dolibarr  17.0.4
security2.lib.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2008-2017 Regis Houssin <regis.houssin@inodbox.com>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <https://www.gnu.org/licenses/>.
17  * or see https://www.gnu.org/
18  */
19 
35 function dol_getwebuser($mode)
36 {
37  $t = '?';
38  if ($mode == 'user') {
39  $t = getenv('APACHE_RUN_USER'); // $_ENV['APACHE_RUN_USER'] is empty
40  }
41  if ($mode == 'group') {
42  $t = getenv('APACHE_RUN_GROUP');
43  }
44  return $t;
45 }
46 
57 function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $authmode, $context = '')
58 {
59  global $conf, $langs;
60  //global $dolauthmode; // To return authentication finally used
61 
62  // Check parameters
63  if ($entitytotest == '') {
64  $entitytotest = 1;
65  }
66 
67  dol_syslog("checkLoginPassEntity usertotest=".$usertotest." entitytotest=".$entitytotest." authmode=".join(',', $authmode));
68  $login = '';
69 
70  // Validation of login/pass/entity with standard modules
71  if (empty($login)) {
72  $test = true;
73  foreach ($authmode as $mode) {
74  if ($test && $mode && !$login) {
75  // Validation of login/pass/entity for mode $mode
76  $mode = trim($mode);
77  $authfile = 'functions_'.$mode.'.php';
78  $fullauthfile = '';
79 
80  $dirlogin = array_merge(array("/core/login"), (array) $conf->modules_parts['login']);
81  foreach ($dirlogin as $reldir) {
82  $dir = dol_buildpath($reldir, 0);
83  $newdir = dol_osencode($dir);
84 
85  // Check if file found (do not use dol_is_file to avoid loading files.lib.php)
86  $tmpnewauthfile = $newdir.(preg_match('/\/$/', $newdir) ? '' : '/').$authfile;
87  if (is_file($tmpnewauthfile)) {
88  $fullauthfile = $tmpnewauthfile;
89  }
90  }
91 
92  $result = false;
93  if ($fullauthfile) {
94  $result = include_once $fullauthfile;
95  }
96  if ($fullauthfile && $result) {
97  // Call function to check user/password
98  $function = 'check_user_password_'.$mode;
99  $login = call_user_func($function, $usertotest, $passwordtotest, $entitytotest, $context);
100  if ($login && $login != '--bad-login-validity--') { // Login is successfull
101  $test = false; // To stop once at first login success
102  $conf->authmode = $mode; // This properties is defined only when logged to say what mode was successfully used
103  $dol_tz = GETPOST('tz');
104  $dol_dst = GETPOST('dst');
105  $dol_screenwidth = GETPOST('screenwidth');
106  $dol_screenheight = GETPOST('screenheight');
107  }
108  } else {
109  dol_syslog("Authentication KO - failed to load file '".$authfile."'", LOG_ERR);
110  sleep(1);
111  // Load translation files required by the page
112  $langs->loadLangs(array('other', 'main', 'errors'));
113 
114  $_SESSION["dol_loginmesg"] = (empty($_SESSION["dol_loginmesg"]) ? '' : $_SESSION["dol_loginmesg"].', ').$langs->transnoentitiesnoconv("ErrorFailedToLoadLoginFileForMode", $mode);
115  }
116  }
117  }
118  }
119 
120  return $login;
121 }
122 
123 
124 if (!function_exists('dol_loginfunction')) {
134  function dol_loginfunction($langs, $conf, $mysoc)
135  {
136  global $dolibarr_main_demo, $dolibarr_main_force_https;
137  global $db, $hookmanager;
138 
139  $langs->loadLangs(array("main", "other", "help", "admin"));
140 
141  // Instantiate hooks of thirdparty module only if not already define
142  $hookmanager->initHooks(array('mainloginpage'));
143 
144  $main_authentication = $conf->file->main_authentication;
145 
146  $session_name = session_name(); // Get current session name
147 
148  $dol_url_root = DOL_URL_ROOT;
149 
150  // Title
151  $appli = constant('DOL_APPLICATION_TITLE');
152  $title = $appli.' '.constant('DOL_VERSION');
153  if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
154  $title = $conf->global->MAIN_APPLICATION_TITLE;
155  }
156  $titletruedolibarrversion = constant('DOL_VERSION'); // $title used by login template after the @ to inform of true Dolibarr version
157 
158  // Note: $conf->css looks like '/theme/eldy/style.css.php'
159  /*
160  $conf->css = "/theme/".(GETPOST('theme','aZ09')?GETPOST('theme','aZ09'):$conf->theme)."/style.css.php";
161  $themepath=dol_buildpath($conf->css,1);
162  if (!empty($conf->modules_parts['theme'])) // Using this feature slow down application
163  {
164  foreach($conf->modules_parts['theme'] as $reldir)
165  {
166  if (file_exists(dol_buildpath($reldir.$conf->css, 0)))
167  {
168  $themepath=dol_buildpath($reldir.$conf->css, 1);
169  break;
170  }
171  }
172  }
173  $conf_css = $themepath."?lang=".$langs->defaultlang;
174  */
175 
176  // Select templates dir
177  if (!empty($conf->modules_parts['tpl'])) { // Using this feature slow down application
178  $dirtpls = array_merge($conf->modules_parts['tpl'], array('/core/tpl/'));
179  foreach ($dirtpls as $reldir) {
180  $tmp = dol_buildpath($reldir.'login.tpl.php');
181  if (file_exists($tmp)) {
182  $template_dir = preg_replace('/login\.tpl\.php$/', '', $tmp);
183  break;
184  }
185  }
186  } else {
187  $template_dir = DOL_DOCUMENT_ROOT."/core/tpl/";
188  }
189 
190  // Set cookie for timeout management. We set it as a cookie so we will be able to use it to set timeout on next page before the session start
191  // and the conf file is loaded.
192  $prefix = dol_getprefix('');
193  $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix;
194 
195  if (!empty($conf->global->MAIN_SESSION_TIMEOUT)) {
196  if (session_status() != PHP_SESSION_ACTIVE) {
197  if (PHP_VERSION_ID < 70300) {
198  session_set_cookie_params(0, '/', null, ((empty($dolibarr_main_force_https) && isHTTPS() === false) ? false : true), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
199  } else {
200  // Only available for php >= 7.3
201  $sessioncookieparams = array(
202  'lifetime' => 0,
203  'path' => '/',
204  //'domain' => '.mywebsite.com', // the dot at the beginning allows compatibility with subdomains
205  'secure' => ((empty($dolibarr_main_force_https) && isHTTPS() === false) ? false : true),
206  'httponly' => true,
207  'samesite' => 'Lax' // None || Lax || Strict
208  );
209  session_set_cookie_params($sessioncookieparams);
210  }
211 
212  setcookie($sessiontimeout, $conf->global->MAIN_SESSION_TIMEOUT, 0, "/", null, (empty($dolibarr_main_force_https) ? false : true), true);
213  }
214  }
215 
216  if (GETPOST('urlfrom', 'alpha')) {
217  $_SESSION["urlfrom"] = GETPOST('urlfrom', 'alpha');
218  } else {
219  unset($_SESSION["urlfrom"]);
220  }
221 
222  if (!GETPOST("username", 'alpha')) {
223  $focus_element = 'username';
224  } else {
225  $focus_element = 'password';
226  }
227 
228  $demologin = '';
229  $demopassword = '';
230  if (!empty($dolibarr_main_demo)) {
231  $tab = explode(',', $dolibarr_main_demo);
232  $demologin = $tab[0];
233  $demopassword = $tab[1];
234  }
235 
236  // Execute hook getLoginPageOptions (for table)
237  $parameters = array('entity' => GETPOST('entity', 'int'), 'switchentity' => GETPOST('switchentity', 'int'));
238  $reshook = $hookmanager->executeHooks('getLoginPageOptions', $parameters); // Note that $action and $object may have been modified by some hooks.
239  $morelogincontent = $hookmanager->resPrint;
240 
241  // Execute hook getLoginPageExtraOptions (eg for js)
242  $parameters = array('entity' => GETPOST('entity', 'int'), 'switchentity' => GETPOST('switchentity', 'int'));
243  $reshook = $hookmanager->executeHooks('getLoginPageExtraOptions', $parameters); // Note that $action and $object may have been modified by some hooks.
244  $moreloginextracontent = $hookmanager->resPrint;
245 
246  //Redirect after connection
247  $parameters = array('entity' => GETPOST('entity', 'int'), 'switchentity' => GETPOST('switchentity', 'int'));
248  $reshook = $hookmanager->executeHooks('redirectAfterConnection', $parameters); // Note that $action and $object may have been modified by some hooks.
249  $php_self = $hookmanager->resPrint;
250 
251  // Login
252  $login = (!empty($hookmanager->resArray['username']) ? $hookmanager->resArray['username'] : (GETPOST("username", "alpha") ? GETPOST("username", "alpha") : $demologin));
253  $password = $demopassword;
254 
255  // Show logo (search in order: small company logo, large company logo, theme logo, common logo)
256  $width = 0;
257  $urllogo = DOL_URL_ROOT.'/theme/common/login_logo.png';
258 
259  if (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small)) {
260  $urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/thumbs/'.$mysoc->logo_small);
261  } elseif (!empty($mysoc->logo) && is_readable($conf->mycompany->dir_output.'/logos/'.$mysoc->logo)) {
262  $urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/'.$mysoc->logo);
263  $width = 128;
264  } elseif (!empty($mysoc->logo_squarred_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_squarred_small)) {
265  $urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/thumbs/'.$mysoc->logo_squarred_small);
266  } elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/dolibarr_logo.svg')) {
267  $urllogo = DOL_URL_ROOT.'/theme/dolibarr_logo.svg';
268  }
269 
270  // Security graphical code
271  $captcha = 0;
272  $captcha_refresh = '';
273  if (function_exists("imagecreatefrompng") && !empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) {
274  $captcha = 1;
275  $captcha_refresh = img_picto($langs->trans("Refresh"), 'refresh', 'id="captcha_refresh_img"');
276  }
277 
278  // Extra link
279  $forgetpasslink = 0;
280  $helpcenterlink = 0;
281  if (empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK) || empty($conf->global->MAIN_HELPCENTER_DISABLELINK)) {
282  if (empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
283  $forgetpasslink = 1;
284  }
285 
286  if (empty($conf->global->MAIN_HELPCENTER_DISABLELINK)) {
287  $helpcenterlink = 1;
288  }
289  }
290 
291  // Home message
292  $main_home = '';
293  if (!empty($conf->global->MAIN_HOME)) {
294  $substitutionarray = getCommonSubstitutionArray($langs);
295  complete_substitutions_array($substitutionarray, $langs);
296  $texttoshow = make_substitutions($conf->global->MAIN_HOME, $substitutionarray, $langs);
297 
298  $main_home = dol_htmlcleanlastbr($texttoshow);
299  }
300 
301  // Google AD
302  $main_google_ad_client = ((!empty($conf->global->MAIN_GOOGLE_AD_CLIENT) && !empty($conf->global->MAIN_GOOGLE_AD_SLOT)) ? 1 : 0);
303 
304  // Set jquery theme
305  $dol_loginmesg = (!empty($_SESSION["dol_loginmesg"]) ? $_SESSION["dol_loginmesg"] : '');
306 
307  $favicon = DOL_URL_ROOT.'/theme/dolibarr_256x256_color.png';
308  if (!empty($mysoc->logo_squarred_mini)) {
309  $favicon = DOL_URL_ROOT.'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode('logos/thumbs/'.$mysoc->logo_squarred_mini);
310  }
311  if (!empty($conf->global->MAIN_FAVICON_URL)) {
312  $favicon = $conf->global->MAIN_FAVICON_URL;
313  }
314 
315  $jquerytheme = 'base';
316  if (!empty($conf->global->MAIN_USE_JQUERY_THEME)) {
317  $jquerytheme = $conf->global->MAIN_USE_JQUERY_THEME;
318  }
319 
320  // Set dol_hide_topmenu, dol_hide_leftmenu, dol_optimize_smallscreen, dol_no_mouse_hover
321  $dol_hide_topmenu = GETPOST('dol_hide_topmenu', 'int');
322  $dol_hide_leftmenu = GETPOST('dol_hide_leftmenu', 'int');
323  $dol_optimize_smallscreen = GETPOST('dol_optimize_smallscreen', 'int');
324  $dol_no_mouse_hover = GETPOST('dol_no_mouse_hover', 'int');
325  $dol_use_jmobile = GETPOST('dol_use_jmobile', 'int');
326 
327  // Include login page template
328  include $template_dir.'login.tpl.php';
329 
330  // Global html output events ($mesgs, $errors, $warnings)
332 
333  $_SESSION["dol_loginmesg"] = '';
334  }
335 }
336 
345 function makesalt($type = CRYPT_SALT_LENGTH)
346 {
347  dol_syslog("makesalt type=".$type);
348  switch ($type) {
349  case 12: // 8 + 4
350  $saltlen = 8;
351  $saltprefix = '$1$';
352  $saltsuffix = '$';
353  break;
354  case 8: // 8 (Pour compatibilite, ne devrait pas etre utilise)
355  $saltlen = 8;
356  $saltprefix = '$1$';
357  $saltsuffix = '$';
358  break;
359  case 2: // 2
360  default: // by default, fall back on Standard DES (should work everywhere)
361  $saltlen = 2;
362  $saltprefix = '';
363  $saltsuffix = '';
364  break;
365  }
366  $salt = '';
367  while (dol_strlen($salt) < $saltlen) {
368  $salt .= chr(mt_rand(64, 126));
369  }
370 
371  $result = $saltprefix.$salt.$saltsuffix;
372  dol_syslog("makesalt return=".$result);
373  return $result;
374 }
375 
382 function encodedecode_dbpassconf($level = 0)
383 {
384  dol_syslog("encodedecode_dbpassconf level=".$level, LOG_DEBUG);
385  $config = '';
386  $passwd = '';
387  $passwd_crypted = '';
388 
389  if ($fp = fopen(DOL_DOCUMENT_ROOT.'/conf/conf.php', 'r')) {
390  while (!feof($fp)) {
391  $buffer = fgets($fp, 4096);
392 
393  $lineofpass = 0;
394 
395  $reg = array();
396  if (preg_match('/^[^#]*dolibarr_main_db_encrypted_pass[\s]*=[\s]*(.*)/i', $buffer, $reg)) { // Old way to save crypted value
397  $val = trim($reg[1]); // This also remove CR/LF
398  $val = preg_replace('/^["\']/', '', $val);
399  $val = preg_replace('/["\'][\s;]*$/', '', $val);
400  if (!empty($val)) {
401  $passwd_crypted = $val;
402  // method dol_encode/dol_decode
403  $val = dol_decode($val);
404  //$val = dolEncrypt($val);
405  $passwd = $val;
406  $lineofpass = 1;
407  }
408  } elseif (preg_match('/^[^#]*dolibarr_main_db_pass[\s]*=[\s]*(.*)/i', $buffer, $reg)) {
409  $val = trim($reg[1]); // This also remove CR/LF
410  $val = preg_replace('/^["\']/', '', $val);
411  $val = preg_replace('/["\'][\s;]*$/', '', $val);
412  if (preg_match('/crypted:/i', $buffer)) {
413  // method dol_encode/dol_decode
414  $val = preg_replace('/crypted:/i', '', $val);
415  $passwd_crypted = $val;
416  $val = dol_decode($val);
417  $passwd = $val;
418  } elseif (preg_match('/^dolcrypt:([^:]+):(.*)$/i', $buffer, $reg)) {
419  // method dolEncrypt/dolDecrypt
420  $val = preg_replace('/crypted:([^:]+):/i', '', $val);
421  $passwd_crypted = $val;
422  $val = dolDecrypt($buffer);
423  $passwd = $val;
424  } else {
425  $passwd = $val;
426  $val = dol_encode($val);
427  $passwd_crypted = $val;
428  }
429  $lineofpass = 1;
430  }
431 
432  // Output line
433  if ($lineofpass) {
434  // Add value at end of file
435  if ($level == 0) {
436  $config .= '$dolibarr_main_db_pass=\''.$passwd.'\';'."\n";
437  }
438  if ($level == 1) {
439  $config .= '$dolibarr_main_db_pass=\'crypted:'.$passwd_crypted.'\';'."\n";
440  }
441 
442  //print 'passwd = '.$passwd.' - passwd_crypted = '.$passwd_crypted;
443  //exit;
444  } else {
445  $config .= $buffer;
446  }
447  }
448  fclose($fp);
449 
450  // Write new conf file
451  $file = DOL_DOCUMENT_ROOT.'/conf/conf.php';
452  if ($fp = @fopen($file, 'w')) {
453  fputs($fp, $config);
454  fflush($fp);
455  fclose($fp);
456  clearstatcache();
457 
458  // It's config file, so we set read permission for creator only.
459  // Should set permission to web user and groups for users used by batch
460  //@chmod($file, octdec('0600'));
461 
462  return 1;
463  } else {
464  dol_syslog("encodedecode_dbpassconf Failed to open conf.php file for writing", LOG_WARNING);
465  return -1;
466  }
467  } else {
468  dol_syslog("encodedecode_dbpassconf Failed to read conf.php", LOG_ERR);
469  return -2;
470  }
471 }
472 
482 function getRandomPassword($generic = false, $replaceambiguouschars = null, $length = 32)
483 {
484  global $db, $conf, $langs, $user;
485 
486  $generated_password = '';
487  if ($generic) {
488  $lowercase = "qwertyuiopasdfghjklzxcvbnm";
489  $uppercase = "ASDFGHJKLZXCVBNMQWERTYUIOP";
490  $numbers = "1234567890";
491  $randomCode = "";
492  $nbofchar = round($length / 3);
493  $nbofcharlast = ($length - 2 * $nbofchar);
494  //var_dump($nbofchar.'-'.$nbofcharlast);
495  if (function_exists('random_int')) { // Cryptographic random
496  $max = strlen($lowercase) - 1;
497  for ($x = 0; $x < $nbofchar; $x++) {
498  $tmp = random_int(0, $max);
499  $randomCode .= $lowercase[$tmp];
500  }
501  $max = strlen($uppercase) - 1;
502  for ($x = 0; $x < $nbofchar; $x++) {
503  $tmp = random_int(0, $max);
504  $randomCode .= $uppercase[$tmp];
505  }
506  $max = strlen($numbers) - 1;
507  for ($x = 0; $x < $nbofcharlast; $x++) {
508  $tmp = random_int(0, $max);
509  $randomCode .= $numbers[$tmp];
510  }
511 
512  $generated_password = str_shuffle($randomCode);
513  } else {
514  // Old platform, non cryptographic random
515  $max = strlen($lowercase) - 1;
516  for ($x = 0; $x < $nbofchar; $x++) {
517  $tmp = mt_rand(0, $max);
518  $randomCode .= $lowercase[$tmp];
519  }
520  $max = strlen($uppercase) - 1;
521  for ($x = 0; $x < $nbofchar; $x++) {
522  $tmp = mt_rand(0, $max);
523  $randomCode .= $uppercase[$tmp];
524  }
525  $max = strlen($numbers) - 1;
526  for ($x = 0; $x < $nbofcharlast; $x++) {
527  $tmp = mt_rand(0, $max);
528  $randomCode .= $numbers[$tmp];
529  }
530 
531  $generated_password = str_shuffle($randomCode);
532  }
533  } elseif (!empty($conf->global->USER_PASSWORD_GENERATED)) {
534  $nomclass = "modGeneratePass".ucfirst($conf->global->USER_PASSWORD_GENERATED);
535  $nomfichier = $nomclass.".class.php";
536  //print DOL_DOCUMENT_ROOT."/core/modules/security/generate/".$nomclass;
537  require_once DOL_DOCUMENT_ROOT."/core/modules/security/generate/".$nomfichier;
538  $genhandler = new $nomclass($db, $conf, $langs, $user);
539  $generated_password = $genhandler->getNewGeneratedPassword();
540  unset($genhandler);
541  }
542 
543  // Do we have to discard some alphabetic characters ?
544  if (is_array($replaceambiguouschars) && count($replaceambiguouschars) > 0) {
545  $numbers = "ABCDEF";
546  $max = strlen($numbers) - 1;
547  if (function_exists('random_int')) { // Cryptographic random
548  $tmp = random_int(0, $max);
549  $generated_password = str_replace($replaceambiguouschars, $numbers[$tmp], $generated_password);
550  } else {
551  $tmp = mt_rand(0, $max);
552  $generated_password = str_replace($replaceambiguouschars, $numbers[$tmp], $generated_password);
553  }
554  }
555 
556  return $generated_password;
557 }
558 
568 function dolJSToSetRandomPassword($htmlname, $htmlnameofbutton = 'generate_token', $generic = 1)
569 {
570  global $conf;
571 
572  if (!empty($conf->use_javascript_ajax)) {
573  print "\n".'<!-- Js code to suggest a security key --><script type="text/javascript">';
574  print '$(document).ready(function () {
575  $("#'.dol_escape_js($htmlnameofbutton).'").click(function() {
576  console.log("We click on the button '.dol_escape_js($htmlnameofbutton).' to suggest a key. We will fill '.dol_escape_js($htmlname).'");
577  $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
578  action: \'getrandompassword\',
579  generic: '.($generic ? '1' : '0').',
580  token: \''.dol_escape_js(newToken()).'\'
581  },
582  function(result) {
583  $("#'.dol_escape_js($htmlname).'").val(result);
584  });
585  });
586  });'."\n";
587  print '</script>';
588  }
589 }
dol_osencode($str)
Return a string encoded into OS filesystem encoding.
isHTTPS()
Return if we are using a HTTPS connexion Check HTTPS (no way to be modified by user but may be empty ...
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=false, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
dol_escape_js($stringtoescape, $mode=0, $noescapebackslashn=0)
Returns text escaped for inclusion into javascript code.
newToken()
Return the value of token currently saved into session with name 'newtoken'.
dol_htmlcleanlastbr($stringtodecode)
This function remove all ending and br at end.
dol_htmloutput_events($disabledoutputofmessages=0)
Print formated messages to output (Used to show messages on html output).
complete_substitutions_array(&$substitutionarray, $outputlangs, $object=null, $parameters=null, $callfunc="completesubstitutionarray")
Complete the $substitutionarray with more entries coming from external module that had set the "subst...
make_substitutions($text, $substitutionarray, $outputlangs=null, $converttextinhtmlifnecessary=0)
Make substitution into a text string, replacing keys with vals from $substitutionarray (oldval=>newva...
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_buildpath($path, $type=0, $returnemptyifnotfound=0)
Return path of url or filesystem.
getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $object=null)
Return array of possible common substitutions.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
conf($dolibarr_main_document_root)
Load conf file (file must exists)
Definition: inc.php:292
if($reshook< 0) if(empty($reshook)) $dol_url_root
View.
dolJSToSetRandomPassword($htmlname, $htmlnameofbutton='generate_token', $generic=1)
Ouput javacript to autoset a generated password using default module into a HTML element.
dol_getwebuser($mode)
Return user/group account of web server.
encodedecode_dbpassconf($level=0)
Encode or decode database password in config file.
checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $authmode, $context='')
Return a login if login/pass was successfull.
getRandomPassword($generic=false, $replaceambiguouschars=null, $length=32)
Return a generated password using default module.
if(!function_exists('dol_loginfunction')) makesalt($type=CRYPT_SALT_LENGTH)
Fonction pour initialiser un salt pour la fonction crypt.
dol_encode($chain, $key='1')
Encode a string with base 64 algorithm + specific delta change.
dol_decode($chain, $key='1')
Decode a base 64 encoded + specific delta change.
dolDecrypt($chain, $key='')
Decode a string with a symetric encryption.