dolibarr  7.0.0-beta
security.lib.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2008-2017 Regis Houssin <regis.houssin@capnetworks.com>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <http://www.gnu.org/licenses/>.
17  * or see http://www.gnu.org/
18  */
19 
36 function dol_encode($chain)
37 {
38  $strlength=dol_strlen($chain);
39  for ($i=0; $i < $strlength; $i++)
40  {
41  $output_tab[$i] = chr(ord(substr($chain,$i,1))+17);
42  }
43 
44  $string_coded = base64_encode(implode("",$output_tab));
45  return $string_coded;
46 }
47 
56 function dol_decode($chain)
57 {
58  $chain = base64_decode($chain);
59 
60  $strlength=dol_strlen($chain);
61  for($i=0; $i < $strlength;$i++)
62  {
63  $output_tab[$i] = chr(ord(substr($chain,$i,1))-17);
64  }
65 
66  $string_decoded = implode("",$output_tab);
67  return $string_decoded;
68 }
69 
70 
80 function dol_hash($chain, $type='0')
81 {
82  global $conf;
83 
84  // Salt value
85  if (! empty($conf->global->MAIN_SECURITY_SALT)) $chain=$conf->global->MAIN_SECURITY_SALT.$chain;
86 
87  if ($type == '1' || $type == 'sha1') return sha1($chain);
88  else if ($type == '2' || $type == 'sha1md5') return sha1(md5($chain));
89  else if ($type == '3' || $type == 'md5') return md5($chain);
90  else if ($type == '4' || $type == 'md5openldap') return '{md5}'.base64_encode(mhash(MHASH_MD5,$chain)); // For OpenLdap with md5 (based on an unencrypted password in base)
91  else if ($type == '5') return hash('sha256',$chain);
92  else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1') return sha1($chain);
93  else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1md5') return sha1(md5($chain));
94 
95  // No particular encoding defined, use default
96  return md5($chain);
97 }
98 
99 
115 function restrictedArea($user, $features, $objectid=0, $tableandshare='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $objcanvas=null)
116 {
117  global $db, $conf;
118 
119  //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select");
120  //print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
121  //print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
122  //print ", perm: ".$features."->".$feature2."=".($user->rights->$features->$feature2->lire)."<br>";
123 
124  // If we use canvas, we try to use function that overlod restrictarea if provided with canvas
125  if (is_object($objcanvas))
126  {
127  if (method_exists($objcanvas->control,'restrictedArea')) return $objcanvas->control->restrictedArea($user,$features,$objectid,$dbtablename,$feature2,$dbt_keyfield,$dbt_select);
128  }
129 
130  if ($dbt_select != 'rowid' && $dbt_select != 'id') $objectid = "'".$objectid."'";
131 
132  // Features/modules to check
133  $featuresarray = array($features);
134  if (preg_match('/&/', $features)) $featuresarray = explode("&", $features);
135  else if (preg_match('/\|/', $features)) $featuresarray = explode("|", $features);
136 
137  // More subfeatures to check
138  if (! empty($feature2)) $feature2 = explode("|", $feature2);
139 
140  // More parameters
141  $params = explode('&', $tableandshare);
142  $dbtablename=(! empty($params[0]) ? $params[0] : '');
143  $sharedelement=(! empty($params[1]) ? $params[1] : $dbtablename);
144 
145  $listofmodules=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL);
146 
147  // Check read permission from module
148  $readok=1; $nbko=0;
149  foreach ($featuresarray as $feature) // first we check nb of test ko
150  {
151  $featureforlistofmodule=$feature;
152  if ($featureforlistofmodule == 'produit') $featureforlistofmodule='product';
153  if (! empty($user->societe_id) && ! empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && ! in_array($featureforlistofmodule,$listofmodules)) // If limits on modules for external users, module must be into list of modules for external users
154  {
155  $readok=0; $nbko++;
156  continue;
157  }
158 
159  if ($feature == 'societe')
160  {
161  if (! $user->rights->societe->lire && ! $user->rights->fournisseur->lire) { $readok=0; $nbko++; }
162  }
163  else if ($feature == 'contact')
164  {
165  if (! $user->rights->societe->contact->lire) { $readok=0; $nbko++; }
166  }
167  else if ($feature == 'produit|service')
168  {
169  if (! $user->rights->produit->lire && ! $user->rights->service->lire) { $readok=0; $nbko++; }
170  }
171  else if ($feature == 'prelevement')
172  {
173  if (! $user->rights->prelevement->bons->lire) { $readok=0; $nbko++; }
174  }
175  else if ($feature == 'cheque')
176  {
177  if (! $user->rights->banque->cheque) { $readok=0; $nbko++; }
178  }
179  else if ($feature == 'projet')
180  {
181  if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) { $readok=0; $nbko++; }
182  }
183  else if (! empty($feature2)) // This should be used for future changes
184  {
185  $tmpreadok=1;
186  foreach($feature2 as $subfeature)
187  {
188  if (! empty($subfeature) && empty($user->rights->$feature->$subfeature->lire) && empty($user->rights->$feature->$subfeature->read)) { $tmpreadok=0; }
189  else if (empty($subfeature) && empty($user->rights->$feature->lire) && empty($user->rights->$feature->read)) { $tmpreadok=0; }
190  else { $tmpreadok=1; break; } // Break is to bypass second test if the first is ok
191  }
192  if (! $tmpreadok) // We found a test on feature that is ko
193  {
194  $readok=0; // All tests are ko (we manage here the and, the or will be managed later using $nbko).
195  $nbko++;
196  }
197  }
198  else if (! empty($feature) && ($feature!='user' && $feature!='usergroup')) // This is for old permissions
199  {
200  if (empty($user->rights->$feature->lire)
201  && empty($user->rights->$feature->read)
202  && empty($user->rights->$feature->run)) { $readok=0; $nbko++; }
203  }
204  }
205 
206  // If a or and at least one ok
207  if (preg_match('/\|/', $features) && $nbko < count($featuresarray)) $readok=1;
208 
209  if (! $readok) accessforbidden();
210  //print "Read access is ok";
211 
212  // Check write permission from module
213  $createok=1; $nbko=0;
214  if (GETPOST('action','aZ09') == 'create')
215  {
216  foreach ($featuresarray as $feature)
217  {
218  if ($feature == 'contact')
219  {
220  if (! $user->rights->societe->contact->creer) { $createok=0; $nbko++; }
221  }
222  else if ($feature == 'produit|service')
223  {
224  if (! $user->rights->produit->creer && ! $user->rights->service->creer) { $createok=0; $nbko++; }
225  }
226  else if ($feature == 'prelevement')
227  {
228  if (! $user->rights->prelevement->bons->creer) { $createok=0; $nbko++; }
229  }
230  else if ($feature == 'commande_fournisseur')
231  {
232  if (! $user->rights->fournisseur->commande->creer) { $createok=0; $nbko++; }
233  }
234  else if ($feature == 'banque')
235  {
236  if (! $user->rights->banque->modifier) { $createok=0; $nbko++; }
237  }
238  else if ($feature == 'cheque')
239  {
240  if (! $user->rights->banque->cheque) { $createok=0; $nbko++; }
241  }
242  else if (! empty($feature2)) // This should be used
243  {
244  foreach($feature2 as $subfeature)
245  {
246  if (empty($user->rights->$feature->$subfeature->creer)
247  && empty($user->rights->$feature->$subfeature->write)
248  && empty($user->rights->$feature->$subfeature->create)) { $createok=0; $nbko++; }
249  else { $createok=1; break; } // Break to bypass second test if the first is ok
250  }
251  }
252  else if (! empty($feature)) // This is for old permissions ('creer' or 'write')
253  {
254  //print '<br>feature='.$feature.' creer='.$user->rights->$feature->creer.' write='.$user->rights->$feature->write;
255  if (empty($user->rights->$feature->creer)
256  && empty($user->rights->$feature->write)
257  && empty($user->rights->$feature->create)) { $createok=0; $nbko++; }
258  }
259  }
260 
261  // If a or and at least one ok
262  if (preg_match('/\|/', $features) && $nbko < count($featuresarray)) $createok=1;
263 
264  if (! $createok) accessforbidden();
265  //print "Write access is ok";
266  }
267 
268  // Check create user permission
269  $createuserok=1;
270  if (GETPOST('action','aZ09') == 'confirm_create_user' && GETPOST("confirm") == 'yes')
271  {
272  if (! $user->rights->user->user->creer) $createuserok=0;
273 
274  if (! $createuserok) accessforbidden();
275  //print "Create user access is ok";
276  }
277 
278  // Check delete permission from module
279  $deleteok=1; $nbko=0;
280  if ((GETPOST('action','aZ09') == 'confirm_delete' && GETPOST("confirm") == 'yes') || GETPOST('action','aZ09') == 'delete')
281  {
282  foreach ($featuresarray as $feature)
283  {
284  if ($feature == 'contact')
285  {
286  if (! $user->rights->societe->contact->supprimer) $deleteok=0;
287  }
288  else if ($feature == 'produit|service')
289  {
290  if (! $user->rights->produit->supprimer && ! $user->rights->service->supprimer) $deleteok=0;
291  }
292  else if ($feature == 'commande_fournisseur')
293  {
294  if (! $user->rights->fournisseur->commande->supprimer) $deleteok=0;
295  }
296  else if ($feature == 'banque')
297  {
298  if (! $user->rights->banque->modifier) $deleteok=0;
299  }
300  else if ($feature == 'cheque')
301  {
302  if (! $user->rights->banque->cheque) $deleteok=0;
303  }
304  else if ($feature == 'ecm')
305  {
306  if (! $user->rights->ecm->upload) $deleteok=0;
307  }
308  else if ($feature == 'ftp')
309  {
310  if (! $user->rights->ftp->write) $deleteok=0;
311  }else if ($feature == 'salaries')
312  {
313  if (! $user->rights->salaries->delete) $deleteok=0;
314  }
315  else if ($feature == 'salaries')
316  {
317  if (! $user->rights->salaries->delete) $deleteok=0;
318  }
319  else if (! empty($feature2)) // This should be used for future changes
320  {
321  foreach($feature2 as $subfeature)
322  {
323  if (empty($user->rights->$feature->$subfeature->supprimer) && empty($user->rights->$feature->$subfeature->delete)) $deleteok=0;
324  else { $deleteok=1; break; } // For bypass the second test if the first is ok
325  }
326  }
327  else if (! empty($feature)) // This is for old permissions
328  {
329  //print '<br>feature='.$feature.' creer='.$user->rights->$feature->supprimer.' write='.$user->rights->$feature->delete;
330  if (empty($user->rights->$feature->supprimer)
331  && empty($user->rights->$feature->delete)
332  && empty($user->rights->$feature->run)) $deleteok=0;
333  }
334  }
335 
336  // If a or and at least one ok
337  if (preg_match('/\|/', $features) && $nbko < count($featuresarray)) $deleteok=1;
338 
339  if (! $deleteok) accessforbidden();
340  //print "Delete access is ok";
341  }
342 
343  // If we have a particular object to check permissions on, we check this object
344  // is linked to a company allowed to $user.
345  if (! empty($objectid) && $objectid > 0)
346  {
347  $ok = checkUserAccessToObject($user, $featuresarray, $objectid, $tableandshare, $feature2, $dbt_keyfield, $dbt_select);
348  return $ok ? 1 : accessforbidden();
349  }
350 
351  return 1;
352 }
353 
368 function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandshare='', $feature2='', $dbt_keyfield='', $dbt_select='rowid')
369 {
370  global $db, $conf;
371 
372  // More parameters
373  $params = explode('&', $tableandshare);
374  $dbtablename=(! empty($params[0]) ? $params[0] : '');
375  $sharedelement=(! empty($params[1]) ? $params[1] : $dbtablename);
376 
377  foreach ($featuresarray as $feature)
378  {
379  $sql='';
380 
381  // For backward compatibility
382  if ($feature == 'member') $feature='adherent';
383  if ($feature == 'project') $feature='projet';
384  if ($feature == 'task') $feature='projet_task';
385 
386  $check = array('adherent','banque','don','user','usergroup','produit','service','produit|service','categorie','resource'); // Test on entity only (Objects with no link to company)
387  $checksoc = array('societe'); // Test for societe object
388  $checkother = array('contact','agenda'); // Test on entity and link to third party. Allowed if link is empty (Ex: contacts...).
389  $checkproject = array('projet','project'); // Test for project object
390  $checktask = array('projet_task');
391  $nocheck = array('barcode','stock'); // No test
392  $checkdefault = 'all other not already defined'; // Test on entity and link to third party. Not allowed if link is empty (Ex: invoice, orders...).
393 
394  // If dbtablename not defined, we use same name for table than module name
395  if (empty($dbtablename))
396  {
397  $dbtablename = $feature;
398  $sharedelement = (! empty($params[1]) ? $params[1] : $dbtablename); // We change dbtablename, so we set sharedelement too.
399  }
400 
401  // Check permission for object with entity
402  if (in_array($feature,$check))
403  {
404  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
405  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
406  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
407  if (($feature == 'user' || $feature == 'usergroup') && ! empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && ! $user->entity)
408  {
409  $sql.= " AND dbt.entity IS NOT NULL";
410  }
411  else
412  {
413  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
414  }
415  }
416  else if (in_array($feature,$checksoc)) // We check feature = checksoc
417  {
418  // If external user: Check permission for external users
419  if ($user->socid > 0)
420  {
421  if ($user->socid <> $objectid) return false;
422  }
423  // If internal user: Check permission for internal users that are restricted on their objects
424  else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
425  {
426  $sql = "SELECT COUNT(sc.fk_soc) as nb";
427  $sql.= " FROM (".MAIN_DB_PREFIX."societe_commerciaux as sc";
428  $sql.= ", ".MAIN_DB_PREFIX."societe as s)";
429  $sql.= " WHERE sc.fk_soc IN (".$objectid.")";
430  $sql.= " AND sc.fk_user = ".$user->id;
431  $sql.= " AND sc.fk_soc = s.rowid";
432  $sql.= " AND s.entity IN (".getEntity($sharedelement, 1).")";
433  }
434  // If multicompany and internal users with all permissions, check user is in correct entity
435  else if (! empty($conf->multicompany->enabled))
436  {
437  $sql = "SELECT COUNT(s.rowid) as nb";
438  $sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
439  $sql.= " WHERE s.rowid IN (".$objectid.")";
440  $sql.= " AND s.entity IN (".getEntity($sharedelement, 1).")";
441  }
442  }
443  else if (in_array($feature,$checkother)) // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...).
444  {
445  // If external user: Check permission for external users
446  if ($user->societe_id > 0)
447  {
448  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
449  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
450  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
451  $sql.= " AND dbt.fk_soc = ".$user->societe_id;
452  }
453  // If internal user: Check permission for internal users that are restricted on their objects
454  else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
455  {
456  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
457  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
458  $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = '".$user->id."'";
459  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
460  $sql.= " AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)"; // Contact not linked to a company or to a company of user
461  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
462  }
463  // If multicompany and internal users with all permissions, check user is in correct entity
464  else if (! empty($conf->multicompany->enabled))
465  {
466  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
467  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
468  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
469  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
470  }
471  }
472  else if (in_array($feature,$checkproject))
473  {
474  if (! empty($conf->projet->enabled) && empty($user->rights->projet->all->lire))
475  {
476  include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
477  $projectstatic=new Project($db);
478  $tmps=$projectstatic->getProjectsAuthorizedForUser($user,0,1,0);
479  $tmparray=explode(',',$tmps);
480  if (! in_array($objectid,$tmparray)) return false;
481  }
482  else
483  {
484  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
485  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
486  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
487  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
488  }
489  }
490  else if (in_array($feature,$checktask))
491  {
492  if (! empty($conf->projet->enabled) && empty($user->rights->projet->all->lire))
493  {
494  $task = new Task($db);
495  $task->fetch($objectid);
496 
497  include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
498  $projectstatic=new Project($db);
499  $tmps=$projectstatic->getProjectsAuthorizedForUser($user,0,1,0);
500  $tmparray=explode(',',$tmps);
501  if (! in_array($task->fk_project,$tmparray)) return false;
502  }
503  else
504  {
505  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
506  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
507  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
508  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
509  }
510  }
511  else if (! in_array($feature,$nocheck)) // By default (case of $checkdefault), we check on object entity + link to third party on field $dbt_keyfield
512  {
513  // If external user: Check permission for external users
514  if ($user->societe_id > 0)
515  {
516  if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
517  $sql = "SELECT COUNT(dbt.".$dbt_keyfield.") as nb";
518  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
519  $sql.= " WHERE dbt.rowid IN (".$objectid.")";
520  $sql.= " AND dbt.".$dbt_keyfield." = ".$user->societe_id;
521  }
522  // If internal user: Check permission for internal users that are restricted on their objects
523  else if (! empty($conf->societe->enabled) && ($user->rights->societe->lire && ! $user->rights->societe->client->voir))
524  {
525  if (empty($dbt_keyfield)) dol_print_error('','Param dbt_keyfield is required but not defined');
526  $sql = "SELECT COUNT(sc.fk_soc) as nb";
527  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
528  $sql.= ", ".MAIN_DB_PREFIX."societe as s";
529  $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
530  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
531  $sql.= " AND sc.fk_soc = dbt.".$dbt_keyfield;
532  $sql.= " AND dbt.".$dbt_keyfield." = s.rowid";
533  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
534  $sql.= " AND sc.fk_user = ".$user->id;
535  }
536  // If multicompany and internal users with all permissions, check user is in correct entity
537  else if (! empty($conf->multicompany->enabled))
538  {
539  $sql = "SELECT COUNT(dbt.".$dbt_select.") as nb";
540  $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt";
541  $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
542  $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")";
543  }
544  }
545 
546  if ($sql)
547  {
548  $resql=$db->query($sql);
549  if ($resql)
550  {
551  $obj = $db->fetch_object($resql);
552  if (! $obj || $obj->nb < count(explode(',', $objectid))) return false;
553  }
554  else
555  {
556  return false;
557  }
558  }
559  }
560  return true;
561 }
562 
573 function accessforbidden($message='',$printheader=1,$printfooter=1,$showonlymessage=0)
574 {
575  global $conf, $db, $user, $langs;
576  if (! is_object($langs))
577  {
578  include_once DOL_DOCUMENT_ROOT.'/core/class/translate.class.php';
579  $langs=new Translate('',$conf);
580  }
581 
582  $langs->load("errors");
583 
584  if ($printheader)
585  {
586  if (function_exists("llxHeader")) llxHeader('');
587  else if (function_exists("llxHeaderVierge")) llxHeaderVierge('');
588  }
589  print '<div class="error">';
590  if (! $message) print $langs->trans("ErrorForbidden");
591  else print $message;
592  print '</div>';
593  print '<br>';
594  if (empty($showonlymessage))
595  {
596  if ($user->login)
597  {
598  print $langs->trans("CurrentLogin").': <font class="error">'.$user->login.'</font><br>';
599  print $langs->trans("ErrorForbidden2",$langs->trans("Home"),$langs->trans("Users"));
600  }
601  else
602  {
603  print $langs->trans("ErrorForbidden3");
604  }
605  }
606  if ($printfooter && function_exists("llxFooter")) llxFooter();
607  exit(0);
608 }
609 
llxFooter()
Empty footer.
Definition: wrapper.php:58
checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandshare='', $feature2='', $dbt_keyfield='', $dbt_select='rowid')
Check access by user to object.
dol_print_error($db='', $error='', $errors=null)
Affiche message erreur system avec toutes les informations pour faciliter le diagnostic et la remonte...
GETPOST($paramname, $check='none', $method=0, $filter=NULL, $options=NULL, $noreplace=0)
Return value of a param into GET or POST supervariable.
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0)
Show a message to say access is forbidden and stop program Calling this function terminate execution ...
Class to manage projects.
dol_decode($chain)
Decode a base 64 encoded + specific string.
llxHeader()
Empty header.
Definition: wrapper.php:46
dol_encode($chain)
Encode a string with base 64 algorithm + specific change Code of this function is useless and we shou...
Class to manage translations.
llxHeaderVierge()
Header function.
print
Draft customers invoices.
Definition: index.php:91
Class to manage tasks.
Definition: task.class.php:32
if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if(!empty($conf->fournisseur->enabled)&&$user->rights->fournisseur->facture->lire) if(!empty($conf->don->enabled)&&$user->rights->societe->lire) if(!empty($conf->tax->enabled)&&$user->rights->tax->charges->lire) if(!empty($conf->facture->enabled)&&!empty($conf->commande->enabled)&&$user->rights->commande->lire &&empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) if(!empty($conf->facture->enabled)&&$user->rights->facture->lire) if(!empty($conf->fournisseur->enabled)&&$user->rights->fournisseur->facture->lire) $resql
Social contributions to pay.
Definition: index.php:1013
dol_hash($chain, $type='0')
Returns a hash of a string.
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
restrictedArea($user, $features, $objectid=0, $tableandshare='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $objcanvas=null)
Check permissions of a user to show a page and an object.