mise à jour ansible glpi

2022-02-11 15:48:06 +01:00
parent 3bae0bc39a
commit 9ddd78ea91
1017 changed files with 394347 additions and 0 deletions
--- a/Mission4/roles/glpi/files/fusioninventory/front/send.php
+++ b/Mission4/roles/glpi/files/fusioninventory/front/send.php
@@ -0,0 +1,95 @@
+<?php
+
+/**
+ * FusionInventory
+ *
+ * Copyright (C) 2010-2016 by the FusionInventory Development Team.
+ *
+ * http://www.fusioninventory.org/
+ * https://github.com/fusioninventory/fusioninventory-for-glpi
+ * http://forge.fusioninventory.org/
+ *
+ * ------------------------------------------------------------------------
+ *
+ * LICENSE
+ *
+ * This file is part of FusionInventory project.
+ *
+ * FusionInventory is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * FusionInventory is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with FusionInventory. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * ------------------------------------------------------------------------
+ *
+ * This file is used to securitely send files to user browser.
+ *
+ * ------------------------------------------------------------------------
+ *
+ * @package   FusionInventory
+ * @author    Vincent Mazzoni
+ * @author    David Durieux
+ * @copyright Copyright (c) 2010-2016 FusionInventory team
+ * @license   AGPL License 3.0 or (at your option) any later version
+ *            http://www.gnu.org/licenses/agpl-3.0-standalone.html
+ * @link      http://www.fusioninventory.org/
+ * @link      https://github.com/fusioninventory/fusioninventory-for-glpi
+ *
+ */
+
+if (!defined('GLPI_ROOT')) {
+   define('GLPI_ROOT', realpath('../../..'));
+}
+if (!defined("GLPI_PLUGIN_DOC_DIR")) {
+   define("GLPI_PLUGIN_DOC_DIR", GLPI_ROOT . "/files/_plugins");
+}
+Session::checkLoginUser();
+
+$docDir = GLPI_PLUGIN_DOC_DIR.'/fusioninventory';
+
+if (isset($_GET['file'])) {
+   $filename = $_GET['file'];
+
+   // Security test : document in $docDir
+   if (strstr($filename, "../") || strstr($filename, "..\\")) {
+      echo "Security attack !!!";
+      Event::log($filename, "sendFile", 1, "security",
+                 $_SESSION["glpiname"]." tries to get a non standard file.");
+      return;
+   }
+
+   $file = $docDir.'/'.$filename;
+   if (!file_exists($file)) {
+      echo "Error file $filename does not exist";
+      return;
+   } else {
+      // Now send the file with header() magic
+      header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
+      header('Pragma: private'); /// IE BUG + SSL
+      //header('Pragma: no-cache');
+      header('Cache-control: private, must-revalidate'); /// IE BUG + SSL
+      header("Content-disposition: filename=\"$filename\"");
+      //      header("Content-type: ".$mime);
+
+      $f=fopen($file, "r");
+
+      if (!$f) {
+         echo "Error opening file $filename";
+      } else {
+         // Pour que les \x00 ne devienne pas \0
+         $fsize=filesize($file);
+
+         if ($fsize) {
+            echo fread($f, filesize($file));
+         }
+      }
+   }
+}