Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-10 18:02:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/develop' into zapieruser

Browse Source
This commit is contained in:
Frédéric FRANCE
2020-10-31 16:10:16 +01:00
parent 8bf2b1797c fce9fea099
commit be4a4cb54b
1184 changed files with 82007 additions and 81393 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
htdocs/api/class/api_documents.class.php
View File

@@ -409,7 +409,7 @@ class Documents extends DolibarrApi
$upload_dir = $conf->fournisseur->dir_output."/facture/".get_exdir($object->id, 2, 0, 0, $object, 'invoice_supplier').dol_sanitizeFileName($object->ref);
}
elseif ($modulepart == 'produit' || $modulepart == 'product')
elseif ($modulepart == 'produit' || $modulepart == 'product')
{
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
@@ -419,9 +419,9 @@ class Documents extends DolibarrApi
$object = new Product($this->db);
$result = $object->fetch($id, $ref);
if ($result==0) {
if ($result == 0) {
throw new RestException(404, 'Product not found');
} elseif ($result<0) {
} elseif ($result < 0) {
throw new RestException(500, 'Error while fetching object: '.$object->error);
}
@@ -531,7 +531,7 @@ class Documents extends DolibarrApi
* @param string $filecontent File content (string with file content. An empty file will be created if this parameter is not provided)
* @param string $fileencoding File encoding (''=no encoding, 'base64'=Base 64)
* @param int $overwriteifexists Overwrite file if exists (1 by default)
* @return string
* @return string
*
* @throws RestException 400
* @throws RestException 401
@@ -645,7 +645,7 @@ class Documents extends DolibarrApi
if ($result == 0)
{
throw new RestException(404, "Object with ref '".$ref."' was not found.");
}
}
elseif ($result < 0)
{
throw new RestException(500, 'Error while fetching object: '.$object->error);
@@ -692,7 +692,7 @@ class Documents extends DolibarrApi
if (dol_mkdir($upload_dir) < 0) // needed by products
{
throw new RestException(500, 'Error while trying to create directory.');
throw new RestException(500, 'Error while trying to create directory.');
}
$destfile = $upload_dir.'/'.$original_file;
@@ -741,63 +741,63 @@ class Documents extends DolibarrApi
*/
public function delete($modulepart, $original_file)
{
global $conf, $langs;
global $conf, $langs;
if (empty($modulepart)) {
throw new RestException(400, 'bad value for parameter modulepart');
}
if (empty($original_file)) {
throw new RestException(400, 'bad value for parameter original_file');
}
if (empty($modulepart)) {
throw new RestException(400, 'bad value for parameter modulepart');
}
if (empty($original_file)) {
throw new RestException(400, 'bad value for parameter original_file');
}
//--- Finds and returns the document
$entity = $conf->entity;
//--- Finds and returns the document
$entity = $conf->entity;
// Special cases that need to use get_exdir to get real dir of object
// If future, all object should use this to define path of documents.
/*
// Special cases that need to use get_exdir to get real dir of object
// If future, all object should use this to define path of documents.
/*
$tmpreldir = '';
if ($modulepart == 'supplier_invoice') {
$tmpreldir = get_exdir($object->id, 2, 0, 0, $object, 'invoice_supplier');
}
$relativefile = $tmpreldir.dol_sanitizeFileName($object->ref); */
$relativefile = $original_file;
$relativefile = $original_file;
$check_access = dol_check_secure_access_document($modulepart, $relativefile, $entity, DolibarrApiAccess::$user, '', 'read');
$accessallowed = $check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
$original_file = $check_access['original_file'];
$check_access = dol_check_secure_access_document($modulepart, $relativefile, $entity, DolibarrApiAccess::$user, '', 'read');
$accessallowed = $check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
$original_file = $check_access['original_file'];
if (preg_match('/\.\./', $original_file) || preg_match('/[<>|]/', $original_file)) {
throw new RestException(401);
}
if (!$accessallowed) {
throw new RestException(401);
}
if (preg_match('/\.\./', $original_file) || preg_match('/[<>|]/', $original_file)) {
throw new RestException(401);
}
if (!$accessallowed) {
throw new RestException(401);
}
$filename = basename($original_file);
$original_file_osencoded = dol_osencode($original_file); // New file name encoded in OS encoding charset
$filename = basename($original_file);
$original_file_osencoded = dol_osencode($original_file); // New file name encoded in OS encoding charset
if (!file_exists($original_file_osencoded))
{
dol_syslog("Try to download not found file ".$original_file_osencoded, LOG_WARNING);
throw new RestException(404, 'File not found');
}
if (!file_exists($original_file_osencoded))
{
dol_syslog("Try to download not found file ".$original_file_osencoded, LOG_WARNING);
throw new RestException(404, 'File not found');
}
if (@unlink($original_file_osencoded)) {
return array(
'success' => array(
'code' => 200,
'message' => 'Document deleted'
)
);
}
if (@unlink($original_file_osencoded)) {
return array(
'success' => array(
'code' => 200,
'message' => 'Document deleted'
)
);
}
throw new RestException(401);
throw new RestException(401);
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName
// phpcs:disable PEAR.NamingConventions.ValidFunctionName
/**
* Validate fields before create or update object
*
@@ -805,9 +805,9 @@ class Documents extends DolibarrApi
* @return array
* @throws RestException
*/
private function _validate_file($data)
{
// phpcs:enable
private function _validate_file($data)
{
// phpcs:enable
$result = array();
foreach (Documents::$DOCUMENT_FIELDS as $field) {
if (!isset($data[$field]))