diff --git a/vas/rest/class/vmlib/phpUtil.inc b/vas/rest/class/vmlib/phpUtil.inc
index dee4b832527ccda3d2af6ca01b50acc49085d063..a89eab29644fbe6ea2f1b9f7e745137f1988fb51 100755
--- a/vas/rest/class/vmlib/phpUtil.inc
+++ b/vas/rest/class/vmlib/phpUtil.inc
@@ -30,148 +30,319 @@ function stripslashes_deep($aString) {
*@param $sFileType Type of file needed.
*@param $sServerPath New path of the file.
*@param $sMaxSize Maximal size of the file.
- *@return $sErrorMsg The error message.
+ *@param $aFileValues File structure generated by extractFileStruct.
+ *@return $sErrorMsg The error message or the final file path on success.
*/
-function uploadFile($sNomObjet, $sFileType, $sServerPath, $sMaxSize) {
+function uploadFile($sNomObjet, $sFileType, $sServerPath, $sMaxSize, $aFileValues) {
global $properties, $sFolderLib;
loadLang($sFolderLib, $properties["language"], $sFolderLib . "/");
- $aExtensionPicture = array('gif', 'jpg', 'jpeg', 'png');
- $aExtensionPictureAndPdf = array('gif', 'jpg', 'jpeg', 'png', 'pdf');
- $aExtensionFile = array('pdf', 'gif', 'jpg', 'jpeg', 'png', 'txt');
- $aExtensionZip = array('zip', 'gex');
- $aExtensionFmw = array('fmw');
+
+ $aExtension = array(
+ "image" => array('gif', 'jpg', 'jpeg', 'png'),
+ "image-pdf" => array('gif', 'jpg', 'jpeg', 'png', 'pdf'),
+ "document" => array('pdf', 'gif', 'jpg', 'jpeg', 'png', 'txt'),
+ "pdf" => array('pdf'),
+ "zip" => array('zip', 'gex'),
+ "fmw" => array('fmw')
+ );
$aForbiddenExtension = explode('|', str_replace("*.", "", $properties['forbidden_extension']));
- $sTmpFile = $_FILES[$sNomObjet]['tmp_name'];
- // Si l'utilisateur n'a indiqué aucun fichier à uploader, il ne se passe rien
+ $sTmpFile = "";
$sErrorMsg = "";
-
- if ($sTmpFile == '') {
- if ($_FILES[$sNomObjet]['name'] != "") {
- switch ($_FILES[$sNomObjet]['error']) {
- case "1" :
- $sErrorMsg = ERROR_DOWNLOAD_FILE . $_FILES[$sNomObjet]['name'] . " : " . ERROR_UPLOAD_MAX_FILE_SIZE;
- break;
- case "2" :
- $sErrorMsg = ERROR_DOWNLOAD_FILE . $_FILES[$sNomObjet]['name'] . " : " . ERROR_MAX_FILE_SIZE;
- break;
- case "3" :
- $sErrorMsg = ERROR_DOWNLOAD_FILE . $_FILES[$sNomObjet]['name'] . " : " . ERROR_PARTIAL_DOWNLOAD;
- break;
- case "4" :
- $sErrorMsg = ERROR_NO_FILE_DOWNLOADED;
- break;
- case "6" :
- $sErrorMsg = ERROR_DOWNLOAD_FILE . $_FILES[$sNomObjet]['name'] . " : " . ERROR_MISSING_TEMP_FOLDER;
- break;
- case "7" :
- $sErrorMsg = ERROR_DOWNLOAD_FILE . $_FILES[$sNomObjet]['name'] . " : " . ERROR_WRITING_DISK;
- break;
- case "8" :
- $sErrorMsg = ERROR_DOWNLOAD_FILE . $_FILES[$sNomObjet]['name'] . " : " . ERROR_PHP_EXT_SEND;
- break;
+ // si pas de aValues il y a eu une erreur pendant l'upload dans tmp du PUT
+ if (!empty($aFileValues)){
+ $sTmpFile = $aFileValues['tmp_name'];
+
+ // Si l'utilisateur n'a indiqué aucun fichier à uploader, il ne se passe rien
+ if ($sTmpFile == '') {
+ if ($aFileValues['name'] != "") {
+ switch ($aFileValues['error']) {
+ case "1" :
+ $sErrorMsg = ERROR_DOWNLOAD_FILE . $aFileValues['name'] . " : " . ERROR_UPLOAD_MAX_FILE_SIZE;
+ break;
+ case "2" :
+ $sErrorMsg = ERROR_DOWNLOAD_FILE . $aFileValues['name'] . " : " . ERROR_MAX_FILE_SIZE;
+ break;
+ case "3" :
+ $sErrorMsg = ERROR_DOWNLOAD_FILE . $aFileValues['name'] . " : " . ERROR_PARTIAL_DOWNLOAD;
+ break;
+ case "4" :
+ $sErrorMsg = ERROR_NO_FILE_DOWNLOADED;
+ break;
+ case "6" :
+ $sErrorMsg = ERROR_DOWNLOAD_FILE . $aFileValues['name'] . " : " . ERROR_MISSING_TEMP_FOLDER;
+ break;
+ case "7" :
+ $sErrorMsg = ERROR_DOWNLOAD_FILE . $aFileValues['name'] . " : " . ERROR_WRITING_DISK;
+ break;
+ case "8" :
+ $sErrorMsg = ERROR_DOWNLOAD_FILE . $aFileValues['name'] . " : " . ERROR_PHP_EXT_SEND;
+ break;
+ }
+ writeToErrorLog($sErrorMsg);
}
- writeToErrorLog($sErrorMsg);
+ return $sErrorMsg;
}
- return $sErrorMsg;
- }
- $aTemp = explode("\\", $sServerPath);
- if (is_uploaded_file($sTmpFile)) {
- if (!in_array(extension($aTemp[count($aTemp) - 1]), $aForbiddenExtension)) {
+
+ $aTemp = explode("/", $sServerPath);
+
+ $sFileName = end($aTemp);
+ $sFileExtension = extension($sFileName);
+
+ if (!in_array($sFileExtension, $aForbiddenExtension)) {
//Teste si le fichier correspont au format voulu.
$bAllowUpload = false;
$sFormat = "";
- switch ($sFileType) {
- case "image" :
- if (in_array(extension($aTemp[count($aTemp) - 1]), $aExtensionPicture)) {
- $bAllowUpload = true;
- } else {
- foreach ($aExtensionPicture as $sValue) {
- $sFormat .= " " . $sValue;
- }
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
- }
- break;
- case "image-pdf" :
- if (in_array(extension($aTemp[count($aTemp) - 1]), $aExtensionPictureAndPdf)) {
- $bAllowUpload = true;
- } else {
- foreach ($aExtensionPictureAndPdf as $sValue) {
- $sFormat .= " " . $sValue;
- }
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
- }
- break;
- case "document" :
- if (in_array(extension($aTemp[count($aTemp) - 1]), $aExtensionFile)) {
- $bAllowUpload = true;
- } else {
- foreach ($aExtensionFile as $sValue) {
- $sFormat .= " " . $sValue;
- }
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
- }
- break;
- case "zip" :
- if (in_array(extension($aTemp[count($aTemp) - 1]), $aExtensionZip)) {
- $bAllowUpload = true;
- } else {
- foreach ($aExtensionZip as $sValue) {
- $sFormat .= " " . $sValue;
- }
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
- }
- break;
- case "fmw" :
- if (in_array(extension($aTemp[count($aTemp) - 1]), $aExtensionFmw)) {
- $bAllowUpload = true;
- } else {
- foreach ($aExtensionFmw as $sValue) {
- $sFormat .= " " . $sValue;
- }
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
- }
- break;
- default :
+ if (in_array($sFileType, array_keys($aExtension))){
+ if (in_array($sFileExtension, $aExtension[$sFileType])) {
$bAllowUpload = true;
-
- break;
+ } else {
+ foreach ($aExtensionPicture as $sValue) {
+ $sFormat .= " " . $sValue;
+ }
+ writeToErrorLog(ERROR_FILE . $aFileValues['name'] . ERROR_NOT_FILE . $sFileType);
+ $sErrorMsg = FILE_LABEL_PHPUTIL . $aFileValues['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
+ }
+ } else {
+ $bAllowUpload = true;
}
//Teste si le fichier n'est pas de trop grande taille.
- if ($_FILES[$sNomObjet]['size'] > $sMaxSize || $_FILES[$sNomObjet]['error'] == 1) {
+ if ($aFileValues['size'] > $sMaxSize || $aFileValues['error'] == 1) {
$bAllowUpload = false;
- if ($_FILES[$sNomObjet]['size'] > $sMaxSize)
- $sErrorMsg .= FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . OF_LABEL_PHPUTIL . $_FILES[$sNomObjet]['size'] . ERROR_EXCEED_MAX_SIZE . ' (' . $sMaxSize . LABEL_BYTES_PHPUTIL . ').';
- if ($_FILES[$sNomObjet]['error'] > $sMaxSize)
- $sErrorMsg .= FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_EXCEED_MAX_SIZE_PHP . ' (' . $sMaxSize . LABEL_BYTES_PHPUTIL . ').';
+ if ($aFileValues['size'] > $sMaxSize)
+ $sErrorMsg .= FILE_LABEL_PHPUTIL . $aFileValues['name'] . OF_LABEL_PHPUTIL . $aFileValues['size'] . ERROR_EXCEED_MAX_SIZE . ' (' . $sMaxSize . LABEL_BYTES_PHPUTIL . ').';
+ if ($aFileValues['error'] > $sMaxSize)
+ $sErrorMsg .= FILE_LABEL_PHPUTIL . $aFileValues['name'] . ERROR_EXCEED_MAX_SIZE_PHP . ' (' . $sMaxSize . LABEL_BYTES_PHPUTIL . ').';
}
+
//Lance l'upload.
if ($bAllowUpload) {
if (!copy($sTmpFile, $sServerPath)) {
- writeToErrorLog(ERROR_COPYING_FILE . $_FILES[$sNomObjet]['name'] . ON_SERVER_PHPUTIL . ', ' . $sTmpFile . ', ' . $sServerPath);
- $sErrorMsg = ERROR_COPYING_FILE . $_FILES[$sNomObjet]['name'] . ON_SERVER_PHPUTIL . '.';
+ writeToErrorLog(ERROR_COPYING_FILE . $aFileValues['name'] . ON_SERVER_PHPUTIL . ', ' . $sTmpFile . ', ' . $sServerPath);
+ $sErrorMsg = ERROR_COPYING_FILE . $aFileValues['name'] . ON_SERVER_PHPUTIL . '.';
}
unlink($sTmpFile);
+ $sErrorMsg = $sServerPath;
//chmod($sServerPath,755);
}
} else {
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
+ writeToErrorLog(ERROR_FILE . $aFileValues['name'] . ERROR_NOT_FILE . $sFileType);
+ $sErrorMsg = FILE_LABEL_PHPUTIL . $aFileValues['name'] . ERROR_NOT_FILE . $sFileType . ERROR_VALID_FILE . $sFormat . '.';
}
} else {
- writeToErrorLog(ERROR_FILE . $_FILES[$sNomObjet]['name'] . ERROR_DOWNLOAD_SERVER);
- $sErrorMsg = FILE_LABEL_PHPUTIL . $_FILES[$sNomObjet]['name'] . ERROR_DOWNLOAD_SERVER . ' (' . ERROR_CODE_PHPUTIL . $_FILES[$sNomObjet]['error'] . ').';
+ writeToErrorLog(ERROR_FILE . "File" . ERROR_DOWNLOAD_SERVER);
+ $sErrorMsg = FILE_LABEL_PHPUTIL . "File" . ERROR_DOWNLOAD_SERVER . '.';
}
return $sErrorMsg;
}
+/**
+ *This method convert $_FILE struct or the aValues File to a File Struct usable by uploadFile.
+ *@file vmlib/phpUtil.inc
+ *@param $sField Name of the field.
+ *@param $aValues $aValues to copy file in tmp.
+ *@return $aFileStruct FileStuct or null if an error block the write in tmp.
+ */
+function extractFileStruct ($sField, $aValues = null){
+ global $properties;
+ if (empty($aValues)){
+ // Extract From Post $File Struct
+ return $aFileStruc = array(
+ "name" => $_FILES[$sField]['name'],
+ "tmp_name" => $_FILES[$sField]['tmp_name'],
+ "error" => $_FILES[$sField]['error'],
+ "size" => $_FILES[$sField]['size']
+ );
+ } else {
+ // Extraction de $aValues, on le met dans tmp pour préparer la copie dans upload file
+ $sTmpFile = $properties['extract_dir'] . "/" . getUniqRandomId();
+ $oFile = fopen($sTmpFile, 'w+');
+ if (!$oFile){
+ writeToErrorLog("Can't open file in " . $properties['extract_dir']);
+ return null;
+ }else{
+ fwrite($oFile, $aValues[$sField . "_file"]);
+ fclose($oFile);
+ return $aFileStruc = array(
+ "name" => $aValues[$sField . "_name"],
+ "tmp_name" => $sTmpFile,
+ "error" => "0",
+ "size" => filesize($sTmpFile)
+ );
+ }
+ }
+}
+
+/**
+ *This method upload a file in ws_data.
+ *@file vmlib/phpUtil.inc
+ *@param $sModule Name of the module.
+ *@param $sObject Name of the object.
+ *@param $mId Id of the current object.
+ *@param $sField field name (generally DB column name).
+ *@param $aValues Vitis $aValues.
+ *@param $iMaxSize Maximum size to upload on server. (set to -1 to disable this control)
+ *@param $sFileTypeCtrl Type of the document. (set to all to disable this control)
+ *@return $sErrorMsg The error message.
+ */
+function uploadInWsDataDir ($sModule, $sObject, $mId, $sField, $aValues, $iMaxSize = -1, $sFileTypeCtrl = "all"){
+ global $properties;
+
+ // on controle les attributs pour éviter les mauvais placements
+ if (strpos($sModule, '/') > -1){
+ writeToErrorLog("Module can't contain path : " . $sModule);
+ return "Module can't contain path : " . $sModule;
+ }
+
+ if (strpos($sObject, "/") > -1){
+ writeToErrorLog("Object can't contain path : " . $sObject);
+ return "Object can't contain path : " . $sObject;
+ }
+
+ if (strpos($mId, "/") > -1){
+ writeToErrorLog("Id can't contain path : " . $mId);
+ return "Id can't contain path : " . $mId;
+ }
+
+ if (strpos($sField, "/") > -1){
+ writeToErrorLog("Field can't contain path : " . $sField);
+ return "Field can't contain path : " . $sField;
+ }
+ // on génére la Structure fichier
+ $aFileStruct = extractFileStruct ($sField, $aValues);
+ // on génére la destination
+ $sDestDir = $properties['ws_data_dir'] . "/" . $sModule . "/" . $sObject . "/" . $mId . "/" . $sField;
+ $sDestPath = $sDestDir . "/" . $aFileStruct["name"];
+
+ // on controle la destination pour éviter les mauvais placements
+ if (strpos($sDestPath, "/\.\./") > -1){
+ writeToErrorLog("This function doesn't accept relative reference : " . $sDestPath);
+ return "This function doesn't accept relative reference : " . $sDestPath;
+ }
+ // si taille max vaut -1 alors taille max = taille fichier + 1
+ if ($iMaxSize == -1){
+ $iMaxSize = $aFileStruct["size"] + 1;
+ }
+ // création du fichier si besoin
+ if (!is_dir($sDestDir)){
+ if(!mkdir($sDestDir, 0777, true)){
+ writeToErrorLog("Can't create directory " . $sDestDir);
+ return "Can't create directory " . $sDestDir;
+ }
+ }
+ // Upload du fichier
+ return uploadFile($sField, $sFileTypeCtrl, $sDestPath, $iMaxSize, $aFileStruct);
+}
+/**
+ *This method upload a file in Public.
+ *@file vmlib/phpUtil.inc
+ *@param $sModule Name of the module.
+ *@param $sRandomUniqId Uniq folder to use to stock file(s) (set it to "auto" to let the function create this folder).
+ *@param $sField field name (generally DB column name).
+ *@param $aValues Vitis $aValues.
+ *@param $iMaxSize Maximum size to upload on server. (set to -1 to disable this control)
+ *@param $sFileTypeCtrl Type of the document. (set to all to disable this control)
+ *@return $sErrorMsg The error message or the file path if success.
+ */
+function uploadInPublicDir($sModule, $sField, $aValues, $sRandomUniqId = "auto", $iMaxSize = -1, $sFileTypeCtrl = "all"){
+ global $properties;
+
+ // on controle les attributs pour éviter les mauvais placements
+ if (strpos($sModule, '/') > -1){
+ writeToErrorLog("Module can't contain path : " . $sModule);
+ return "Module can't contain path : " . $sModule;
+ }
+ if (strpos($sField, "/") > -1){
+ writeToErrorLog("Field can't contain path : " . $sField);
+ return "Field can't contain path : " . $sField;
+ }
+ // on génére la Structure fichier
+ $aFileStruct = extractFileStruct ($sField, $aValues);
+ // on génére le dossier unique si besoin
+ if($sRandomUniqId == "auto"){
+ $sRandomUniqId = getUniqRandomId();
+ }
+ // on génére la destination
+ $sDestDir = $properties['dir_export'] . "/" . $sModule . "/" . $sRandomUniqId;
+ $sDestPath = $sDestDir . "/" . $aFileStruct["name"];
+
+ // on controle la destination pour éviter les mauvais placements
+ if (strpos($sDestPath, "/\.\./") > -1){
+ writeToErrorLog("This function doesn't accept relative reference : " . $sDestPath);
+ return "This function doesn't accept relative reference : " . $sDestPath;
+ }
+ // si taille max vaut -1 alors taille max = taille fichier + 1
+ if ($iMaxSize == -1){
+ $iMaxSize = $aFileStruct["size"] + 1;
+ }
+
+ // création du fichier si besoin
+ if (!is_dir($sDestDir)){
+ if(!mkdir($sDestDir, 0777, true)){
+ writeToErrorLog("Can't create directory " . $sDestDir);
+ return "Can't create directory " . $sDestDir;
+ }
+ }
+ // Upload du fichier
+ return uploadFile($sField, $sFileTypeCtrl, $sDestPath, $iMaxSize, $aFileStruct);
+}
+
+/**
+ *This method upload a file in Upload.
+ *@file vmlib/phpUtil.inc
+ *@param $sModule Name of the module.
+ *@param $sRandomUniqId Uniq folder to use to stock file(s) (set it to "auto" to let the function create this folder).
+ *@param $sField field name (generally DB column name).
+ *@param $aValues Vitis $aValues.
+ *@param $iMaxSize Maximum size to upload on server. (set to -1 to disable this control)
+ *@param $sFileTypeCtrl Type of the document. (set to all to disable this control)
+ *@return $sErrorMsg The error message or the file path if success.
+ */
+function uploadInUploadDir($sModule, $sField, $aValues, $sRandomUniqId = "auto", $iMaxSize = -1, $sFileTypeCtrl = "all"){
+ global $properties;
+
+ // on controle les attributs pour éviter les mauvais placements
+ if (strpos($sModule, '/') > -1){
+ writeToErrorLog("Module can't contain path : " . $sModule);
+ return "Module can't contain path : " . $sModule;
+ }
+ if (strpos($sField, "/") > -1){
+ writeToErrorLog("Field can't contain path : " . $sField);
+ return "Field can't contain path : " . $sField;
+ }
+ // on génére la Structure fichier
+ $aFileStruct = extractFileStruct ($sField, $aValues);
+ // on génére le dossier unique si besoin
+ if($sRandomUniqId == "auto"){
+ $sRandomUniqId = getUniqRandomId();
+ }
+ // on génére la destination
+ $sDestDir = $properties['upload_dir'] . "/" . $sModule . "/" . $sRandomUniqId;
+ $sDestPath = $sDestDir . "/" . $aFileStruct["name"];
+
+ // on controle la destination pour éviter les mauvais placements
+ if (strpos($sDestPath, "/\.\./") > -1){
+ writeToErrorLog("This function doesn't accept relative reference : " . $sDestPath);
+ return "This function doesn't accept relative reference : " . $sDestPath;
+ }
+ // si taille max vaut -1 alors taille max = taille fichier + 1
+ if ($iMaxSize == -1){
+ $iMaxSize = $aFileStruct["size"] + 1;
+ }
+
+ // création du fichier si besoin
+ if (!is_dir($sDestDir)){
+ if(!mkdir($sDestDir, 0777, true)){
+ writeToErrorLog("Can't create directory " . $sDestDir);
+ return "Can't create directory " . $sDestDir;
+ }
+ }
+ // Upload du fichier
+ return uploadFile($sField, $sFileTypeCtrl, $sDestPath, $iMaxSize, $aFileStruct);
+}
+
/**
*This method return the extension of a file.
*@file vmlib/phpUtil.inc