||||
|
||||
@@ -2348,15 +2348,15 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
|
||||
$accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match('/^dolibarr.*\.log$/', basename($original_file)));
|
||||
$original_file = $dolibarr_main_data_root.'/'.$original_file;
|
||||
} elseif ($modulepart == 'doctemplates' && !empty($dolibarr_main_data_root)) {
|
||||
// Wrapping for *.log files, like when used with url http://.../document.php?modulepart=logs&file=dolibarr.log
|
||||
// Wrapping for doctemplates
|
||||
$accessallowed = $user->admin;
|
||||
$original_file = $dolibarr_main_data_root.'/doctemplates/'.$original_file;
|
||||
} elseif ($modulepart == 'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
|
||||
// Wrapping for *.zip files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
|
||||
// Wrapping for doctemplates of websites
|
||||
$accessallowed = ($fuser->rights->website->write && preg_match('/\.jpg$/i', basename($original_file)));
|
||||
$original_file = $dolibarr_main_data_root.'/doctemplates/websites/'.$original_file;
|
||||
} elseif ($modulepart == 'packages' && !empty($dolibarr_main_data_root)) {
|
||||
// Wrapping for *.zip files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
|
||||
// Wrapping for *.zip package files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
|
||||
// Dir for custom dirs
|
||||
$tmp = explode(',', $dolibarr_main_document_root_alt);
|
||||
$dirins = $tmp[0];
|
||||
@@ -2369,11 +2369,17 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
|
||||
$original_file = $conf->mycompany->dir_output.'/'.$original_file;
|
||||
} elseif ($modulepart == 'userphoto' && !empty($conf->user->dir_output)) {
|
||||
// Wrapping for users photos
|
||||
$accessallowed = 0;
|
||||
if (preg_match('/^\d+\/photos\//', $original_file)) {
|
||||
$accessallowed = 1;
|
||||
}
|
||||
$original_file = $conf->user->dir_output.'/'.$original_file;
|
||||
} elseif ($modulepart == 'memberphoto' && !empty($conf->adherent->dir_output)) {
|
||||
// Wrapping for members photos
|
||||
$accessallowed = 0;
|
||||
if (preg_match('/^\d+\/photos\//', $original_file)) {
|
||||
$accessallowed = 1;
|
||||
}
|
||||
$original_file = $conf->adherent->dir_output.'/'.$original_file;
|
||||
} elseif ($modulepart == 'apercufacture' && !empty($conf->facture->multidir_output[$entity])) {
|
||||
// Wrapping pour les apercu factures
|
||||
@@ -2448,7 +2454,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
|
||||
}
|
||||
$original_file = $conf->expensereport->dir_output.'/'.$original_file;
|
||||
} elseif (($modulepart == 'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
|
||||
// Wrapping pour les apercu supplier invoice
|
||||
// Wrapping pour les apercu expense report
|
||||
if ($fuser->rights->expensereport->{$lire}) {
|
||||
$accessallowed = 1;
|
||||
}
|
||||
|
||||
@@ -456,6 +456,13 @@ if (!GETPOST('action', 'aZ09') || preg_match('/upgrade/i', GETPOST('action', 'aZ
|
||||
migrate_export_import_profiles('export');
|
||||
migrate_export_import_profiles('import');
|
||||
}
|
||||
|
||||
// Scripts for 16.0
|
||||
$afterversionarray = explode('.', '15.0.9');
|
||||
$beforeversionarray = explode('.', '16.0.9');
|
||||
if (versioncompare($versiontoarray, $afterversionarray) >= 0 && versioncompare($versiontoarray, $beforeversionarray) <= 0) {
|
||||
migrate_user_photospath2();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -4505,8 +4512,7 @@ function migrate_user_photospath()
|
||||
}
|
||||
// dol_delete_dir($origin.'/'.$file);
|
||||
}
|
||||
} else // it is a file
|
||||
{
|
||||
} else { // it is a file
|
||||
if (!dol_is_file($destin.'/'.$file)) {
|
||||
//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
|
||||
print '.';
|
||||
@@ -4524,6 +4530,94 @@ function migrate_user_photospath()
|
||||
print '</td></tr>';
|
||||
}
|
||||
|
||||
/**
|
||||
* Migrate file from old path users/99/file.jpg into users/99/photos/file.jpg
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
function migrate_user_photospath2()
|
||||
{
|
||||
global $conf, $db, $langs, $user;
|
||||
|
||||
print '<tr><td colspan="4">';
|
||||
|
||||
print '<b>'.$langs->trans('MigrationUserPhotoPath')."</b><br>\n";
|
||||
|
||||
include_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
|
||||
$fuser = new User($db);
|
||||
|
||||
if (!is_object($user)) {
|
||||
$user = $fuser; // To avoid error during migration
|
||||
}
|
||||
|
||||
$sql = "SELECT rowid as uid from ".MAIN_DB_PREFIX."user"; // Get list of all users
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
while ($obj = $db->fetch_object($resql)) {
|
||||
$fuser->fetch($obj->uid);
|
||||
//echo '<hr>'.$fuser->id.' -> '.$fuser->entity;
|
||||
$entity = (empty($fuser->entity) ? 1 : $fuser->entity);
|
||||
if ($entity > 1) {
|
||||
$dir = DOL_DATA_ROOT.'/'.$entity.'/users';
|
||||
} else {
|
||||
$dir = $conf->user->multidir_output[$entity]; // $conf->user->multidir_output[] for each entity is construct by the multicompany module
|
||||
}
|
||||
|
||||
if ($dir) {
|
||||
//print "Process user id ".$fuser->id."<br>\n";
|
||||
$origin = $dir.'/'.$fuser->id;
|
||||
$destin = $dir.'/'.$fuser->id.'/photos';
|
||||
|
||||
$origin_osencoded = dol_osencode($origin);
|
||||
|
||||
dol_mkdir($destin);
|
||||
|
||||
//echo '<hr>'.$origin.' -> '.$destin;
|
||||
if (dol_is_dir($origin)) {
|
||||
$handle = opendir($origin_osencoded);
|
||||
if (is_resource($handle)) {
|
||||
while (($file = readdir($handle)) !== false) {
|
||||
if ($file == '.' || $file == '..' || $file == 'photos') {
|
||||
continue;
|
||||
}
|
||||
if (!empty($fuser->photo) && ($file != $fuser->photo && $file != 'thumbs')) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (dol_is_dir($origin.'/'.$file)) { // it is a dir (like 'thumbs')
|
||||
$thumbs = opendir($origin_osencoded.'/'.$file);
|
||||
if (is_resource($thumbs)) {
|
||||
dol_mkdir($destin.'/'.$file);
|
||||
while (($thumb = readdir($thumbs)) !== false) {
|
||||
if (!dol_is_file($destin.'/'.$file.'/'.$thumb)) {
|
||||
if ($thumb == '.' || $thumb == '..') {
|
||||
continue;
|
||||
}
|
||||
|
||||
//print $origin.'/'.$file.'/'.$thumb.' -> '.$destin.'/'.$file.'/'.$thumb.'<br>'."\n";
|
||||
print '.';
|
||||
dol_copy($origin.'/'.$file.'/'.$thumb, $destin.'/'.$file.'/'.$thumb, 0, 0);
|
||||
}
|
||||
}
|
||||
// dol_delete_dir($origin.'/'.$file);
|
||||
}
|
||||
} else { // it is a file
|
||||
if (!dol_is_file($destin.'/'.$file)) {
|
||||
//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
|
||||
print '.';
|
||||
dol_copy($origin.'/'.$file, $destin.'/'.$file, 0, 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
print '</td></tr>';
|
||||
}
|
||||
|
||||
|
||||
/* A faire egalement: Modif statut paye et fk_facture des factures payes completement
|
||||
|
||||
|
||||
@@ -543,14 +543,14 @@ if (empty($reshook)) {
|
||||
|
||||
if (!$error && !count($object->errors)) {
|
||||
if (GETPOST('deletephoto') && $object->oldcopy->photo) {
|
||||
$fileimg = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').$object->oldcopy->photo;
|
||||
$dirthumbs = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'/thumbs';
|
||||
$fileimg = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->oldcopy->photo;
|
||||
$dirthumbs = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'photos/thumbs';
|
||||
dol_delete_file($fileimg);
|
||||
dol_delete_dir_recursive($dirthumbs);
|
||||
}
|
||||
|
||||
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
|
||||
$dir = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'user');
|
||||
$dir = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'user').'/photos';
|
||||
|
||||
dol_mkdir($dir);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user