Skip to content
Snippets Groups Projects
Commit 1505ade3 authored by Laurent Destailleur's avatar Laurent Destailleur
Browse files

Fix error management: When an error is returned by hooks into

dol_move_uploaded_file, message must be returned by function as if it
were an error for any other reason.

Conflicts:
	htdocs/core/lib/files.lib.php
parent d3a3e878
No related branches found
No related tags found
No related merge requests found
......@@ -597,7 +597,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
global $conf, $db, $user, $langs;
global $object, $hookmanager;
$error=0;
$reshook=0;
$file_name = $dest_file;
if (empty($nohook))
......@@ -663,8 +663,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
}
// Security:
// On interdit fichiers caches, remontees de repertoire ainsi que les pipe dans
// les noms de fichiers.
// On interdit fichiers caches, remontees de repertoire ainsi que les pipe dans les noms de fichiers.
if (preg_match('/^\./',$dest_file) || preg_match('/\.\./',$dest_file) || preg_match('/[<>|]/',$dest_file))
{
dol_syslog("Refused to deliver file ".$dest_file, LOG_WARNING);
......@@ -677,7 +676,13 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
$reshook=$hookmanager->executeHooks('moveUploadedFile', $parameters, $object);
}
if (empty($reshook))
if ($reshook < 0) // At least one blocking error returned by one hook
{
$errmsg = join(',', $hookmanager->errors);
if (empty($errmsg)) $errmsg = 'ErrorReturnedBySomeHooks'; // Should not occurs. Added if hook is bugged and does not set ->errors when there is error.
return $errmsg;
}
elseif (empty($reshook))
{
// The file functions must be in OS filesystem encoding.
$src_file_osencoded=dol_osencode($src_file);
......@@ -710,8 +715,8 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
return -3; // Unknown error
}
}
else
return $reshook;
return 1; // Success
}
/**
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment