|
dolibarr 21.0.0-alpha
|
File that defines environment for Dolibarr GUI pages only (file not required by scripts) More...
Go to the source code of this file.
Functions | |
| if(!empty( $_SERVER[ 'MAIN_SHOW_TUNING_INFO'])) | getArrayOfEmoji () |
| Return array of Emojis. | |
| realCharForNumericEntities ($matches) | |
| Return the real char for a numeric entities. | |
| testSqlAndScriptInject ($val, $type) | |
| Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF). | |
| analyseVarsForSqlAndScriptsInjection (&$var, $type, $stopcode=1) | |
| Return true if security check on parameters are OK, false otherwise. | |
| if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) | top_httphead ($contenttype='text/html', $forcenocache=0) |
| Show HTTP header. | |
| top_htmlhead ($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $disableforlogin=0, $disablenofollow=0, $disablenoindex=0) | |
| Output html header of a page. | |
| top_menu ($head, $title='', $target='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $morequerystring='', $helppagename='') | |
| Show an HTML header + a BODY + The top menu bar. | |
| top_menu_user ($hideloginname=0, $urllogout='') | |
| Build the tooltip on user login. | |
| top_menu_quickadd () | |
| Build the tooltip on top menu quick add. | |
| top_menu_importfile () | |
| Build the tooltip on top menu quick add. | |
| printDropdownQuickadd () | |
| Generate list of quickadd items. | |
| top_menu_bookmark () | |
| Build the tooltip on top menu bookmark. | |
| top_menu_search () | |
| Build the tooltip on top menu search. | |
| left_menu ($menu_array_before, $helppagename='', $notused='', $menu_array_after=array(), $leftmenuwithoutmainarea=0, $title='', $acceptdelayedhtml=0) | |
| Show left menu bar. | |
| main_area ($title='') | |
| Begin main area. | |
| getHelpParamFor ($helppagename, $langs) | |
| Return helpbaseurl, helppage and mode. | |
| printSearchForm ($urlaction, $urlobject, $title, $htmlmorecss, $htmlinputname, $accesskey='', $prefhtmlinputname='', $img='', $showtitlebefore=0, $autofocus=0) | |
| Show a search area. | |
File that defines environment for Dolibarr GUI pages only (file not required by scripts)
Definition in file main.inc.php.
| analyseVarsForSqlAndScriptsInjection | ( | & | $var, |
| $type, | |||
| $stopcode = 1 ) |
Return true if security check on parameters are OK, false otherwise.
| string|array<string,string> | $var Variable name |
| int<0,2> | $type 1=GET, 0=POST, 2=PHP_SELF |
| int<0,1> | $stopcode 0=No stop code, 1=Stop code (default) if injection found |
Show HTML header HTML + BODY + Top menu + left menu + DIV
| string | $head | Optional head lines |
| string | $title | HTML title |
| string | $help_url | Url links to help page Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
| string | $target | Target to use on links |
| int<0,1> | $disablejs More content into html header | |
| int<0,1> | $disablehead More content into html header | |
| string[] | string | $arrayofjs | Array of complementary js files |
| string[] | string | $arrayofcss | Array of complementary css files |
| string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
| string | $morecssonbody | More CSS on body tag. For example 'classforhorizontalscrolloftabs'. |
| string | $replacemainareaby | Replace call to main_area() by a print of this string |
| int | $disablenofollow | Disable the "nofollow" on meta robot header |
| int | $disablenoindex | Disable the "noindex" on meta robot header |
Definition at line 263 of file main.inc.php.
References analyseVarsForSqlAndScriptsInjection(), and testSqlAndScriptInject().
Referenced by analyseVarsForSqlAndScriptsInjection().
| if(!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) getArrayOfEmoji | ( | ) |
Return array of Emojis.
We can't move this function inside a common lib because we need it for security before loading any file.
Definition at line 62 of file main.inc.php.
Referenced by realCharForNumericEntities().
| getHelpParamFor | ( | $helppagename, | |
| $langs ) |
Return helpbaseurl, helppage and mode.
| string | $helppagename | Page name ('EN:xxx,ES:eee,FR:fff,DE:ddd...' or 'http://localpage') |
| Translate | $langs | Language |
Definition at line 3711 of file main.inc.php.
Referenced by top_menu().
| left_menu | ( | $menu_array_before, | |
| $helppagename = '', | |||
| $notused = '', | |||
| $menu_array_after = array(), | |||
| $leftmenuwithoutmainarea = 0, | |||
| $title = '', | |||
| $acceptdelayedhtml = 0 ) |
Show left menu bar.
| '' | $menu_array_before Table of menu entries to show before entries of menu handler. This param is deprecated and must be provided to ''. | |
| string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
| string | $notused | Deprecated. Used in past to add content into left menu. Hooks can be used now. |
| array<array{rowid:string,fk_menu:string,langs:string,enabled:int<0,2>,type:string,fk_mainmenu:string,fk_leftmenu:string,url:string,titre:string,perms:string,target:string,mainmenu:string,leftmenu:string,position:int,level?:int,prefix:string}> | $menu_array_after Table of menu entries to show after entries of menu handler | |
| int | $leftmenuwithoutmainarea | Must be set to 1. 0 by default for backward compatibility with old modules. |
| string | $title | Title of web page |
| int<0,1> | $acceptdelayedhtml 1 if caller request to have html delayed content not returned but saved into global $delayedhtmlcontent (so caller can show it at end of page to avoid flash FOUC effect) |
Definition at line 3387 of file main.inc.php.
References dol_escape_htmltag(), dol_syslog(), getDolGlobalInt(), getDolGlobalString(), main_area(), and printSearchForm().
| main_area | ( | $title = '' | ) |
Begin main area.
| string | $title | Title |
Definition at line 3649 of file main.inc.php.
References dol_escape_htmltag(), getDolGlobalString(), GETPOST(), and info_admin().
Referenced by left_menu().
| printDropdownQuickadd | ( | ) |
Generate list of quickadd items.
Definition at line 2931 of file main.inc.php.
References getDolGlobalString(), and img_picto().
Referenced by top_menu_quickadd().
| printSearchForm | ( | $urlaction, | |
| $urlobject, | |||
| $title, | |||
| $htmlmorecss, | |||
| $htmlinputname, | |||
| $accesskey = '', | |||
| $prefhtmlinputname = '', | |||
| $img = '', | |||
| $showtitlebefore = 0, | |||
| $autofocus = 0 ) |
Show a search area.
Used when the javascript quick search is not used.
| string | $urlaction | Url post |
| string | $urlobject | Url of the link under the search box |
| string | $title | Title search area |
| string | $htmlmorecss | Add more css |
| string | $htmlinputname | Field Name input form |
| string | $accesskey | Accesskey |
| string | $prefhtmlinputname | Complement for id to avoid multiple same id in the page |
| string | $img | Image to use |
| int | $showtitlebefore | Show title before input text instead of into placeholder. This can be set when output is dedicated for text browsers. |
| int | $autofocus | Set autofocus on field |
Show HTML footer Close div /DIV class=fiche + /DIV id-right + /DIV id-container + /BODY + /HTML. If global var $delayedhtmlcontent was filled, we output it just before closing the body.
| string | $comment | A text to add as HTML comment into HTML generated page |
| string | $zone | 'private' (for private pages) or 'public' (for public pages) |
| int | $disabledoutputofmessages | Clear all messages stored into session without displaying them |
Definition at line 3771 of file main.inc.php.
References img_picto().
Referenced by left_menu().
| realCharForNumericEntities | ( | $matches | ) |
Return the real char for a numeric entities.
WARNING: This function is required by testSqlAndScriptInject() and the GETPOST 'restricthtml'. Regex calling must be similar.
| array<int,string> | $matches Array with a decimal numeric entity into key 0, value without the &# into the key 1 |
Definition at line 86 of file main.inc.php.
References getArrayOfEmoji().
Referenced by testSqlAndScriptInject().
| testSqlAndScriptInject | ( | $val, | |
| $type ) |
Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can only be guaranteed by escaping data during output.
| string | $val | Brute value found into $_GET, $_POST or PHP_SELF |
| int<0,3> | $type 0=POST, 1=GET, 2=PHP_SELF, 3=GET without sql reserved keywords (the less tolerant test) |
| string[] | $m |
Definition at line 123 of file main.inc.php.
References realCharForNumericEntities().
Referenced by analyseVarsForSqlAndScriptsInjection(), ImportCsv\import_insert(), ImportXlsx\import_insert(), Form\select_thirdparty_list(), and Form\selectcontacts().
| top_htmlhead | ( | $head, | |
| $title = '', | |||
| $disablejs = 0, | |||
| $disablehead = 0, | |||
| $arrayofjs = array(), | |||
| $arrayofcss = array(), | |||
| $disableforlogin = 0, | |||
| $disablenofollow = 0, | |||
| $disablenoindex = 0 ) |
Output html header of a page.
It calls also top_httphead() This code is also duplicated into security2.lib.php\dol_loginfunction
| string | $head | Optional head lines |
| string | $title | HTML title |
| int<0,1> | $disablejs Disable js output | |
| int<0,1> | $disablehead Disable head output | |
| string[] | $arrayofjs | Array of complementary js files |
| string[] | $arrayofcss | Array of complementary css files |
| int<0,1> | $disableforlogin Do not load heavy js and css for login pages | |
| int<0,1> | $disablenofollow Disable nofollow tag for meta robots | |
| int<0,1> | $disablenoindex Disable noindex tag for meta robots |
Definition at line 1807 of file main.inc.php.
References dol_buildpath(), dol_htmlentities(), dol_syslog(), dolibarr_set_const(), getDolGlobalInt(), getDolGlobalString(), GETPOST(), GETPOSTINT(), and top_httphead().
Referenced by llxHeaderSurvey(), llxHeaderTicket(), llxHeaderVierge(), and top_menu().
| if(!defined('NOREQUIREMENU')) if(!empty(GETPOST( 'seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead | ( | $contenttype = 'text/html', | |
| $forcenocache = 0 ) |
Show HTTP header.
Called by top_htmlhead().
| string | $contenttype | Content type. For example, 'text/html' |
| int<0,1> | $forcenocache Force disabling of cache for the page |
Definition at line 1668 of file main.inc.php.
References getDolGlobalString().
Referenced by barcode_outimage(), DocumentController\display(), AccountancyExport\export(), httponly_accessforbidden(), llxHeaderVierge(), print_paybox_redirect(), and top_htmlhead().
| top_menu | ( | $head, | |
| $title = '', | |||
| $target = '', | |||
| $disablejs = 0, | |||
| $disablehead = 0, | |||
| $arrayofjs = array(), | |||
| $arrayofcss = array(), | |||
| $morequerystring = '', | |||
| $helppagename = '' ) |
Show an HTML header + a BODY + The top menu bar.
| string | $head | Lines in the HEAD |
| string | $title | Title of web page |
| string | $target | Target to use in menu links (Example: '' or '_top') |
| int<0,1> | $disablejs Do not output links to js (Ex: qd fonction utilisee par sous formulaire Ajax) | |
| int<0,1> | $disablehead Do not output head section | |
| string[] | $arrayofjs | Array of js files to add in header |
| string[] | $arrayofcss | Array of css files to add in header |
| string | $morequerystring | Query string to add to the link "print" to get same parameters (use only if autodetect fails) |
| string | $helppagename | Name of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url |
Definition at line 2240 of file main.inc.php.
References dol_escape_htmltag(), getDolGlobalInt(), getDolGlobalString(), getHelpParamFor(), GETPOSTINT(), img_picto(), newToken(), top_htmlhead(), top_menu_bookmark(), top_menu_importfile(), top_menu_quickadd(), top_menu_search(), and top_menu_user().
| top_menu_bookmark | ( | ) |
Build the tooltip on top menu bookmark.
Definition at line 3110 of file main.inc.php.
References getDolGlobalString(), and printDropdownBookmarksList().
Referenced by top_menu().
| top_menu_importfile | ( | ) |
Build the tooltip on top menu quick add.
Called when MAIN_USE_TOP_MENU_IMPORT_FILE is set.
Definition at line 2889 of file main.inc.php.
References getDolGlobalString().
Referenced by top_menu().
| top_menu_quickadd | ( | ) |
Build the tooltip on top menu quick add.
Called when option MAIN_USE_TOP_MENU_QUICKADD_DROPDOWN is set
Definition at line 2803 of file main.inc.php.
References getDolGlobalString(), and printDropdownQuickadd().
Referenced by top_menu().
| top_menu_search | ( | ) |
Build the tooltip on top menu search.
Definition at line 3210 of file main.inc.php.
Referenced by top_menu().
| top_menu_user | ( | $hideloginname = 0, | |
| $urllogout = '' ) |
Build the tooltip on user login.
| int<0,1> | $hideloginname Hide login name. Show only the image. | |
| string | $urllogout | URL for logout (Will use DOL_URL_ROOT.'/user/logout.php?token=...' if empty) |
Definition at line 2523 of file main.inc.php.
References dol_escape_htmltag(), dol_print_date(), dol_print_profids(), dolButtonToOpenUrlInDialogPopup(), getDolGlobalString(), img_picto(), newToken(), picto_from_langcode(), Form\showphoto(), and yn().
Referenced by top_menu().