* Copyright (C) 2018-2024 Frédéric France * Copyright (C) 2024 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /** * \file htdocs/core/ajax/ajaxdirtree.php * \ingroup ecm * \brief This script returns content of a directory for filetree */ // This script is called with a POST method. // Directory to scan (full path) is inside POST['dir'] and encode by js escape() if ajax is used or encoded by urlencode if mode=noajax if (!defined('NOTOKENRENEWAL')) { define('NOTOKENRENEWAL', 1); // Disables token renewal } if (!defined('NOREQUIREMENU')) { define('NOREQUIREMENU', '1'); } if (!defined('NOREQUIREHTML')) { define('NOREQUIREHTML', '1'); } if (!defined('NOREQUIREAJAX')) { define('NOREQUIREAJAX', '1'); } if (!isset($mode) || $mode != 'noajax') { // For ajax call $res = @include '../../main.inc.php'; include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; include_once DOL_DOCUMENT_ROOT.'/core/lib/treeview.lib.php'; include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php'; include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php'; $openeddir = GETPOST('openeddir'); $modulepart = GETPOST('modulepart'); $selecteddir = jsUnEscape(GETPOST('dir')); // relative path. We must decode using same encoding function used by javascript: escape() $preopened = GETPOST('preopened'); if ($selecteddir != '/') { $selecteddir = preg_replace('/\/$/', '', $selecteddir); // We removed last '/' except if it is '/' } } else { // For no ajax call $openeddir = GETPOST('openeddir'); $modulepart = GETPOST('modulepart'); $selecteddir = GETPOST('dir'); $preopened = GETPOST('preopened'); if ($selecteddir != '/') { $selecteddir = preg_replace('/\/$/', '', $selecteddir); // We removed last '/' except if it is '/' } if (empty($url)) { $url = DOL_URL_ROOT.'/ecm/index.php'; } } $websitekey = GETPOST('websitekey', 'alpha'); $pageid = GETPOSTINT('pageid'); // Load translation files required by the page $langs->load("ecm"); // Define fullpathselecteddir. $fullpathselecteddir = ''; if ($modulepart == 'ecm') { $fullpathselecteddir = $conf->ecm->dir_output.'/'.($selecteddir != '/' ? $selecteddir : ''); $fullpathpreopened = $conf->ecm->dir_output.'/'.($preopened != '/' ? $preopened : ''); } elseif ($modulepart == 'medias' || $modulepart == 'website') { $fullpathselecteddir = $dolibarr_main_data_root.'/medias/'.($selecteddir != '/' ? $selecteddir : ''); $fullpathpreopened = $dolibarr_main_data_root.'/medias/'.($preopened != '/' ? $preopened : ''); } // Security: // On interdit les remontees de repertoire ainsi que les pipe dans les noms de fichiers. if (preg_match('/\.\./', $fullpathselecteddir) || preg_match('/[<>|]/', $fullpathselecteddir)) { dol_syslog("Refused to deliver file ".$original_file); // Do no show plain path in shown error message dol_print_error(null, $langs->trans("ErrorFileNameInvalid", GETPOST("file"))); exit; } if (empty($modulepart)) { $modulepart = $module; } // Security check if ($modulepart == 'ecm') { if (!$user->hasRight('ecm', 'read')) { accessforbidden(); } } elseif ($modulepart == 'medias' || $modulepart == 'website') { // Always allowed } else { accessforbidden(); } /* * Actions */ // None /* * View */ if (!isset($mode) || $mode != 'noajax') { // if ajax mode top_httphead(); } //print ''."\n"; $userstatic = new User($db); $form = new Form($db); $ecmdirstatic = new EcmDirectory($db); // Load full manual tree of ECM module from database. We will use it to define nbofsubdir and nboffilesinsubdir if (empty($sqltree)) { $sqltree = $ecmdirstatic->get_full_arbo(0); } // Try to find selected dir id into $sqltree and save it into $current_ecmdir_id $current_ecmdir_id = -1; foreach ($sqltree as $keycursor => $val) { //print $val['fullrelativename']." == ".$selecteddir; if ($val['fullrelativename'] == $selecteddir) { $current_ecmdir_id = $keycursor; } } if (!empty($conf->use_javascript_ajax) && !getDolGlobalString('MAIN_ECM_DISABLE_JS')) { treeOutputForAbsoluteDir($sqltree, $selecteddir, $fullpathselecteddir, $modulepart, $websitekey, $pageid, $preopened, $fullpathpreopened); // TODO Find a solution to not output this code for each leaf we open // Enable jquery handlers on new generated HTML objects (same code than into lib_footer.js.php) // Because the content is reloaded by ajax call, we must also reenable some jquery hooks print "\n\n"; print ''; // This ajax service is called only when a directory $selecteddir is opened but not when closed. //print ''; } if (empty($conf->use_javascript_ajax) || getDolGlobalString('MAIN_ECM_DISABLE_JS')) { print '
    '; // Load full manual tree from database. We will use it to define nbofsubdir and nboffilesinsubdir if (empty($sqltree)) { $sqltree = $ecmdirstatic->get_full_arbo(0); // Slow } // ----- This section will show a tree from a fulltree array ----- // $section must also be defined // ---------------------------------------------------------------- // Define fullpathselected ( _x_y_z ) of $section parameter (!! not into ajaxdirtree) $fullpathselected = ''; foreach ($sqltree as $key => $val) { //print $val['id']."-".$section."
    "; if ($val['id'] == $section) { $fullpathselected = $val['fullpath']; break; } } //print "fullpathselected=".$fullpathselected."
    "; // Update expandedsectionarray in session $expandedsectionarray = array(); if (isset($_SESSION['dol_ecmexpandedsectionarray'])) { $expandedsectionarray = explode(',', $_SESSION['dol_ecmexpandedsectionarray']); } if ($section && GETPOST('sectionexpand') == 'true') { // We add all sections that are parent of opened section $pathtosection = explode('_', $fullpathselected); foreach ($pathtosection as $idcursor) { if ($idcursor && !in_array($idcursor, $expandedsectionarray)) { // Not already in array $expandedsectionarray[] = $idcursor; } } $_SESSION['dol_ecmexpandedsectionarray'] = implode(',', $expandedsectionarray); } if ($section && GETPOST('sectionexpand') == 'false') { // We removed all expanded sections that are child of the closed section $oldexpandedsectionarray = $expandedsectionarray; $expandedsectionarray = array(); // Reset // @phan-suppress-next-line PhanEmptyForeachBody foreach ($oldexpandedsectionarray as $sectioncursor) { // TODO is_in_subtree(fulltree,sectionparent,sectionchild) does nox exists. Enable or remove this... //if ($sectioncursor && ! is_in_subtree($sqltree,$section,$sectioncursor)) $expandedsectionarray[]=$sectioncursor; } $_SESSION['dol_ecmexpandedsectionarray'] = implode(',', $expandedsectionarray); } //print $_SESSION['dol_ecmexpandedsectionarray'].'
    '; $nbofentries = 0; $oldvallevel = 0; foreach ($sqltree as $key => $val) { $ecmdirstatic->id = $val['id']; $ecmdirstatic->ref = $val['label']; // Refresh cache if (preg_match('/refresh/i', $action)) { $result = $ecmdirstatic->fetch($val['id']); $ecmdirstatic->ref = $ecmdirstatic->label; $result = $ecmdirstatic->refreshcachenboffile(0); $val['cachenbofdoc'] = $result; } //$fullpathparent=preg_replace('/(_[^_]+)$/i','',$val['fullpath']); // Define showline $showline = 0; // If directory is son of expanded directory, we show line if (in_array($val['id_mere'], $expandedsectionarray)) { $showline = 4; } elseif ($val['id'] != $section && $val['id_mere'] == $ecmdirstatic->motherof[$section]) { // If directory is brother of selected directory, we show line $showline = 3; } elseif (preg_match('/'.$val['fullpath'].'_/i', $fullpathselected.'_')) { // If directory is parent of selected directory or is selected directory, we show line $showline = 2; } elseif ($val['level'] < 2) { // If we are level one we show line $showline = 1; } if ($showline) { if (in_array($val['id'], $expandedsectionarray)) { $option = 'indexexpanded'; } else { $option = 'indexnotexpanded'; } //print $option; print '\n"; } $oldvallevel = $val['level']; $nbofentries++; } // If nothing to show if ($nbofentries == 0) { print '\n"; } print '
'; } // Close db if mode is not noajax if ((!isset($mode) || $mode != 'noajax') && is_object($db)) { $db->close(); } /** * treeOutputForAbsoluteDir * * @param array $sqltree Sqltree * @param string $selecteddir Selected dir * @param string $fullpathselecteddir Full path of selected dir * @param string $modulepart Modulepart * @param string $websitekey Website key * @param int $pageid Page id * @param string $preopened Current open dir * @param string $fullpathpreopened Full path of current open dir * @param int $depth Depth * @return void */ function treeOutputForAbsoluteDir($sqltree, $selecteddir, $fullpathselecteddir, $modulepart, $websitekey, $pageid, $preopened, $fullpathpreopened, $depth = 0) { global $conf, $db, $langs, $form; global $dolibarr_main_data_root; $ecmdirstatic = new EcmDirectory($db); $userstatic = new User($db); if (file_exists($fullpathselecteddir)) { $files = @scandir($fullpathselecteddir); if (!empty($files)) { natcasesort($files); if (count($files) > 2) { /* The 2 accounts for . and .. */ echo '\n"; } } else { print "PermissionDenied"; } } }