dolibarr  20.0.0-alpha
Functions
main.inc.php File Reference

File that defines environment for Dolibarr GUI pages only (file not required by scripts) More...

Go to the source code of this file.

Functions

if(!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) realCharForNumericEntities ($matches)
 Return the real char for a numeric entities. More...
 
 testSqlAndScriptInject ($val, $type)
 Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF). More...
 
 analyseVarsForSqlAndScriptsInjection (&$var, $type, $stopcode=1)
 Return true if security check on parameters are OK, false otherwise. More...
 
if(!defined('NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead ($contenttype='text/html', $forcenocache=0)
 Show HTTP header. More...
 
 top_htmlhead ($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $disableforlogin=0, $disablenofollow=0, $disablenoindex=0)
 Output html header of a page. More...
 
 top_menu ($head, $title='', $target='', $disablejs=0, $disablehead=0, $arrayofjs=array(), $arrayofcss=array(), $morequerystring='', $helppagename='')
 Show an HTML header + a BODY + The top menu bar. More...
 
 top_menu_user ($hideloginname=0, $urllogout='')
 Build the tooltip on user login. More...
 
 top_menu_quickadd ()
 Build the tooltip on top menu quick add. More...
 
 printDropdownQuickadd ()
 Generate list of quickadd items. More...
 
 top_menu_bookmark ()
 Build the tooltip on top menu bookmark. More...
 
 top_menu_search ()
 Build the tooltip on top menu tsearch. More...
 
 left_menu ($menu_array_before, $helppagename='', $notused='', $menu_array_after=array(), $leftmenuwithoutmainarea=0, $title='', $acceptdelayedhtml=0)
 Show left menu bar. More...
 
 main_area ($title='')
 Begin main area. More...
 
 getHelpParamFor ($helppagename, $langs)
 Return helpbaseurl, helppage and mode. More...
 
 printSearchForm ($urlaction, $urlobject, $title, $htmlmorecss, $htmlinputname, $accesskey='', $prefhtmlinputname='', $img='', $showtitlebefore=0, $autofocus=0)
 Show a search area. More...
 

Detailed Description

File that defines environment for Dolibarr GUI pages only (file not required by scripts)

Definition in file main.inc.php.

Function Documentation

◆ analyseVarsForSqlAndScriptsInjection()

analyseVarsForSqlAndScriptsInjection ( $var,
  $type,
  $stopcode = 1 
)

Return true if security check on parameters are OK, false otherwise.

Parameters
string|array<string,string>$var Variable name
int<0,2>$type 1=GET, 0=POST, 2=PHP_SELF
int<0,1>$stopcode 0=No stop code, 1=Stop code (default) if injection found
Returns
boolean True if there is no injection.

Show HTML header HTML + BODY + Top menu + left menu + DIV

Parameters
string$headOptional head lines
string$titleHTML title
string$help_urlUrl links to help page Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url
string$targetTarget to use on links
int$disablejsMore content into html header
int$disableheadMore content into html header
array | string$arrayofjsArray of complementary js files
array | string$arrayofcssArray of complementary css files
string$morequerystringQuery string to add to the link "print" to get same parameters (use only if autodetect fails)
string$morecssonbodyMore CSS on body tag. For example 'classforhorizontalscrolloftabs'.
string$replacemainareabyReplace call to main_area() by a print of this string
int$disablenofollowDisable the "nofollow" on meta robot header
int$disablenoindexDisable the "noindex" on meta robot header
Returns
void

Definition at line 228 of file main.inc.php.

◆ getHelpParamFor()

getHelpParamFor (   $helppagename,
  $langs 
)

Return helpbaseurl, helppage and mode.

Parameters
string$helppagenamePage name ('EN:xxx,ES:eee,FR:fff,DE:ddd...' or 'http://localpage')
Translate$langsLanguage
Returns
array{helpbaseurl:string,helppage:string,mode:string} Array of help urls

Definition at line 3540 of file main.inc.php.

◆ left_menu()

left_menu (   $menu_array_before,
  $helppagename = '',
  $notused = '',
  $menu_array_after = array(),
  $leftmenuwithoutmainarea = 0,
  $title = '',
  $acceptdelayedhtml = 0 
)

Show left menu bar.

Parameters
string$menu_array_beforeTable of menu entries to show before entries of menu handler. This param is deprecated and must be provided to ''.
string$helppagenameName of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url
string$notusedDeprecated. Used in past to add content into left menu. Hooks can be used now.
array$menu_array_afterTable of menu entries to show after entries of menu handler
int$leftmenuwithoutmainareaMust be set to 1. 0 by default for backward compatibility with old modules.
string$titleTitle of web page
int<0,1>$acceptdelayedhtml 1 if caller request to have html delayed content not returned but saved into global $delayedhtmlcontent (so caller can show it at end of page to avoid flash FOUC effect)
Returns
void

Definition at line 3227 of file main.inc.php.

◆ main_area()

main_area (   $title = '')

Begin main area.

Parameters
string$titleTitle
Returns
void

Definition at line 3478 of file main.inc.php.

◆ printDropdownQuickadd()

printDropdownQuickadd ( )

Generate list of quickadd items.

Returns
string HTML output

Definition at line 2777 of file main.inc.php.

◆ printSearchForm()

printSearchForm (   $urlaction,
  $urlobject,
  $title,
  $htmlmorecss,
  $htmlinputname,
  $accesskey = '',
  $prefhtmlinputname = '',
  $img = '',
  $showtitlebefore = 0,
  $autofocus = 0 
)

Show a search area.

Used when the javascript quick search is not used.

Parameters
string$urlactionUrl post
string$urlobjectUrl of the link under the search box
string$titleTitle search area
string$htmlmorecssAdd more css
string$htmlinputnameField Name input form
string$accesskeyAccesskey
string$prefhtmlinputnameComplement for id to avoid multiple same id in the page
string$imgImage to use
int$showtitlebeforeShow title before input text instead of into placeholder. This can be set when output is dedicated for text browsers.
int$autofocusSet autofocus on field
Returns
string

Show HTML footer Close div /DIV class=fiche + /DIV id-right + /DIV id-container + /BODY + /HTML. If global var $delayedhtmlcontent was filled, we output it just before closing the body.

Parameters
string$commentA text to add as HTML comment into HTML generated page
string$zone'private' (for private pages) or 'public' (for public pages)
int$disabledoutputofmessagesClear all messages stored into session without displaying them
Returns
void

Definition at line 3600 of file main.inc.php.

◆ realCharForNumericEntities()

if (!empty( $_SERVER[ 'MAIN_SHOW_TUNING_INFO'])) realCharForNumericEntities (   $matches)

Return the real char for a numeric entities.

WARNING: This function is required by testSqlAndScriptInject() and the GETPOST 'restricthtml'. Regex calling must be similar.

Parameters
string$matchesString of numeric entity
Returns
string New value

Definition at line 64 of file main.inc.php.

◆ testSqlAndScriptInject()

testSqlAndScriptInject (   $val,
  $type 
)

Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).

Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can only be guaranteed by escaping data during output.

Parameters
string$valBrute value found into $_GET, $_POST or PHP_SELF
string$type0=POST, 1=GET, 2=PHP_SELF, 3=GET without sql reserved keywords (the less tolerant test)
Returns
int >0 if there is an injection, 0 if none
Parameters
string[]$m
Returns
string

Definition at line 90 of file main.inc.php.

◆ top_htmlhead()

top_htmlhead (   $head,
  $title = '',
  $disablejs = 0,
  $disablehead = 0,
  $arrayofjs = array(),
  $arrayofcss = array(),
  $disableforlogin = 0,
  $disablenofollow = 0,
  $disablenoindex = 0 
)

Output html header of a page.

It calls also top_httphead() This code is also duplicated into security2.lib.php::dol_loginfunction

Parameters
string$headOptional head lines
string$titleHTML title
int<0,1>$disablejs Disable js output
int<0,1>$disablehead Disable head output
string[]$arrayofjsArray of complementary js files
string[]$arrayofcssArray of complementary css files
int<0,1>$disableforlogin Do not load heavy js and css for login pages
int<0,1>$disablenofollow Disable nofollow tag for meta robots
int<0,1>$disablenoindex Disable noindex tag for meta robots
Returns
void

Definition at line 1749 of file main.inc.php.

◆ top_httphead()

if (!defined( 'NOREQUIREMENU')) if (!empty(GETPOST( 'seteventmessages', 'alpha'))) if (!function_exists("llxHeader")) top_httphead (   $contenttype = 'text/html',
  $forcenocache = 0 
)

Show HTTP header.

Called by top_htmlhead().

Parameters
string$contenttypeContent type. For example, 'text/html'
int<0,1>$forcenocache Force disabling of cache for the page
Returns
void

Definition at line 1611 of file main.inc.php.

◆ top_menu()

top_menu (   $head,
  $title = '',
  $target = '',
  $disablejs = 0,
  $disablehead = 0,
  $arrayofjs = array(),
  $arrayofcss = array(),
  $morequerystring = '',
  $helppagename = '' 
)

Show an HTML header + a BODY + The top menu bar.

Parameters
string$headLines in the HEAD
string$titleTitle of web page
string$targetTarget to use in menu links (Example: '' or '_top')
int<0,1>$disablejs Do not output links to js (Ex: qd fonction utilisee par sous formulaire Ajax)
int<0,1>$disablehead Do not output head section
string[]$arrayofjsArray of js files to add in header
string[]$arrayofcssArray of css files to add in header
string$morequerystringQuery string to add to the link "print" to get same parameters (use only if autodetect fails)
string$helppagenameName of wiki page for help ('' by default). Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage|DE:GermanPage For other external page: http://server/url
Returns
void

Definition at line 2172 of file main.inc.php.

◆ top_menu_bookmark()

top_menu_bookmark ( )

Build the tooltip on top menu bookmark.

Returns
string HTML content

Definition at line 2956 of file main.inc.php.

◆ top_menu_quickadd()

top_menu_quickadd ( )

Build the tooltip on top menu quick add.

Returns
string HTML content

Definition at line 2697 of file main.inc.php.

◆ top_menu_search()

top_menu_search ( )

Build the tooltip on top menu tsearch.

Returns
string HTML content

Definition at line 3051 of file main.inc.php.

◆ top_menu_user()

top_menu_user (   $hideloginname = 0,
  $urllogout = '' 
)

Build the tooltip on user login.

Parameters
int<0,1>$hideloginname Hide login name. Show only the image.
string$urllogoutURL for logout (Will use DOL_URL_ROOT.'/user/logout.php?token=...' if empty)
Returns
string HTML content

Definition at line 2432 of file main.inc.php.