40 if (is_numeric($key) && $key ==
'1') {
41 $output_tab = array();
43 for ($i = 0; $i < $strlength; $i++) {
44 $output_tab[$i] = chr(ord(substr($chain, $i, 1)) + 17);
46 $chain = implode(
"", $output_tab);
50 for ($i = 0; $i < $strlength; $i++) {
51 $keychar = substr($key, ($i % strlen($key)) - 1, 1);
52 $result .= chr(ord(substr($chain, $i, 1)) + (ord($keychar) - 65));
57 return base64_encode($chain);
71 $chain = base64_decode($chain);
73 if (is_numeric($key) && $key ==
'1') {
74 $output_tab = array();
76 for ($i = 0; $i < $strlength; $i++) {
77 $output_tab[$i] = chr(ord(substr($chain, $i, 1)) - 17);
80 $chain = implode(
"", $output_tab);
84 for ($i = 0; $i < $strlength; $i++) {
85 $keychar = substr($key, ($i % strlen($key)) - 1, 1);
86 $result .= chr(ord(substr($chain, $i, 1)) - (ord($keychar) - 65));
109 if (($type ==
'0' || $type ==
'auto') && !empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO ==
'password_hash' && function_exists(
'password_hash')) {
110 return password_hash($chain, PASSWORD_DEFAULT);
114 if (!empty($conf->global->MAIN_SECURITY_SALT) && $type !=
'4' && $type !==
'openldap') {
115 $chain = $conf->global->MAIN_SECURITY_SALT.$chain;
118 if ($type ==
'1' || $type ==
'sha1') {
120 } elseif ($type ==
'2' || $type ==
'sha1md5') {
121 return sha1(md5($chain));
122 } elseif ($type ==
'3' || $type ==
'md5') {
124 } elseif ($type ==
'4' || $type ==
'openldap') {
126 } elseif ($type ==
'5' || $type ==
'sha256') {
127 return hash(
'sha256', $chain);
128 } elseif ($type ==
'6' || $type ==
'password_hash') {
129 return password_hash($chain, PASSWORD_DEFAULT);
130 } elseif (!empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO ==
'sha1') {
132 } elseif (!empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO ==
'sha1md5') {
133 return sha1(md5($chain));
155 if ($type ==
'0' && !empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO ==
'password_hash' && function_exists(
'password_verify')) {
156 if ($hash[0] ==
'$') {
157 return password_verify($chain, $hash);
158 } elseif (strlen($hash) == 32) {
160 } elseif (strlen($hash) == 40) {
167 return dol_hash($chain, $type) == $hash;
183 $salt = substr(sha1(time()), 0, 8);
185 if ($type ===
'md5') {
186 return '{MD5}' . base64_encode(hash(
"md5", $password,
true));
187 } elseif ($type ===
'md5frommd5') {
188 return '{MD5}' . base64_encode(hex2bin($password));
189 } elseif ($type ===
'smd5') {
190 return "{SMD5}" . base64_encode(hash(
"md5", $password . $salt,
true) . $salt);
191 } elseif ($type ===
'sha') {
192 return '{SHA}' . base64_encode(hash(
"sha1", $password,
true));
193 } elseif ($type ===
'ssha') {
194 return "{SSHA}" . base64_encode(hash(
"sha1", $password . $salt,
true) . $salt);
195 } elseif ($type ===
'sha256') {
196 return "{SHA256}" . base64_encode(hash(
"sha256", $password,
true));
197 } elseif ($type ===
'ssha256') {
198 return "{SSHA256}" . base64_encode(hash(
"sha256", $password . $salt,
true) . $salt);
199 } elseif ($type ===
'sha384') {
200 return "{SHA384}" . base64_encode(hash(
"sha384", $password,
true));
201 } elseif ($type ===
'ssha384') {
202 return "{SSHA384}" . base64_encode(hash(
"sha384", $password . $salt,
true) . $salt);
203 } elseif ($type ===
'sha512') {
204 return "{SHA512}" . base64_encode(hash(
"sha512", $password,
true));
205 } elseif ($type ===
'ssha512') {
206 return "{SSHA512}" . base64_encode(hash(
"sha512", $password . $salt,
true) . $salt);
207 } elseif ($type ===
'crypt') {
208 return '{CRYPT}' . crypt($password, $salt);
209 } elseif ($type ===
'clear') {
210 return '{CLEAR}' . $password;
234 function restrictedArea($user, $features, $objectid = 0, $tableandshare =
'', $feature2 =
'', $dbt_keyfield =
'fk_soc', $dbt_select =
'rowid', $isdraft = 0, $mode = 0)
239 $objectid = ((int) $objectid);
246 $parentfortableentity =
'';
249 $originalfeatures = $features;
250 if ($features ==
'facturerec') {
251 $features =
'facture';
253 if ($features ==
'mo') {
256 if ($features ==
'member') {
257 $features =
'adherent';
259 if ($features ==
'subscription') {
260 $features =
'adherent';
261 $feature2 =
'cotisation';
263 if ($features ==
'websitepage') {
264 $features =
'website';
265 $tableandshare =
'website_page';
266 $parentfortableentity =
'fk_website@website';
268 if ($features ==
'project') {
269 $features =
'projet';
271 if ($features ==
'product') {
272 $features =
'produit';
276 $parameters = array(
'features'=>$features,
'originalfeatures'=>$originalfeatures,
'objectid'=>$objectid,
'dbt_select'=>$dbt_select,
'idtype'=>$dbt_select,
'isdraft'=>$isdraft);
277 $reshook = $hookmanager->executeHooks(
'restrictedArea', $parameters);
279 if (isset($hookmanager->resArray[
'result'])) {
280 if ($hookmanager->resArray[
'result'] == 0) {
293 if ($dbt_select !=
'rowid' && $dbt_select !=
'id') {
294 $objectid =
"'".$objectid.
"'";
298 $featuresarray = array($features);
299 if (preg_match(
'/&/', $features)) {
300 $featuresarray = explode(
"&", $features);
301 } elseif (preg_match(
'/\|/', $features)) {
302 $featuresarray = explode(
"|", $features);
306 if (!empty($feature2)) {
307 $feature2 = explode(
"|", $feature2);
310 $listofmodules = explode(
',', $conf->global->MAIN_MODULES_FOR_EXTERNAL);
315 foreach ($featuresarray as $feature) {
316 $featureforlistofmodule = $feature;
317 if ($featureforlistofmodule ==
'produit') {
318 $featureforlistofmodule =
'product';
320 if (!empty($user->socid) && !empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && !in_array($featureforlistofmodule, $listofmodules)) {
326 if ($feature ==
'societe') {
327 if (empty($user->rights->societe->lire) && empty($user->rights->fournisseur->lire)) {
331 } elseif ($feature ==
'contact') {
332 if (empty($user->rights->societe->contact->lire)) {
336 } elseif ($feature ==
'produit|service') {
337 if (!$user->rights->produit->lire && !$user->rights->service->lire) {
341 } elseif ($feature ==
'prelevement') {
342 if (!$user->rights->prelevement->bons->lire) {
346 } elseif ($feature ==
'cheque') {
347 if (empty($user->rights->banque->cheque)) {
351 } elseif ($feature ==
'projet') {
352 if (!$user->rights->projet->lire && empty($user->rights->projet->all->lire)) {
356 } elseif ($feature ==
'payment') {
357 if (!$user->rights->facture->lire) {
361 } elseif ($feature ==
'payment_supplier') {
362 if (empty($user->rights->fournisseur->facture->lire)) {
366 } elseif (!empty($feature2)) {
368 foreach ($feature2 as $subfeature) {
369 if ($subfeature ==
'user' && $user->id == $objectid) {
372 if (!empty($subfeature) && empty($user->rights->$feature->$subfeature->lire) && empty($user->rights->$feature->$subfeature->read)) {
374 } elseif (empty($subfeature) && empty($user->rights->$feature->lire) && empty($user->rights->$feature->read)) {
385 } elseif (!empty($feature) && ($feature !=
'user' && $feature !=
'usergroup')) {
386 if (empty($user->rights->$feature->lire)
387 && empty($user->rights->$feature->read)
388 && empty($user->rights->$feature->run)) {
396 if (preg_match(
'/\|/', $features) && $nbko < count($featuresarray)) {
412 $wemustcheckpermissionforcreate = (
GETPOST(
'sendit',
'alpha') ||
GETPOST(
'linkit',
'alpha') || in_array(
GETPOST(
'action',
'aZ09'), array(
'create',
'update',
'add_element_resource',
'confirm_delete_linked_resource')) ||
GETPOST(
'roworder',
'alpha', 2));
413 $wemustcheckpermissionfordeletedraft = ((
GETPOST(
"action",
"aZ09") ==
'confirm_delete' &&
GETPOST(
"confirm",
"aZ09") ==
'yes') ||
GETPOST(
"action",
"aZ09") ==
'delete');
415 if ($wemustcheckpermissionforcreate || $wemustcheckpermissionfordeletedraft) {
416 foreach ($featuresarray as $feature) {
417 if ($feature ==
'contact') {
418 if (empty($user->rights->societe->contact->creer)) {
422 } elseif ($feature ==
'produit|service') {
423 if (empty($user->rights->produit->creer) && empty($user->rights->service->creer)) {
427 } elseif ($feature ==
'prelevement') {
428 if (!$user->rights->prelevement->bons->creer) {
432 } elseif ($feature ==
'commande_fournisseur') {
433 if (empty($user->rights->fournisseur->commande->creer) || empty($user->rights->supplier_order->creer)) {
437 } elseif ($feature ==
'banque') {
438 if (empty($user->rights->banque->modifier)) {
442 } elseif ($feature ==
'cheque') {
443 if (empty($user->rights->banque->cheque)) {
447 } elseif ($feature ==
'import') {
448 if (empty($user->rights->import->run)) {
452 } elseif ($feature ==
'ecm') {
453 if (!$user->rights->ecm->upload) {
457 } elseif (!empty($feature2)) {
458 foreach ($feature2 as $subfeature) {
459 if ($subfeature ==
'user' && $user->id == $objectid && $user->rights->user->self->creer) {
462 if ($subfeature ==
'user' && $user->id == $objectid && $user->rights->user->self->password) {
465 if ($subfeature ==
'user' && $user->id != $objectid && $user->rights->user->user->password) {
469 if (empty($user->rights->$feature->$subfeature->creer)
470 && empty($user->rights->$feature->$subfeature->write)
471 && empty($user->rights->$feature->$subfeature->create)) {
480 } elseif (!empty($feature)) {
482 if (empty($user->rights->$feature->creer)
483 && empty($user->rights->$feature->write)
484 && empty($user->rights->$feature->create)) {
492 if (preg_match(
'/\|/', $features) && $nbko < count($featuresarray)) {
496 if ($wemustcheckpermissionforcreate && !$createok) {
508 if (
GETPOST(
'action',
'aZ09') ==
'confirm_create_user' &&
GETPOST(
"confirm",
'aZ09') ==
'yes') {
509 if (!$user->rights->user->user->creer) {
513 if (!$createuserok) {
526 if ((
GETPOST(
"action",
"aZ09") ==
'confirm_delete' &&
GETPOST(
"confirm",
"aZ09") ==
'yes') ||
GETPOST(
"action",
"aZ09") ==
'delete') {
527 foreach ($featuresarray as $feature) {
528 if ($feature ==
'contact') {
529 if (!$user->rights->societe->contact->supprimer) {
532 } elseif ($feature ==
'produit|service') {
533 if (!$user->rights->produit->supprimer && !$user->rights->service->supprimer) {
536 } elseif ($feature ==
'commande_fournisseur') {
537 if (!$user->rights->fournisseur->commande->supprimer) {
540 } elseif ($feature ==
'payment_supplier') {
541 if (!$user->rights->fournisseur->facture->creer) {
544 } elseif ($feature ==
'payment') {
545 if (!$user->rights->facture->paiement) {
548 } elseif ($feature ==
'banque') {
549 if (empty($user->rights->banque->modifier)) {
552 } elseif ($feature ==
'cheque') {
553 if (empty($user->rights->banque->cheque)) {
556 } elseif ($feature ==
'ecm') {
557 if (!$user->rights->ecm->upload) {
560 } elseif ($feature ==
'ftp') {
561 if (!$user->rights->ftp->write) {
564 } elseif ($feature ==
'salaries') {
565 if (!$user->rights->salaries->delete) {
568 } elseif ($feature ==
'adherent') {
569 if (empty($user->rights->adherent->supprimer)) {
572 } elseif ($feature ==
'paymentbybanktransfer') {
573 if (empty($user->rights->paymentbybanktransfer->create)) {
576 } elseif ($feature ==
'prelevement') {
577 if (empty($user->rights->prelevement->bons->creer)) {
580 } elseif (!empty($feature2)) {
581 foreach ($feature2 as $subfeature) {
582 if (empty($user->rights->$feature->$subfeature->supprimer) && empty($user->rights->$feature->$subfeature->delete)) {
589 } elseif (!empty($feature)) {
591 if (empty($user->rights->$feature->supprimer)
592 && empty($user->rights->$feature->delete)
593 && empty($user->rights->$feature->run)) {
600 if (preg_match(
'/\|/', $features) && $nbko < count($featuresarray)) {
604 if (!$deleteok && !($isdraft && $createok)) {
616 if (!empty($objectid) && $objectid > 0) {
617 $ok =
checkUserAccessToObject($user, $featuresarray, $objectid, $tableandshare, $feature2, $dbt_keyfield, $dbt_select, $parentfortableentity);
618 $params = array(
'objectid' => $objectid,
'features' => join(
',', $featuresarray),
'features2' => $feature2);
645 function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tableandshare =
'', $feature2 =
'', $dbt_keyfield =
'', $dbt_select =
'rowid', $parenttableforentity =
'')
649 if (is_object($object)) {
650 $objectid = $object->id;
660 $params = explode(
'&', $tableandshare);
661 $dbtablename = (!empty($params[0]) ? $params[0] :
'');
662 $sharedelement = (!empty($params[1]) ? $params[1] : $dbtablename);
664 foreach ($featuresarray as $feature) {
670 if ($feature ==
'member') {
671 $feature =
'adherent';
673 if ($feature ==
'project') {
676 if ($feature ==
'task') {
677 $feature =
'projet_task';
680 $checkonentitydone = 0;
683 $check = array(
'adherent',
'banque',
'bom',
'don',
'mrp',
'user',
'usergroup',
'payment',
'payment_supplier',
'product',
'produit',
'service',
'produit|service',
'categorie',
'resource',
'expensereport',
'holiday',
'salaries',
'website',
'recruitment');
684 $checksoc = array(
'societe');
685 $checkother = array(
'contact',
'agenda',
'contrat');
686 $checkproject = array(
'projet',
'project');
687 $checktask = array(
'projet_task');
688 $checkhierarchy = array(
'expensereport',
'holiday');
689 $nocheck = array(
'barcode',
'stock');
693 if (empty($dbtablename)) {
694 $dbtablename = $feature;
695 $sharedelement = (!empty($params[1]) ? $params[1] : $dbtablename);
699 if (in_array($feature, $check)) {
700 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
701 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
702 if (($feature ==
'user' || $feature ==
'usergroup') && !empty($conf->multicompany->enabled)) {
703 if (!empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
704 if ($conf->entity == 1 && $user->admin && !$user->entity) {
705 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
706 $sql .=
" AND dbt.entity IS NOT NULL";
708 $sql .=
",".MAIN_DB_PREFIX.
"usergroup_user as ug";
709 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
710 $sql .=
" AND ((ug.fk_user = dbt.rowid";
711 $sql .=
" AND ug.entity IN (".getEntity(
'usergroup').
"))";
712 $sql .=
" OR dbt.entity = 0)";
715 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
716 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
720 if ($parenttableforentity && preg_match(
'/(.*)@(.*)/', $parenttableforentity, $reg)) {
721 $sql .=
", ".MAIN_DB_PREFIX.$reg[2].
" as dbtp";
722 $sql .=
" WHERE dbt.".$reg[1].
" = dbtp.rowid AND dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
723 $sql .=
" AND dbtp.entity IN (".getEntity($sharedelement, 1).
")";
725 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
726 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
729 $checkonentitydone = 1;
731 if (in_array($feature, $checksoc)) {
733 if ($user->socid > 0) {
734 if ($user->socid != $objectid) {
737 } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) {
739 $sql =
"SELECT COUNT(sc.fk_soc) as nb";
740 $sql .=
" FROM (".MAIN_DB_PREFIX.
"societe_commerciaux as sc";
741 $sql .=
", ".MAIN_DB_PREFIX.
"societe as s)";
742 $sql .=
" WHERE sc.fk_soc IN (".$db->sanitize($objectid, 1).
")";
743 $sql .=
" AND sc.fk_user = ".((int) $user->id);
744 $sql .=
" AND sc.fk_soc = s.rowid";
745 $sql .=
" AND s.entity IN (".getEntity($sharedelement, 1).
")";
746 } elseif (!empty($conf->multicompany->enabled)) {
748 $sql =
"SELECT COUNT(s.rowid) as nb";
749 $sql .=
" FROM ".MAIN_DB_PREFIX.
"societe as s";
750 $sql .=
" WHERE s.rowid IN (".$db->sanitize($objectid, 1).
")";
751 $sql .=
" AND s.entity IN (".getEntity($sharedelement, 1).
")";
754 $checkonentitydone = 1;
756 if (in_array($feature, $checkother)) {
758 if ($user->socid > 0) {
759 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
760 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
761 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
762 $sql .=
" AND dbt.fk_soc = ".((int) $user->socid);
763 } elseif (!empty($conf->societe->enabled) && ($user->rights->societe->lire && empty($user->rights->societe->client->voir))) {
765 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
766 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
767 $sql .=
" LEFT JOIN ".MAIN_DB_PREFIX.
"societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
768 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
769 $sql .=
" AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)";
770 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
771 } elseif (!empty($conf->multicompany->enabled)) {
773 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
774 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
775 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
776 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
779 $checkonentitydone = 1;
781 if (in_array($feature, $checkproject)) {
782 if (!empty($conf->project->enabled) && empty($user->rights->projet->all->lire)) {
783 $projectid = $objectid;
785 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
786 $projectstatic =
new Project($db);
787 $tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0);
789 $tmparray = explode(
',', $tmps);
790 if (!in_array($projectid, $tmparray)) {
794 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
795 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
796 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
797 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
800 $checkonentitydone = 1;
802 if (in_array($feature, $checktask)) {
803 if (!empty($conf->project->enabled) && empty($user->rights->projet->all->lire)) {
804 $task =
new Task($db);
805 $task->fetch($objectid);
806 $projectid = $task->fk_project;
808 include_once DOL_DOCUMENT_ROOT.
'/projet/class/project.class.php';
809 $projectstatic =
new Project($db);
810 $tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0);
812 $tmparray = explode(
',', $tmps);
813 if (!in_array($projectid, $tmparray)) {
817 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
818 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
819 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
820 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
823 $checkonentitydone = 1;
825 if (!$checkonentitydone && !in_array($feature, $nocheck)) {
827 if ($user->socid > 0) {
828 if (empty($dbt_keyfield)) {
831 $sql =
"SELECT COUNT(dbt.".$dbt_keyfield.
") as nb";
832 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
833 $sql .=
" WHERE dbt.rowid IN (".$db->sanitize($objectid, 1).
")";
834 $sql .=
" AND dbt.".$dbt_keyfield.
" = ".((int) $user->socid);
835 } elseif (!empty($conf->societe->enabled) && empty($user->rights->societe->client->voir)) {
837 if ($feature !=
'ticket') {
838 if (empty($dbt_keyfield)) {
841 $sql =
"SELECT COUNT(sc.fk_soc) as nb";
842 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
843 $sql .=
", ".MAIN_DB_PREFIX.
"societe_commerciaux as sc";
844 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
845 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
846 $sql .=
" AND sc.fk_soc = dbt.".$dbt_keyfield;
847 $sql .=
" AND sc.fk_user = ".((int) $user->id);
850 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
851 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
852 $sql .=
" LEFT JOIN ".MAIN_DB_PREFIX.
"societe_commerciaux as sc ON sc.fk_soc = dbt.".$dbt_keyfield.
" AND sc.fk_user = ".((int) $user->id);
853 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
854 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
855 $sql .=
" AND (sc.fk_user = ".((int) $user->id).
" OR sc.fk_user IS NULL)";
857 } elseif (!empty($conf->multicompany->enabled)) {
859 $sql =
"SELECT COUNT(dbt.".$dbt_select.
") as nb";
860 $sql .=
" FROM ".MAIN_DB_PREFIX.$dbtablename.
" as dbt";
861 $sql .=
" WHERE dbt.".$dbt_select.
" IN (".$db->sanitize($objectid, 1).
")";
862 $sql .=
" AND dbt.entity IN (".getEntity($sharedelement, 1).
")";
868 if ($feature ===
'agenda') {
870 if ($objectid > 0 && empty($user->rights->agenda->allactions->read)) {
871 require_once DOL_DOCUMENT_ROOT.
'/comm/action/class/actioncomm.class.php';
873 $action->fetch($objectid);
874 if ($action->authorid != $user->id && $action->userownerid != $user->id && !(array_key_exists($user->id, $action->userassigned))) {
882 if (in_array($feature, $checkhierarchy) && is_object($object)) {
883 $childids = $user->getAllChildIds(1);
885 if ($feature ==
'holiday') {
886 $useridtocheck = $object->fk_user;
887 if (!in_array($useridtocheck, $childids)) {
890 $useridtocheck = $object->fk_validator;
891 if (!in_array($useridtocheck, $childids)) {
895 if ($feature ==
'expensereport') {
896 $useridtocheck = $object->fk_user_author;
897 if (!$user->rights->expensereport->readall) {
898 if (!in_array($useridtocheck, $childids)) {
906 $resql = $db->query($sql);
908 $obj = $db->fetch_object(
$resql);
909 if (!$obj || $obj->nb < count(explode(
',', $objectid))) {
913 dol_syslog(
"Bad forged sql in checkUserAccessToObject", LOG_WARNING);
933 function accessforbidden($message =
'', $printheader = 1, $printfooter = 1, $showonlymessage = 0, $params =
null)
935 global $conf, $db, $user, $langs, $hookmanager;
936 if (!is_object($langs)) {
937 include_once DOL_DOCUMENT_ROOT.
'/core/class/translate.class.php';
939 $langs->setDefaultLang();
942 $langs->load(
"errors");
945 if (function_exists(
"llxHeader")) {
947 } elseif (function_exists(
"llxHeaderVierge")) {
951 print
'<div class="error">';
953 print $langs->trans(
"ErrorForbidden");
959 if (empty($showonlymessage)) {
960 global $action, $object;
961 if (empty($hookmanager)) {
964 $hookmanager->initHooks(array(
'main'));
966 $parameters = array(
'message'=>$message,
'params'=>$params);
967 $reshook = $hookmanager->executeHooks(
'getAccessForbiddenMessage', $parameters, $object, $action);
968 print $hookmanager->resPrint;
969 if (empty($reshook)) {
970 $langs->loadLangs(array(
"errors"));
972 print $langs->trans(
"CurrentLogin").
': <span class="error">'.$user->login.
'</span><br>';
973 print $langs->trans(
"ErrorForbidden2", $langs->transnoentitiesnoconv(
"Home"), $langs->transnoentitiesnoconv(
"Users"));
974 print $langs->trans(
"ErrorForbidden4");
976 print $langs->trans(
"ErrorForbidden3");
980 if ($printfooter && function_exists(
"llxFooter")) {
997 $max = $conf->global->MAIN_UPLOAD_DOC;
998 $maxphp = @ini_get(
'upload_max_filesize');
999 if (preg_match(
'/k$/i', $maxphp)) {
1000 $maxphp = preg_replace(
'/k$/i',
'', $maxphp);
1001 $maxphp = $maxphp * 1;
1003 if (preg_match(
'/m$/i', $maxphp)) {
1004 $maxphp = preg_replace(
'/m$/i',
'', $maxphp);
1005 $maxphp = $maxphp * 1024;
1007 if (preg_match(
'/g$/i', $maxphp)) {
1008 $maxphp = preg_replace(
'/g$/i',
'', $maxphp);
1009 $maxphp = $maxphp * 1024 * 1024;
1011 if (preg_match(
'/t$/i', $maxphp)) {
1012 $maxphp = preg_replace(
'/t$/i',
'', $maxphp);
1013 $maxphp = $maxphp * 1024 * 1024 * 1024;
1015 $maxphp2 = @ini_get(
'post_max_size');
1016 if (preg_match(
'/k$/i', $maxphp2)) {
1017 $maxphp2 = preg_replace(
'/k$/i',
'', $maxphp2);
1018 $maxphp2 = $maxphp2 * 1;
1020 if (preg_match(
'/m$/i', $maxphp2)) {
1021 $maxphp2 = preg_replace(
'/m$/i',
'', $maxphp2);
1022 $maxphp2 = $maxphp2 * 1024;
1024 if (preg_match(
'/g$/i', $maxphp2)) {
1025 $maxphp2 = preg_replace(
'/g$/i',
'', $maxphp2);
1026 $maxphp2 = $maxphp2 * 1024 * 1024;
1028 if (preg_match(
'/t$/i', $maxphp2)) {
1029 $maxphp2 = preg_replace(
'/t$/i',
'', $maxphp2);
1030 $maxphp2 = $maxphp2 * 1024 * 1024 * 1024;
1034 $maxphptoshow = $maxphptoshowparam =
'';
1036 $maxmin = min($maxmin, $maxphp);
1037 $maxphptoshow = $maxphp;
1038 $maxphptoshowparam =
'upload_max_filesize';
1041 $maxmin = min($maxmin, $maxphp2);
1042 if ($maxphp2 < $maxphp) {
1043 $maxphptoshow = $maxphp2;
1044 $maxphptoshowparam =
'post_max_size';
1050 return array(
'max'=>$max,
'maxmin'=>$maxmin,
'maxphptoshow'=>$maxphptoshow,
'maxphptoshowparam'=>$maxphptoshowparam);