27 include_once DOL_DOCUMENT_ROOT.
'/website/class/website.class.php';
28 include_once DOL_DOCUMENT_ROOT.
'/website/class/websitepage.class.php';
36 if (isset($_SERVER[
"HTTP_USER_AGENT"]) && is_object($conf) && empty($conf->browser->name)) {
38 $conf->browser->name = $tmp[
'browsername'];
39 $conf->browser->os = $tmp[
'browseros'];
40 $conf->browser->version = $tmp[
'browserversion'];
41 $conf->browser->layout = $tmp[
'layout'];
44 if ($conf->browser->layout ==
'phone') {
45 $conf->dol_no_mouse_hover = 1;
49 if (!is_object($website)) {
51 $website->fetch(0, $websitekey);
54 if (!$pageid && !empty($websitepagefile)) {
55 $pageid = str_replace(array(
'.tpl.php',
'page'), array(
'',
''), basename($websitepagefile));
56 if ($pageid ==
'index.php') {
57 $pageid = $website->fk_default_home;
60 if (!is_object($websitepage)) {
64 if (!is_object($weblangs)) {
67 if (!is_object($pagelangs)) {
71 $websitepage->fetch($pageid);
73 $weblangs->setDefaultLang(
GETPOSTISSET(
'lang') ?
GETPOST(
'lang',
'aZ09') : (empty($_COOKIE[
'weblangs-shortcode']) ?
'auto' : preg_replace(
'/[^a-zA-Z0-9_\-]/',
'', $_COOKIE[
'weblangs-shortcode'])));
74 $pagelangs->setDefaultLang($websitepage->lang ? $websitepage->lang : $weblangs->shortlang);
76 if (!defined(
'USEDOLIBARREDITOR') && (in_array($websitepage->type_container, array(
'menu',
'other')) || empty($websitepage->status) && !defined(
'USEDOLIBARRSERVER'))) {
77 $weblangs->load(
"website");
82 header(
"X-Content-Type-Options: nosniff");
85 if (empty($websitepage->allowed_in_frames) && empty($conf->global->WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES)) {
86 header(
"X-Frame-Options: SAMEORIGIN");
90 http_response_code(404);
91 print
'<center><br><br>'.$weblangs->trans(
"YouTryToAccessToAFileThatIsNotAWebsitePage", $websitepage->pageurl, $websitepage->type_container, $websitepage->status).
'</center>';
96 if (!defined(
'USEDOLIBARRSERVER') && !defined(
'USEDOLIBARREDITOR')) {
100 header(
"X-Content-Type-Options: nosniff");
103 if (empty($websitepage->allowed_in_frames) && empty($conf->global->WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES)) {
104 header(
"X-Frame-Options: SAMEORIGIN");
111 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCECSPRO')) {
124 if (!is_object($hookmanager)) {
127 $hookmanager->initHooks(array(
"main"));
129 $parameters = array(
'contentsecuritypolicy'=>$contentsecuritypolicy,
'mode'=>
'reportonly');
130 $result = $hookmanager->executeHooks(
'setContentSecurityPolicy', $parameters);
132 $contentsecuritypolicy = $hookmanager->resPrint;
134 $contentsecuritypolicy .= $hookmanager->resPrint;
137 if (!empty($contentsecuritypolicy)) {
138 header(
"Content-Security-Policy-Report-Only: ".$contentsecuritypolicy);
143 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCECSP')) {
156 if (!is_object($hookmanager)) {
159 $hookmanager->initHooks(array(
"main"));
161 $parameters = array(
'contentsecuritypolicy'=>$contentsecuritypolicy,
'mode'=>
'active');
162 $result = $hookmanager->executeHooks(
'setContentSecurityPolicy', $parameters);
164 $contentsecuritypolicy = $hookmanager->resPrint;
166 $contentsecuritypolicy .= $hookmanager->resPrint;
169 if (!empty($contentsecuritypolicy)) {
170 header(
"Content-Security-Policy: ".$contentsecuritypolicy);
175 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCERP')) {
179 $referrerpolicy =
getDolGlobalString(
'WEBSITE_MAIN_SECURITY_FORCERP',
"strict-origin-when-cross-origin");
181 header(
"Referrer-Policy: ".$referrerpolicy);
185 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCESTS')) {
191 header(
"Strict-Transport-Security: ".$sts);
196 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCEPP')) {
202 header(
"Permissions-Policy: ".$pp);
209 $weblangs->setDefaultLang(
GETPOST(
'l',
'aZ09'));
212 if ($_SERVER[
'PHP_SELF'] != DOL_URL_ROOT.
'/website/index.php') {
215 $sql =
"SELECT wp.rowid, wp.lang, wp.pageurl, wp.fk_page";
216 $sql .=
" FROM ".MAIN_DB_PREFIX.
"website_page as wp";
217 $sql .=
" WHERE wp.fk_website = ".((int) $website->id);
218 $sql .=
" AND (wp.fk_page = ".((int) $pageid).
" OR wp.rowid = ".((int) $pageid);
219 if (is_object($websitepage) && $websitepage->fk_page > 0) {
220 $sql .=
" OR wp.fk_page = ".((int) $websitepage->fk_page).
" OR wp.rowid = ".((int) $websitepage->fk_page);
223 $sql .=
" AND wp.lang = '".$db->escape(
GETPOST(
'l',
'aZ09')).
"'";
225 $resql = $db->query($sql);
227 $obj = $db->fetch_object(
$resql);
229 $newpageid = $obj->rowid;
230 if ($newpageid != $pageid) {
231 if (defined(
'USEDOLIBARRSERVER')) {
232 header(
"Location: ".DOL_URL_ROOT.
'/public/website/index.php?website='.$websitekey.
'&pageid='.$newpageid.
'&l='.
GETPOST(
'l',
'aZ09'));
235 $newpageref = $obj->pageurl;
236 header(
"Location: ".(($obj->lang && $obj->lang != $website->lang) ?
'/'.$obj->lang.
'/' :
'/').$newpageref.
'.php?l='.
GETPOST(
'l',
'aZ09'));
246 if (!defined(
'USEDOLIBARREDITOR') && empty($website->status)) {
250 header(
"X-Content-Type-Options: nosniff");
253 if (empty($websitepage->allowed_in_frames) && empty($conf->global->WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES)) {
254 header(
"X-Frame-Options: SAMEORIGIN");
257 $weblangs->load(
"website");
260 http_response_code(503);
261 print
'<center><br><br>'.$weblangs->trans(
"SorryWebsiteIsCurrentlyOffLine").
'</center>';
Class to manage translations.
if(isModEnabled('facture') &&!empty($user->rights->facture->lire)) if((isModEnabled('fournisseur') &&empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) && $user->hasRight("fournisseur", "facture", "lire"))||(isModEnabled('supplier_invoice') && $user->hasRight("supplier_invoice", "lire"))) if(isModEnabled('don') &&!empty($user->rights->don->lire)) if(isModEnabled('tax') &&!empty($user->rights->tax->charges->lire)) if(isModEnabled('facture') &&isModEnabled('commande') && $user->hasRight("commande", "lire") &&empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) $resql
Social contributions to pay.
getBrowserInfo($user_agent)
Return information about user browser.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
if(!function_exists('utf8_encode')) if(!function_exists('utf8_decode')) getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
GETPOSTISSET($paramname)
Return true if we are in a context of submitting the parameter $paramname from a POST of a form.