From 1b9adb3bbe305de47a08cf6357290ae14bcb87fb Mon Sep 17 00:00:00 2001
From: Armand Bahi <armand.bahi@veremes.com>
Date: Thu, 24 Jan 2019 12:43:13 +0100
Subject: [PATCH] Suppression automatique des fichiers

---
 .../web_service/ws/Querys.class.inc           | 10 +--
 .../class/vmlib/files/Files_manager.class.inc | 82 ++++++++++++++++++-
 2 files changed, 86 insertions(+), 6 deletions(-)

diff --git a/src/module_vmap/web_service/ws/Querys.class.inc b/src/module_vmap/web_service/ws/Querys.class.inc
index f58e0702..0d70ff76 100644
--- a/src/module_vmap/web_service/ws/Querys.class.inc
+++ b/src/module_vmap/web_service/ws/Querys.class.inc
@@ -1439,14 +1439,14 @@ class Querys extends Vmap {
 
         $this->aValues['my_vitis_id'] = $this->aValues[$bo_id_field];
 
-        error_log('$_FILES: '. print_r($_FILES, true));
-        error_log('$this->aValues: '. print_r($this->aValues, true));
-
         // Fichiers à uploader ?
         if (!empty($_FILES) && !empty($this->aValues['my_vitis_id'])) {
-
-            // Écriture du fichier
             foreach ($_FILES as $sName => $aFile) {
+
+                // Nettoyage de l'espace ws_data
+                $this->oFilesManager->emptyWsDataDir('vitis', $sBusinessObjectId, $this->aValues['my_vitis_id'], $sName, 'documents');
+
+                // Écriture du fichier
                 $aUploadReturn = $this->oFilesManager->uploadInWsDataDir('vitis', $sBusinessObjectId, $this->aValues['my_vitis_id'], $sName, 'documents');
                 $this->aValues[$sName] = $aUploadReturn['field_value'];
             }
diff --git a/src/vitis/vas/rest/class/vmlib/files/Files_manager.class.inc b/src/vitis/vas/rest/class/vmlib/files/Files_manager.class.inc
index b6e43695..2ff3e6f3 100644
--- a/src/vitis/vas/rest/class/vmlib/files/Files_manager.class.inc
+++ b/src/vitis/vas/rest/class/vmlib/files/Files_manager.class.inc
@@ -40,6 +40,7 @@ class Files_manager{
                 break;
         }
     }
+
     /**
      *This method allow to upload a file on a server.
      *@file vmlib/phpUtil.inc
@@ -234,7 +235,7 @@ class Files_manager{
      */
     public function uploadInWsDataDir($sModule, $sObject, $mId, $sField, $sContainer = "", $iMaxSize = -1, $sFileTypeCtrl = "all", $aFileStruct = null){
 
-        // on controle les attributs pour éviter les mauvais placements
+        // controle les attributs pour éviter les mauvais placements
         if (strpos($sModule, '/') > -1){
             writeToErrorLog("Module can't contain path : " . $sModule);
             return "Module can't contain path : "  . $sModule;
@@ -319,6 +320,7 @@ class Files_manager{
             'file_path' => $sDestPath
         );
     }
+
     /**
      *This method upload a file in Public.
      *@file vmlib/phpUtil.inc
@@ -370,6 +372,7 @@ class Files_manager{
       // Upload du fichier
       return $this->uploadFile($sField, $sFileTypeCtrl, $sDestPath, $iMaxSize, $aFileStruct);
     }
+
     /**
      *This method upload a file in Upload.
      *@file vmlib/phpUtil.inc
@@ -421,6 +424,83 @@ class Files_manager{
       // Upload du fichier
       return $this->uploadFile($sField, $sFileTypeCtrl, $sDestPath, $iMaxSize, $aFileStruct);
     }
+
+    /**
+     *This method clean the objects ws_data dir .
+     *@param $sModule Name of the module.
+     *@param $sObject Name of the object.
+     *@param $mId Id of the current object.
+     *@param $sField field name (generally DB column name).
+     *@param $sContainer folder between $sObject and $mId
+     *@return true if the disrectory has benn cleaned
+     */
+    public function emptyWsDataDir($sModule, $sObject, $mId, $sField, $sContainer = ""){
+
+        // controle les attributs pour éviter les mauvais placements
+        if (strpos($sModule, '/') > -1){
+            writeToErrorLog("Module can't contain path : " . $sModule);
+            return "Module can't contain path : "  . $sModule;
+        }
+
+        if (strpos($sObject, "/") > -1){
+            writeToErrorLog("Object can't contain path : " . $sObject);
+            return "Object can't contain path : "  . $sObject;
+        }
+
+        if (strpos($mId, "/") > -1){
+            writeToErrorLog("Id can't contain path : " . $mId);
+            return "Id can't contain path : "  . $mId;
+        }
+
+        if (strpos($sField, "/") > -1){
+            writeToErrorLog("Field can't contain path : " . $sField);
+            return "Field can't contain path : "  . $sField;
+        }
+
+        if (strpos($sContainer, "/") > -1){
+            writeToErrorLog("Container can't contain path : " . $sContainer);
+            return "Container can't contain path : "  . $sContainer;
+        }
+
+        // Génère la Structure fichier
+        if ($aFileStruct == null) {
+            $aFileStruct = $this->extractFileStruct($sField);
+        }
+
+        // Génère la destination
+        $sDestDir = $this->oProperties['ws_data_dir'] . "/" . $sModule . "/" . $sObject;
+
+        if(!empty($sContainer)){
+            $sDestDir .= "/" . $sContainer;
+        }
+        if(!empty($mId)){
+            $sDestDir .= "/" . $mId;
+        }
+        if(!empty($sField)){
+            $sDestDir .= "/" . $sField;
+        }
+        $sDestPath =  $sDestDir . "/" . $aFileStruct["name"];
+
+        // controle la destination pour éviter les mauvais placements
+        if (strpos($sDestPath, "/\.\./") > -1){
+            writeToErrorLog("This function doesn't accept relative reference : " . $sDestPath);
+            return "This function doesn't accept relative reference : " . $sDestPath;
+        }
+
+        // création du fichier si besoin
+        if (is_dir($sDestPath)){
+            $files = glob($sDestPath . '/*'); // get all file names
+            foreach($files as $file){ // iterate files
+                if(is_file($file)){
+                    unlink($file); // delete file
+                }
+            }
+            return true;
+        } else {
+            return false;
+        }
+    }
+
     /**
      *This method return the extension of a file.
      *@file vmlib/phpUtil.inc
-- 
GitLab