|
dolibarr 19.0.4
|
File that defines environment for Dolibarr GUI pages only (file not required by scripts) More...
Go to the source code of this file.
Functions | |
| if(!empty( $_SERVER[ 'MAIN_SHOW_TUNING_INFO'])) | realCharForNumericEntities ($matches) |
| Return the real char for a numeric entities. | |
| testSqlAndScriptInject ($val, $type) | |
| Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF). | |
| analyseVarsForSqlAndScriptsInjection (&$var, $type) | |
| Return true if security check on parameters are OK, false otherwise. | |
| if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) | top_httphead ($contenttype='text/html', $forcenocache=0) |
| Show HTTP header. | |
| top_htmlhead ($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $disableforlogin=0, $disablenofollow=0, $disablenoindex=0) | |
| Ouput html header of a page. | |
| top_menu ($head, $title='', $target='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $morequerystring='', $helppagename='') | |
| Show an HTML header + a BODY + The top menu bar. | |
| top_menu_user ($hideloginname=0, $urllogout='') | |
| Build the tooltip on user login. | |
| top_menu_quickadd () | |
| Build the tooltip on top menu quick add. | |
| printDropdownQuickadd () | |
| Generate list of quickadd items. | |
| top_menu_bookmark () | |
| Build the tooltip on top menu bookmark. | |
| top_menu_search () | |
| Build the tooltip on top menu tsearch. | |
| left_menu ($menu_array_before, $helppagename='', $notused='', $menu_array_after=array(), $leftmenuwithoutmainarea=0, $title='', $acceptdelayedhtml=0) | |
| Show left menu bar. | |
| main_area ($title='') | |
| Begin main area. | |
| getHelpParamFor ($helppagename, $langs) | |
| Return helpbaseurl, helppage and mode. | |
| printSearchForm ($urlaction, $urlobject, $title, $htmlmorecss, $htmlinputname, $accesskey='', $prefhtmlinputname='', $img='', $showtitlebefore=0, $autofocus=0) | |
| Show a search area. | |
File that defines environment for Dolibarr GUI pages only (file not required by scripts)
Definition in file main.inc.php.
| analyseVarsForSqlAndScriptsInjection | ( | & | $var, |
| $type ) |
Return true if security check on parameters are OK, false otherwise.
| string | array | $var | Variable name |
| string | $type | 1=GET, 0=POST, 2=PHP_SELF |
Show HTML header HTML + BODY + Top menu + left menu + DIV
| string | $head | Optionnal head lines |
| string | $title | HTML title |
| string | $help_url | Url links to help page Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
| string | $target | Target to use on links |
| int | $disablejs | More content into html header |
| int | $disablehead | More content into html header |
| array | string | $arrayofjs | Array of complementary js files |
| array | string | $arrayofcss | Array of complementary css files |
| string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
| string | $morecssonbody | More CSS on body tag. For example 'classforhorizontalscrolloftabs'. |
| string | $replacemainareaby | Replace call to main_area() by a print of this string |
| int | $disablenofollow | Disable the "nofollow" on meta robot header |
| int | $disablenoindex | Disable the "noindex" on meta robot header |
Definition at line 216 of file main.inc.php.
References analyseVarsForSqlAndScriptsInjection(), and testSqlAndScriptInject().
Referenced by analyseVarsForSqlAndScriptsInjection().
| getHelpParamFor | ( | $helppagename, | |
| $langs ) |
Return helpbaseurl, helppage and mode.
| string | $helppagename | Page name ('EN:xxx,ES:eee,FR:fff,DE:ddd...' or 'http://localpage') |
| Translate | $langs | Language |
Definition at line 3476 of file main.inc.php.
Referenced by top_menu().
| left_menu | ( | $menu_array_before, | |
| $helppagename = '', | |||
| $notused = '', | |||
| $menu_array_after = array(), | |||
| $leftmenuwithoutmainarea = 0, | |||
| $title = '', | |||
| $acceptdelayedhtml = 0 ) |
Show left menu bar.
| array | $menu_array_before | Table of menu entries to show before entries of menu handler. This param is deprectaed and must be provided to ''. |
| string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
| string | $notused | Deprecated. Used in past to add content into left menu. Hooks can be used now. |
| array | $menu_array_after | Table of menu entries to show after entries of menu handler |
| int | $leftmenuwithoutmainarea | Must be set to 1. 0 by default for backward compatibility with old modules. |
| string | $title | Title of web page |
| int | $acceptdelayedhtml | 1 if caller request to have html delayed content not returned but saved into global $delayedhtmlcontent (so caller can show it at end of page to avoid flash FOUC effect) |
Definition at line 3164 of file main.inc.php.
References dol_escape_htmltag(), dol_syslog(), getDolGlobalString(), main_area(), and printSearchForm().
| main_area | ( | $title = '' | ) |
Begin main area.
| string | $title | Title |
Definition at line 3414 of file main.inc.php.
References dol_escape_htmltag(), getDolGlobalString(), GETPOST(), and info_admin().
Referenced by left_menu().
| printDropdownQuickadd | ( | ) |
Generate list of quickadd items.
Definition at line 2714 of file main.inc.php.
References getDolGlobalString(), and img_picto().
Referenced by top_menu_quickadd().
| printSearchForm | ( | $urlaction, | |
| $urlobject, | |||
| $title, | |||
| $htmlmorecss, | |||
| $htmlinputname, | |||
| $accesskey = '', | |||
| $prefhtmlinputname = '', | |||
| $img = '', | |||
| $showtitlebefore = 0, | |||
| $autofocus = 0 ) |
Show a search area.
Used when the javascript quick search is not used.
| string | $urlaction | Url post |
| string | $urlobject | Url of the link under the search box |
| string | $title | Title search area |
| string | $htmlmorecss | Add more css |
| string | $htmlinputname | Field Name input form |
| string | $accesskey | Accesskey |
| string | $prefhtmlinputname | Complement for id to avoid multiple same id in the page |
| string | $img | Image to use |
| int | $showtitlebefore | Show title before input text instead of into placeholder. This can be set when output is dedicated for text browsers. |
| int | $autofocus | Set autofocus on field |
Show HTML footer Close div /DIV class=fiche + /DIV id-right + /DIV id-container + /BODY + /HTML. If global var $delayedhtmlcontent was filled, we output it just before closing the body.
| string | $comment | A text to add as HTML comment into HTML generated page |
| string | $zone | 'private' (for private pages) or 'public' (for public pages) |
| int | $disabledoutputofmessages | Clear all messages stored into session without diplaying them |
Definition at line 3536 of file main.inc.php.
References img_picto().
Referenced by left_menu().
| if(!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) realCharForNumericEntities | ( | $matches | ) |
Return the real char for a numeric entities.
WARNING: This function is required by testSqlAndScriptInject() and the GETPOST 'restricthtml'. Regex calling must be similar.
| string | $matches | String of numeric entity |
Definition at line 63 of file main.inc.php.
Referenced by dol_htmlwithnojs(), and testSqlAndScriptInject().
| testSqlAndScriptInject | ( | $val, | |
| $type ) |
Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can only be guaranted by escaping data during output.
| string | $val | Brute value found into $_GET, $_POST or PHP_SELF |
| string | $type | 0=POST, 1=GET, 2=PHP_SELF, 3=GET without sql reserved keywords (the less tolerant test) |
Definition at line 89 of file main.inc.php.
References realCharForNumericEntities().
Referenced by analyseVarsForSqlAndScriptsInjection(), ImportCsv\import_insert(), ImportXlsx\import_insert(), and Form\select_thirdparty_list().
| top_htmlhead | ( | $head, | |
| $title = '', | |||
| $disablejs = 0, | |||
| $disablehead = 0, | |||
| $arrayofjs = array(), | |||
| $arrayofcss = array(), | |||
| $disableforlogin = 0, | |||
| $disablenofollow = 0, | |||
| $disablenoindex = 0 ) |
Ouput html header of a page.
It calls also top_httphead() This code is also duplicated into security2.lib.php\dol_loginfunction
| string | $head | Optionnal head lines |
| string | $title | HTML title |
| int | $disablejs | Disable js output |
| int | $disablehead | Disable head output |
| array | $arrayofjs | Array of complementary js files |
| array | $arrayofcss | Array of complementary css files |
| int | $disableforlogin | Do not load heavy js and css for login pages |
| int | $disablenofollow | Disable nofollow tag for meta robots |
| int | $disablenoindex | Disable noindex tag for meta robots |
Definition at line 1708 of file main.inc.php.
References dol_buildpath(), dol_htmlentities(), dol_syslog(), dolibarr_set_const(), getDolGlobalInt(), getDolGlobalString(), GETPOST(), and top_httphead().
Referenced by llxHeaderTicket(), llxHeaderVierge(), llxHeaderVierge(), llxHeaderVierge(), and top_menu().
| if(!defined('NOREQUIREMENU')) if(!empty(GETPOST( 'seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead | ( | $contenttype = 'text/html', | |
| $forcenocache = 0 ) |
Show HTTP header.
Called by top_htmlhead().
| string | $contenttype | Content type. For example, 'text/html' |
| int | $forcenocache | Force disabling of cache for the page |
Definition at line 1569 of file main.inc.php.
References getDolGlobalString().
Referenced by dol_print_error(), AccountancyExport\export(), httponly_accessforbidden(), llxHeaderVierge(), print_paybox_redirect(), and top_htmlhead().
| top_menu | ( | $head, | |
| $title = '', | |||
| $target = '', | |||
| $disablejs = 0, | |||
| $disablehead = 0, | |||
| $arrayofjs = array(), | |||
| $arrayofcss = array(), | |||
| $morequerystring = '', | |||
| $helppagename = '' ) |
Show an HTML header + a BODY + The top menu bar.
| string | $head | Lines in the HEAD |
| string | $title | Title of web page |
| string | $target | Target to use in menu links (Example: '' or '_top') |
| int | $disablejs | Do not output links to js (Ex: qd fonction utilisee par sous formulaire Ajax) |
| int | $disablehead | Do not output head section |
| array | $arrayofjs | Array of js files to add in header |
| array | $arrayofcss | Array of css files to add in header |
| string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
| string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
Definition at line 2120 of file main.inc.php.
References dol_escape_htmltag(), getDolGlobalInt(), getDolGlobalString(), getHelpParamFor(), GETPOST(), img_picto(), top_htmlhead(), top_menu_bookmark(), top_menu_quickadd(), top_menu_search(), and top_menu_user().
| top_menu_bookmark | ( | ) |
Build the tooltip on top menu bookmark.
Definition at line 2893 of file main.inc.php.
References getDolGlobalString(), and printDropdownBookmarksList().
Referenced by top_menu().
| top_menu_quickadd | ( | ) |
Build the tooltip on top menu quick add.
Definition at line 2639 of file main.inc.php.
References printDropdownQuickadd().
Referenced by top_menu().
| top_menu_search | ( | ) |
Build the tooltip on top menu tsearch.
Definition at line 2988 of file main.inc.php.
Referenced by top_menu().
| top_menu_user | ( | $hideloginname = 0, | |
| $urllogout = '' ) |
Build the tooltip on user login.
| int | $hideloginname | Hide login name. Show only the image. |
| string | $urllogout | URL for logout (Will use DOL_URL_ROOT.'/user/logout.php?token=...' if empty) |
Definition at line 2374 of file main.inc.php.
References dol_escape_htmltag(), dol_print_date(), dol_print_profids(), dolButtonToOpenUrlInDialogPopup(), getDolGlobalString(), img_picto(), picto_from_langcode(), Form\showphoto(), and yn().
Referenced by top_menu().