27require
'../main.inc.php';
28require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
29require_once DOL_DOCUMENT_ROOT.
'/core/lib/files.lib.php';
30require_once DOL_DOCUMENT_ROOT.
'/core/class/html.formfile.class.php';
33$langs->loadLangs(array(
"users",
"admin",
"other"));
39$action =
GETPOST(
'action',
'aZ09');
47if (preg_match(
'/set_([a-z0-9_\-]+)/i', $action, $reg)) {
51 header(
"Location: ".$_SERVER[
"PHP_SELF"]);
56} elseif (preg_match(
'/del_([a-z0-9_\-]+)/i', $action, $reg)) {
59 header(
"Location: ".$_SERVER[
"PHP_SELF"]);
64} elseif ($action ==
'updateform') {
70 if (GETPOSTISSET(
'MAIN_APPLICATION_TITLE')) {
71 $res1 =
dolibarr_set_const($db,
"MAIN_APPLICATION_TITLE",
GETPOST(
"MAIN_APPLICATION_TITLE",
'alphanohtml'),
'chaine', 0,
'', $conf->entity);
73 if (GETPOSTISSET(
'MAIN_SESSION_TIMEOUT')) {
74 $res2 =
dolibarr_set_const($db,
"MAIN_SESSION_TIMEOUT",
GETPOST(
"MAIN_SESSION_TIMEOUT",
'alphanohtml'),
'chaine', 0,
'', $conf->entity);
76 if (GETPOSTISSET(
'MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT')) {
77 $res3 =
dolibarr_set_const($db,
"MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT",
GETPOST(
"MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT",
'alphanohtml'),
'int', 0,
'', $conf->entity);
79 if (GETPOSTISSET(
'MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS')) {
80 $res4 =
dolibarr_set_const($db,
"MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS",
GETPOST(
"MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS",
'alphanohtml'),
'int', 0,
'', $conf->entity);
82 if (GETPOSTISSET(
'MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS')) {
83 $res5 =
dolibarr_set_const($db,
"MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS",
GETPOST(
"MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS",
'alphanohtml'),
'int', 0,
'', $conf->entity);
85 if ($res1 && $res2 && $res3 && $res4 && $res5) {
86 setEventMessages($langs->trans(
"RecordModifiedSuccessfully"),
null,
'mesgs');
98$wikihelp =
'EN:Setup_Security|FR:Paramétrage_Sécurité|ES:Configuración_Seguridad';
99llxHeader(
'', $langs->trans(
"Miscellaneous"), $wikihelp,
'', 0, 0,
'',
'',
'',
'mod-admin page-security_other');
103print
'<span class="opacitymedium">'.$langs->trans(
"MiscellaneousDesc").
"</span><br>\n";
108print
'<form action="'.$_SERVER[
"PHP_SELF"].
'" method="POST">';
109print
'<input type="hidden" name="token" value="'.newToken().
'">';
110print
'<input type="hidden" name="action" value="updateform">';
119print
'<table class="noborder centpercent">';
120print
'<tr class="liste_titre">';
121print
'<td colspan="3">'.$langs->trans(
"Parameters").
'</td>';
122print
'<td class="right" width="100">'.$langs->trans(
"Status").
'</td>';
126print
'<tr class="oddeven">';
127print
'<td colspan="3">'.$langs->trans(
"UseCaptchaCode").
'</td>';
128print
'<td class="right">';
129if (function_exists(
"imagecreatefrompng")) {
130 if (!empty($conf->use_javascript_ajax)) {
131 print ajax_constantonoff(
'MAIN_SECURITY_ENABLECAPTCHA');
134 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=set_MAIN_SECURITY_ENABLECAPTCHA&token='.
newToken().
'">'.
img_picto($langs->trans(
"Disabled"),
'off').
'</a>';
136 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=del_MAIN_SECURITY_ENABLECAPTCHA&token='.
newToken().
'">'.
img_picto($langs->trans(
"Enabled"),
'on').
'</a>';
140 $desc = $form->textwithpicto(
'', $langs->transnoentities(
"EnableGDLibraryDesc"), 1,
'warning');
146print
'<tr class="oddeven">';
147print
'<td colspan="3">'.$langs->trans(
"UseAdvancedPerms").
'</td>';
148print
'<td class="right">';
149if (!empty($conf->use_javascript_ajax)) {
150 print ajax_constantonoff(
'MAIN_USE_ADVANCED_PERMS');
153 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=set_MAIN_USE_ADVANCED_PERMS&token='.
newToken().
'">'.
img_picto($langs->trans(
"Disabled"),
'off').
'</a>';
155 print
'<a href="'.$_SERVER[
'PHP_SELF'].
'?action=del_MAIN_USE_ADVANCED_PERMS&token='.
newToken().
'">'.
img_picto($langs->trans(
"Enabled"),
'on').
'</a>';
167print
'<table width="100%" class="noborder">';
168print
'<tr class="liste_titre">';
169print
'<td colspan="2">'.$langs->trans(
"Parameters").
'</td>';
170print
'<td>'.$langs->trans(
"Value").
'</td>';
174$sessiontimeout = ini_get(
"session.gc_maxlifetime");
176 $conf->global->MAIN_SESSION_TIMEOUT = $sessiontimeout;
178print
'<tr class="oddeven">';
179print
'<td>'.$langs->trans(
"SessionTimeOut").
'</td><td class="right">';
180if (ini_get(
"session.gc_probability") == 0) {
181 print $form->textwithpicto(
'', $langs->trans(
"SessionsPurgedByExternalSystem", ini_get(
"session.gc_maxlifetime")));
183 print $form->textwithpicto(
'', $langs->trans(
"SessionExplanation", ini_get(
"session.gc_probability"), ini_get(
"session.gc_divisor"), ini_get(
"session.gc_maxlifetime")));
186print
'<td class="nowrap">';
187print
'<input class="flat right width50" name="MAIN_SESSION_TIMEOUT" type="text" value="'.getDolGlobalInt(
'MAIN_SESSION_TIMEOUT').
'"> '.strtolower($langs->trans(
"Seconds"));
191print
'<tr class="oddeven">';
192print
'<td>'.$langs->trans(
"MaxNumberOfImagesInGetPost").
'</td><td class="right">';
194print
'<td class="nowrap">';
195print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT" type="text" value="'.getDolGlobalInt(
'MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT').
'"> '.strtolower($langs->trans(
"Images"));
199print
'<tr class="oddeven">';
200print
'<td>'.$langs->trans(
"MaxNumberOfPostOnPublicPagesByIP").
'</td><td class="right">';
202print
'<td class="nowrap">';
203print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS" type="text" value="'.getDolGlobalInt(
"MAIN_SECURITY_MAX_POST_ON_PUBLIC_PAGES_BY_IP_ADDRESS", 200).
'"> '.strtolower($langs->trans(
"Posts"));
207print
'<tr class="oddeven">';
208print
'<td>'.$langs->trans(
"MaxNumberOfAttachementOnForms").
'</td><td class="right">';
210print
'<td class="nowrap">';
211print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS" type="text" value="'.getDolGlobalInt(
"MAIN_SECURITY_MAX_ATTACHMENT_ON_FORMS", 10).
'"> '.strtolower($langs->trans(
"Files"));
215print
'<tr class="oddeven">';
216print
'<td>'.$langs->trans(
"MaxNumberOfFailedAuth").
'</td><td class="right">';
218print
'<td class="nowrap">';
219print
'<input class="flat right width50" name="MAIN_SECURITY_MAX_NUMBER_FAILED_AUTH" type="text" value="'.getDolGlobalInt(
"MAIN_SECURITY_MAX_NUMBER_FAILED_AUTH", 100).
'"> '.$langs->trans(
"FailedAuth");
238print $form->buttonsSaveCancel(
"Modify",
'');
security_prepare_head()
Prepare array with list of tabs.
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
dolibarr_del_const($db, $name, $entity=1)
Delete a constant.
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader()
Empty header.
load_fiche_titre($title, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
dol_get_fiche_end($notab=0)
Return tab footer of a card.
newToken()
Return the value of token currently saved into session with name 'newtoken'.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.