dolibarr  x.y.z
export_files.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2006-2014 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
4  * Copyright (C) 2015 RaphaĆ«l Doursenaud <rdoursenaud@gpcsolutions.fr>
5  * Copyright (C) 2021 Regis Houssin <regis.houssin@inodbox.com>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 3 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program. If not, see <https://www.gnu.org/licenses/>.
19  */
20 
26 if (! defined('CSRFCHECK_WITH_TOKEN')) {
27  define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
28 }
29 
30 // Load Dolibarr environment
31 require '../../main.inc.php';
32 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
33 require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
34 require_once DOL_DOCUMENT_ROOT.'/core/class/utils.class.php';
35 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
36 
37 $langs->load("admin");
38 
39 $action = GETPOST('action', 'aZ09');
40 $what = GETPOST('what', 'alpha');
41 $export_type = GETPOST('export_type', 'alpha');
42 $file = trim(GETPOST('zipfilename_template', 'alpha'));
43 $compression = GETPOST('compression', 'aZ09');
44 
45 $file = dol_sanitizeFileName($file);
46 $file = preg_replace('/(\.zip|\.tar|\.tgz|\.gz|\.tar\.gz|\.bz2|\.zst)$/i', '', $file);
47 
48 $sortfield = GETPOST('sortfield', 'aZ09comma');
49 $sortorder = GETPOST('sortorder', 'aZ09comma');
50 $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
51 if (!$sortorder) {
52  $sortorder = "DESC";
53 }
54 if (!$sortfield) {
55  $sortfield = "date";
56 }
57 if ($page < 0) {
58  $page = 0;
59 } elseif (empty($page)) {
60  $page = 0;
61 }
62 $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
63 $offset = $limit * $page;
64 
65 if (!$user->admin) {
67 }
68 
69 $errormsg = '';
70 
71 
72 /*
73  * Actions
74  */
75 
76 if ($action == 'delete') {
77  $filerelative = dol_sanitizeFileName(GETPOST('urlfile', 'alpha'));
78  $filepath = $conf->admin->dir_output.'/'.$filerelative;
79  $ret = dol_delete_file($filepath, 1);
80  if ($ret) {
81  setEventMessages($langs->trans("FileWasRemoved", $filerelative), null, 'mesgs');
82  } else {
83  setEventMessages($langs->trans("ErrorFailToDeleteFile", $filerelative), null, 'errors');
84  }
85  $action = '';
86 }
87 
88 
89 /*
90  * View
91  */
92 
93 // Increase limit of time. Works only if we are not in safe mode
94 $ExecTimeLimit = 1800; // 30mn
95 if (!empty($ExecTimeLimit)) {
96  $err = error_reporting();
97  error_reporting(0); // Disable all errors
98  //error_reporting(E_ALL);
99  @set_time_limit($ExecTimeLimit); // Need more than 240 on Windows 7/64
100  error_reporting($err);
101 }
102 
103 /* If value has been forced with a php_admin_value, this has no effect. Example of value: '512M' */
104 $MemoryLimit = getDolGlobalString('MAIN_MEMORY_LIMIT_ARCHIVE_DATAROOT');
105 if (!empty($MemoryLimit)) {
106  @ini_set('memory_limit', $MemoryLimit);
107 }
108 
109 $form = new Form($db);
110 $formfile = new FormFile($db);
111 
112 //$help_url='EN:Backups|FR:Sauvegardes|ES:Copias_de_seguridad';
113 //llxHeader('','',$help_url);
114 
115 //print load_fiche_titre($langs->trans("Backup"),'','title_setup');
116 
117 
118 // Start with empty buffer
119 $dump_buffer = '';
120 $dump_buffer_len = 0;
121 
122 // We will send fake headers to avoid browser timeout when buffering
123 $time_start = time();
124 
125 
126 $outputdir = $conf->admin->dir_output.'/documents';
127 $result = dol_mkdir($outputdir);
128 
129 $utils = new Utils($db);
130 
131 if ($export_type == 'externalmodule' && !empty($what)) {
132  $fulldirtocompress = DOL_DOCUMENT_ROOT.'/custom/'.dol_sanitizeFileName($what);
133 } else {
134  $fulldirtocompress = DOL_DATA_ROOT;
135 }
136 $dirtoswitch = dirname($fulldirtocompress);
137 $dirtocompress = basename($fulldirtocompress);
138 
139 if ($compression == 'zip') {
140  $file .= '.zip';
141 
142  $excludefiles = '/(\.back|\.old|\.log|\.pdf_preview-.*\.png|[\/\\\]temp[\/\\\]|[\/\\\]admin[\/\\\]documents[\/\\\])/i';
143 
144  //var_dump($fulldirtocompress);
145  //var_dump($outputdir."/".$file);exit;
146 
147  $rootdirinzip = '';
148  if ($export_type == 'externalmodule' && !empty($what)) {
149  $rootdirinzip = $what;
150 
151  global $dolibarr_allow_download_external_modules;
152  if (empty($dolibarr_allow_download_external_modules)) {
153  print 'Download of external modules is not allowed by $dolibarr_allow_download_external_modules in conf.php file';
154  $db->close();
155  exit();
156  }
157  }
158 
159  $ret = dol_compress_dir($fulldirtocompress, $outputdir."/".$file, $compression, $excludefiles, $rootdirinzip);
160  if ($ret < 0) {
161  if ($ret == -2) {
162  $langs->load("errors");
163  $errormsg = $langs->trans("ErrNoZipEngine");
164  } else {
165  $langs->load("errors");
166  $errormsg = $langs->trans("ErrorFailedToWriteInDir", $outputdir);
167  }
168  }
169 } elseif (in_array($compression, array('gz', 'bz', 'zstd'))) {
170  $userlogin = ($user->login ? $user->login : 'unknown');
171 
172  $outputfile = $conf->admin->dir_temp.'/export_files.'.$userlogin.'.out'; // File used with popen method
173 
174  $file .= '.tar';
175 
176  // We also exclude '/temp/' dir and 'documents/admin/documents'
177  // We make escapement here and call executeCLI without escapement because we don't want to have the '*.log' escaped.
178  $cmd = "tar -cf '".escapeshellcmd($outputdir."/".$file)."' --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'";
179 
180  $result = $utils->executeCLI($cmd, $outputfile, 0, null, 1);
181 
182  $retval = $result['error'];
183  if ($result['result'] || !empty($retval)) {
184  $langs->load("errors");
185  dol_syslog("Documents tar retval after exec=".$retval, LOG_ERR);
186  $errormsg = 'Error tar generation return '.$retval;
187  } else {
188  if ($compression == 'gz') {
189  $cmd = "gzip -f ".$outputdir."/".$file;
190  } elseif ($compression == 'bz') {
191  $cmd = "bzip2 -f ".$outputdir."/".$file;
192  } elseif ($compression == 'zstd') {
193  $cmd = "zstd -z -9 -q --rm ".$outputdir."/".$file;
194  }
195 
196  $result = $utils->executeCLI($cmd, $outputfile);
197 
198  $retval = $result['error'];
199  if ($result['result'] || !empty($retval)) {
200  $errormsg = 'Error '.$compression.' generation return '.$retval;
201  unlink($outputdir."/".$file);
202  }
203  }
204 } else {
205  $errormsg = 'Bad value for compression method';
206  print $errormsg;
207 }
208 
209 
210 // Output export
211 
212 if ($export_type != 'externalmodule' || empty($what)) {
213  top_httphead();
214 
215  if ($errormsg) {
216  setEventMessages($langs->trans("Error")." : ".$errormsg, null, 'errors');
217  } else {
218  setEventMessages($langs->trans("BackupFileSuccessfullyCreated").'.<br>'.$langs->trans("YouCanDownloadBackupFile"), null, 'mesgs');
219  }
220 
221  $db->close();
222 
223  // Redirect to calling page
224  $returnto = 'dolibarr_export.php';
225 
226  header("Location: ".$returnto);
227 
228  exit();
229 } else {
230  top_httphead('application/zip');
231 
232  $zipname = $outputdir."/".$file;
233 
234  // Then download the zipped file.
235 
236  header('Content-disposition: attachment; filename='.basename($zipname));
237  header('Content-Length: '.filesize($zipname));
238  readfile($zipname);
239 
240  dol_delete_file($zipname);
241 
242  $db->close();
243 
244  exit();
245 }
Class to offer components to list and upload files.
Class to manage generation of HTML components Only common components must be here.
Class to manage utility methods.
Definition: utils.class.php:31
if($cancel &&! $id) if($action=='add' &&! $cancel) if($action=='delete') if($id) $form
Actions.
Definition: card.php:143
dol_delete_file($file, $disableglob=0, $nophperrors=0, $nohook=0, $object=null, $allowdotdot=false, $indexdatabase=1, $nolog=0)
Remove a file or several files with a mask.
Definition: files.lib.php:1250
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='')
Set event messages in dol_events session object.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
if(!function_exists('utf8_encode')) if(!function_exists('utf8_decode')) getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
dol_sanitizeFileName($str, $newstr='_', $unaccent=1)
Clean a string to use it as a file name.
GETPOSTISSET($paramname)
Return true if we are in a context of submitting the parameter $paramname from a POST of a form.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
dol_sanitizePathName($str, $newstr='_', $unaccent=1)
Clean a string to use it as a path name.
dol_mkdir($dir, $dataroot='', $newmask='')
Creation of a directory (this can create recursive subdir)
if(!defined('NOREQUIREMENU')) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition: main.inc.php:1436
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.