mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Debug v21 - Fix wrapper
This commit is contained in:
Laurent Destailleur (aka Eldy)
parent
14f0197991
commit
e225f04149
|
|
@ -64,9 +64,21 @@ if (!empty($hashp)) {
|
|||
if ($moduleparttocheck == $modulepart) {
|
||||
// We remove first level of directory
|
||||
$original_file = (($tmp[1] ? $tmp[1].'/' : '').$ecmfile->filename); // this is relative to module dir
|
||||
//var_dump($original_file); exit;
|
||||
//var_dump($original_file); exit(0);
|
||||
} else {
|
||||
// Security options
|
||||
|
||||
// X-Content-Type-Options
|
||||
header("X-Content-Type-Options: nosniff");
|
||||
|
||||
// X-Frame-Options
|
||||
if (!getDolGlobalString('WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES')) {
|
||||
header("X-Frame-Options: SAMEORIGIN");
|
||||
}
|
||||
|
||||
http_response_code(401);
|
||||
print 'Bad link. File is from another module part.';
|
||||
exit(1);
|
||||
}
|
||||
} else {
|
||||
$modulepart = $moduleparttocheck;
|
||||
|
|
@ -77,8 +89,19 @@ if (!empty($hashp)) {
|
|||
$original_file = getImageFileNameForSize($original_file, $extname);
|
||||
}
|
||||
} else {
|
||||
// Security options
|
||||
|
||||
// X-Content-Type-Options
|
||||
header("X-Content-Type-Options: nosniff");
|
||||
|
||||
// X-Frame-Options
|
||||
if (!getDolGlobalString('WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES')) {
|
||||
header("X-Frame-Options: SAMEORIGIN");
|
||||
}
|
||||
|
||||
http_response_code(404);
|
||||
print "ErrorFileNotFoundWithSharedLink";
|
||||
exit;
|
||||
exit(2);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -196,15 +219,19 @@ if ($rss) {
|
|||
$error = 'Failed to rename '.$outputfiletmp.' into '.$outputfile;
|
||||
dol_syslog("build_exportfile ".$error, LOG_ERR);
|
||||
dol_delete_file($outputfiletmp, 0, 1);
|
||||
|
||||
http_response_code(500);
|
||||
print $error;
|
||||
exit(-1);
|
||||
exit(3);
|
||||
}
|
||||
} else {
|
||||
dol_syslog("build_exportfile build_xxxfile function fails to for format=".$format." outputfiletmp=".$outputfile, LOG_ERR);
|
||||
dol_delete_file($outputfiletmp, 0, 1);
|
||||
$langs->load("errors");
|
||||
|
||||
http_response_code(500);
|
||||
print $langs->trans("ErrorFailToCreateFile", $outputfile);
|
||||
exit(-1);
|
||||
exit(4);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -245,7 +272,7 @@ if ($rss) {
|
|||
}
|
||||
|
||||
// header("Location: ".DOL_URL_ROOT.'/document.php?modulepart=agenda&file='.urlencode($filename));
|
||||
exit;
|
||||
exit(5);
|
||||
}
|
||||
} elseif ($modulepart == "mycompany" && preg_match('/^\/?logos\//', $original_file)) {
|
||||
// Get logos
|
||||
|
|
@ -265,8 +292,9 @@ if ($rss) {
|
|||
// Security:
|
||||
// Limit access if permissions are wrong
|
||||
if (!$accessallowed) {
|
||||
http_response_code(403);
|
||||
print 'Access forbidden';
|
||||
exit;
|
||||
exit(6);
|
||||
}
|
||||
|
||||
// For backward compatibility of old thumbs that were created with filename in lower case and with .png extension
|
||||
|
|
@ -284,8 +312,9 @@ if ($rss) {
|
|||
|
||||
// This test if file exists should be useless. We keep it to find bug more easily
|
||||
if (!file_exists($fullpath_original_file_osencoded)) {
|
||||
http_response_code(404);
|
||||
print "ErrorFileDoesNotExists: ".dol_escape_htmltag($original_file);
|
||||
exit;
|
||||
exit(7);
|
||||
}
|
||||
|
||||
// Permissions are ok and file found, so we return it
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user