29include_once DOL_DOCUMENT_ROOT.
'/website/class/website.class.php';
30include_once DOL_DOCUMENT_ROOT.
'/website/class/websitepage.class.php';
38if (isset($_SERVER[
"HTTP_USER_AGENT"]) && is_object($conf) && empty($conf->browser->name)) {
40 $conf->browser->name = $tmp[
'browsername'];
41 $conf->browser->os = $tmp[
'browseros'];
42 $conf->browser->version = $tmp[
'browserversion'];
43 $conf->browser->layout = $tmp[
'layout'];
46 if ($conf->browser->layout ==
'phone') {
47 $conf->dol_no_mouse_hover = 1;
51if (is_null($website)) {
53 $website->fetch(0, $websitekey);
56if (empty($pageid) && !empty($websitepagefile)) {
57 $pageid = str_replace(array(
'.tpl.php',
'page'), array(
'',
''), basename($websitepagefile));
58 if ($pageid ==
'index.php') {
59 $pageid = $website->fk_default_home;
62if (is_null($websitepage)) {
66if (is_null($weblangs)) {
69if (is_null($pagelangs)) {
72if (!empty($pageid) && $pageid > 0) {
73 $websitepage->fetch($pageid);
80 $srclang = GETPOSTISSET(
'lang') ?
GETPOST(
'lang',
'aZ09') :
'';
81 if (empty($srclang)) {
82 $srclang = (empty($_COOKIE[
'weblangs-shortcode']) ?
'' : preg_replace(
'/[^a-zA-Z0-9_\-]/',
'', $_COOKIE[
'weblangs-shortcode']));
84 if (empty($srclang)) {
87 if (defined(
'USEDOLIBARRSERVER') && !empty($_GET[
'pageref']) && preg_match(
'/^\/?(\w\w)\//', $_GET[
'pageref'], $reg) && $reg[1] !=
'js') {
91 if (defined(
'USEEXTERNALSERVER') && !empty($_SERVER[
'PHP_SELF']) && preg_match(
'/^\/?(\w\w)\//', $_SERVER[
'PHP_SELF'], $reg) && $reg[1] !=
'js') {
95 if (empty($srclang)) {
98 $weblangs->setDefaultLang($srclang);
100 $pagelangs->setDefaultLang($websitepage->lang ? $websitepage->lang : $weblangs->shortlang);
102 if (!defined(
'USEDOLIBARREDITOR') && (in_array($websitepage->type_container, array(
'menu',
'other')) || empty($websitepage->status) && !defined(
'USEDOLIBARRSERVER'))) {
103 $weblangs->load(
"website");
108 header(
"X-Content-Type-Options: nosniff");
111 if (empty($websitepage->allowed_in_frames) && !
getDolGlobalString(
'WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES')) {
112 header(
"X-Frame-Options: SAMEORIGIN");
116 http_response_code(404);
117 print
'<center><br><br>'.$weblangs->trans(
"YouTryToAccessToAFileThatIsNotAWebsitePage", $websitepage->pageurl, $websitepage->type_container, $websitepage->status).
'</center>';
122if (!defined(
'USEDOLIBARRSERVER') && !defined(
'USEDOLIBARREDITOR')) {
126 header(
"X-Content-Type-Options: nosniff");
129 if (empty($websitepage->allowed_in_frames) && !
getDolGlobalString(
'WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES')) {
130 header(
"X-Frame-Options: SAMEORIGIN");
137 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCECSPRO')) {
150 if (!is_object($hookmanager)) {
151 include_once DOL_DOCUMENT_ROOT.
'/core/class/hookmanager.class.php';
154 $hookmanager->initHooks(array(
"main"));
156 $parameters = array(
'contentsecuritypolicy'=>$contentsecuritypolicy,
'mode'=>
'reportonly');
157 $result = $hookmanager->executeHooks(
'setContentSecurityPolicy', $parameters);
159 $contentsecuritypolicy = $hookmanager->resPrint;
161 $contentsecuritypolicy .= $hookmanager->resPrint;
164 if (!empty($contentsecuritypolicy)) {
165 header(
"Content-Security-Policy-Report-Only: ".$contentsecuritypolicy);
170 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCECSP')) {
183 if (!is_object($hookmanager)) {
184 include_once DOL_DOCUMENT_ROOT.
'/core/class/hookmanager.class.php';
187 $hookmanager->initHooks(array(
"main"));
189 $parameters = array(
'contentsecuritypolicy'=>$contentsecuritypolicy,
'mode'=>
'active');
190 $result = $hookmanager->executeHooks(
'setContentSecurityPolicy', $parameters);
192 $contentsecuritypolicy = $hookmanager->resPrint;
194 $contentsecuritypolicy .= $hookmanager->resPrint;
197 if (!empty($contentsecuritypolicy)) {
198 header(
"Content-Security-Policy: ".$contentsecuritypolicy);
203 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCERP')) {
207 $referrerpolicy =
getDolGlobalString(
'WEBSITE_MAIN_SECURITY_FORCERP',
"strict-origin-when-cross-origin");
209 header(
"Referrer-Policy: ".$referrerpolicy);
213 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCESTS')) {
219 header(
"Strict-Transport-Security: ".$sts);
224 if (!defined(
'WEBSITE_MAIN_SECURITY_FORCEPP')) {
230 header(
"Permissions-Policy: ".$pp);
237 $weblangs->setDefaultLang(
GETPOST(
'l',
'aZ09'));
240if ($_SERVER[
'PHP_SELF'] != DOL_URL_ROOT.
'/website/index.php') {
243 $sql =
"SELECT wp.rowid, wp.lang, wp.pageurl, wp.fk_page";
244 $sql .=
" FROM ".MAIN_DB_PREFIX.
"website_page as wp";
245 $sql .=
" WHERE wp.fk_website = ".((int) $website->id);
246 $sql .=
" AND (wp.fk_page = ".((int) $pageid).
" OR wp.rowid = ".((int) $pageid);
247 if (is_object($websitepage) && $websitepage->fk_page > 0) {
248 $sql .=
" OR wp.fk_page = ".((int) $websitepage->fk_page).
" OR wp.rowid = ".((int) $websitepage->fk_page);
251 $sql .=
" AND wp.lang = '".$db->escape(
GETPOST(
'l',
'aZ09')).
"'";
253 $resql = $db->query($sql);
255 $obj = $db->fetch_object($resql);
257 $newpageid = $obj->rowid;
258 if ($newpageid != $pageid) {
259 if (defined(
'USEDOLIBARRSERVER')) {
260 header(
"Location: ".DOL_URL_ROOT.
'/public/website/index.php?website='.$websitekey.
'&pageid='.$newpageid.
'&l='.
GETPOST(
'l',
'aZ09'));
263 $newpageref = $obj->pageurl;
264 header(
"Location: ".(($obj->lang && $obj->lang != $website->lang) ?
'/'.$obj->lang.
'/' :
'/').$newpageref.
'.php?l='.
GETPOST(
'l',
'aZ09'));
274if (!defined(
'USEDOLIBARREDITOR') && empty($website->status)) {
278 header(
"X-Content-Type-Options: nosniff");
281 if (empty($websitepage->allowed_in_frames) && !
getDolGlobalString(
'WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES')) {
282 header(
"X-Frame-Options: SAMEORIGIN");
285 $weblangs->load(
"website");
288 http_response_code(503);
289 print
'<center><br><br>'.$weblangs->trans(
"SorryWebsiteIsCurrentlyOffLine").
'</center>';
295$prefix = dol_getprefix(
'');
296$sessionname =
'DOLSESSID_'.$prefix;
299$_COOKIE[$sessionname] =
'obfuscatedcookie';
300unset($conf->file->instance_unique_id);
302unset($dolibarr_main_instance_unique_id);
303unset($dolibarr_main_db_host);
304unset($dolibarr_main_db_port);
305unset($dolibarr_main_db_name);
306unset($dolibarr_main_db_user);
307unset($dolibarr_main_db_pass);
308unset($$dolibarr_main_db_type);
309unset($dolibarr_main_document_root);
310unset($dolibarr_main_document_root_alt);
Class to manage translations.
getBrowserInfo($user_agent)
Return information about user browser.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.