dolibarr 19.0.4
|
File that defines environment for Dolibarr GUI pages only (file not required by scripts) More...
Go to the source code of this file.
Functions | |
if(!empty( $_SERVER[ 'MAIN_SHOW_TUNING_INFO'])) | realCharForNumericEntities ($matches) |
Return the real char for a numeric entities. | |
testSqlAndScriptInject ($val, $type) | |
Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF). | |
analyseVarsForSqlAndScriptsInjection (&$var, $type) | |
Return true if security check on parameters are OK, false otherwise. | |
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) | top_httphead ($contenttype='text/html', $forcenocache=0) |
Show HTTP header. | |
top_htmlhead ($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $disableforlogin=0, $disablenofollow=0, $disablenoindex=0) | |
Ouput html header of a page. | |
top_menu ($head, $title='', $target='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $morequerystring='', $helppagename='') | |
Show an HTML header + a BODY + The top menu bar. | |
top_menu_user ($hideloginname=0, $urllogout='') | |
Build the tooltip on user login. | |
top_menu_quickadd () | |
Build the tooltip on top menu quick add. | |
printDropdownQuickadd () | |
Generate list of quickadd items. | |
top_menu_bookmark () | |
Build the tooltip on top menu bookmark. | |
top_menu_search () | |
Build the tooltip on top menu tsearch. | |
left_menu ($menu_array_before, $helppagename='', $notused='', $menu_array_after=array(), $leftmenuwithoutmainarea=0, $title='', $acceptdelayedhtml=0) | |
Show left menu bar. | |
main_area ($title='') | |
Begin main area. | |
getHelpParamFor ($helppagename, $langs) | |
Return helpbaseurl, helppage and mode. | |
printSearchForm ($urlaction, $urlobject, $title, $htmlmorecss, $htmlinputname, $accesskey='', $prefhtmlinputname='', $img='', $showtitlebefore=0, $autofocus=0) | |
Show a search area. | |
File that defines environment for Dolibarr GUI pages only (file not required by scripts)
Definition in file main.inc.php.
analyseVarsForSqlAndScriptsInjection | ( | & | $var, |
$type ) |
Return true if security check on parameters are OK, false otherwise.
string | array | $var | Variable name |
string | $type | 1=GET, 0=POST, 2=PHP_SELF |
Show HTML header HTML + BODY + Top menu + left menu + DIV
string | $head | Optionnal head lines |
string | $title | HTML title |
string | $help_url | Url links to help page Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
string | $target | Target to use on links |
int | $disablejs | More content into html header |
int | $disablehead | More content into html header |
array | string | $arrayofjs | Array of complementary js files |
array | string | $arrayofcss | Array of complementary css files |
string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
string | $morecssonbody | More CSS on body tag. For example 'classforhorizontalscrolloftabs'. |
string | $replacemainareaby | Replace call to main_area() by a print of this string |
int | $disablenofollow | Disable the "nofollow" on meta robot header |
int | $disablenoindex | Disable the "noindex" on meta robot header |
Definition at line 216 of file main.inc.php.
References analyseVarsForSqlAndScriptsInjection(), and testSqlAndScriptInject().
Referenced by analyseVarsForSqlAndScriptsInjection().
getHelpParamFor | ( | $helppagename, | |
$langs ) |
Return helpbaseurl, helppage and mode.
string | $helppagename | Page name ('EN:xxx,ES:eee,FR:fff,DE:ddd...' or 'http://localpage') |
Translate | $langs | Language |
Definition at line 3476 of file main.inc.php.
Referenced by top_menu().
left_menu | ( | $menu_array_before, | |
$helppagename = '', | |||
$notused = '', | |||
$menu_array_after = array(), | |||
$leftmenuwithoutmainarea = 0, | |||
$title = '', | |||
$acceptdelayedhtml = 0 ) |
Show left menu bar.
array | $menu_array_before | Table of menu entries to show before entries of menu handler. This param is deprectaed and must be provided to ''. |
string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
string | $notused | Deprecated. Used in past to add content into left menu. Hooks can be used now. |
array | $menu_array_after | Table of menu entries to show after entries of menu handler |
int | $leftmenuwithoutmainarea | Must be set to 1. 0 by default for backward compatibility with old modules. |
string | $title | Title of web page |
int | $acceptdelayedhtml | 1 if caller request to have html delayed content not returned but saved into global $delayedhtmlcontent (so caller can show it at end of page to avoid flash FOUC effect) |
Definition at line 3164 of file main.inc.php.
References dol_escape_htmltag(), dol_syslog(), getDolGlobalString(), main_area(), and printSearchForm().
main_area | ( | $title = '' | ) |
Begin main area.
string | $title | Title |
Definition at line 3414 of file main.inc.php.
References dol_escape_htmltag(), getDolGlobalString(), GETPOST(), and info_admin().
Referenced by left_menu().
printDropdownQuickadd | ( | ) |
Generate list of quickadd items.
Definition at line 2714 of file main.inc.php.
References getDolGlobalString(), and img_picto().
Referenced by top_menu_quickadd().
printSearchForm | ( | $urlaction, | |
$urlobject, | |||
$title, | |||
$htmlmorecss, | |||
$htmlinputname, | |||
$accesskey = '', | |||
$prefhtmlinputname = '', | |||
$img = '', | |||
$showtitlebefore = 0, | |||
$autofocus = 0 ) |
Show a search area.
Used when the javascript quick search is not used.
string | $urlaction | Url post |
string | $urlobject | Url of the link under the search box |
string | $title | Title search area |
string | $htmlmorecss | Add more css |
string | $htmlinputname | Field Name input form |
string | $accesskey | Accesskey |
string | $prefhtmlinputname | Complement for id to avoid multiple same id in the page |
string | $img | Image to use |
int | $showtitlebefore | Show title before input text instead of into placeholder. This can be set when output is dedicated for text browsers. |
int | $autofocus | Set autofocus on field |
Show HTML footer Close div /DIV class=fiche + /DIV id-right + /DIV id-container + /BODY + /HTML. If global var $delayedhtmlcontent was filled, we output it just before closing the body.
string | $comment | A text to add as HTML comment into HTML generated page |
string | $zone | 'private' (for private pages) or 'public' (for public pages) |
int | $disabledoutputofmessages | Clear all messages stored into session without diplaying them |
Definition at line 3536 of file main.inc.php.
References img_picto().
Referenced by left_menu().
if(!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) realCharForNumericEntities | ( | $matches | ) |
Return the real char for a numeric entities.
WARNING: This function is required by testSqlAndScriptInject() and the GETPOST 'restricthtml'. Regex calling must be similar.
string | $matches | String of numeric entity |
Definition at line 63 of file main.inc.php.
Referenced by dol_htmlwithnojs(), and testSqlAndScriptInject().
testSqlAndScriptInject | ( | $val, | |
$type ) |
Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can only be guaranted by escaping data during output.
string | $val | Brute value found into $_GET, $_POST or PHP_SELF |
string | $type | 0=POST, 1=GET, 2=PHP_SELF, 3=GET without sql reserved keywords (the less tolerant test) |
Definition at line 89 of file main.inc.php.
References realCharForNumericEntities().
Referenced by analyseVarsForSqlAndScriptsInjection(), ImportCsv\import_insert(), ImportXlsx\import_insert(), and Form\select_thirdparty_list().
top_htmlhead | ( | $head, | |
$title = '', | |||
$disablejs = 0, | |||
$disablehead = 0, | |||
$arrayofjs = array(), | |||
$arrayofcss = array(), | |||
$disableforlogin = 0, | |||
$disablenofollow = 0, | |||
$disablenoindex = 0 ) |
Ouput html header of a page.
It calls also top_httphead() This code is also duplicated into security2.lib.php\dol_loginfunction
string | $head | Optionnal head lines |
string | $title | HTML title |
int | $disablejs | Disable js output |
int | $disablehead | Disable head output |
array | $arrayofjs | Array of complementary js files |
array | $arrayofcss | Array of complementary css files |
int | $disableforlogin | Do not load heavy js and css for login pages |
int | $disablenofollow | Disable nofollow tag for meta robots |
int | $disablenoindex | Disable noindex tag for meta robots |
Definition at line 1708 of file main.inc.php.
References dol_buildpath(), dol_htmlentities(), dol_syslog(), dolibarr_set_const(), getDolGlobalInt(), getDolGlobalString(), GETPOST(), and top_httphead().
Referenced by llxHeaderTicket(), llxHeaderVierge(), llxHeaderVierge(), llxHeaderVierge(), and top_menu().
if(!defined('NOREQUIREMENU')) if(!empty(GETPOST( 'seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead | ( | $contenttype = 'text/html', | |
$forcenocache = 0 ) |
Show HTTP header.
Called by top_htmlhead().
string | $contenttype | Content type. For example, 'text/html' |
int | $forcenocache | Force disabling of cache for the page |
Definition at line 1569 of file main.inc.php.
References getDolGlobalString().
Referenced by dol_print_error(), AccountancyExport\export(), httponly_accessforbidden(), llxHeaderVierge(), print_paybox_redirect(), and top_htmlhead().
top_menu | ( | $head, | |
$title = '', | |||
$target = '', | |||
$disablejs = 0, | |||
$disablehead = 0, | |||
$arrayofjs = array(), | |||
$arrayofcss = array(), | |||
$morequerystring = '', | |||
$helppagename = '' ) |
Show an HTML header + a BODY + The top menu bar.
string | $head | Lines in the HEAD |
string | $title | Title of web page |
string | $target | Target to use in menu links (Example: '' or '_top') |
int | $disablejs | Do not output links to js (Ex: qd fonction utilisee par sous formulaire Ajax) |
int | $disablehead | Do not output head section |
array | $arrayofjs | Array of js files to add in header |
array | $arrayofcss | Array of css files to add in header |
string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
Definition at line 2120 of file main.inc.php.
References dol_escape_htmltag(), getDolGlobalInt(), getDolGlobalString(), getHelpParamFor(), GETPOST(), img_picto(), top_htmlhead(), top_menu_bookmark(), top_menu_quickadd(), top_menu_search(), and top_menu_user().
top_menu_bookmark | ( | ) |
Build the tooltip on top menu bookmark.
Definition at line 2893 of file main.inc.php.
References getDolGlobalString(), and printDropdownBookmarksList().
Referenced by top_menu().
top_menu_quickadd | ( | ) |
Build the tooltip on top menu quick add.
Definition at line 2639 of file main.inc.php.
References printDropdownQuickadd().
Referenced by top_menu().
top_menu_search | ( | ) |
Build the tooltip on top menu tsearch.
Definition at line 2988 of file main.inc.php.
Referenced by top_menu().
top_menu_user | ( | $hideloginname = 0, | |
$urllogout = '' ) |
Build the tooltip on user login.
int | $hideloginname | Hide login name. Show only the image. |
string | $urllogout | URL for logout (Will use DOL_URL_ROOT.'/user/logout.php?token=...' if empty) |
Definition at line 2374 of file main.inc.php.
References dol_escape_htmltag(), dol_print_date(), dol_print_profids(), dolButtonToOpenUrlInDialogPopup(), getDolGlobalString(), img_picto(), picto_from_langcode(), Form\showphoto(), and yn().
Referenced by top_menu().