diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php
index 43576494722..0ac46741607 100644
--- a/htdocs/adherents/fiche.php
+++ b/htdocs/adherents/fiche.php
@@ -176,7 +176,7 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"])
if (is_dir($conf->adherent->dir_output))
{
$newfile=$conf->adherent->dir_output . "/" . $adh->id . ".jpg";
- if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile))
+ if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1) > 0)
{
$message .= ''.$langs->trans("ErrorFailedToSaveFile").'
';
}
diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php
index 7fd77b89d92..831872a1941 100644
--- a/htdocs/admin/company.php
+++ b/htdocs/admin/company.php
@@ -65,7 +65,7 @@ if ( (isset($_POST["action"]) && $_POST["action"] == 'update')
{
create_exdir($conf->societe->dir_logos);
}
- if (dol_move_uploaded_file($_FILES["logo"]["tmp_name"],$conf->societe->dir_logos.'/'.$original_file))
+ if (dol_move_uploaded_file($_FILES["logo"]["tmp_name"],$conf->societe->dir_logos.'/'.$original_file,1) > 0)
{
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_LOGO",$original_file);
diff --git a/htdocs/admin/import/import.php b/htdocs/admin/import/import.php
index 4612476606c..7eaa262ede4 100644
--- a/htdocs/admin/import/import.php
+++ b/htdocs/admin/import/import.php
@@ -65,7 +65,7 @@ if ( $_POST["sendit"] && $conf->upload != 0)
{
$imp = new DolibarrImport($db);
$imp->CreateBackupDir();
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $imp->upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $imp->upload_dir . "/" . $_FILES['userfile']['name'],1) > 0)
{
$imp->ImportClients($imp->upload_dir . "/" . $_FILES['userfile']['name']);
diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php
index 91cff366642..d37aeb2793d 100755
--- a/htdocs/comm/action/document.php
+++ b/htdocs/comm/action/document.php
@@ -75,7 +75,7 @@ if ( $_POST["sendit"] && $conf->upload )
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php
index 239358af0c5..03df48438ca 100644
--- a/htdocs/comm/propal/document.php
+++ b/htdocs/comm/propal/document.php
@@ -77,7 +77,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
diff --git a/htdocs/commande/document.php b/htdocs/commande/document.php
index 36fb13cb510..54d82cd70d1 100644
--- a/htdocs/commande/document.php
+++ b/htdocs/commande/document.php
@@ -79,7 +79,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php
index d9d08d95870..b17360290f1 100644
--- a/htdocs/compta/facture/document.php
+++ b/htdocs/compta/facture/document.php
@@ -79,7 +79,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
diff --git a/htdocs/compta/prelevement/fiche.php b/htdocs/compta/prelevement/fiche.php
index 5d877d08344..d48ef91153e 100644
--- a/htdocs/compta/prelevement/fiche.php
+++ b/htdocs/compta/prelevement/fiche.php
@@ -57,19 +57,20 @@ if ($_POST["action"] == 'infotrans')
{
$dir = $conf->prelevement->dir_output.'/bon/';
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $dir . "/" . $_FILES['userfile']['name'],1) > 0)
{
- $dt = mktime(12,0,0,$_POST["remonth"],$_POST["reday"],$_POST["reyear"]);
+ $dt = dolibarr_mktime(12,0,0,$_POST["remonth"],$_POST["reday"],$_POST["reyear"]);
$bon->set_infotrans($user, $dt, $_POST["methode"]);
}
}
else
{
- dolibarr_syslog("Fichier invalide",LOG_WARN);
+ dolibarr_syslog("Fichier invalide",LOG_WARNING);
}
Header("Location: fiche.php?id=".$_GET["id"]);
+ exit;
}
if ($_POST["action"] == 'infocredit')
diff --git a/htdocs/contrat/document.php b/htdocs/contrat/document.php
index 65ef1651e61..7030627b505 100644
--- a/htdocs/contrat/document.php
+++ b/htdocs/contrat/document.php
@@ -80,7 +80,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
diff --git a/htdocs/ecm/docmine.php b/htdocs/ecm/docmine.php
index 8d8aacf1386..6f2af1fcb86 100644
--- a/htdocs/ecm/docmine.php
+++ b/htdocs/ecm/docmine.php
@@ -94,14 +94,14 @@ if ( $_POST["sendit"] && $conf->upload != 0)
if (is_dir($upload_dir))
{
- $result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']);
- if ($result == 1)
+ $result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0);
+ if ($result > 0)
{
//$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
$result=$ecmdir->changeNbOfFiles('+');
}
- else if (!$result)
+ else if ($result < 0)
{
// Echec transfert (fichier depassant la limite ?)
$mesg = ''.$langs->trans("ErrorFileNotUploaded").'
';
diff --git a/htdocs/ecm/docother.php b/htdocs/ecm/docother.php
index 84369f434d4..9ddac653c47 100644
--- a/htdocs/ecm/docother.php
+++ b/htdocs/ecm/docother.php
@@ -50,13 +50,13 @@ if ( $_POST["sendit"] && $conf->upload != 0)
if (is_dir($upload_dir))
{
- $result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']);
- if ($result == 1)
+ $result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0);
+ if ($result > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
}
- else if (!$result)
+ else if ($result < 0)
{
// Echec transfert (fichier d?passant la limite ?)
$mesg = ''.$langs->trans("ErrorFileNotUploaded").'
';
diff --git a/htdocs/fourn/facture/document.php b/htdocs/fourn/facture/document.php
index 8bc5fed506a..454e917e604 100644
--- a/htdocs/fourn/facture/document.php
+++ b/htdocs/fourn/facture/document.php
@@ -82,7 +82,7 @@ if ($_POST['sendit'] && $conf->upload)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . '/' . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . '/' . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans('FileTransferComplete').'
';
//print_r($_FILES);
diff --git a/htdocs/lib/functions.lib.php b/htdocs/lib/functions.lib.php
index 30bdaf36669..7d89551c8ad 100644
--- a/htdocs/lib/functions.lib.php
+++ b/htdocs/lib/functions.lib.php
@@ -1526,17 +1526,19 @@ function dolibarr_print_error($db='',$error='')
/**
- \brief Deplacer les fichiers telechargés, apres quelques controles divers
- \param src_file fichier source
- \param dest_file fichier de destination
- \return int true=Deplacement OK, false=Pas de deplacement ou KO
+ * \brief Deplacer les fichiers telechargés, apres quelques controles divers
+ * \param src_file Source filename
+ * \param dest_file Target filename
+ * \param allowoverwrite Overwrite if exists
+ * \return int >0 if OK, <0 if KO, Name of virus if virus found
*/
-function dol_move_uploaded_file($src_file, $dest_file)
+function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite)
{
global $conf;
$file_name = $dest_file;
+ // If we need to make a virus scan
if ($conf->global->MAIN_USE_AVSCAN)
{
$malware = dol_avscan_file($src_file);
@@ -1544,21 +1546,21 @@ function dol_move_uploaded_file($src_file, $dest_file)
}
// Security:
- // On renomme les fichiers avec extention executable car si on a mis le rep
+ // On renomme les fichiers avec extention script web car si on a mis le rep
// documents dans un rep de la racine web (pas bien), cela permet d'executer
// du code a la demande.
if (eregi('\.htm|\.html|\.php|\.pl|\.cgi$',$file_name))
{
- $file_name.= '.txt';
+ $file_name.= '.noexe';
}
// Security:
- // On interdit les remontées de repertoire ainsi que les pipe dans
+ // On interdit les remontées de repertoire ainsi que les pipes dans
// les noms de fichiers.
if (eregi('\.\.',$src_file) || eregi('[<>|]',$src_file))
{
dolibarr_syslog("Refused to deliver file ".$src_file);
- return false;
+ return -1;
}
// Security:
@@ -1567,12 +1569,31 @@ function dol_move_uploaded_file($src_file, $dest_file)
if (eregi('\.\.',$dest_file) || eregi('[<>|]',$dest_file))
{
dolibarr_syslog("Refused to deliver file ".$dest_file);
- return false;
+ return -1;
}
+ // Check if destination file already exists
+ if (! $allowoverwrite)
+ {
+ if (file_exists($file_name))
+ {
+ dolibarr_syslog("Functions.lib::dol_move_uploaded_file File ".$file_name." already exists", LOG_WARNING);
+ return -2;
+ }
+ }
+
+ // Move file
$return=move_uploaded_file($src_file, $file_name);
-
- return $return;
+ if ($return)
+ {
+ dolibarr_syslog("Functions.lib::dol_move_uploaded_file Success to move ".$src_file." to ".$file_name, LOG_DEBUG);
+ return 1;
+ }
+ else
+ {
+ dolibarr_syslog("Functions.lib::dol_move_uploaded_file Failed to mode ".$src_file." to ".$file_name, LOG_ERR);
+ return -3;
+ }
}
diff --git a/htdocs/lib/ldap.class.php b/htdocs/lib/ldap.class.php
index d91b1786e98..3f8a1151993 100644
--- a/htdocs/lib/ldap.class.php
+++ b/htdocs/lib/ldap.class.php
@@ -277,7 +277,7 @@ class Ldap
{
$this->error='Failed to connect to LDAP';
$return=-1;
- dolibarr_syslog("Ldap::connect_bind return=".$return, LOG_WARN);
+ dolibarr_syslog("Ldap::connect_bind return=".$return, LOG_WARNING);
}
return $return;
}
diff --git a/htdocs/product.class.php b/htdocs/product.class.php
index f9707893129..d9280c9014d 100644
--- a/htdocs/product.class.php
+++ b/htdocs/product.class.php
@@ -2226,7 +2226,7 @@ class Product extends CommonObject
$originImage = $dir . $file['name'];
// Cree fichier en taille origine
- dol_move_uploaded_file($file['tmp_name'], $originImage);
+ dol_move_uploaded_file($file['tmp_name'], $originImage, 1);
if (file_exists($originImage))
{
diff --git a/htdocs/product/document.php b/htdocs/product/document.php
index 39a6ab9307f..af1311f8dee 100755
--- a/htdocs/product/document.php
+++ b/htdocs/product/document.php
@@ -86,7 +86,7 @@ if ($_POST["sendit"] && $conf->upload)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0) > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
diff --git a/htdocs/product/photos.php b/htdocs/product/photos.php
index d5b9fcf8869..037126702c7 100644
--- a/htdocs/product/photos.php
+++ b/htdocs/product/photos.php
@@ -53,7 +53,7 @@ if ($_FILES['userfile']['size'] > 0 && $_POST["sendit"] && $conf->upload != 0)
$product = new Product($db);
$result = $product->fetch($_GET["id"]);
- // if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ // if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],1) > 0)
// var_dump($_FILES);
diff --git a/htdocs/societe/docsoc.php b/htdocs/societe/docsoc.php
index 7e42d827cea..6fa8c026bf9 100644
--- a/htdocs/societe/docsoc.php
+++ b/htdocs/societe/docsoc.php
@@ -19,14 +19,15 @@
*/
/**
- \file htdocs/societe/docsoc.php
- \brief Tab for documents linked to third party
- \ingroup societe
- \version $Id$
+ * \file htdocs/societe/docsoc.php
+ * \brief Tab for documents linked to third party
+ * \ingroup societe
+ * \version $Id$
*/
require("./pre.inc.php");
require_once(DOL_DOCUMENT_ROOT."/lib/company.lib.php");
+require_once(DOL_DOCUMENT_ROOT."/lib/files.lib.php");
require_once(DOL_DOCUMENT_ROOT."/html.formfile.class.php");
$langs->load("companies");
@@ -34,15 +35,33 @@ $langs->load('other');
$mesg = "";
+// Security check
+$socid = isset($_GET["socid"])?$_GET["socid"]:(! empty($_GET["id"])?$_GET["id"]:'');
+if ($user->societe_id > 0)
+{
+ unset($_GET["action"]);
+ $action='';
+ $socid = $user->societe_id;
+}
+$result = restrictedArea($user, 'societe', $socid);
+
+// Get parameters
+$page=$_GET["page"];
+$sortorder=$_GET["sortorder"];
+$sortfield=$_GET["sortfield"];
+
+if (! $sortorder) $sortorder="ASC";
+if (! $sortfield) $sortfield="name";
+if ($page == -1) { $page = 0 ; }
+$offset = $conf->liste_limit * $page ;
+$pageprev = $page - 1;
+$pagenext = $page + 1;
+
$sortorder=$_GET["sortorder"];
$sortfield=$_GET["sortfield"];
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="name";
-// Security check
-$socid = isset($_GET["socid"])?$_GET["socid"]:'';
-if ($user->societe_id) $socid=$user->societe_id;
-$result = restrictedArea($user, 'societe', $socid);
/*
* Actions
@@ -57,21 +76,21 @@ if ( $_POST["sendit"] && $conf->upload != 0)
if (is_dir($upload_dir))
{
- $result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']);
- if ($result == 1)
+ $result = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],0);
+ if ($result > 0)
{
$mesg = ''.$langs->trans("FileTransferComplete").'
';
//print_r($_FILES);
}
- else if (!$result)
+ else if ($result < 0)
{
- // Echec transfert (fichier d�passant la limite ?)
+ // Echec transfert (fichier depassant la limite ?)
$mesg = ''.$langs->trans("ErrorFileNotUploaded").'
';
// print_r($_FILES);
}
else
{
- // Fichier infect� par un virus
+ // Fichier infecte par un virus
$mesg = ''.$langs->trans("ErrorFileIsInfectedWith",$result).'
';
}
}
@@ -106,44 +125,16 @@ if ($socid > 0)
dolibarr_fiche_head($head, 'document', $langs->trans("ThirdParty"));
- /*
- * Confirmation de la suppression d'une ligne produit
- */
- if ($_GET['action'] == 'delete_file')
- {
- $html->form_confirm($_SERVER["PHP_SELF"].'?socid='.$socid.'&urlfile='.urldecode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile');
- print '
';
- }
-
- // Construit liste des fichiers
- clearstatcache();
- $totalsize=0;
- $filearray=array();
- $errorlevel=error_reporting();
- error_reporting(0);
- $handle=opendir($upload_dir);
- error_reporting($errorlevel);
- if ($handle)
- {
- $i=0;
- while (($file = readdir($handle))!==false)
- {
- if (!is_dir($dir.$file) && substr($file, 0, 1) <> '.' && substr($file, 0, 3) <> 'CVS')
- {
- $filearray[$i]->name=$file;
- $filearray[$i]->size=filesize($upload_dir."/".$file);
- $filearray[$i]->date=filemtime($upload_dir."/".$file);
- $totalsize+=$filearray[$i]->size;
- $i++;
- }
- }
- closedir($handle);
- }
- else
- {
- // print ''.$langs->trans("ErrorCanNotReadDir",$upload_dir).'
';
- }
+ // Construit liste des fichiers
+ $filearray=dol_dir_list($upload_dir,"files",0,'','\.meta$',$sortfield,(strtolower($sortorder)=='desc'?SORT_ASC:SORT_DESC),1);
+ $totalsize=0;
+ foreach($filearray as $key => $file)
+ {
+ $totalsize+=$file['size'];
+ }
+
+
print '';
// Ref
@@ -164,75 +155,24 @@ if ($socid > 0)
if ($mesg) { print "$mesg
"; }
+ /*
+ * Confirmation de la suppression d'une ligne produit
+ */
+ if ($_GET['action'] == 'delete')
+ {
+ $html->form_confirm($_SERVER["PHP_SELF"].'?socid='.$_GET["id"].'&urlfile='.urldecode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile');
+ print '
';
+ }
+
+
// Affiche formulaire upload
$formfile=new FormFile($db);
$formfile->form_attach_new_file(DOL_URL_ROOT.'/societe/docsoc.php?socid='.$socid);
- // Affiche liste des documents existant
- print_titre($langs->trans("AttachedFiles"));
- /**
- * TODO Mettre cette section dans une zone AJAX
- */
- $prefix=$socid.'/';
- $modulepart='societe';
- $url=$_SERVER["PHP_SELF"];
- print '';
- print '';
- $param='&socid='.$socid;
- print_liste_field_titre($langs->trans("Document"),$_SERVER["PHP_SELF"],"name","",$param,'align="left"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("Size"),$_SERVER["PHP_SELF"],"size","",$param,'align="right"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"],"date","",$param,'align="center"',$sortfield,$sortorder);
- print '| | ';
- print '
';
-
- function compare_file($a, $b)
- {
- global $sortorder;
- global $sortfield;
-
- $sortorder=strtoupper($sortorder);
-
- if ($sortorder == 'ASC') { $retup=-1; $retdown=1; }
- else { $retup=1; $retdown=-1; }
-
- if ($sortfield == 'name')
- {
- if ($a->name == $b->name) return 0;
- return ($a->name < $b->name) ? $retup : $retdown;
- }
- if ($sortfield == 'date')
- {
- if ($a->date == $b->date) return 0;
- return ($a->date < $b->date) ? $retup : $retdown;
- }
- if ($sortfield == 'size')
- {
- if ($a->size == $b->size) return 0;
- return ($a->size < $b->size) ? $retup : $retdown;
- }
- }
-
- usort($filearray,"compare_file");
-
- $var=true;
- foreach($filearray as $key => $file)
- {
- if (!is_dir($dir.$file->name) && substr($file->name, 0, 1) <> '.' && substr($file->name, 0, 3) <> 'CVS')
- {
- $var=!$var;
- print "| ";
- echo ''.$file->name.'';
- print " | \n";
- print ''.$file->size.' '.$langs->trans("bytes").' | ';
- print ''.dolibarr_print_date($file->date,"dayhour").' | ';
- print '';
- echo ''.img_delete().'';
- print " |
\n";
- }
- }
- print "
";
- // Fin de zone Ajax
+ // List of document
+ $param='&socid='.$societe->id;
+ $formfile->list_of_documents($filearray,$societe,'societe',$param);
print "
";
diff --git a/htdocs/telephonie/facturation/index.php b/htdocs/telephonie/facturation/index.php
index a74a07e4092..81e0ca775b6 100644
--- a/htdocs/telephonie/facturation/index.php
+++ b/htdocs/telephonie/facturation/index.php
@@ -35,7 +35,7 @@ if ( $_POST["sendit"] && $conf->upload != 0)
if (is_dir($upload_dir))
{
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],1) > 0)
{
$mesg = "Le fichier est valide, et a été téléchargé avec succès.\n";
}
diff --git a/htdocs/telephonie/ligne/commande/retour/index.php b/htdocs/telephonie/ligne/commande/retour/index.php
index 5381783f801..f53b4f342dd 100644
--- a/htdocs/telephonie/ligne/commande/retour/index.php
+++ b/htdocs/telephonie/ligne/commande/retour/index.php
@@ -42,7 +42,7 @@ if ( $_POST["sendit"] && $conf->upload != 0)
$nextname = $upload_dir .'/backup';
- if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name']))
+ if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],1) > 0)
{
$mesg = "Le fichier est valide, et a été téléchargé avec succès.\n";
}
diff --git a/htdocs/user/fiche.php b/htdocs/user/fiche.php
index bbd16b3fb82..1dd237ed23c 100644
--- a/htdocs/user/fiche.php
+++ b/htdocs/user/fiche.php
@@ -276,7 +276,7 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield)
if (is_dir($conf->users->dir_output))
{
$newfile=$conf->users->dir_output . "/" . $edituser->id . ".jpg";
- if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile))
+ if (! dol_move_uploaded_file($_FILES['photo']['tmp_name'],$newfile,1) > 0)
{
$message .= ''.$langs->trans("ErrorFailedToSaveFile").'
';
}