--- /tmp/dsg/dolibarr/htdocs/github_document.php +++ /tmp/dsg/dolibarr/htdocs/client_document.php @@ -76,7 +76,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php'; $encoding = ''; -$action = GETPOST('action', 'aZ09'); +$action = GETPOST('action', 'alpha'); $original_file = GETPOST('file', 'alphanohtml'); // Do not use urldecode here ($_GET are already decoded by PHP). $hashp = GETPOST('hashp', 'aZ09'); $modulepart = GETPOST('modulepart', 'alpha'); @@ -133,14 +133,20 @@ // We remove first level of directory $original_file = (($tmp[1] ? $tmp[1].'/' : '').$ecmfile->filename); // this is relative to module dir //var_dump($original_file); exit; - } else { + } + else + { accessforbidden('Bad link. File is from another module part.', 0, 0, 1); } - } else { + } + else + { $modulepart = $moduleparttocheck; $original_file = (($tmp[1] ? $tmp[1].'/' : '').$ecmfile->filename); // this is relative to module dir } - } else { + } + else + { $langs->load("errors"); accessforbidden($langs->trans("ErrorFileNotFoundWithSharedLink"), 0, 0, 1); } @@ -153,15 +159,11 @@ if (!empty($conf->global->MAIN_DISABLE_FORCE_SAVEAS)) $attachment = false; // Define mime type -$type = 'application/octet-stream'; // By default +$type = 'application/octet-stream'; if (GETPOST('type', 'alpha')) $type = GETPOST('type', 'alpha'); else $type = dol_mimetype($original_file); -// Security: Force to octet-stream if file is a dangerous file. For example when it is a .noexe file -// We do not force if file is a javascript to be able to get js from website module with '."\n"; if (!defined('DISABLE_JQUERY_TABLEDND')) print ''."\n"; // jQuery jnotify - if (empty($conf->global->MAIN_DISABLE_JQUERY_JNOTIFY) && !defined('DISABLE_JQUERY_JNOTIFY')) { + if (empty($conf->global->MAIN_DISABLE_JQUERY_JNOTIFY) && !defined('DISABLE_JQUERY_JNOTIFY')) + { print ''."\n"; } + // Flot + if (empty($conf->global->MAIN_JS_GRAPH) || $conf->global->MAIN_JS_GRAPH == 'jflot') + { + if (empty($conf->global->MAIN_DISABLE_JQUERY_FLOT) && !defined('DISABLE_JQUERY_FLOT')) + { + if (constant('JS_JQUERY_FLOT')) + { + print ''."\n"; + print ''."\n"; + print ''."\n"; + } + else + { + print ''."\n"; + print ''."\n"; + print ''."\n"; + /* Test for jflot 4.2 -> not better than current + print ''."\n"; + print ''."\n"; + print ''."\n"; + print ''."\n"; + print ''."\n"; + print ''."\n"; + print ''."\n"; + print ''."\n"; + print ''."\n"; + */ + } + } + } // Chart - if (empty($conf->global->MAIN_JS_GRAPH) || $conf->global->MAIN_JS_GRAPH == 'chart') { + if ($conf->global->MAIN_JS_GRAPH == 'chart') + { print ''."\n"; } // jQuery jeditable for Edit In Place features - if (!empty($conf->global->MAIN_USE_JQUERY_JEDITABLE) && !defined('DISABLE_JQUERY_JEDITABLE')) { + if (!empty($conf->global->MAIN_USE_JQUERY_JEDITABLE) && !defined('DISABLE_JQUERY_JEDITABLE')) + { print ''."\n"; print ''."\n"; print ''."\n"; @@ -1483,7 +1405,7 @@ print 'var urlLoadInPlace = \''.DOL_URL_ROOT.'/core/ajax/loadinplace.php\';'."\n"; print 'var tooltipInPlace = \''.$langs->transnoentities('ClickToEdit').'\';'."\n"; // Added in title attribute of span print 'var placeholderInPlace = \' \';'."\n"; // If we put another string than $langs->trans("ClickToEdit") here, nothing is shown. If we put empty string, there is error, Why ? - print 'var cancelInPlace = \''.$langs->trans("Cancel").'\';'."\n"; + print 'var cancelInPlace = \''.$langs->trans('Cancel').'\';'."\n"; print 'var submitInPlace = \''.$langs->trans('Ok').'\';'."\n"; print 'var indicatorInPlace = \'theme."/img/working.gif".'">\';'."\n"; print 'var withInPlace = 300;'; // width in pixel for default string edit @@ -1491,108 +1413,110 @@ print ''."\n"; print ''."\n"; } - // jQuery Timepicker - if (!empty($conf->global->MAIN_USE_JQUERY_TIMEPICKER) || defined('REQUIRE_JQUERY_TIMEPICKER')) { - print ''."\n"; - print ''."\n"; - } - if (!defined('DISABLE_SELECT2') && (!empty($conf->global->MAIN_USE_JQUERY_MULTISELECT) || defined('REQUIRE_JQUERY_MULTISELECT'))) { - // jQuery plugin "mutiselect", "multiple-select", "select2", ... - $tmpplugin = empty($conf->global->MAIN_USE_JQUERY_MULTISELECT) ?constant('REQUIRE_JQUERY_MULTISELECT') : $conf->global->MAIN_USE_JQUERY_MULTISELECT; - print ''."\n"; // We include full because we need the support of containerCssClass - } - if (!defined('DISABLE_MULTISELECT')) // jQuery plugin "mutiselect" to select with checkboxes. Can be removed once we have an enhanced search tool - { - print ''."\n"; - } - } - - if (!$disablejs && !empty($conf->use_javascript_ajax)) { - // CKEditor - if ((!empty($conf->fckeditor->enabled) && (empty($conf->global->FCKEDITOR_EDITORNAME) || $conf->global->FCKEDITOR_EDITORNAME == 'ckeditor') && !defined('DISABLE_CKEDITOR')) || defined('FORCE_CKEDITOR')) - { - print ''."\n"; - $pathckeditor = DOL_URL_ROOT.'/includes/ckeditor/ckeditor/'; - $jsckeditor = 'ckeditor.js'; - if (constant('JS_CKEDITOR')) { - // To use external ckeditor 4 js lib - $pathckeditor = constant('JS_CKEDITOR'); - } - print ''."\n"; - print ''."\n"; - print ''."\n"; - } - - // Browser notifications (if NOREQUIREMENU is on, it is mostly a page for popup, so we do not enable notif too. We hide also for public pages). - if (!defined('NOBROWSERNOTIF') && !defined('NOREQUIREMENU') && !defined('NOLOGIN')) - { - $enablebrowsernotif = false; - if (!empty($conf->agenda->enabled) && !empty($conf->global->AGENDA_REMINDER_BROWSER)) $enablebrowsernotif = true; - if ($conf->browser->layout == 'phone') $enablebrowsernotif = false; - if ($enablebrowsernotif) - { - print ''."\n"; - print ''."\n"; - } - } - - // Global js function - print ''."\n"; - print ''."\n"; - - // JS forced by modules (relative url starting with /) - if (!empty($conf->modules_parts['js'])) // $conf->modules_parts['js'] is array('module'=>array('file1','file2')) - { - $arrayjs = (array) $conf->modules_parts['js']; - foreach ($arrayjs as $modjs => $filesjs) - { - $filesjs = (array) $filesjs; // To be sure filejs is an array - foreach ($filesjs as $jsfile) - { - // jsfile is a relative path - print ''."\n".''."\n"; - } - } - } - // JS forced by page in top_htmlhead (relative url starting with /) - if (is_array($arrayofjs)) - { - print ''."\n"; - foreach ($arrayofjs as $jsfile) - { - if (preg_match('/^(http|\/\/)/i', $jsfile)) - { - print ''."\n"; - } else { - print ''."\n"; - } - } - } - } - - if (!empty($head)) print $head."\n"; - if (!empty($conf->global->MAIN_HTML_HEADER)) print $conf->global->MAIN_HTML_HEADER."\n"; - - $parameters = array(); - $result = $hookmanager->executeHooks('addHtmlHeader', $parameters); // Note that $action and $object may have been modified by some hooks - print $hookmanager->resPrint; // Replace Title to show - - print "\n\n"; - } - - $conf->headerdone = 1; // To tell header was output + // jQuery Timepicker + if (!empty($conf->global->MAIN_USE_JQUERY_TIMEPICKER) || defined('REQUIRE_JQUERY_TIMEPICKER')) + { + print ''."\n"; + print ''."\n"; + } + if (!defined('DISABLE_SELECT2') && (!empty($conf->global->MAIN_USE_JQUERY_MULTISELECT) || defined('REQUIRE_JQUERY_MULTISELECT'))) // jQuery plugin "mutiselect", "multiple-select", "select2", ... + { + $tmpplugin = empty($conf->global->MAIN_USE_JQUERY_MULTISELECT) ?constant('REQUIRE_JQUERY_MULTISELECT') : $conf->global->MAIN_USE_JQUERY_MULTISELECT; + print ''."\n"; // We include full because we need the support of containerCssClass + } + } + + if (!$disablejs && !empty($conf->use_javascript_ajax)) + { + // CKEditor + if ((!empty($conf->fckeditor->enabled) && (empty($conf->global->FCKEDITOR_EDITORNAME) || $conf->global->FCKEDITOR_EDITORNAME == 'ckeditor') && !defined('DISABLE_CKEDITOR')) || defined('FORCE_CKEDITOR')) + { + print ''."\n"; + $pathckeditor = DOL_URL_ROOT.'/includes/ckeditor/ckeditor/'; + $jsckeditor = 'ckeditor.js'; + if (constant('JS_CKEDITOR')) // To use external ckeditor 4 js lib + { + $pathckeditor = constant('JS_CKEDITOR'); + } + print ''."\n"; + print ''."\n"; + print ''."\n"; + } + + // Browser notifications + if (!defined('DISABLE_BROWSER_NOTIF')) + { + $enablebrowsernotif = false; + if (!empty($conf->agenda->enabled) && !empty($conf->global->AGENDA_REMINDER_BROWSER)) $enablebrowsernotif = true; + if ($conf->browser->layout == 'phone') $enablebrowsernotif = false; + if ($enablebrowsernotif) + { + print ''."\n"; + print ''."\n"; + } + } + + // Global js function + print ''."\n"; + print ''."\n"; + + // JS forced by modules (relative url starting with /) + if (!empty($conf->modules_parts['js'])) // $conf->modules_parts['js'] is array('module'=>array('file1','file2')) + { + $arrayjs = (array) $conf->modules_parts['js']; + foreach ($arrayjs as $modjs => $filesjs) + { + $filesjs = (array) $filesjs; // To be sure filejs is an array + foreach ($filesjs as $jsfile) + { + // jsfile is a relative path + print ''."\n".''."\n"; + } + } + } + // JS forced by page in top_htmlhead (relative url starting with /) + if (is_array($arrayofjs)) + { + print ''."\n"; + foreach ($arrayofjs as $jsfile) + { + if (preg_match('/^(http|\/\/)/i', $jsfile)) + { + print ''."\n"; + } + else + { + print ''."\n"; + } + } + } + } + + if (!empty($head)) print $head."\n"; + if (!empty($conf->global->MAIN_HTML_HEADER)) print $conf->global->MAIN_HTML_HEADER."\n"; + + $parameters = array(); + $result = $hookmanager->executeHooks('addHtmlHeader', $parameters); // Note that $action and $object may have been modified by some hooks + print $hookmanager->resPrint; // Replace Title to show + + print "\n\n"; + } + + $conf->headerdone = 1; // To tell header was output } @@ -1621,7 +1545,7 @@ $searchform = ''; $bookmarks = ''; - // Instantiate hooks for external modules + // Instantiate hooks of thirdparty module $hookmanager->initHooks(array('toprightmenu')); $toprightmenu = ''; @@ -1629,8 +1553,7 @@ // For backward compatibility with old modules if (empty($conf->headerdone)) { - $disablenofollow = 0; - top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss, 0, $disablenofollow); + top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss); print ''; } @@ -1639,11 +1562,6 @@ */ if ((empty($conf->dol_hide_topmenu) || GETPOST('dol_invisible_topmenu', 'int')) && (!defined('NOREQUIREMENU') || !constant('NOREQUIREMENU'))) { - if (!isset($form) || !is_object($form)) { - include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php'; - $form = new Form($db); - } - print "\n".''."\n"; print '
'; // dol_invisible_topmenu differs from dol_hide_topmenu: dol_invisible_topmenu means we output menu but we make it invisible. @@ -1662,13 +1580,14 @@ if (preg_match('/\d\.\d/', $appli)) { if (!preg_match('/'.preg_quote(DOL_VERSION).'/', $appli)) $appli .= " (".DOL_VERSION.")"; // If new title contains a version that is different than core - } else $appli .= " ".DOL_VERSION; - } else $appli .= " ".DOL_VERSION; + } + else $appli .= " ".DOL_VERSION; + } + else $appli .= " ".DOL_VERSION; if (!empty($conf->global->MAIN_FEATURES_LEVEL)) $appli .= "
".$langs->trans("LevelOfFeature").': '.$conf->global->MAIN_FEATURES_LEVEL; $logouttext = ''; - $logouthtmltext = ''; if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { //$logouthtmltext=$appli.'
'; @@ -1679,7 +1598,9 @@ $logouttext .= ''; $logouttext .= img_picto($langs->trans('Logout'), 'sign-out', '', false, 0, 0, '', 'atoplogin'); $logouttext .= ''; - } else { + } + else + { $logouthtmltext .= $langs->trans("NoLogoutProcessWithAuthMode", $_SESSION["dol_authmode"]); $logouttext .= img_picto($langs->trans('Logout'), 'sign-out', '', false, 0, 0, '', 'atoplogin opacitymedium'); } @@ -1696,10 +1617,11 @@ { if ($result == 0) $toprightmenu .= $hookmanager->resPrint; // add - else { + else $toprightmenu = $hookmanager->resPrint; // replace - } - } else { + } + else + { $toprightmenu .= $result; // For backward compatibility } @@ -1710,7 +1632,7 @@ //$text.= img_picto(":".$langs->trans("ModuleBuilder"), 'printer_top.png', 'class="printer"'); $text .= ''; $text .= ''; - $toprightmenu .= $form->textwithtooltip('', $langs->trans("ModuleBuilder"), 2, 1, $text, 'login_block_elem', 2); + $toprightmenu .= @Form::textwithtooltip('', $langs->trans("ModuleBuilder"), 2, 1, $text, 'login_block_elem', 2); } // Link to print main content area @@ -1729,7 +1651,7 @@ //$text.= img_picto(":".$langs->trans("PrintContentArea"), 'printer_top.png', 'class="printer"'); $text .= ''; $text .= ''; - $toprightmenu .= $form->textwithtooltip('', $langs->trans("PrintContentArea"), 2, 1, $text, 'login_block_elem', 2); + $toprightmenu .= @Form::textwithtooltip('', $langs->trans("PrintContentArea"), 2, 1, $text, 'login_block_elem', 2); } // Link to Dolibarr wiki pages @@ -1740,13 +1662,8 @@ $helpbaseurl = ''; $helppage = ''; $mode = ''; - $helppresent = ''; - - if (empty($helppagename)) { - $helppagename = 'EN:User_documentation|FR:Documentation_utilisateur|ES:DocumentaciĂłn_usuarios'; - } else { - $helppresent = 'helppresent'; - } + + if (empty($helppagename)) $helppagename = 'EN:User_documentation|FR:Documentation_utilisateur|ES:DocumentaciĂłn_usuarios'; // Get helpbaseurl, helppage and mode from helppagename and langs $arrayres = getHelpParamFor($helppagename, $langs); @@ -1758,20 +1675,15 @@ if ($helpbaseurl && $helppage) { $text = ''; - $title = $langs->trans($mode == 'wiki' ? 'GoToWikiHelpPage' : 'GoToHelpPage').'...'; - if ($mode == 'wiki') { - $title .= '
'.$langs->trans("PageWiki").' '.dol_escape_htmltag('"'.strtr($helppage, '_', ' ').'"'); - if ($helppresent) $title .= ' ('.$langs->trans("DedicatedPageAvailable").')'; - else $title .= ' ('.$langs->trans("HomePage").')'; - } + $title = $langs->trans($mode == 'wiki' ? 'GoToWikiHelpPage' : 'GoToHelpPage'); + if ($mode == 'wiki') $title .= ' - '.$langs->trans("PageWiki").' "'.dol_escape_htmltag(strtr($helppage, '_', ' ')).'"'.""; $text .= ''; - $text .= ''; - if ($helppresent) $text .= ''; + $text .= ''; $text .= ''; - $toprightmenu .= $form->textwithtooltip('', $title, 2, 1, $text, 'login_block_elem', 2); + $toprightmenu .= @Form::textwithtooltip('', $title, 2, 1, $text, 'login_block_elem', 2); } // Version @@ -1781,13 +1693,12 @@ } } - if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { - $text = ''.DOL_VERSION.''; - $toprightmenu .= $form->textwithtooltip('', $appli, 2, 1, $text, 'login_block_elem', 2); - } + $text = ''.DOL_VERSION.''; + $toprightmenu .= @Form::textwithtooltip('', $appli, 2, 1, $text, 'login_block_elem', 2); + // Logout link - $toprightmenu .= $form->textwithtooltip('', $logouthtmltext, 2, 1, $logouttext, 'login_block_elem logout-btn', 2); + $toprightmenu .= @Form::textwithtooltip('', $logouthtmltext, 2, 1, $logouttext, 'login_block_elem logout-btn', 2); $toprightmenu .= '
'; // end div class="login_block_other" @@ -1804,11 +1715,6 @@ $toprightmenu .= top_menu_search(); } - if (!empty($conf->global->MAIN_USE_TOP_MENU_QUICKADD_DROPDOWN)) { - // Add search dropdown - $toprightmenu .= top_menu_quickadd(); - } - // Add bookmark dropdown $toprightmenu .= top_menu_bookmark(); @@ -1830,7 +1736,7 @@ print "\n\n"; } - if (empty($conf->dol_hide_leftmenu) && empty($conf->dol_use_jmobile)) print '
'; + if (empty($conf->dol_hide_leftmenu) && empty($conf->dol_use_jmobile)) print '
'; } @@ -1843,107 +1749,103 @@ */ function top_menu_user($hideloginname = 0, $urllogout = '') { - global $langs, $conf, $db, $hookmanager, $user; - global $dolibarr_main_authentication, $dolibarr_main_demo; - global $menumanager; - - $userImage = $userDropDownImage = ''; - if (!empty($user->photo)) - { - $userImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1); - $userDropDownImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'dropdown-user-image', 'small', 0, 1); - } else { - $nophoto = '/public/theme/common/user_anonymous.png'; - if ($user->gender == 'man') $nophoto = '/public/theme/common/user_man.png'; - if ($user->gender == 'woman') $nophoto = '/public/theme/common/user_woman.png'; - - $userImage = 'No photo'; - $userDropDownImage = 'No photo'; - } - - $dropdownBody = ''; - $dropdownBody .= ' '.$langs->trans("ShowMoreInfos").''; - $dropdownBody .= '
'; - - // login infos - if (!empty($user->admin)) { - $dropdownBody .= '
'.$langs->trans("Administrator").': '.yn($user->admin); - } - if (!empty($user->socid)) // Add thirdparty for external users - { - $thirdpartystatic = new Societe($db); - $thirdpartystatic->fetch($user->socid); - $companylink = ' '.$thirdpartystatic->getNomUrl(2); // picto only of company - $company = ' ('.$langs->trans("Company").': '.$thirdpartystatic->name.')'; - } - $type = ($user->socid ? $langs->trans("External").$company : $langs->trans("Internal")); - $dropdownBody .= '
'.$langs->trans("Type").': '.$type; - $dropdownBody .= '
'.$langs->trans("Status").': '.$user->getLibStatut(0); - $dropdownBody .= '
'; - - $dropdownBody .= '
'.$langs->trans("Session").''; - $dropdownBody .= '
'.$langs->trans("IPAddress").': '.dol_escape_htmltag($_SERVER["REMOTE_ADDR"]); - if (!empty($conf->global->MAIN_MODULE_MULTICOMPANY)) $dropdownBody .= '
'.$langs->trans("ConnectedOnMultiCompany").': '.$conf->entity.' (user entity '.$user->entity.')'; - $dropdownBody .= '
'.$langs->trans("AuthenticationMode").': '.$_SESSION["dol_authmode"].(empty($dolibarr_main_demo) ? '' : ' (demo)'); - $dropdownBody .= '
'.$langs->trans("ConnectedSince").': '.dol_print_date($user->datelastlogin, "dayhour", 'tzuser'); - $dropdownBody .= '
'.$langs->trans("PreviousConnexion").': '.dol_print_date($user->datepreviouslogin, "dayhour", 'tzuser'); - $dropdownBody .= '
'.$langs->trans("CurrentTheme").': '.$conf->theme; - $dropdownBody .= '
'.$langs->trans("CurrentMenuManager").': '.$menumanager->name; - $langFlag = picto_from_langcode($langs->getDefaultLang()); - $dropdownBody .= '
'.$langs->trans("CurrentUserLanguage").': '.($langFlag ? $langFlag.' ' : '').$langs->getDefaultLang(); - - $tz = (int) $_SESSION['dol_tz'] + (int) $_SESSION['dol_dst']; - $dropdownBody .= '
'.$langs->trans("ClientTZ").': '.($tz ? ($tz >= 0 ? '+' : '').$tz : ''); - $dropdownBody .= ' ('.$_SESSION['dol_tz_string'].')'; - //$dropdownBody .= '       '.$langs->trans("DaylingSavingTime").': '; - //if ($_SESSION['dol_dst'] > 0) $dropdownBody .= yn(1); - //else $dropdownBody .= yn(0); - - $dropdownBody .= '
'.$langs->trans("Browser").': '.$conf->browser->name.($conf->browser->version ? ' '.$conf->browser->version : '').' ('.dol_escape_htmltag($_SERVER['HTTP_USER_AGENT']).')'; - $dropdownBody .= '
'.$langs->trans("Layout").': '.$conf->browser->layout; - $dropdownBody .= '
'.$langs->trans("Screen").': '.$_SESSION['dol_screenwidth'].' x '.$_SESSION['dol_screenheight']; - if ($conf->browser->layout == 'phone') $dropdownBody .= '
'.$langs->trans("Phone").': '.$langs->trans("Yes"); - if (!empty($_SESSION["disablemodules"])) $dropdownBody .= '
'.$langs->trans("DisabledModules").':
'.join(', ', explode(',', $_SESSION["disablemodules"])); - $dropdownBody .= '
'; - - // Execute hook - $parameters = array('user'=>$user, 'langs' => $langs); - $result = $hookmanager->executeHooks('printTopRightMenuLoginDropdownBody', $parameters); // Note that $action and $object may have been modified by some hooks - if (is_numeric($result)) - { - if ($result == 0) { - $dropdownBody .= $hookmanager->resPrint; // add - } else { - $dropdownBody = $hookmanager->resPrint; // replace - } - } - - if (empty($urllogout)) { - $urllogout = DOL_URL_ROOT.'/user/logout.php'; - } - $logoutLink = ' '.$langs->trans("Logout").''; - $profilLink = ' '.$langs->trans("Card").''; - - - $profilName = $user->getFullName($langs).' ('.$user->login.')'; - - if (!empty($user->admin)) { - $profilName = ' '.$profilName; - } - - // Define version to show - $appli = constant('DOL_APPLICATION_TITLE'); - if (!empty($conf->global->MAIN_APPLICATION_TITLE)) - { - $appli = $conf->global->MAIN_APPLICATION_TITLE; - if (preg_match('/\d\.\d/', $appli)) - { - if (!preg_match('/'.preg_quote(DOL_VERSION).'/', $appli)) $appli .= " (".DOL_VERSION.")"; // If new title contains a version that is different than core - } else $appli .= " ".DOL_VERSION; - } else $appli .= " ".DOL_VERSION; - - if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { - $btnUser = ' + global $langs, $conf, $db, $hookmanager, $user; + global $dolibarr_main_authentication, $dolibarr_main_demo; + global $menumanager; + + $userImage = $userDropDownImage = ''; + if (!empty($user->photo)) + { + $userImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1); + $userDropDownImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'dropdown-user-image', 'small', 0, 1); + } + else { + $nophoto = '/public/theme/common/user_anonymous.png'; + if ($user->gender == 'man') $nophoto = '/public/theme/common/user_man.png'; + if ($user->gender == 'woman') $nophoto = '/public/theme/common/user_woman.png'; + + $userImage = 'No photo'; + $userDropDownImage = 'No photo'; + } + + $dropdownBody = ''; + $dropdownBody .= ' '.$langs->trans("ShowMoreInfos").''; + $dropdownBody .= '
'; + + // login infos + if (!empty($user->admin)) { + $dropdownBody .= '
'.$langs->trans("Administrator").': '.yn($user->admin); + } + if (!empty($user->socid)) // Add thirdparty for external users + { + $thirdpartystatic = new Societe($db); + $thirdpartystatic->fetch($user->socid); + $companylink = ' '.$thirdpartystatic->getNomUrl(2); // picto only of company + $company = ' ('.$langs->trans("Company").': '.$thirdpartystatic->name.')'; + } + $type = ($user->socid ? $langs->trans("External").$company : $langs->trans("Internal")); + $dropdownBody .= '
'.$langs->trans("Type").': '.$type; + $dropdownBody .= '
'.$langs->trans("Status").': '.$user->getLibStatut(0); + $dropdownBody .= '
'; + + $dropdownBody .= '
'.$langs->trans("Session").''; + $dropdownBody .= '
'.$langs->trans("IPAddress").': '.dol_escape_htmltag($_SERVER["REMOTE_ADDR"]); + if (!empty($conf->global->MAIN_MODULE_MULTICOMPANY)) $dropdownBody .= '
'.$langs->trans("ConnectedOnMultiCompany").': '.$conf->entity.' (user entity '.$user->entity.')'; + $dropdownBody .= '
'.$langs->trans("AuthenticationMode").': '.$_SESSION["dol_authmode"].(empty($dolibarr_main_demo) ? '' : ' (demo)'); + $dropdownBody .= '
'.$langs->trans("ConnectedSince").': '.dol_print_date($user->datelastlogin, "dayhour", 'tzuser'); + $dropdownBody .= '
'.$langs->trans("PreviousConnexion").': '.dol_print_date($user->datepreviouslogin, "dayhour", 'tzuser'); + $dropdownBody .= '
'.$langs->trans("CurrentTheme").': '.$conf->theme; + $dropdownBody .= '
'.$langs->trans("CurrentMenuManager").': '.$menumanager->name; + $langFlag = picto_from_langcode($langs->getDefaultLang()); + $dropdownBody .= '
'.$langs->trans("CurrentUserLanguage").': '.($langFlag ? $langFlag.' ' : '').$langs->getDefaultLang(); + $dropdownBody .= '
'.$langs->trans("Browser").': '.$conf->browser->name.($conf->browser->version ? ' '.$conf->browser->version : '').' ('.dol_escape_htmltag($_SERVER['HTTP_USER_AGENT']).')'; + $dropdownBody .= '
'.$langs->trans("Layout").': '.$conf->browser->layout; + $dropdownBody .= '
'.$langs->trans("Screen").': '.$_SESSION['dol_screenwidth'].' x '.$_SESSION['dol_screenheight']; + if ($conf->browser->layout == 'phone') $dropdownBody .= '
'.$langs->trans("Phone").': '.$langs->trans("Yes"); + if (!empty($_SESSION["disablemodules"])) $dropdownBody .= '
'.$langs->trans("DisabledModules").':
'.join(', ', explode(',', $_SESSION["disablemodules"])); + $dropdownBody .= '
'; + + // Execute hook + $parameters = array('user'=>$user, 'langs' => $langs); + $result = $hookmanager->executeHooks('printTopRightMenuLoginDropdownBody', $parameters); // Note that $action and $object may have been modified by some hooks + if (is_numeric($result)) + { + if ($result == 0) { + $dropdownBody .= $hookmanager->resPrint; // add + } + else { + $dropdownBody = $hookmanager->resPrint; // replace + } + } + + if (empty($urllogout)) { + $urllogout = DOL_URL_ROOT.'/user/logout.php'; + } + $logoutLink = ' '.$langs->trans("Logout").''; + $profilLink = ' '.$langs->trans("Card").''; + + + $profilName = $user->getFullName($langs).' ('.$user->login.')'; + + if (!empty($user->admin)) { + $profilName = ' '.$profilName; + } + + // Define version to show + $appli = constant('DOL_APPLICATION_TITLE'); + if (!empty($conf->global->MAIN_APPLICATION_TITLE)) + { + $appli = $conf->global->MAIN_APPLICATION_TITLE; + if (preg_match('/\d\.\d/', $appli)) + { + if (!preg_match('/'.preg_quote(DOL_VERSION).'/', $appli)) $appli .= " (".DOL_VERSION.")"; // If new title contains a version that is different than core + } + else $appli .= " ".DOL_VERSION; + } + else $appli .= " ".DOL_VERSION; + + if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { + $btnUser = '
'; - } else { - $btnUser = ' + } else { + $btnUser = '
'.$userImage.'
'; - } - - if (!defined('JS_JQUERY_DISABLE_DROPDOWN') && !empty($conf->use_javascript_ajax)) // This may be set by some pages that use different jquery version to avoid errors - { - $btnUser .= ' + } + + if (!defined('JS_JQUERY_DISABLE_DROPDOWN') && !empty($conf->use_javascript_ajax)) // This may be set by some pages that use different jquery version to avoid errors + { + $btnUser .= ' '; - } - - return $btnUser; -} - -/** - * Build the tooltip on top menu quick add - * - * @return string HTML content - */ -function top_menu_quickadd() -{ - global $langs, $conf, $db, $hookmanager, $user; - global $menumanager; - $html = ''; - // Define $dropDownQuickAddHtml - $dropDownQuickAddHtml = '
'; - $dropDownQuickAddHtml .= $langs->trans('QuickAdd'); - $dropDownQuickAddHtml .= '
'; - - $dropDownQuickAddHtml .= '
'; - $dropDownQuickAddHtml .= '
'; - if (!empty($conf->societe->enabled) && $user->rights->societe->creer) { - $langs->load("companies"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("ThirdParty").' - -
- '; - } - - if (!empty($conf->societe->enabled) && $user->rights->societe->contact->creer) { - $langs->load("companies"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Contact").' - -
- '; - } - - if (!empty($conf->propal->enabled) && $user->rights->propale->creer) { - $langs->load("propal"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Proposal").' - -
- '; - } - - if (!empty($conf->commande->enabled) && $user->rights->commande->creer) { - $langs->load("orders"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Order").' - -
- '; - } - - if (!empty($conf->facture->enabled) && $user->rights->facture->creer) { - $langs->load("bills"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Bill").' - -
- '; - } - - if (!empty($conf->contrat->enabled) && $user->rights->contrat->creer) { - $langs->load("contracts"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Contract").' - -
- '; - } - - if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposal->creer) { - $langs->load("supplier_proposal"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("AskPrice").' - -
- '; - } - - if (!empty($conf->fournisseur->enabled) && $user->rights->fournisseur->commande->creer) { - $langs->load("orders"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("SupplierOrder").' - -
- '; - } - - if (!empty($conf->fournisseur->enabled) && $user->rights->fournisseur->facture->creer) { - $langs->load("bills"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("SupplierBill").' - -
- '; - } - - if (!empty($conf->product->enabled) && $user->rights->produit->creer) { - $langs->load("products"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Product").' - -
- '; - } - - if (!empty($conf->service->enabled) && $user->rights->service->creer) { - $langs->load("products"); - $dropDownQuickAddHtml .= ' - -
- -
- '.$langs->trans("Service").' - -
- '; - } - - // Execute hook printTopRightMenu (hooks should output string like '') - $parameters = array(); - $result = $hookmanager->executeHooks('printQuickAddBlock', $parameters); // Note that $action and $object may have been modified by some hooks - if (is_numeric($result)) { - if ($result == 0) { - $dropDownQuickAddHtml .= $hookmanager->resPrint; // add - } else { - $dropDownQuickAddHtml = $hookmanager->resPrint; // replace - } - } else { - $dropDownQuickAddHtml .= $result; // For backward compatibility - } - - $dropDownQuickAddHtml .= '
'; - $dropDownQuickAddHtml .= '
'; - - $html .= ' - '; - $html .= ' - - - '; - return $html; -} + } + + return $btnUser; +} + /** * Build the tooltip on top menu bookmark @@ -2252,24 +1935,24 @@ */ function top_menu_bookmark() { - global $langs, $conf, $db, $user; + global $langs, $conf, $db, $user; $html = ''; - // Define $bookmarks + // Define $bookmarks if (empty($conf->bookmark->enabled) || empty($user->rights->bookmark->lire)) return $html; if (!defined('JS_JQUERY_DISABLE_DROPDOWN') && !empty($conf->use_javascript_ajax)) // This may be set by some pages that use different jquery version to avoid errors - { - include_once DOL_DOCUMENT_ROOT.'/bookmarks/bookmarks.lib.php'; - $langs->load("bookmarks"); - - if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { - $html .= ''; - } else { - $html .= ' + { + include_once DOL_DOCUMENT_ROOT.'/bookmarks/bookmarks.lib.php'; + $langs->load("bookmarks"); + + if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { + $html .= ''; + } else { + $html .= '
'; - $html .= ' + $html .= ' '; - } - } - return $html; + } + } + return $html; } /** @@ -2326,51 +2009,51 @@ */ function top_menu_search() { - global $langs, $conf, $db, $user, $hookmanager; + global $langs, $conf, $db, $user, $hookmanager; $html = ''; - $usedbyinclude = 1; - $arrayresult = null; - include DOL_DOCUMENT_ROOT.'/core/ajax/selectsearchbox.php'; // This set $arrayresult - - $defaultAction = ''; - $buttonList = '
'; - // Menu with all searchable items - foreach ($arrayresult as $keyItem => $item) - { - if (empty($defaultAction)) { - $defaultAction = $item['url']; - } - $buttonList .= ''; - } - $buttonList .= '
'; - - - $searchInput = ''; - - $dropDownHtml = ''; - - - $html .= ' + $dropDownHtml .= ''; + + + $html .= ' '; - $html .= ' + $html .= ' '; - return $html; + return $html; } /** @@ -2467,7 +2150,7 @@ if (empty($conf->dol_hide_leftmenu) && (!defined('NOREQUIREMENU') || !constant('NOREQUIREMENU'))) { - // Instantiate hooks for external modules + // Instantiate hooks of thirdparty module $hookmanager->initHooks(array('searchform', 'leftblock')); print "\n".''."\n".'
'; - } elseif ($conf->use_javascript_ajax && !empty($conf->global->MAIN_USE_OLD_SEARCH_FORM)) { - $searchform = '
'; - $searchform .= '' . "\n"; - $searchform .= '
'; - } - } + $searchform .= '
'; + } + } // Left column print ''."\n"; @@ -2550,8 +2233,10 @@ if (preg_match('/\d\.\d/', $appli)) { if (!preg_match('/'.preg_quote(DOL_VERSION).'/', $appli)) $appli .= " (".DOL_VERSION.")"; // If new title contains a version that is different than core - } else $appli .= " ".DOL_VERSION; - } else $appli .= " ".DOL_VERSION; + } + else $appli .= " ".DOL_VERSION; + } + else $appli .= " ".DOL_VERSION; print '
'; if ($doliurl) print ''; else print ''; @@ -2566,37 +2251,37 @@ { require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; - $bugbaseurl = 'https://github.com/Dolibarr/dolibarr/issues/new?labels=Bug'; + $bugbaseurl = 'https://github.com/Dolibarr/dolibarr/issues/new?labels=Bug'; $bugbaseurl .= '&title='; $bugbaseurl .= urlencode("Bug: "); - $bugbaseurl .= '&body='; - $bugbaseurl .= urlencode("# Instructions\n"); - $bugbaseurl .= urlencode("*This is a template to help you report good issues. You may use [Github Markdown](https://help.github.com/articles/getting-started-with-writing-and-formatting-on-github/) syntax to format your issue report.*\n"); - $bugbaseurl .= urlencode("*Please:*\n"); - $bugbaseurl .= urlencode("- *replace the bracket enclosed texts with meaningful information*\n"); - $bugbaseurl .= urlencode("- *remove any unused sub-section*\n"); - $bugbaseurl .= urlencode("\n"); - $bugbaseurl .= urlencode("\n"); - $bugbaseurl .= urlencode("# Bug\n"); - $bugbaseurl .= urlencode("[*Short description*]\n"); - $bugbaseurl .= urlencode("\n"); - $bugbaseurl .= urlencode("## Environment\n"); - $bugbaseurl .= urlencode("- **Version**: ".DOL_VERSION."\n"); - $bugbaseurl .= urlencode("- **OS**: ".php_uname('s')."\n"); - $bugbaseurl .= urlencode("- **Web server**: ".$_SERVER["SERVER_SOFTWARE"]."\n"); - $bugbaseurl .= urlencode("- **PHP**: ".php_sapi_name().' '.phpversion()."\n"); - $bugbaseurl .= urlencode("- **Database**: ".$db::LABEL.' '.$db->getVersion()."\n"); - $bugbaseurl .= urlencode("- **URL(s)**: ".$_SERVER["REQUEST_URI"]."\n"); - $bugbaseurl .= urlencode("\n"); - $bugbaseurl .= urlencode("## Expected and actual behavior\n"); - $bugbaseurl .= urlencode("[*Verbose description*]\n"); - $bugbaseurl .= urlencode("\n"); - $bugbaseurl .= urlencode("## Steps to reproduce the behavior\n"); - $bugbaseurl .= urlencode("[*Verbose description*]\n"); - $bugbaseurl .= urlencode("\n"); - $bugbaseurl .= urlencode("## [Attached files](https://help.github.com/articles/issue-attachments) (Screenshots, screencasts, dolibarr.log, debugging informations…)\n"); - $bugbaseurl .= urlencode("[*Files*]\n"); - $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= '&body='; + $bugbaseurl .= urlencode("# Instructions\n"); + $bugbaseurl .= urlencode("*This is a template to help you report good issues. You may use [Github Markdown](https://help.github.com/articles/getting-started-with-writing-and-formatting-on-github/) syntax to format your issue report.*\n"); + $bugbaseurl .= urlencode("*Please:*\n"); + $bugbaseurl .= urlencode("- *replace the bracket enclosed texts with meaningful information*\n"); + $bugbaseurl .= urlencode("- *remove any unused sub-section*\n"); + $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= urlencode("# Bug\n"); + $bugbaseurl .= urlencode("[*Short description*]\n"); + $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= urlencode("## Environment\n"); + $bugbaseurl .= urlencode("- **Version**: ".DOL_VERSION."\n"); + $bugbaseurl .= urlencode("- **OS**: ".php_uname('s')."\n"); + $bugbaseurl .= urlencode("- **Web server**: ".$_SERVER["SERVER_SOFTWARE"]."\n"); + $bugbaseurl .= urlencode("- **PHP**: ".php_sapi_name().' '.phpversion()."\n"); + $bugbaseurl .= urlencode("- **Database**: ".$db::LABEL.' '.$db->getVersion()."\n"); + $bugbaseurl .= urlencode("- **URL(s)**: ".$_SERVER["REQUEST_URI"]."\n"); + $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= urlencode("## Expected and actual behavior\n"); + $bugbaseurl .= urlencode("[*Verbose description*]\n"); + $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= urlencode("## Steps to reproduce the behavior\n"); + $bugbaseurl .= urlencode("[*Verbose description*]\n"); + $bugbaseurl .= urlencode("\n"); + $bugbaseurl .= urlencode("## [Attached files](https://help.github.com/articles/issue-attachments) (Screenshots, screencasts, dolibarr.log, debugging informations…)\n"); + $bugbaseurl .= urlencode("[*Files*]\n"); + $bugbaseurl .= urlencode("\n"); // Execute hook printBugtrackInfo @@ -2605,7 +2290,8 @@ if (empty($reshook)) { $bugbaseurl .= $hookmanager->resPrint; - } else $bugbaseurl = $hookmanager->resPrint; + } + else $bugbaseurl = $hookmanager->resPrint; $bugbaseurl .= urlencode("\n"); $bugbaseurl .= urlencode("## Report\n"); @@ -2653,37 +2339,36 @@ print ''."\n".'
'."\n"; - if (!empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) print info_admin($langs->trans("WarningYouAreInMaintenanceMode", $conf->global->MAIN_ONLY_LOGIN_ALLOWED), 0, 0, 1, 'warning maintenancemode'); - - // Permit to add user company information on each printed document by setting SHOW_SOCINFO_ON_PRINT - if (!empty($conf->global->SHOW_SOCINFO_ON_PRINT) && GETPOST('optioncss', 'aZ09') == 'print' && empty(GETPOST('disable_show_socinfo_on_print', 'az09'))) - { - global $hookmanager; - $hookmanager->initHooks(array('main')); - $parameters = array(); - $reshook = $hookmanager->executeHooks('showSocinfoOnPrint', $parameters); - if (empty($reshook)) - { - print ''."\n"; - print '
'."\n"; - print ''."\n"; - print ''; - print ''."\n"; - print ''."\n"; - print ''."\n"; - if (!empty($conf->global->MAIN_INFO_SOCIETE_TEL)) print ''; - if (!empty($conf->global->MAIN_INFO_SOCIETE_MAIL)) print ''; - if (!empty($conf->global->MAIN_INFO_SOCIETE_WEB)) print ''; - print ''; - print '
'; - if ($conf->global->MAIN_SHOW_LOGO && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && !empty($conf->global->MAIN_INFO_SOCIETE_LOGO)) { - print ''; - } - print '
'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_NOM).'
'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_ADDRESS).'
'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_ZIP).' '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_TOWN).'
'.$langs->trans("Phone").' : '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_TEL).'
'.$langs->trans("Email").' : '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_MAIL).'
'.$langs->trans("Web").' : '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_WEB).'
'."\n"; - print '
'."\n"; - print ''."\n"; - } - } + if (!empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) print info_admin($langs->trans("WarningYouAreInMaintenanceMode", $conf->global->MAIN_ONLY_LOGIN_ALLOWED)); + + // Permit to add user company information on each printed document by set SHOW_SOCINFO_ON_PRINT + if (!empty($conf->global->SHOW_SOCINFO_ON_PRINT) && GETPOST('optioncss', 'aZ09') == 'print' && empty(GETPOST('disable_show_socinfo_on_print', 'az09'))) + { + global $hookmanager; + $hookmanager->initHooks(array('showsocinfoonprint')); + $parameters = array(); + $reshook = $hookmanager->executeHooks('showSocinfoOnPrint', $parameters); + if (empty($reshook)) + { + print ''."\n"; + print '
'."\n"; + print ''."\n"; + print ''; + print ''."\n"; + print ''."\n"; + print ''."\n"; + if (!empty($conf->global->MAIN_INFO_SOCIETE_TEL)) print ''; + if (!empty($conf->global->MAIN_INFO_SOCIETE_MAIL)) print ''; + if (!empty($conf->global->MAIN_INFO_SOCIETE_WEB)) print ''; + print ''; + print '
'; + if ($conf->global->MAIN_SHOW_LOGO && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER) && !empty($conf->global->MAIN_INFO_SOCIETE_LOGO)) + print ''; + print '
'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_NOM).'
'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_ADDRESS).'
'.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_ZIP).' '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_TOWN).'
'.$langs->trans("Phone").' : '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_TEL).'
'.$langs->trans("Email").' : '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_MAIL).'
'.$langs->trans("Web").' : '.dol_escape_htmltag($conf->global->MAIN_INFO_SOCIETE_WEB).'
'."\n"; + print '
'."\n"; + print ''."\n"; + } + } } @@ -2706,7 +2391,9 @@ $helpbaseurl = '%s'; $helppage = $helppagename; $mode = 'local'; - } else { + } + else + { // If WIKI URL $reg = array(); if (preg_match('/^es/i', $langs->defaultlang)) @@ -2790,7 +2477,6 @@ global $conf, $db, $langs, $user, $mysoc, $object; global $delayedhtmlcontent; global $contextpage, $page, $limit; - global $dolibarr_distrib; $ext = 'layout='.$conf->browser->layout.'&version='.urlencode(DOL_VERSION); @@ -2830,7 +2516,7 @@ if (!empty($contextpage)) $_SESSION['lastsearch_contextpage_tmp_'.$relativepathstring] = $contextpage; if (!empty($page) && $page > 0) $_SESSION['lastsearch_page_tmp_'.$relativepathstring] = $page; - if (!empty($limit) && $limit != $conf->liste_limit) $_SESSION['lastsearch_limit_tmp_'.$relativepathstring] = $limit; + if (!empty($limit) && $limit != $conf->limit) $_SESSION['lastsearch_limit_tmp_'.$relativepathstring] = $limit; unset($_SESSION['lastsearch_contextpage_'.$relativepathstring]); unset($_SESSION['lastsearch_page_'.$relativepathstring]); @@ -2845,8 +2531,10 @@ { $title = img_warning().' '.$langs->trans('CoreErrorTitle'); print ajax_dialog($title, $langs->trans('CoreErrorMessage')); - } else { - // html version + } + // html version + else + { $msg = img_warning().' '.$langs->trans('CoreErrorMessage'); print '
'.$msg.'
'; } @@ -2926,7 +2614,8 @@ // No ping done if we are into an alpha version if (strpos('alpha', DOL_VERSION) > 0 && !$forceping) { print "\n\n"; - } elseif (empty($_COOKIE['DOLINSTALLNOPING_'.$hash_unique_id]) || $forceping) // Cookie is set when we uncheck the checkbox in the installation wizard. + } + elseif (empty($_COOKIE['DOLINSTALLNOPING_'.$hash_unique_id]) || $forceping) // Cookie is set when we uncheck the checkbox in the installation wizard. { // MAIN_LAST_PING_KO_DATE // Disable ping if MAIN_LAST_PING_KO_DATE is set and is recent @@ -2951,35 +2640,35 @@ timeout: 500, // timeout milliseconds cache: false, data: { - hash_algo: 'md5', - hash_unique_id: '', - action: 'dolibarrping', - version: '', - entity: 'entity; ?>', - dbtype: 'type); ?>', - country_code: 'country_code ? dol_escape_js($mysoc->country_code) : 'unknown'; ?>', - php_version: '', - os_version: '', - distrib: '' + hash_algo: "md5", + hash_unique_id: "", + action: "dolibarrping", + version: "", + entity: "entity; ?>", + dbtype: "type); ?>", + country_code: "country_code); ?>", + php_version: "", + os_version: "", + distrib: "" }, success: function (data, status, xhr) { // success callback function (data contains body of response) console.log("Ping ok"); $.ajax({ - method: 'GET', - url: '', + method: "GET", + url: "", timeout: 500, // timeout milliseconds cache: false, - data: { hash_algo: 'md5', hash_unique_id: '', action: 'firstpingok' }, // for update + data: { hash_algo: "md5", hash_unique_id: "", action: "firstpingok" }, // to update }); }, error: function (data,status,xhr) { // error callback function console.log("Ping ko: " + data); $.ajax({ - method: 'GET', - url: '', + method: "GET", + url: "", timeout: 500, // timeout milliseconds cache: false, - data: { hash_algo: 'md5', hash_unique_id: '', action: 'firstpingko' }, + data: { hash_algo: "md5", hash_unique_id: "", action: "firstpingko" }, }); } }); @@ -2987,7 +2676,9 @@ \n"; include_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; @@ -2999,5 +2690,5 @@ print "\n"; print "\n"; - } -} + } +} --- /tmp/dsg/dolibarr/htdocs/github_master.inc.php +++ /tmp/dsg/dolibarr/htdocs/client_master.inc.php @@ -49,7 +49,7 @@ $conf->db->port = $dolibarr_main_db_port; $conf->db->name = $dolibarr_main_db_name; $conf->db->user = $dolibarr_main_db_user; -$conf->db->pass = empty($dolibarr_main_db_pass) ? '' : $dolibarr_main_db_pass; +$conf->db->pass = empty($dolibarr_main_db_pass)?'':$dolibarr_main_db_pass; $conf->db->type = $dolibarr_main_db_type; $conf->db->prefix = $dolibarr_main_db_prefix; $conf->db->character_set = $dolibarr_main_db_character_set; @@ -60,14 +60,14 @@ // Set properties specific to conf file $conf->file->main_limit_users = $dolibarr_main_limit_users; -$conf->file->mailing_limit_sendbyweb = $dolibarr_mailing_limit_sendbyweb; -$conf->file->mailing_limit_sendbycli = $dolibarr_mailing_limit_sendbycli; +$conf->file->mailing_limit_sendbyweb = $dolibarr_mailing_limit_sendbyweb; +$conf->file->mailing_limit_sendbycli = $dolibarr_mailing_limit_sendbycli; $conf->file->main_authentication = empty($dolibarr_main_authentication) ? '' : $dolibarr_main_authentication; // Identification mode $conf->file->main_force_https = empty($dolibarr_main_force_https) ? '' : $dolibarr_main_force_https; // Force https -$conf->file->strict_mode = empty($dolibarr_strict_mode) ? '' : $dolibarr_strict_mode; // Force php strict mode (for debug) +$conf->file->strict_mode = empty($dolibarr_strict_mode) ? '' : $dolibarr_strict_mode; // Force php strict mode (for debug) $conf->file->instance_unique_id = empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id; // Unique id of instance $conf->file->dol_document_root = array('main' => (string) DOL_DOCUMENT_ROOT); // Define array of document root directories ('/home/htdocs') -$conf->file->dol_url_root = array('main' => (string) DOL_URL_ROOT); // Define array of url root path ('' or '/dolibarr') +$conf->file->dol_url_root = array('main' => (string) DOL_URL_ROOT); // Define array of url root path ('' or '/dolibarr') if (!empty($dolibarr_main_document_root_alt)) { // dolibarr_main_document_root_alt can contains several directories @@ -117,7 +117,7 @@ */ if (!defined('NOREQUIREDB')) { - $db = getDoliDBInstance($conf->db->type, $conf->db->host, $conf->db->user, $conf->db->pass, $conf->db->name, $conf->db->port); + $db = getDoliDBInstance($conf->db->type, $conf->db->host, $conf->db->user, $conf->db->pass, $conf->db->name, $conf->db->port); if ($db->error) { @@ -132,7 +132,9 @@ $langs->setDefaultLang('auto'); $langs->load("website"); print $langs->trans("SorryWebsiteIsCurrentlyOffLine"); - } else { + } + else + { print "SorryWebsiteIsCurrentlyOffLine"; } print '
'; @@ -160,18 +162,21 @@ */ // By default conf->entity is 1, but we change this if we ask another value. -if (session_id() && !empty($_SESSION["dol_entity"])) { - // Entity inside an opened session +if (session_id() && !empty($_SESSION["dol_entity"])) // Entity inside an opened session +{ $conf->entity = $_SESSION["dol_entity"]; -} elseif (!empty($_ENV["dol_entity"])) { - // Entity inside a CLI script +} +elseif (!empty($_ENV["dol_entity"])) // Entity inside a CLI script +{ $conf->entity = $_ENV["dol_entity"]; -} elseif (GETPOSTISSET("loginfunction") && GETPOST("entity", 'int')) { - // Just after a login page +} +elseif (GETPOSTISSET("loginfunction") && GETPOST("entity", 'int')) // Just after a login page +{ $conf->entity = GETPOST("entity", 'int'); -} elseif (defined('DOLENTITY') && is_numeric(constant('DOLENTITY'))) { - // For public page with MultiCompany module - $conf->entity = constant('DOLENTITY'); +} +elseif (defined('DOLENTITY') && is_numeric(DOLENTITY)) // For public page with MultiCompany module +{ + $conf->entity = DOLENTITY; } // Sanitize entity @@ -186,14 +191,49 @@ } // Overwrite database value -if (!empty($conf->file->mailing_limit_sendbyweb)) { +if (!empty($conf->file->mailing_limit_sendbyweb)) +{ $conf->global->MAILING_LIMIT_SENDBYWEB = $conf->file->mailing_limit_sendbyweb; } -if (empty($conf->global->MAILING_LIMIT_SENDBYWEB)) { - $conf->global->MAILING_LIMIT_SENDBYWEB = 25; -} -if (!empty($conf->file->mailing_limit_sendbycli)) { - $conf->global->MAILING_LIMIT_SENDBYCLI = $conf->file->mailing_limit_sendbycli; +if (empty($conf->global->MAILING_LIMIT_SENDBYWEB)) +{ + $conf->global->MAILING_LIMIT_SENDBYWEB = 25; +} +if (!empty($conf->file->mailing_limit_sendbycli)) +{ + $conf->global->MAILING_LIMIT_SENDBYCLI = $conf->file->mailing_limit_sendbycli; +} +if (empty($conf->global->MAILING_LIMIT_SENDBYCLI)) +{ + $conf->global->MAILING_LIMIT_SENDBYCLI = 0; +} + +// If software has been locked. Only login $conf->global->MAIN_ONLY_LOGIN_ALLOWED is allowed. +if (!empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) +{ + $ok = 0; + if ((!session_id() || !isset($_SESSION["dol_login"])) && !isset($_POST["username"]) && !empty($_SERVER["GATEWAY_INTERFACE"])) $ok = 1; // We let working pages if not logged and inside a web browser (login form, to allow login by admin) + elseif (isset($_POST["username"]) && $_POST["username"] == $conf->global->MAIN_ONLY_LOGIN_ALLOWED) $ok = 1; // We let working pages that is a login submission (login submit, to allow login by admin) + elseif (defined('NOREQUIREDB')) $ok = 1; // We let working pages that don't need database access (xxx.css.php) + elseif (defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) $ok = 1; // We let working pages that ask to work even if only login enabled (logout.php) + elseif (session_id() && isset($_SESSION["dol_login"]) && $_SESSION["dol_login"] == $conf->global->MAIN_ONLY_LOGIN_ALLOWED) $ok = 1; // We let working if user is allowed admin + if (!$ok) + { + if (session_id() && isset($_SESSION["dol_login"]) && $_SESSION["dol_login"] != $conf->global->MAIN_ONLY_LOGIN_ALLOWED) + { + print 'Sorry, your application is offline.'."\n"; + print 'You are logged with user "'.$_SESSION["dol_login"].'" and only administrator user "'.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'" is allowed to connect for the moment.'."\n"; + $nexturl = DOL_URL_ROOT.'/user/logout.php'; + print 'Please try later or click here to disconnect and change login user...'."\n"; + } + else + { + print 'Sorry, your application is offline. Only administrator user "'.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'" is allowed to connect for the moment.'."\n"; + $nexturl = DOL_URL_ROOT.'/'; + print 'Please try later or click here to change login user...'."\n"; + } + exit; + } } // Create object $mysoc (A thirdparty object that contains properties of companies managed by Dolibarr. @@ -212,9 +252,9 @@ // Set default language (must be after the setValues setting global $conf->global->MAIN_LANG_DEFAULT. Page main.inc.php will overwrite langs->defaultlang with user value later) if (!defined('NOREQUIRETRAN')) { - $langcode = (GETPOST('lang', 'aZ09') ? GETPOST('lang', 'aZ09', 1) : (empty($conf->global->MAIN_LANG_DEFAULT) ? 'auto' : $conf->global->MAIN_LANG_DEFAULT)); - if (defined('MAIN_LANG_DEFAULT')) $langcode = constant('MAIN_LANG_DEFAULT'); - $langs->setDefaultLang($langcode); + $langcode = (GETPOST('lang', 'aZ09') ?GETPOST('lang', 'aZ09', 1) : (empty($conf->global->MAIN_LANG_DEFAULT) ? 'auto' : $conf->global->MAIN_LANG_DEFAULT)); + if (defined('MAIN_LANG_DEFAULT')) $langcode = constant('MAIN_LANG_DEFAULT'); + $langs->setDefaultLang($langcode); } --- /tmp/dsg/dolibarr/htdocs/github_viewimage.php +++ /tmp/dsg/dolibarr/htdocs/client_viewimage.php @@ -52,21 +52,13 @@ if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip } // Some value of modulepart can be used to get resources that are public so no login are required. -if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias') +if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias')) { if (!defined("NOLOGIN")) define("NOLOGIN", 1); if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip } -// Used by TakePOS Auto Order -if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'product' && isset($_GET["publictakepos"])) -{ - if (!defined("NOLOGIN")) define("NOLOGIN", 1); - if (!defined("NOCSRFCHECK")) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. - if (!defined("NOIPCHECK")) define("NOIPCHECK", 1); // Do not check IP defined into conf $dolibarr_main_restrict_ip -} - // For multicompany $entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1)); if (is_numeric($entity)) define("DOLENTITY", $entity); @@ -93,7 +85,7 @@ require 'main.inc.php'; // Load $user and permissions require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; -$action = GETPOST('action', 'aZ09'); +$action = GETPOST('action', 'alpha'); $original_file = GETPOST('file', 'alphanohtml'); // Do not use urldecode here ($_GET are already decoded by PHP). $hashp = GETPOST('hashp', 'aZ09'); $modulepart = GETPOST('modulepart', 'alpha'); @@ -121,14 +113,15 @@ if (GETPOST("cache", 'alpha')) { - // Important: Following code is to avoid page request by browser and PHP CPU at - // each Dolibarr page access. - if (empty($dolibarr_nocache)) - { - header('Cache-Control: max-age=3600, public, must-revalidate'); - header('Pragma: cache'); // This is to avoid having Pragma: no-cache - } else header('Cache-Control: no-cache'); - //print $dolibarr_nocache; exit; + // Important: Following code is to avoid page request by browser and PHP CPU at + // each Dolibarr page access. + if (empty($dolibarr_nocache)) + { + header('Cache-Control: max-age=3600, public, must-revalidate'); + header('Pragma: cache'); // This is to avoid having Pragma: no-cache + } + else header('Cache-Control: no-cache'); + //print $dolibarr_nocache; exit; } // If we have a hash public (hashp), we guess the original_file. @@ -154,14 +147,20 @@ // We remove first level of directory $original_file = (($tmp[1] ? $tmp[1].'/' : '').$ecmfile->filename); // this is relative to module dir //var_dump($original_file); exit; - } else { + } + else + { accessforbidden('Bad link. File is from another module part.', 0, 0, 1); } - } else { + } + else + { $modulepart = $moduleparttocheck; $original_file = (($tmp[1] ? $tmp[1].'/' : '').$ecmfile->filename); // this is relative to module dir } - } else { + } + else + { $langs->load("errors"); accessforbidden($langs->trans("ErrorFileNotFoundWithSharedLink"), 0, 0, 1); } @@ -191,14 +190,13 @@ $sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals']; $fullpath_original_file = $check_access['original_file']; // $fullpath_original_file is now a full path name -if (!empty($hashp)) { +if (!empty($hashp)) +{ $accessallowed = 1; // When using hashp, link is public so we force $accessallowed $sqlprotectagainstexternals = ''; -} elseif (isset($_GET["publictakepos"])) { - if (!empty($conf->global->TAKEPOS_AUTO_ORDER)) { - $accessallowed = 1; // Only if TakePOS Public Auto Order is enabled and received publictakepos variable - } -} else { +} +else +{ // Basic protection (against external users only) if ($user->socid > 0) { @@ -236,7 +234,7 @@ if (preg_match('/\.\./', $fullpath_original_file) || preg_match('/[<>|]/', $fullpath_original_file)) { dol_syslog("Refused to deliver file ".$fullpath_original_file); - print "ErrorFileNameInvalid: ".dol_escape_htmltag($original_file); + print "ErrorFileNameInvalid: ".$original_file; exit; } @@ -244,71 +242,74 @@ if ($modulepart == 'barcode') { - $generator = GETPOST("generator", "alpha"); - $code = GETPOST("code", 'none'); // This can be rich content (qrcode, datamatrix, ...) - $encoding = GETPOST("encoding", "alpha"); - $readable = GETPOST("readable", 'alpha') ?GETPOST("readable", "alpha") : "Y"; - - if (empty($generator) || empty($encoding)) - { - print 'Error: Parameter "generator" or "encoding" not defined'; - exit; - } - - $dirbarcode = array_merge(array("/core/modules/barcode/doc/"), $conf->modules_parts['barcode']); - - $result = 0; - - foreach ($dirbarcode as $reldir) - { - $dir = dol_buildpath($reldir, 0); - $newdir = dol_osencode($dir); - - // Check if directory exists (we do not use dol_is_dir to avoid loading files.lib.php) - if (!is_dir($newdir)) continue; - - $result = @include_once $newdir.$generator.'.modules.php'; - if ($result) break; - } - - // Load barcode class - $classname = "mod".ucfirst($generator); - $module = new $classname($db); - if ($module->encodingIsSupported($encoding)) - { - $result = $module->buildBarCode($code, $encoding, $readable); - } -} else { - // Open and return file - clearstatcache(); - - $filename = basename($fullpath_original_file); - - // Output files on browser - dol_syslog("viewimage.php return file $fullpath_original_file filename=$filename content-type=$type"); - - // This test is to avoid error images when image is not available (for example thumbs). - if (!dol_is_file($fullpath_original_file) && empty($_GET["noalt"])) - { - $fullpath_original_file = DOL_DOCUMENT_ROOT.'/public/theme/common/nophoto.png'; - /*$error='Error: File '.$_GET["file"].' does not exists or filesystems permissions are not allowed'; + $generator = GETPOST("generator", "alpha"); + $code = GETPOST("code", 'none'); // This can be rich content (qrcode, datamatrix, ...) + $encoding = GETPOST("encoding", "alpha"); + $readable = GETPOST("readable", 'alpha') ?GETPOST("readable", "alpha") : "Y"; + + if (empty($generator) || empty($encoding)) + { + print 'Error: Parameter "generator" or "encoding" not defined'; + exit; + } + + $dirbarcode = array_merge(array("/core/modules/barcode/doc/"), $conf->modules_parts['barcode']); + + $result = 0; + + foreach ($dirbarcode as $reldir) + { + $dir = dol_buildpath($reldir, 0); + $newdir = dol_osencode($dir); + + // Check if directory exists (we do not use dol_is_dir to avoid loading files.lib.php) + if (!is_dir($newdir)) continue; + + $result = @include_once $newdir.$generator.'.modules.php'; + if ($result) break; + } + + // Load barcode class + $classname = "mod".ucfirst($generator); + $module = new $classname($db); + if ($module->encodingIsSupported($encoding)) + { + $result = $module->buildBarCode($code, $encoding, $readable); + } +} +else // Open and return file +{ + clearstatcache(); + + $filename = basename($fullpath_original_file); + + // Output files on browser + dol_syslog("viewimage.php return file $fullpath_original_file filename=$filename content-type=$type"); + + // This test is to avoid error images when image is not available (for example thumbs). + if (!dol_is_file($fullpath_original_file) && empty($_GET["noalt"])) + { + $fullpath_original_file = DOL_DOCUMENT_ROOT.'/public/theme/common/nophoto.png'; + /*$error='Error: File '.$_GET["file"].' does not exists or filesystems permissions are not allowed'; print $error; exit;*/ - } - - // Permissions are ok and file found, so we return it - if ($type) - { - top_httphead($type); - header('Content-Disposition: inline; filename="'.basename($fullpath_original_file).'"'); - } else { - top_httphead('image/png'); - header('Content-Disposition: inline; filename="'.basename($fullpath_original_file).'"'); - } - - $fullpath_original_file_osencoded = dol_osencode($fullpath_original_file); - - readfile($fullpath_original_file_osencoded); + } + + // Permissions are ok and file found, so we return it + if ($type) + { + top_httphead($type); + header('Content-Disposition: inline; filename="'.basename($fullpath_original_file).'"'); + } + else + { + top_httphead('image/png'); + header('Content-Disposition: inline; filename="'.basename($fullpath_original_file).'"'); + } + + $fullpath_original_file_osencoded = dol_osencode($fullpath_original_file); + + readfile($fullpath_original_file_osencoded); }