dolibarr  x.y.z
config.inc.php
1 <?php
2 /*
3  * FCKeditor - The text editor for Internet - http://www.fckeditor.net
4  * Copyright (C) 2003-2010 Frederico Caldeira Knabben
5  *
6  * == BEGIN LICENSE ==
7  *
8  * Licensed under the terms of any of the following licenses at your
9  * choice:
10  *
11  * - GNU General Public License Version 2 or later (the "GPL")
12  * https://www.gnu.org/licenses/gpl.html
13  *
14  * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")
15  * https://www.gnu.org/licenses/lgpl.html
16  *
17  * - Mozilla Public License Version 1.1 or later (the "MPL")
18  * http://www.mozilla.org/MPL/MPL-1.1.html
19  *
20  * == END LICENSE ==
21  *
22  * Configuration file for the File Manager Connector for PHP.
23  */
24 
25 global $Config;
26 global $website;
27 
28 define('NOTOKENRENEWAL', 1); // Disables token renewal
29 
30 // We must include the main because this page is
31 // a web page that require security controls and
32 // is a security hole if anybody can access without
33 // being an authenticated user.
34 require_once '../../../../main.inc.php';
35 $uri = preg_replace('/^http(s?):\/\//i', '', $dolibarr_main_url_root);
36 $pos = strstr($uri, '/'); // $pos contient alors url sans nom domaine
37 if ($pos == '/') {
38  $pos = ''; // si $pos vaut /, on le met a ''
39 }
40 define('DOL_URL_ROOT', $pos);
41 $entity = ((!empty($_SESSION['dol_entity']) && $_SESSION['dol_entity'] > 1) ? $_SESSION['dol_entity'] : null);
42 
43 // SECURITY: You must explicitly enable this "connector". (Set it to "true").
44 // WARNING: don't just set "$Config['Enabled'] = true ;", you must be sure that only
45 // authenticated users can access this file or use some kind of session checking.
46 $Config['Enabled'] = true;
47 
48 
49 // Path to user files relative to the document root.
50 $extEntity = (empty($entity) ? 1 : $entity); // For multicompany with external access
51 
52 $Config['UserFilesPath'] = DOL_URL_ROOT.'/viewimage.php?modulepart=medias'.(empty($website) ? '' : '_'.$website).'&entity='.$extEntity.'&file=';
53 $Config['UserFilesAbsolutePathRelative'] = (!empty($entity) ? '/'.$entity : '').(empty($website) ? '/medias/' : ('/website/'.$website));
54 
55 
56 // Fill the following value it you prefer to specify the absolute path for the
57 // user files directory. Useful if you are using a virtual directory, symbolic
58 // link or alias. Examples: 'C:\\MySite\\userfiles\\' or '/root/mysite/userfiles/'.
59 // Attention: The above 'UserFilesPath' must point to the same directory.
60 $Config['UserFilesAbsolutePath'] = $dolibarr_main_data_root.$Config['UserFilesAbsolutePathRelative'];
61 
62 // Due to security issues with Apache modules, it is recommended to leave the
63 // following setting enabled.
64 $Config['ForceSingleExtension'] = true;
65 
66 // Perform additional checks for image files.
67 // If set to true, validate image size (using getimagesize).
68 $Config['SecureImageUploads'] = true;
69 
70 // What the user can do with this connector.
71 $Config['ConfigAllowedCommands'] = array('QuickUpload', 'FileUpload', 'GetFolders', 'GetFoldersAndFiles', 'CreateFolder');
72 
73 // Allowed Resource Types.
74 $Config['ConfigAllowedTypes'] = array('File', 'Image', 'Media');
75 
76 // For security, HTML is allowed in the first Kb of data for files having the
77 // following extensions only.
78 $Config['HtmlExtensions'] = array("html", "htm", "xml", "xsd", "txt", "js");
79 
80 // After file is uploaded, sometimes it is required to change its permissions
81 // so that it was possible to access it at the later time.
82 // If possible, it is recommended to set more restrictive permissions, like 0755.
83 // Set to 0 to disable this feature.
84 // Note: not needed on Windows-based servers.
85 $newmask = '0644';
86 if (!empty($conf->global->MAIN_UMASK)) {
87  $newmask = $conf->global->MAIN_UMASK;
88 }
89 $Config['ChmodOnUpload'] = $newmask;
90 
91 // See comments above.
92 // Used when creating folders that does not exist.
93 $newmask = '0755';
94 $dirmaskdec = octdec($newmask);
95 if (!empty($conf->global->MAIN_UMASK)) {
96  $dirmaskdec = octdec($conf->global->MAIN_UMASK);
97 }
98 $dirmaskdec |= octdec('0200'); // Set w bit required to be able to create content for recursive subdirs files
99 $newmask = decoct($dirmaskdec);
100 
101 $Config['ChmodOnFolderCreate'] = $newmask;
102 
103 /*
104  Configuration settings for each Resource Type
105 
106  - AllowedExtensions: the possible extensions that can be allowed.
107  If it is empty then any file type can be uploaded.
108  - DeniedExtensions: The extensions that won't be allowed.
109  If it is empty then no restrictions are done here.
110 
111  For a file to be uploaded it has to fulfill both the AllowedExtensions
112  and DeniedExtensions (that's it: not being denied) conditions.
113 
114  - FileTypesPath: the virtual folder relative to the document root where
115  these resources will be located.
116  Attention: It must start and end with a slash: '/'
117 
118  - FileTypesAbsolutePath: the physical path to the above folder. It must be
119  an absolute path.
120  If it's an empty string then it will be autocalculated.
121  Useful if you are using a virtual directory, symbolic link or alias.
122  Examples: 'C:\\MySite\\userfiles\\' or '/root/mysite/userfiles/'.
123  Attention: The above 'FileTypesPath' must point to the same directory.
124  Attention: It must end with a slash: '/'
125 
126  - QuickUploadPath: the virtual folder relative to the document root where
127  these resources will be uploaded using the Upload tab in the resources
128  dialogs.
129  Attention: It must start and end with a slash: '/'
130 
131  - QuickUploadAbsolutePath: the physical path to the above folder. It must be
132  an absolute path.
133  If it's an empty string then it will be autocalculated.
134  Useful if you are using a virtual directory, symbolic link or alias.
135  Examples: 'C:\\MySite\\userfiles\\' or '/root/mysite/userfiles/'.
136  Attention: The above 'QuickUploadPath' must point to the same directory.
137  Attention: It must end with a slash: '/'
138 
139  NOTE: by default, QuickUploadPath and QuickUploadAbsolutePath point to
140  "userfiles" directory to maintain backwards compatibility with older versions of FCKeditor.
141  This is fine, but you in some cases you will be not able to browse uploaded files using file browser.
142  Example: if you click on "image button", select "Upload" tab and send image
143  to the server, image will appear in FCKeditor correctly, but because it is placed
144  directly in /userfiles/ directory, you'll be not able to see it in built-in file browser.
145  The more expected behaviour would be to send images directly to "image" subfolder.
146  To achieve that, simply change
147  $Config['QuickUploadPath']['Image'] = $Config['UserFilesPath'] ;
148  $Config['QuickUploadAbsolutePath']['Image'] = $Config['UserFilesAbsolutePath'] ;
149  into:
150  $Config['QuickUploadPath']['Image'] = $Config['FileTypesPath']['Image'] ;
151  $Config['QuickUploadAbsolutePath']['Image'] = $Config['FileTypesAbsolutePath']['Image'] ;
152 
153 */
154 
155 $Config['AllowedExtensions']['File'] = array('7z', 'aiff', 'asf', 'avi', 'bmp', 'csv', 'doc', 'fla', 'flv', 'gif', 'gz', 'gzip', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ods', 'odt', 'pdf', 'png', 'ppt', 'pxd', 'qt', 'ram', 'rar', 'rm', 'rmi', 'rmvb', 'rtf', 'sdc', 'sitd', 'swf', 'sxc', 'sxw', 'tar', 'tgz', 'tif', 'tiff', 'txt', 'vsd', 'wav', 'wma', 'wmv', 'xls', 'xml', 'zip');
156 $Config['DeniedExtensions']['File'] = array();
157 $Config['FileTypesPath']['File'] = $Config['UserFilesPath'].'file/';
158 $Config['FileTypesAbsolutePath']['File'] = ($Config['UserFilesAbsolutePath'] == '') ? '' : $Config['UserFilesAbsolutePath'].'file/';
159 $Config['QuickUploadPath']['File'] = $Config['UserFilesPath'];
160 $Config['QuickUploadAbsolutePath']['File'] = $Config['UserFilesAbsolutePath'];
161 
162 $Config['AllowedExtensions']['Image'] = array('bmp', 'gif', 'jpeg', 'jpg', 'png', 'ai');
163 if (!empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)) {
164  $Config['AllowedExtensions']['Image'][] = 'svg';
165 }
166 $Config['DeniedExtensions']['Image'] = array();
167 $Config['FileTypesPath']['Image'] = $Config['UserFilesPath'].'image/';
168 $Config['FileTypesAbsolutePath']['Image'] = ($Config['UserFilesAbsolutePath'] == '') ? '' : $Config['UserFilesAbsolutePath'].'image/';
169 $Config['QuickUploadPath']['Image'] = $Config['UserFilesPath'];
170 $Config['QuickUploadAbsolutePath']['Image'] = $Config['UserFilesAbsolutePath'];
171 
172 $Config['AllowedExtensions']['Flash'] = array('swf', 'flv');
173 $Config['DeniedExtensions']['Flash'] = array();
174 $Config['FileTypesPath']['Flash'] = $Config['UserFilesPath'].'flash/';
175 $Config['FileTypesAbsolutePath']['Flash'] = ($Config['UserFilesAbsolutePath'] == '') ? '' : $Config['UserFilesAbsolutePath'].'flash/';
176 $Config['QuickUploadPath']['Flash'] = $Config['UserFilesPath'];
177 $Config['QuickUploadAbsolutePath']['Flash'] = $Config['UserFilesAbsolutePath'];
178 
179 $Config['AllowedExtensions']['Media'] = array('aiff', 'asf', 'avi', 'bmp', 'fla', 'flv', 'gif', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'png', 'qt', 'ram', 'rm', 'rmi', 'rmvb', 'swf', 'tif', 'tiff', 'wav', 'wma', 'wmv');
180 $Config['DeniedExtensions']['Media'] = array();
181 $Config['FileTypesPath']['Media'] = $Config['UserFilesPath'].'media/';
182 $Config['FileTypesAbsolutePath']['Media'] = ($Config['UserFilesAbsolutePath'] == '') ? '' : $Config['UserFilesAbsolutePath'].'media/';
183 $Config['QuickUploadPath']['Media'] = $Config['UserFilesPath'];
184 $Config['QuickUploadAbsolutePath']['Media'] = $Config['UserFilesAbsolutePath'];