Home Explore Help
Sign In
iProspective
/
dolibarr
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

FIX #hunterb812ea22-0c02-46fe-b89f-04519dfb1ebd

Laurent Destailleur 3 years ago
parent
c63e2c2981
commit
209ab708d4
4 changed files with 115 additions and 15 deletions
Split View Show Diff Stats
  1. 4 4
      htdocs/core/class/html.form.class.php
  2. 12 6
      htdocs/core/lib/files.lib.php
  3. 96 2
      htdocs/install/upgrade2.php
  4. 3 3
      htdocs/user/card.php

+ 4 - 4
htdocs/core/class/html.form.class.php
View File 

@@ -9095,13 +9095,13 @@ class Form
 
 			if (!empty($object->photo)) {
 
 				if (dolIsAllowedForPreview($object->photo)) {
 
 					if ((string) $imagesize == 'mini') {
 
-						$file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini');
 
+						$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.getImageFileNameForSize($object->photo, '_mini');
 
 					} elseif ((string) $imagesize == 'small') {
 
-						$file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small');
 
+						$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.getImageFileNameForSize($object->photo, '_small');
 
 					} else {
 
-						$file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
 
+						$file = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->photo;
 
 					}
 
-					$originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo;
 
+					$originalfile = get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->photo;
 
 				}
 
 			}
 
 			if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) {

+ 12 - 6
htdocs/core/lib/files.lib.php
View File 

@@ -2348,15 +2348,15 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 
 		$accessallowed = ($user->admin && basename($original_file) == $original_file && preg_match('/^dolibarr.*\.log$/', basename($original_file)));
 
 		$original_file = $dolibarr_main_data_root.'/'.$original_file;
 
 	} elseif ($modulepart == 'doctemplates' && !empty($dolibarr_main_data_root)) {
 
-		// Wrapping for *.log files, like when used with url http://.../document.php?modulepart=logs&file=dolibarr.log
 
+		// Wrapping for doctemplates
 
 		$accessallowed = $user->admin;
 
 		$original_file = $dolibarr_main_data_root.'/doctemplates/'.$original_file;
 
 	} elseif ($modulepart == 'doctemplateswebsite' && !empty($dolibarr_main_data_root)) {
 
-		// Wrapping for *.zip files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
 
+		// Wrapping for doctemplates of websites
 
 		$accessallowed = ($fuser->rights->website->write && preg_match('/\.jpg$/i', basename($original_file)));
 
 		$original_file = $dolibarr_main_data_root.'/doctemplates/websites/'.$original_file;
 
 	} elseif ($modulepart == 'packages' && !empty($dolibarr_main_data_root)) {
 
-		// Wrapping for *.zip files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
 
+		// Wrapping for *.zip package files, like when used with url http://.../document.php?modulepart=packages&file=module_myfile.zip
 
 		// Dir for custom dirs
 
 		$tmp = explode(',', $dolibarr_main_document_root_alt);
 
 		$dirins = $tmp[0];
 
@@ -2369,11 +2369,17 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 
 		$original_file = $conf->mycompany->dir_output.'/'.$original_file;
 
 	} elseif ($modulepart == 'userphoto' && !empty($conf->user->dir_output)) {
 
 		// Wrapping for users photos
 
-		$accessallowed = 1;
 
+		$accessallowed = 0;
 
+		if (preg_match('/^\d+\/photos\//', $original_file)) {
 
+			$accessallowed = 1;
 
+		}
 
 		$original_file = $conf->user->dir_output.'/'.$original_file;
 
 	} elseif ($modulepart == 'memberphoto' && !empty($conf->adherent->dir_output)) {
 
 		// Wrapping for members photos
 
-		$accessallowed = 1;
 
+		$accessallowed = 0;
 
+		if (preg_match('/^\d+\/photos\//', $original_file)) {
 
+			$accessallowed = 1;
 
+		}
 
 		$original_file = $conf->adherent->dir_output.'/'.$original_file;
 
 	} elseif ($modulepart == 'apercufacture' && !empty($conf->facture->multidir_output[$entity])) {
 
 		// Wrapping pour les apercu factures
 
@@ -2448,7 +2454,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
 
 		}
 
 		$original_file = $conf->expensereport->dir_output.'/'.$original_file;
 
 	} elseif (($modulepart == 'apercuexpensereport') && !empty($conf->expensereport->dir_output)) {
 
-		// Wrapping pour les apercu supplier invoice
 
+		// Wrapping pour les apercu expense report
 
 		if ($fuser->rights->expensereport->{$lire}) {
 
 			$accessallowed = 1;
 
 		}

+ 96 - 2
htdocs/install/upgrade2.php
View File 

@@ -456,6 +456,13 @@ if (!GETPOST('action', 'aZ09') || preg_match('/upgrade/i', GETPOST('action', 'aZ
 
 			migrate_export_import_profiles('export');
 
 			migrate_export_import_profiles('import');
 
 		}
 
+
 
+		// Scripts for 16.0
 
+		$afterversionarray = explode('.', '15.0.9');
 
+		$beforeversionarray = explode('.', '16.0.9');
 
+		if (versioncompare($versiontoarray, $afterversionarray) >= 0 && versioncompare($versiontoarray, $beforeversionarray) <= 0) {
 
+			migrate_user_photospath2();
 
+		}
 
 	}
 
 
 
@@ -4505,8 +4512,7 @@ function migrate_user_photospath()
 
 									}
 
 									// dol_delete_dir($origin.'/'.$file);
 
 								}
 
-							} else // it is a file
 
-							{
 
+							} else { // it is a file
 
 								if (!dol_is_file($destin.'/'.$file)) {
 
 									//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
 
 									print '.';
 
@@ -4524,6 +4530,94 @@ function migrate_user_photospath()
 
 	print '</td></tr>';
 
 }
 
 
+/**
 
+ * Migrate file from old path users/99/file.jpg into users/99/photos/file.jpg
 
+ *
 
+ * @return	void
 
+ */
 
+function migrate_user_photospath2()
 
+{
 
+	global $conf, $db, $langs, $user;
 
+
 
+	print '<tr><td colspan="4">';
 
+
 
+	print '<b>'.$langs->trans('MigrationUserPhotoPath')."</b><br>\n";
 
+
 
+	include_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
 
+	$fuser = new User($db);
 
+
 
+	if (!is_object($user)) {
 
+		$user = $fuser; // To avoid error during migration
 
+	}
 
+
 
+	$sql = "SELECT rowid as uid from ".MAIN_DB_PREFIX."user"; // Get list of all users
 
+	$resql = $db->query($sql);
 
+	if ($resql) {
 
+		while ($obj = $db->fetch_object($resql)) {
 
+			$fuser->fetch($obj->uid);
 
+			//echo '<hr>'.$fuser->id.' -> '.$fuser->entity;
 
+			$entity = (empty($fuser->entity) ? 1 : $fuser->entity);
 
+			if ($entity > 1) {
 
+				$dir = DOL_DATA_ROOT.'/'.$entity.'/users';
 
+			} else {
 
+				$dir = $conf->user->multidir_output[$entity]; // $conf->user->multidir_output[] for each entity is construct by the multicompany module
 
+			}
 
+
 
+			if ($dir) {
 
+				//print "Process user id ".$fuser->id."<br>\n";
 
+				$origin = $dir.'/'.$fuser->id;
 
+				$destin = $dir.'/'.$fuser->id.'/photos';
 
+
 
+				$origin_osencoded = dol_osencode($origin);
 
+
 
+				dol_mkdir($destin);
 
+
 
+				//echo '<hr>'.$origin.' -> '.$destin;
 
+				if (dol_is_dir($origin)) {
 
+					$handle = opendir($origin_osencoded);
 
+					if (is_resource($handle)) {
 
+						while (($file = readdir($handle)) !== false) {
 
+							if ($file == '.' || $file == '..' || $file == 'photos') {
 
+								continue;
 
+							}
 
+							if (!empty($fuser->photo) && ($file != $fuser->photo && $file != 'thumbs')) {
 
+								continue;
 
+							}
 
+
 
+							if (dol_is_dir($origin.'/'.$file)) {	// it is a dir (like 'thumbs')
 
+								$thumbs = opendir($origin_osencoded.'/'.$file);
 
+								if (is_resource($thumbs)) {
 
+									dol_mkdir($destin.'/'.$file);
 
+									while (($thumb = readdir($thumbs)) !== false) {
 
+										if (!dol_is_file($destin.'/'.$file.'/'.$thumb)) {
 
+											if ($thumb == '.' || $thumb == '..') {
 
+												continue;
 
+											}
 
+
 
+											//print $origin.'/'.$file.'/'.$thumb.' -> '.$destin.'/'.$file.'/'.$thumb.'<br>'."\n";
 
+											print '.';
 
+											dol_copy($origin.'/'.$file.'/'.$thumb, $destin.'/'.$file.'/'.$thumb, 0, 0);
 
+										}
 
+									}
 
+									// dol_delete_dir($origin.'/'.$file);
 
+								}
 
+							} else { // it is a file
 
+								if (!dol_is_file($destin.'/'.$file)) {
 
+									//print $origin.'/'.$file.' -> '.$destin.'/'.$file.'<br>'."\n";
 
+									print '.';
 
+									dol_copy($origin.'/'.$file, $destin.'/'.$file, 0, 0);
 
+								}
 
+							}
 
+						}
 
+					}
 
+				}
 
+			}
 
+		}
 
+	}
 
+
 
+	print '</td></tr>';
 
+}
 
+
 
 
 /* A faire egalement: Modif statut paye et fk_facture des factures payes completement

+ 3 - 3
htdocs/user/card.php
View File 

@@ -543,14 +543,14 @@ if (empty($reshook)) {
 
 
 				if (!$error && !count($object->errors)) {
 
 					if (GETPOST('deletephoto') && $object->oldcopy->photo) {
 
-						$fileimg = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').$object->oldcopy->photo;
 
-						$dirthumbs = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'/thumbs';
 
+						$fileimg = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'photos/'.$object->oldcopy->photo;
 
+						$dirthumbs = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 0, $object, 'user').'photos/thumbs';
 
 						dol_delete_file($fileimg);
 
 						dol_delete_dir_recursive($dirthumbs);
 
 					}
 
 
 					if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
 
-						$dir = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'user');
 
+						$dir = $conf->user->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'user').'/photos';
 
 
 						dol_mkdir($dir);