File: //proc/self/cwd/guiaweb/htdocs/admin/tools/export_files.php
<?php
/* Copyright (C) 2006-2014 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
* Copyright (C) 2021 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2024-2025 Frédéric France <frederic.france@free.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/admin/tools/export_files.php
* \brief Page to export documents into a compressed file
*/
if (! defined('CSRFCHECK_WITH_TOKEN')) {
define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
}
// Load Dolibarr environment
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/utils.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
/**
* @var Conf $conf
* @var DoliDB $db
* @var HookManager $hookmanager
* @var Translate $langs
* @var User $user
*/
$langs->load("admin");
$action = GETPOST('action', 'aZ09');
$what = GETPOST('what', 'alpha');
$export_type = GETPOST('export_type', 'alpha');
$file = trim(GETPOST('zipfilename_template', 'alpha'));
$compression = GETPOST('compression', 'aZ09');
$file = dol_sanitizeFileName($file, '_', 1, 1);
$file = preg_replace('/(\.zip|\.tar|\.tgz|\.gz|\.tar\.gz|\.bz2|\.zst)$/i', '', $file);
$sortfield = GETPOST('sortfield', 'aZ09comma');
$sortorder = GETPOST('sortorder', 'aZ09comma');
$page = GETPOSTISSET('pageplusone') ? (GETPOSTINT('pageplusone') - 1) : GETPOSTINT("page");
if (!$sortorder) {
$sortorder = "DESC";
}
if (!$sortfield) {
$sortfield = "date";
}
if ($page < 0) {
$page = 0;
} elseif (empty($page)) {
$page = 0;
}
$limit = GETPOSTINT('limit') ? GETPOSTINT('limit') : $conf->liste_limit;
$offset = $limit * $page;
if (!$user->admin) {
accessforbidden();
}
$errormsg = '';
/*
* Actions
*/
if ($action == 'delete') {
$filerelative = dol_sanitizeFileName(GETPOST('urlfile', 'alpha'));
$filepath = $conf->admin->dir_output.'/'.$filerelative;
$ret = dol_delete_file($filepath, 1);
if ($ret) {
setEventMessages($langs->trans("FileWasRemoved", $filerelative), null, 'mesgs');
} else {
setEventMessages($langs->trans("ErrorFailToDeleteFile", $filerelative), null, 'errors');
}
$action = '';
}
/*
* View
*/
// Increase limit of time. Works only if we are not in safe mode
$ExecTimeLimit = getDolGlobalInt('MAIN_ADMIN_TOOLS_EXPORT_FILES_EXEC_TIME_LIMIT', 1800);; // 30mn
if (!empty($ExecTimeLimit)) {
$err = error_reporting();
error_reporting(0); // Disable all errors
//error_reporting(E_ALL);
@set_time_limit($ExecTimeLimit); // Need more than 240 on Windows 7/64
error_reporting($err);
}
/* If value has been forced with a php_admin_value, this has no effect. Example of value: '512M' */
$MemoryLimit = getDolGlobalString('MAIN_MEMORY_LIMIT_ARCHIVE_DATAROOT');
if (!empty($MemoryLimit)) {
@ini_set('memory_limit', $MemoryLimit);
}
$form = new Form($db);
$formfile = new FormFile($db);
//$help_url='EN:Backups|FR:Sauvegardes|ES:Copias_de_seguridad';
//llxHeader('','',$help_url);
//print load_fiche_titre($langs->trans("Backup"),'','title_setup');
// Start with empty buffer
$dump_buffer = '';
$dump_buffer_len = 0;
// We will send fake headers to avoid browser timeout when buffering
$time_start = time();
$outputdir = $conf->admin->dir_output.'/documents';
$result = dol_mkdir($outputdir);
$utils = new Utils($db);
if ($export_type == 'externalmodule' && !empty($what)) {
$fulldirtocompress = DOL_DOCUMENT_ROOT.'/custom/'.dol_sanitizeFileName($what);
} else {
$fulldirtocompress = DOL_DATA_ROOT;
}
$dirtoswitch = dirname($fulldirtocompress);
$dirtocompress = basename($fulldirtocompress);
if ($compression == 'zip') {
$file .= '.zip';
$excludefiles = '/(\.back|\.old|\.log|\.pdf_preview-.*\.png|[\/\\\]temp[\/\\\]|[\/\\\]admin[\/\\\]documents[\/\\\])/i';
//var_dump($fulldirtocompress);
//var_dump($outputdir."/".$file);exit;
$rootdirinzip = '';
if ($export_type == 'externalmodule' && !empty($what)) {
$rootdirinzip = $what;
global $dolibarr_allow_download_external_modules;
if (empty($dolibarr_allow_download_external_modules)) {
print 'Download of external modules is not allowed by $dolibarr_allow_download_external_modules in conf.php file';
$db->close();
exit();
}
}
global $errormsg;
$ret = dol_compress_dir($fulldirtocompress, $outputdir."/".$file, $compression, $excludefiles, $rootdirinzip); // Can modify $errormsg
if ($ret < 0) {
if ($ret == -2) {
$langs->load("errors");
$errormsg = $langs->trans("ErrNoZipEngine");
} else {
$langs->load("errors");
// @phpstan-ignore-next-line The $errormsg can have been modified by the dol_compress_dir function.
$errormsg = $langs->trans("ErrorFailedToWriteInDir", $outputdir).($errormsg ? "\n" . $errormsg : "");
}
}
} elseif (in_array($compression, array('gz', 'bz', 'zstd'))) {
$userlogin = ($user->login ? $user->login : 'unknown');
$outputfile = $conf->admin->dir_temp.'/'.dol_sanitizeFileName('export_files.'.$userlogin.'.out'); // File used with popen method
$file .= '.tar';
// We also exclude '/temp/' dir and 'documents/admin/documents'
// We make escapement here and call executeCLI without escapement because we don't want to have the '*.log' escaped.
$cmd = "tar -cf '".escapeshellcmd($outputdir."/".$file)."' --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'";
$result = $utils->executeCLI($cmd, $outputfile, 0, null, 1);
$retval = $result['error'];
if ($result['result'] || !empty($retval)) {
$langs->load("errors");
dol_syslog("Documents tar retval after exec=".$retval, LOG_ERR);
$errormsg = 'Error tar generation return '.$retval;
} else {
if ($compression == 'gz') {
$cmd = "gzip -f ".$outputdir."/".$file;
} elseif ($compression == 'bz') {
$cmd = "bzip2 -f ".$outputdir."/".$file;
} elseif ($compression == 'zstd') {
$cmd = "zstd -z -9 -q --rm ".$outputdir."/".$file;
}
$result = $utils->executeCLI($cmd, $outputfile);
$retval = $result['error'];
if ($result['result'] || !empty($retval)) {
$errormsg = 'Error '.$compression.' generation return '.$retval;
unlink($outputdir."/".$file);
}
}
} else {
$errormsg = 'Bad value for compression method';
print $errormsg;
}
// Output export
if ($export_type != 'externalmodule' || empty($what)) {
top_httphead();
if ($errormsg) {
setEventMessages($langs->trans("Error")." : ".$errormsg, null, 'errors');
} else {
setEventMessages($langs->trans("BackupFileSuccessfullyCreated").'.<br>'.$langs->trans("YouCanDownloadBackupFile"), null, 'mesgs');
}
$db->close();
// Redirect to calling page
$returnto = 'dolibarr_export.php';
header("Location: ".$returnto);
exit();
} else {
top_httphead('application/zip');
$zipname = $outputdir."/".$file;
// Then download the zipped file.
header('Content-disposition: attachment; filename='.basename($zipname));
header('Content-Length: '.filesize($zipname));
readfile($zipname);
dol_delete_file($zipname);
$db->close();
exit();
}