dolibarr 21.0.0-beta
|
File that defines environment for Dolibarr GUI pages only (file not required by scripts) More...
Go to the source code of this file.
Functions | |
if(!empty( $_SERVER[ 'MAIN_SHOW_TUNING_INFO'])) | getArrayOfEmoji () |
Return array of Emojis. | |
realCharForNumericEntities ($matches) | |
Return the real char for a numeric entities. | |
testSqlAndScriptInject ($val, $type) | |
Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF). | |
analyseVarsForSqlAndScriptsInjection (&$var, $type, $stopcode=1) | |
Return true if security check on parameters are OK, false otherwise. | |
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) | top_httphead ($contenttype='text/html', $forcenocache=0) |
Show HTTP header. | |
top_htmlhead ($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $disableforlogin=0, $disablenofollow=0, $disablenoindex=0) | |
Output html header of a page. | |
top_menu ($head, $title='', $target='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $morequerystring='', $helppagename='') | |
Show an HTML header + a BODY + The top menu bar. | |
top_menu_user ($hideloginname=0, $urllogout='') | |
Build the tooltip on user login. | |
top_menu_quickadd () | |
Build the tooltip on top menu quick add. | |
top_menu_importfile () | |
Build the tooltip on top menu quick add. | |
printDropdownQuickadd ($mode=0) | |
Generate list of quickadd items. | |
top_menu_bookmark () | |
Build the tooltip on top menu bookmark. | |
top_menu_search () | |
Build the tooltip on top menu search. | |
left_menu ($menu_array_before, $helppagename='', $notused='', $menu_array_after=array(), $leftmenuwithoutmainarea=0, $title='', $acceptdelayedhtml=0) | |
Show left menu bar. | |
main_area ($title='') | |
Begin main area. | |
getHelpParamFor ($helppagename, $langs) | |
Return helpbaseurl, helppage and mode. | |
printSearchForm ($urlaction, $urlobject, $title, $htmlmorecss, $htmlinputname, $accesskey='', $prefhtmlinputname='', $img='', $showtitlebefore=0, $autofocus=0) | |
Show a search area. | |
File that defines environment for Dolibarr GUI pages only (file not required by scripts)
Definition in file main.inc.php.
analyseVarsForSqlAndScriptsInjection | ( | & | $var, |
$type, | |||
$stopcode = 1 ) |
Return true if security check on parameters are OK, false otherwise.
string|array<string,string> | $var Variable name |
int<0,2> | $type 1=GET, 0=POST, 2=PHP_SELF |
int<0,1> | $stopcode 0=No stop code, 1=Stop code (default) if injection found |
Definition at line 263 of file main.inc.php.
References analyseVarsForSqlAndScriptsInjection(), and testSqlAndScriptInject().
Referenced by analyseVarsForSqlAndScriptsInjection().
if(!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) getArrayOfEmoji | ( | ) |
Return array of Emojis.
We can't move this function inside a common lib because we need it for security before loading any file.
Definition at line 62 of file main.inc.php.
Referenced by realCharForNumericEntities().
getHelpParamFor | ( | $helppagename, | |
$langs ) |
Return helpbaseurl, helppage and mode.
string | $helppagename | Page name ('EN:xxx,ES:eee,FR:fff,DE:ddd...' or 'http://localpage') |
Translate | $langs | Language |
Definition at line 3779 of file main.inc.php.
Referenced by top_menu().
left_menu | ( | $menu_array_before, | |
$helppagename = '', | |||
$notused = '', | |||
$menu_array_after = array(), | |||
$leftmenuwithoutmainarea = 0, | |||
$title = '', | |||
$acceptdelayedhtml = 0 ) |
Show left menu bar.
'' | $menu_array_before Table of menu entries to show before entries of menu handler. This param is deprecated and must be provided to ''. | |
string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
string | $notused | Deprecated. Used in past to add content into left menu. Hooks can be used now. |
array<array{rowid:string,fk_menu:string,langs:string,enabled:int<0,2>,type:string,fk_mainmenu:string,fk_leftmenu:string,url:string,titre:string,perms:string,target:string,mainmenu:string,leftmenu:string,position:int,level?:int,prefix:string}> | $menu_array_after Table of menu entries to show after entries of menu handler | |
int | $leftmenuwithoutmainarea | Must be set to 1. 0 by default for backward compatibility with old modules. |
string | $title | Title of web page |
int<0,1> | $acceptdelayedhtml 1 if caller request to have html delayed content not returned but saved into global $delayedhtmlcontent (so caller can show it at end of page to avoid flash FOUC effect) |
Definition at line 3455 of file main.inc.php.
References $conf, dol_escape_htmltag(), dol_syslog(), getDolGlobalInt(), getDolGlobalString(), main_area(), and printSearchForm().
main_area | ( | $title = '' | ) |
Begin main area.
string | $title | Title |
Definition at line 3717 of file main.inc.php.
References $conf, dol_escape_htmltag(), getDolGlobalString(), GETPOST(), and info_admin().
Referenced by left_menu().
printDropdownQuickadd | ( | $mode = 0 | ) |
Generate list of quickadd items.
int | $mode | 1=No scroll |
Definition at line 2995 of file main.inc.php.
References getDolGlobalString(), and img_picto().
Referenced by top_menu_quickadd().
printSearchForm | ( | $urlaction, | |
$urlobject, | |||
$title, | |||
$htmlmorecss, | |||
$htmlinputname, | |||
$accesskey = '', | |||
$prefhtmlinputname = '', | |||
$img = '', | |||
$showtitlebefore = 0, | |||
$autofocus = 0 ) |
Show a search area.
Used when the javascript quick search is not used.
string | $urlaction | Url post |
string | $urlobject | Url of the link under the search box |
string | $title | Title search area |
string | $htmlmorecss | Add more css |
string | $htmlinputname | Field Name input form |
string | $accesskey | Accesskey |
string | $prefhtmlinputname | Complement for id to avoid multiple same id in the page |
string | $img | Image to use |
int | $showtitlebefore | Show title before input text instead of into placeholder. This can be set when output is dedicated for text browsers. |
int | $autofocus | Set autofocus on field |
Show HTML footer Close div /DIV class=fiche + /DIV id-right + /DIV id-container + /BODY + /HTML. If global var $delayedhtmlcontent was filled, we output it just before closing the body.
string | $comment | A text to add as HTML comment into HTML generated page |
string | $zone | 'private' (for private pages) or 'public' (for public pages) |
int | $disabledoutputofmessages | Clear all messages stored into session without displaying them |
Definition at line 3839 of file main.inc.php.
References img_picto().
Referenced by left_menu().
realCharForNumericEntities | ( | $matches | ) |
Return the real char for a numeric entities.
WARNING: This function is required by testSqlAndScriptInject() and the GETPOST 'restricthtml'. Regex calling must be similar.
array<int,string> | $matches Array with a decimal numeric entity into key 0, value without the &# into the key 1 |
Definition at line 86 of file main.inc.php.
References getArrayOfEmoji().
Referenced by testSqlAndScriptInject().
testSqlAndScriptInject | ( | $val, | |
$type ) |
Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can only be guaranteed by escaping data during output.
string | $val | Brute value found into $_GET, $_POST or PHP_SELF |
int<0,3> | $type 0=POST, 1=GET, 2=PHP_SELF, 3=GET without sql reserved keywords (the less tolerant test) |
string[] | $m |
Definition at line 123 of file main.inc.php.
References realCharForNumericEntities().
Referenced by analyseVarsForSqlAndScriptsInjection(), ImportCsv\import_insert(), ImportXlsx\import_insert(), Form\select_thirdparty_list(), and Form\selectcontacts().
top_htmlhead | ( | $head, | |
$title = '', | |||
$disablejs = 0, | |||
$disablehead = 0, | |||
$arrayofjs = array(), | |||
$arrayofcss = array(), | |||
$disableforlogin = 0, | |||
$disablenofollow = 0, | |||
$disablenoindex = 0 ) |
Output html header of a page.
It calls also top_httphead() This code is also duplicated into security2.lib.php\dol_loginfunction
string | $head | Optional head lines |
string | $title | HTML title |
int<0,1> | $disablejs Disable js output | |
int<0,1> | $disablehead Disable head output | |
string[] | $arrayofjs | Array of complementary js files |
string[] | $arrayofcss | Array of complementary css files |
int<0,1> | $disableforlogin Do not load heavy js and css for login pages | |
int<0,1> | $disablenofollow Disable nofollow tag for meta robots | |
int<0,1> | $disablenoindex Disable noindex tag for meta robots |
Definition at line 1864 of file main.inc.php.
References $conf, dol_buildpath(), dol_htmlentities(), dol_syslog(), dolibarr_set_const(), getDolGlobalInt(), getDolGlobalString(), GETPOST(), GETPOSTINT(), and top_httphead().
Referenced by Documentation\docHeader(), llxHeaderSurvey(), llxHeaderTicket(), llxHeaderVierge(), and top_menu().
if(!defined('NOREQUIREMENU')) if(!empty(GETPOST( 'seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead | ( | $contenttype = 'text/html', | |
$forcenocache = 0 ) |
Show HTTP header.
Called by top_htmlhead().
string | $contenttype | Content type. For example, 'text/html' |
int<0,1> | $forcenocache Force disabling of cache for the page |
Definition at line 1725 of file main.inc.php.
References $conf, and getDolGlobalString().
Referenced by barcode_outimage(), DocumentController\display(), AccountancyExport\export(), httponly_accessforbidden(), llxHeaderVierge(), print_paybox_redirect(), and top_htmlhead().
top_menu | ( | $head, | |
$title = '', | |||
$target = '', | |||
$disablejs = 0, | |||
$disablehead = 0, | |||
$arrayofjs = array(), | |||
$arrayofcss = array(), | |||
$morequerystring = '', | |||
$helppagename = '' ) |
Show an HTML header + a BODY + The top menu bar.
string | $head | Lines in the HEAD |
string | $title | Title of web page |
string | $target | Target to use in menu links (Example: '' or '_top') |
int<0,1> | $disablejs Do not output links to js (Ex: qd fonction utilisee par sous formulaire Ajax) | |
int<0,1> | $disablehead Do not output head section | |
string[] | $arrayofjs | Array of js files to add in header |
string[] | $arrayofcss | Array of css files to add in header |
string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
Definition at line 2297 of file main.inc.php.
References $conf, dol_escape_htmltag(), getDolGlobalInt(), getDolGlobalString(), getHelpParamFor(), GETPOSTINT(), img_picto(), newToken(), top_htmlhead(), top_menu_bookmark(), top_menu_importfile(), top_menu_quickadd(), top_menu_search(), and top_menu_user().
top_menu_bookmark | ( | ) |
Build the tooltip on top menu bookmark.
Definition at line 3178 of file main.inc.php.
References $conf, getDolGlobalString(), and printDropdownBookmarksList().
Referenced by top_menu().
top_menu_importfile | ( | ) |
Build the tooltip on top menu quick add.
Called when MAIN_USE_TOP_MENU_IMPORT_FILE is set to 1 or to an URL string.
Definition at line 2946 of file main.inc.php.
References $conf, and getDolGlobalString().
Referenced by top_menu().
top_menu_quickadd | ( | ) |
Build the tooltip on top menu quick add.
Called when option MAIN_USE_TOP_MENU_QUICKADD_DROPDOWN is set
Definition at line 2860 of file main.inc.php.
References $conf, getDolGlobalString(), and printDropdownQuickadd().
Referenced by top_menu().
top_menu_search | ( | ) |
Build the tooltip on top menu search.
Definition at line 3278 of file main.inc.php.
Referenced by top_menu().
top_menu_user | ( | $hideloginname = 0, | |
$urllogout = '' ) |
Build the tooltip on user login.
int<0,1> | $hideloginname Hide login name. Show only the image. | |
string | $urllogout | URL for logout (Will use DOL_URL_ROOT.'/user/logout.php?token=...' if empty) |
Definition at line 2580 of file main.inc.php.
References $conf, dol_escape_htmltag(), dol_print_date(), dol_print_profids(), dolButtonToOpenUrlInDialogPopup(), getDolGlobalString(), img_picto(), newToken(), picto_from_langcode(), Form\showphoto(), and yn().
Referenced by top_menu().