* Copyright (C) 2010-2014 Regis Houssin * Copyright (C) 2010-2016 Juanjo Menent * Copyright (C) 2013 Charles-Fr BENKE * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2014 Marcos García * Copyright (C) 2015 Bahfir Abbes * Copyright (C) 2016-2017 Ferran Marcet * Copyright (C) 2019-2023 Frédéric France * Copyright (C) 2024 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /** * \file htdocs/core/class/html.formfile.class.php * \ingroup core * \brief File of class to offer components to list and upload files */ /** * Class to offer components to list and upload files */ class FormFile { private $db; /** * @var string Error code (or message) */ public $error; public $numoffiles; public $infofiles; // Used to return information by function getDocumentsLink /** * Constructor * * @param DoliDB $db Database handler */ public function __construct($db) { $this->db = $db; $this->numoffiles = 0; } // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** * Show form to upload a new file. * * @param string $url Url * @param string $title Title zone (Title or '' or 'none') * @param int $addcancel 1=Add 'Cancel' button * @param int $sectionid If upload must be done inside a particular ECM section (is sectionid defined, sectiondir must not be) * @param int $perm Value of permission to allow upload * @param int $size Length of input file area. Deprecated. * @param Object $object Object to use (when attachment is done on an element) * @param string $options Add an option column * @param integer $useajax Use fileupload ajax (0=never, 1=if enabled, 2=always whatever is option). * Deprecated 2 should never be used and if 1 is used, option should not be enabled. * @param string $savingdocmask Mask to use to define output filename. For example 'XXXXX-__YYYYMMDD__-__file__' * @param integer $linkfiles 1=Also add form to link files, 0=Do not show form to link files * @param string $htmlname Name and id of HTML form ('formuserfile' by default, 'formuserfileecm' when used to upload a file in ECM) * @param string $accept Specifies the types of files accepted (This is not a security check but an user interface facility. eg '.pdf,image/*' or '.png,.jpg' or 'video/*') * @param string $sectiondir If upload must be done inside a particular directory (if sectiondir defined, sectionid must not be) * @param int $usewithoutform 0=Default, 1=Disable
and to use in existing form area, 2=Disable the tag only * @param int $capture 1=Add tag capture="capture" to force use of micro or video recording to generate file. When setting this to 1, you must also provide a value for $accept. * @param int $disablemulti 0=Default, 1=Disable multiple file upload * @param int $nooutput 0=Output result with print, 1=Return result * @return int|string Return integer <0 if KO, >0 if OK, or string if $noouput=1 */ public function form_attach_new_file($url, $title = '', $addcancel = 0, $sectionid = 0, $perm = 1, $size = 50, $object = null, $options = '', $useajax = 1, $savingdocmask = '', $linkfiles = 1, $htmlname = 'formuserfile', $accept = '', $sectiondir = '', $usewithoutform = 0, $capture = 0, $disablemulti = 0, $nooutput = 0) { // phpcs:enable global $conf, $langs, $hookmanager; $hookmanager->initHooks(array('formfile')); // Deprecation warning if ($useajax == 2) { dol_syslog(__METHOD__.": using 2 for useajax is deprecated and should be not used", LOG_WARNING); } if (!empty($conf->browser->layout) && $conf->browser->layout != 'classic') { $useajax = 0; } if ((getDolGlobalString('MAIN_USE_JQUERY_FILEUPLOAD') && $useajax) || ($useajax == 2)) { // TODO: Check this works with 2 forms on same page // TODO: Check this works with GED module, otherwise, force useajax to 0 // TODO: This does not support option savingdocmask // TODO: This break feature to upload links too // TODO: Thisdoes not work when param nooutput=1 //return $this->_formAjaxFileUpload($object); return 'Feature too bugged so removed'; } else { //If there is no permission and the option to hide unauthorized actions is enabled, then nothing is printed if (!$perm && getDolGlobalString('MAIN_BUTTON_HIDE_UNAUTHORIZED')) { if ($nooutput) { return ''; } else { return 1; } } $out = "\n\n".'
'."\n"; if (empty($title)) { $title = $langs->trans("AttachANewFile"); } if ($title != 'none') { $out .= load_fiche_titre($title, null, null); } if (empty($usewithoutform)) { // Try to avoid this and set instead the form by the caller. // Add a param as GET parameter to detect when POST were cleaned by PHP because a file larger than post_max_size $url .= (strpos($url, '?') === false ? '?' : '&').'uploadform=1'; $out .= ''."\n"; } if (empty($usewithoutform) || $usewithoutform == 2) { $out .= ''."\n"; $out .= ''."\n"; $out .= ''."\n"; $out .= ''."\n"; $out .= ''."\n"; $out .= ''."\n"; } $out .= ''; $out .= ''; if (!empty($options)) { $out .= ''; } $out .= '"; if ($savingdocmask) { //add a global variable for disable the auto renaming on upload $rename = (!getDolGlobalString('MAIN_DOC_UPLOAD_NOT_RENAME_BY_DEFAULT') ? 'checked' : ''); $out .= ''; if (!empty($options)) { $out .= ''; } $out .= ''; $out .= ''; } $out .= "
'.$options.''; $maxfilesizearray = getMaxFileSizeArray(); $max = $maxfilesizearray['max']; $maxmin = $maxfilesizearray['maxmin']; $maxphptoshow = $maxfilesizearray['maxphptoshow']; $maxphptoshowparam = $maxfilesizearray['maxphptoshowparam']; if ($maxmin > 0) { $out .= ''; // MAX_FILE_SIZE must precede the field type=file } $out .= 'load('link'); $out .= ''; } $out .= 'trans("Cancel").'">'; } if (getDolGlobalString('MAIN_UPLOAD_DOC')) { if ($perm) { $menudolibarrsetupmax = $langs->transnoentitiesnoconv("Home").' - '.$langs->transnoentitiesnoconv("Setup").' - '.$langs->transnoentitiesnoconv("Security"); $langs->load('other'); $out .= ' '; $out .= info_admin($langs->trans("ThisLimitIsDefinedInSetupAt", $menudolibarrsetupmax, $max, $maxphptoshowparam, $maxphptoshow), 1); } } else { $out .= ' ('.$langs->trans("UploadDisabled").')'; } $out .= "
'.$options.''; $out .= ' '; $out .= ''; $out .= '
"; if (empty($usewithoutform)) { $out .= ''; if (empty($sectionid)) { $out .= '
'; } } $out .= "\n
\n"; if ($linkfiles) { $out .= "\n".'
'."\n"; $langs->load('link'); $title = $langs->trans("LinkANewFile"); $out .= load_fiche_titre($title, null, null); if (empty($usewithoutform)) { $out .= '