27 require
'../main.inc.php';
28 require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
29 require_once DOL_DOCUMENT_ROOT.
'/core/lib/files.lib.php';
30 require_once DOL_DOCUMENT_ROOT.
'/core/class/html.formfile.class.php';
33 $langs->loadLangs(array(
"users",
"admin",
"other"));
39 $action =
GETPOST(
'action',
'aZ09');
47 if (preg_match(
'/set_([a-z0-9_\-]+)/i', $action, $reg)) {
51 header(
"Location: ".$_SERVER[
"PHP_SELF"]);
56 } elseif (preg_match(
'/del_([a-z0-9_\-]+)/i', $action, $reg)) {
59 header(
"Location: ".$_SERVER[
"PHP_SELF"]);
64 } elseif ($action ==
'updateform') {
71 $res1 =
dolibarr_set_const($db,
"MAIN_APPLICATION_TITLE",
GETPOST(
"MAIN_APPLICATION_TITLE",
'alphanohtml'),
'chaine', 0,
'', $conf->entity);
74 $res2 =
dolibarr_set_const($db,
"MAIN_SESSION_TIMEOUT",
GETPOST(
"MAIN_SESSION_TIMEOUT",
'alphanohtml'),
'chaine', 0,
'', $conf->entity);
76 if (
GETPOSTISSET(
'MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT')) {
77 $res3 =
dolibarr_set_const($db,
"MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT",
GETPOST(
"MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT",
'alphanohtml'),
'int', 0,
'', $conf->entity);
79 if (
GETPOSTISSET(
'MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS')) {
80 $res4 =
dolibarr_set_const($db,
"MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS",
GETPOST(
"MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS",
'alphanohtml'),
'int', 0,
'', $conf->entity);
82 if (
GETPOSTISSET(
'MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS')) {
83 $res5 =
dolibarr_set_const($db,
"MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS",
GETPOST(
"MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS",
'alphanohtml'),
'int', 0,
'', $conf->entity);
85 if ($res1 && $res2 && $res3 && $res4 && $res5) {
86 setEventMessages($langs->trans(
"RecordModifiedSuccessfully"),
null,
'mesgs');
96 $form =
new Form($db);
98 $wikihelp =
'EN:Setup_Security|FR:Paramétrage_Sécurité|ES:Configuración_Seguridad';
103 print
'<span class="opacitymedium">'.$langs->trans(
"MiscellaneousDesc").
"</span><br>\n";
108 print
'<form action="'.$_SERVER[
"PHP_SELF"].
'" method="POST">';
109 print
'<input type="hidden" name="token" value="'.newToken().
'">';
110 print
'<input type="hidden" name="action" value="updateform">';
119 print
'<table class="noborder centpercent">';
120 print
'<tr class="liste_titre">';
121 print
'<td colspan="3">'.$langs->trans(
"Parameters").
'</td>';
122 print
'<td class="right" width="100">'.$langs->trans(
"Status").
'</td>';
126 print
'<tr class="oddeven">';
127 print
'<td colspan="3">'.$langs->trans(
"UseCaptchaCode").
'</td>';
128 print
'<td class="right">';
129 if (function_exists(
"imagecreatefrompng")) {
130 if (!empty($conf->use_javascript_ajax)) {
134 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=set_MAIN_SECURITY_ENABLECAPTCHA&token='.
newToken().
'">'.
img_picto($langs->trans(
"Disabled"),
'off').
'</a>';
136 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=del_MAIN_SECURITY_ENABLECAPTCHA&token='.
newToken().
'">'.
img_picto($langs->trans(
"Enabled"),
'on').
'</a>';
140 $desc = $form->textwithpicto(
'', $langs->transnoentities(
"EnableGDLibraryDesc"), 1,
'warning');
146 print
'<tr class="oddeven">';
147 print
'<td colspan="3">'.$langs->trans(
"UseAdvancedPerms").
'</td>';
148 print
'<td class="right">';
149 if (!empty($conf->use_javascript_ajax)) {
153 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=set_MAIN_USE_ADVANCED_PERMS&token='.
newToken().
'">'.
img_picto($langs->trans(
"Disabled"),
'off').
'</a>';
155 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=del_MAIN_USE_ADVANCED_PERMS&token='.
newToken().
'">'.
img_picto($langs->trans(
"Enabled"),
'on').
'</a>';
167 print
'<table width="100%" class="noborder">';
168 print
'<tr class="liste_titre">';
169 print
'<td colspan="2">'.$langs->trans(
"Parameters").
'</td>';
170 print
'<td>'.$langs->trans(
"Value").
'</td>';
174 $sessiontimeout = ini_get(
"session.gc_maxlifetime");
176 $conf->global->MAIN_SESSION_TIMEOUT = $sessiontimeout;
178 print
'<tr class="oddeven">';
179 print
'<td>'.$langs->trans(
"SessionTimeOut").
'</td><td class="right">';
180 if (ini_get(
"session.gc_probability") == 0) {
181 print $form->textwithpicto(
'', $langs->trans(
"SessionsPurgedByExternalSystem", ini_get(
"session.gc_maxlifetime")));
183 print $form->textwithpicto(
'', $langs->trans(
"SessionExplanation", ini_get(
"session.gc_probability"), ini_get(
"session.gc_divisor"), ini_get(
"session.gc_maxlifetime")));
186 print
'<td class="nowrap">';
187 print
'<input class="flat right width50" name="MAIN_SESSION_TIMEOUT" type="text" value="'.getDolGlobalInt(
'MAIN_SESSION_TIMEOUT').
'"> '.strtolower($langs->trans(
"Seconds"));
191 print
'<tr class="oddeven">';
192 print
'<td>'.$langs->trans(
"MaxNumberOfImagesInGetPost").
'</td><td class="right">';
194 print
'<td class="nowrap">';
195 print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT" type="text" value="'.getDolGlobalInt(
'MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT').
'"> '.strtolower($langs->trans(
"Images"));
199 print
'<tr class="oddeven">';
200 print
'<td>'.$langs->trans(
"MaxNumberOfPostOnPublicPagesByIP").
'</td><td class="right">';
202 print
'<td class="nowrap">';
203 print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS" type="text" value="'.getDolGlobalInt(
"MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 200).
'"> '.strtolower($langs->trans(
"Posts"));
207 print
'<tr class="oddeven">';
208 print
'<td>'.$langs->trans(
"MaxNumberOfAttachementOnForms").
'</td><td class="right">';
210 print
'<td class="nowrap">';
211 print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS" type="text" value="'.getDolGlobalInt(
"MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", 10).
'"> '.strtolower($langs->trans(
"Files"));
215 print
'<tr class="oddeven">';
216 print
'<td>'.$langs->trans(
"MaxNumberOfFailedAuth").
'</td><td class="right">';
218 print
'<td class="nowrap">';
219 print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_NUMBER_FAILED_AUTH" type="text" value="'.getDolGlobalInt(
"MAIN_SECURITY_MAX_NUMBER_FAILED_AUTH", 100).
'"> '.$langs->trans(
"FailedAuth");
238 print $form->buttonsSaveCancel(
"Modify",
'');
security_prepare_head()
Prepare array with list of tabs.
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
dolibarr_del_const($db, $name, $entity=1)
Delete a constant.
if(GETPOSTISSET('MAIN_AGENDA_XCAL_EXPORTKEY')) if(GETPOSTISSET('MAIN_AGENDA_EXPORT_PAST_DELAY')) if(GETPOSTISSET('MAIN_AGENDA_EXPORT_CACHE')) if(GETPOSTISSET('AGENDA_EXPORT_FIX_TZ')) if($actionsave) if(!isset($conf->global->MAIN_AGENDA_EXPORT_PAST_DELAY)) $wikihelp
View.
ajax_constantonoff($code, $input=array(), $entity=null, $revertonoff=0, $strict=0, $forcereload=0, $marginleftonlyshort=2, $forcenoajax=0, $setzeroinsteadofdel=0, $suffix='', $mode='', $morecss='inline-block')
On/off button for constant.
if(!defined('NOREQUIRESOC')) if(!defined('NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined('NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined('NOREQUIREAJAX')) llxHeader()
Empty header.
load_fiche_titre($title, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
dol_get_fiche_end($notab=0)
Return tab footer of a card.
newToken()
Return the value of token currently saved into session with name 'newtoken'.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
GETPOSTISSET($paramname)
Return true if we are in a context of submitting the parameter $paramname from a POST of a form.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.