Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix from #27211

Browse Source
This commit is contained in:
Laurent Destailleur 2024-02-22 00:09:45 +01:00
parent 5a4c8c6ce7
commit c396dcdfbb
2 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/lib/files.lib.php
View File

@ -2564,7 +2564,7 @@ function dol_most_recent_file($dir, $regexfilter = '', $excludefilter = array('(
* @param string $original_file Relative path with filename, relative to modulepart.
* @param string $entity Restrict onto entity (0=no restriction)
* @param User|null $fuser User object (forced)
* @param string $refname Ref of object to check permission for external users (autodetect if not provided) or for hierarchy
* @param string $refname Ref of object to check permission for external users (autodetect if not provided by taking the dirname of $original_file) or for hierarchy
* @param string $mode Check permission for 'read' or 'write'
* @return mixed Array with access information : 'accessallowed' & 'sqlprotectagainstexternals' & 'original_file' (as a full path name)
* @see restrictedArea()
@ -2612,7 +2612,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
// Find the subdirectory name as the reference. For example original_file='10/myfile.pdf' -> refname='10'
if (empty($refname)) {
$refname = basename(dirname($original_file)."/");
if ($refname == 'thumbs') {
if ($refname == 'thumbs' || $refname == 'temp') {
// If we get the thumbs directory, we must go one step higher. For example original_file='10/thumbs/myfile_small.jpg' -> refname='10'
$refname = basename(dirname(dirname($original_file))."/");
}

7
htdocs/document.php
View File

@ -209,16 +209,13 @@ $original_file = str_replace('../', '/', $original_file);
$original_file = str_replace('..\\', '/', $original_file);
// Find the subdirectory name as the reference
$refname = basename(dirname($original_file)."/");
// Security check
if (empty($modulepart)) {
accessforbidden('Bad value for parameter modulepart');
}
// Check security and set return info with full path of file
$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $user, $refname);
$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $user, '');
$accessallowed = $check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
$fullpath_original_file = $check_access['original_file']; // $fullpath_original_file is now a full path name
@ -282,7 +279,7 @@ if (!file_exists($fullpath_original_file_osencoded)) {
// Hooks
$hookmanager->initHooks(array('document'));
$parameters = array('ecmfile' => $ecmfile, 'modulepart' => $modulepart, 'original_file' => $original_file,
'entity' => $entity, 'refname' => $refname, 'fullpath_original_file' => $fullpath_original_file,
'entity' => $entity, 'fullpath_original_file' => $fullpath_original_file,
'filename' => $filename, 'fullpath_original_file_osencoded' => $fullpath_original_file_osencoded);
$object = new stdClass();
$reshook = $hookmanager->executeHooks('downloadDocument', $parameters, $object, $action); // Note that $action and $object may have been