263 if (is_array($var)) {
264 foreach ($var as $key => $value) {
266 if ($type === 0 && defined(
'NOSCANPOSTFORINJECTION') && is_array(constant(
'NOSCANPOSTFORINJECTION')) && in_array($key, constant(
'NOSCANPOSTFORINJECTION'))) {
273 http_response_code(403);
276 $ip = (empty($_SERVER[
'REMOTE_ADDR']) ?
'unknown' : $_SERVER[
'REMOTE_ADDR']);
279 $errormessage =
'Access refused to '.htmlentities($ip, ENT_COMPAT,
'UTF-8').
' by SQL or Script injection protection in main.inc.php:analyseVarsForSqlAndScriptsInjection type='.htmlentities((
string) $type, ENT_COMPAT,
'UTF-8');
282 $errormessage2 =
'page='.htmlentities((empty($_SERVER[
"REQUEST_URI"]) ?
'' : $_SERVER[
"REQUEST_URI"]), ENT_COMPAT,
'UTF-8');
283 $errormessage2 .=
' paramtype='.htmlentities((
string) $type, ENT_COMPAT,
'UTF-8');
284 $errormessage2 .=
' paramkey='.htmlentities($key, ENT_COMPAT,
'UTF-8');
285 $errormessage2 .=
' paramvalue='.htmlentities($value, ENT_COMPAT,
'UTF-8');
289 print
'Try to go back, fix data of your form and resubmit it. You can contact also your technical support.';
291 print
"\n".
'<!--'.
"\n";
292 print $errormessage2;
296 if (function_exists(
'error_log')) {
297 error_log($errormessage.
' '.substr($errormessage2, 2000));
304 if (class_exists(
'PHPUnit\Framework\TestSuite')) {
305 $message = $errormessage.
' '.substr($errormessage2, 2000);
306 throw new Exception(
"Security injection exception: $message");
326if ((defined(
'NOREQUIREDB') || defined(
'NOREQUIRETRAN')) && !defined(
'NOREQUIREMENU')) {
327 print
'If define NOREQUIREDB or NOREQUIRETRAN are set, you must also set NOREQUIREMENU or not set them.';
330if (defined(
'NOREQUIREUSER') && !defined(
'NOREQUIREMENU')) {
331 print
'If define NOREQUIREUSER is set, you must also set NOREQUIREMENU or not set it.';
336if (!defined(
'NOSCANPHPSELFFORINJECTION') && !empty($_SERVER[
"PHP_SELF"])) {
337 $morevaltochecklikepost = array($_SERVER[
"PHP_SELF"]);
341if (!defined(
'NOSCANGETFORINJECTION') && !empty($_SERVER[
"QUERY_STRING"])) {
345 $morevaltochecklikeget = array(urldecode($_SERVER[
"QUERY_STRING"]));
349if (!defined(
'NOSCANPOSTFORINJECTION') || is_array(constant(
'NOSCANPOSTFORINJECTION'))) {
354if (!empty($_SERVER[
'DOCUMENT_ROOT']) && substr($_SERVER[
'DOCUMENT_ROOT'], -6) !==
'htdocs') {
355 set_include_path($_SERVER[
'DOCUMENT_ROOT'].
'/htdocs');
359require_once
'filefunc.inc.php';
364if (
GETPOST(
"DOL_AUTOSET_COOKIE")) {
365 $tmpautoset = explode(
':',
GETPOST(
"DOL_AUTOSET_COOKIE"), 2);
366 $tmplist = explode(
',', $tmpautoset[1]);
367 $cookiearrayvalue = array();
368 foreach ($tmplist as $tmpkey) {
369 $postkey = $tmpautoset[0].
'_'.$tmpkey;
372 $cookiearrayvalue[$tmpkey] =
GETPOST($postkey);
375 $cookiename = $tmpautoset[0];
376 $cookievalue = json_encode($cookiearrayvalue);
378 if (PHP_VERSION_ID < 70300) {
379 setcookie($cookiename, empty($cookievalue) ?
'' : $cookievalue, empty($cookievalue) ? 0 : (time() + (86400 * 354)),
'/',
'', ((empty($dolibarr_main_force_https) &&
isHTTPS() === false) ? false : true), true);
382 $cookieparams = array(
383 'expires' => empty($cookievalue) ? 0 : (time() + (86400 * 354)),
386 'secure' => ((empty($dolibarr_main_force_https) &&
isHTTPS() === false) ? false : true),
390 setcookie($cookiename, empty($cookievalue) ?
'' : $cookievalue, $cookieparams);
392 if (empty($cookievalue)) {
393 unset($_COOKIE[$cookiename]);
399if (!empty($php_session_save_handler) && $php_session_save_handler ==
'db') {
400 require_once
'core/lib/phpsessionin'.$php_session_save_handler.
'.lib.php';
406$prefix = dol_getprefix(
'');
407$sessionname =
'DOLSESSID_'.$prefix;
408$sessiontimeout =
'DOLSESSTIMEOUT_'.$prefix;
409if (!empty($_COOKIE[$sessiontimeout])) {
410 ini_set(
'session.gc_maxlifetime', $_COOKIE[$sessiontimeout]);
415if (!defined(
'NOSESSION')) {
416 if (PHP_VERSION_ID < 70300) {
417 session_set_cookie_params(0,
'/',
null, ((empty($dolibarr_main_force_https) &&
isHTTPS() ===
false) ?
false : true), true);
420 $sessioncookieparams = array(
424 'secure' => ((empty($dolibarr_main_force_https) &&
isHTTPS() ===
false) ?
false : true),
428 session_set_cookie_params($sessioncookieparams);
430 session_name($sessionname);
437require_once
'master.inc.php';
445 if ((!session_id() || !isset($_SESSION[
"dol_login"])) && !isset($_POST[
"username"]) && !empty($_SERVER[
"GATEWAY_INTERFACE"])) {
447 } elseif (isset($_POST[
"username"]) && in_array($_POST[
"username"], explode(
';',
getDolGlobalString(
'MAIN_ONLY_LOGIN_ALLOWED')))) {
449 } elseif (defined(
'NOREQUIREDB')) {
451 } elseif (defined(
'EVEN_IF_ONLY_LOGIN_ALLOWED')) {
453 } elseif (session_id() && isset($_SESSION[
"dol_login"]) && in_array($_SESSION[
"dol_login"], explode(
';',
getDolGlobalString(
'MAIN_ONLY_LOGIN_ALLOWED')))) {
457 if (session_id() && isset($_SESSION[
"dol_login"]) && !in_array($_SESSION[
"dol_login"], explode(
';',
getDolGlobalString(
'MAIN_ONLY_LOGIN_ALLOWED')))) {
458 print
'Sorry, your application is offline.'.
"\n";
459 print
'You are logged with user "'.$_SESSION[
"dol_login"].
'" and only administrator users (' . str_replace(
';',
', ',
getDolGlobalString(
'MAIN_ONLY_LOGIN_ALLOWED')).
') is allowed to connect for the moment.'.
"\n";
460 $nexturl = DOL_URL_ROOT.
'/user/logout.php?token='.newToken();
461 print
'Please try later or <a href="'.$nexturl.
'">click here to disconnect and change login user</a>...'.
"\n";
463 print
'Sorry, your application is offline. Only administrator users (' . str_replace(
';',
', ',
getDolGlobalString(
'MAIN_ONLY_LOGIN_ALLOWED')).
') is allowed to connect for the moment.'.
"\n";
464 $nexturl = DOL_URL_ROOT.
'/';
465 print
'Please try later or <a href="'.$nexturl.
'">click here to change login user</a>...'.
"\n";
473register_shutdown_function(
'dol_shutdown');
476if (isModEnabled(
'debugbar') && !
GETPOST(
'dol_use_jmobile') && empty($_SESSION[
'dol_use_jmobile'])) {
478 include_once DOL_DOCUMENT_ROOT.
'/debugbar/class/DebugBar.php';
480 $renderer = $debugbar->getJavascriptRenderer();
482 $conf->global->MAIN_HTML_HEADER =
'';
484 $conf->global->MAIN_HTML_HEADER .= $renderer->renderHead();
486 $debugbar[
'time']->startMeasure(
'pageaftermaster',
'Page generation (after environment init)');
490if (isset($_SERVER[
"HTTP_USER_AGENT"])) {
492 $conf->browser->name = $tmp[
'browsername'];
493 $conf->browser->os = $tmp[
'browseros'];
494 $conf->browser->version = $tmp[
'browserversion'];
495 $conf->browser->ua = $tmp[
'browserua'];
496 $conf->browser->layout = $tmp[
'layout'];
499 if ($conf->browser->layout ==
'phone') {
500 $conf->dol_no_mouse_hover = 1;
506 $conf->theme =
GETPOST(
'theme',
'aZ09');
507 $conf->css =
"/theme/".$conf->theme.
"/style.css.php";
511if (
GETPOSTINT(
'textbrowser') || (!empty($conf->browser->name) && $conf->browser->name ==
'lynxlinks')) {
512 $conf->global->MAIN_OPTIMIZEFORTEXTBROWSER = 2;
517if (!empty($conf->file->main_force_https) && !
isHTTPS() && !defined(
'NOHTTPSREDIRECT')) {
519 if (is_numeric($conf->file->main_force_https)) {
520 if ($conf->file->main_force_https ==
'1' && !empty($_SERVER[
"SCRIPT_URI"])) {
521 if (preg_match(
'/^http:/i', $_SERVER[
"SCRIPT_URI"]) && !preg_match(
'/^https:/i', $_SERVER[
"SCRIPT_URI"])) {
522 $newurl = preg_replace(
'/^http:/i',
'https:', $_SERVER[
"SCRIPT_URI"]);
527 $newurl = preg_replace(
'/^http:/i',
'https:', DOL_MAIN_URL_ROOT).$_SERVER[
"REQUEST_URI"];
531 $newurl = $conf->file->main_force_https.$_SERVER[
"REQUEST_URI"];
536 dol_syslog(
"main.inc: dolibarr_main_force_https is on, we make a redirect to ".$newurl);
537 header(
"Location: ".$newurl);
540 dol_syslog(
"main.inc: dolibarr_main_force_https is on but we failed to forge new https url so no redirect is done", LOG_WARNING);
544if (!defined(
'NOLOGIN') && !defined(
'NOIPCHECK') && !empty($dolibarr_main_restrict_ip)) {
545 $listofip = explode(
',', $dolibarr_main_restrict_ip);
547 foreach ($listofip as $ip) {
549 if ($ip == $_SERVER[
'REMOTE_ADDR']) {
555 print
'Access refused by IP protection. Your detected IP is '.$_SERVER[
'REMOTE_ADDR'];
561if (!defined(
'NOREQUIREHTML')) {
562 require_once DOL_DOCUMENT_ROOT.
'/core/class/html.form.class.php';
564if (!defined(
'NOREQUIREAJAX')) {
565 require_once DOL_DOCUMENT_ROOT.
'/core/lib/ajax.lib.php';
570 dol_syslog(
"main.inc: A previous install or upgrade was not complete. Redirect to install page.", LOG_WARNING);
571 header(
"Location: ".DOL_URL_ROOT.
"/install/index.php");
575$checkifupgraderequired =
false;
577 $checkifupgraderequired =
true;
580 $checkifupgraderequired =
true;
582if ($checkifupgraderequired) {
584 require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
585 $dolibarrversionlastupgrade = preg_split(
'/[.-]/', $versiontocompare);
586 $dolibarrversionprogram = preg_split(
'/[.-]/', DOL_VERSION);
587 $rescomp =
versioncompare($dolibarrversionprogram, $dolibarrversionlastupgrade);
589 if (!
getDolGlobalString(
'MAIN_NO_UPGRADE_REDIRECT_ON_LEVEL_3_CHANGE') || $rescomp < 3) {
591 dol_syslog(
"main.inc: database version ".$versiontocompare.
" is lower than programs version ".DOL_VERSION.
". Redirect to install/upgrade page.", LOG_WARNING);
592 if (php_sapi_name() ===
"cli") {
593 print
"main.inc: database version ".$versiontocompare.
" is lower than programs version ".DOL_VERSION.
". Try to run upgrade process.\n";
595 header(
"Location: ".DOL_URL_ROOT.
"/install/index.php");
603if (!defined(
'NOTOKENRENEWAL') && !defined(
'NOSESSION')) {
605 if (!preg_match(
'/\.(css|js|json)\.php$/', $_SERVER[
"PHP_SELF"])) {
607 if (isset($_SESSION[
'newtoken'])) {
608 $_SESSION[
'token'] = $_SESSION[
'newtoken'];
611 if (!isset($_SESSION[
'newtoken']) ||
getDolGlobalInt(
'MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL')) {
615 $token =
dol_hash(uniqid((
string) mt_rand(),
false),
'md5');
616 $_SESSION[
'newtoken'] = $token;
617 dol_syslog(
"NEW TOKEN generated by : ".$_SERVER[
'PHP_SELF'], LOG_DEBUG);
625if ((!defined(
'NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) &&
getDolGlobalInt(
'MAIN_SECURITY_CSRF_WITH_TOKEN')) || defined(
'CSRFCHECK_WITH_TOKEN')) {
627 $sensitiveget =
false;
628 if ((GETPOSTISSET(
'massaction') ||
GETPOST(
'action',
'aZ09')) &&
getDolGlobalInt(
'MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) {
630 if (GETPOSTISSET(
'massaction') || !in_array(
GETPOST(
'action',
'aZ09'), array(
'create',
'createsite',
'createcard',
'edit',
'editvalidator',
'file_manager',
'presend',
'presend_addmessage',
'preview',
'specimen'))) {
631 $sensitiveget =
true;
635 $arrayofactiontoforcetokencheck = array(
637 'doprev',
'donext',
'dvprev',
'dvnext',
638 'freezone',
'install',
641 if (in_array(
GETPOST(
'action',
'aZ09'), $arrayofactiontoforcetokencheck)) {
642 $sensitiveget =
true;
645 if (preg_match(
'/^(confirm_)?(add|classify|close|confirm|copy|del|disable|enable|remove|set|unset|update|save)/',
GETPOST(
'action',
'aZ09'))) {
646 $sensitiveget =
true;
653 (!empty($_SERVER[
'REQUEST_METHOD']) && $_SERVER[
'REQUEST_METHOD'] ==
'POST') ||
655 GETPOSTISSET(
'massaction') ||
656 ((GETPOSTISSET(
'actionlogin') || GETPOSTISSET(
'action')) && defined(
'CSRFCHECK_WITH_TOKEN'))
659 if (!
GETPOST(
'token',
'alpha') ||
GETPOST(
'token',
'alpha') ==
'notrequired') {
662 dol_syslog(
"--- Access to ".(empty($_SERVER[
"REQUEST_METHOD"]) ?
'' : $_SERVER[
"REQUEST_METHOD"].
' ').$_SERVER[
"PHP_SELF"].
" refused. File size too large or not provided.");
663 $langs->loadLangs(array(
"errors",
"install"));
664 print $langs->trans(
"ErrorFileSizeTooLarge").
' ';
665 print $langs->trans(
"ErrorGoBackAndCorrectParameters");
667 http_response_code(403);
668 if (defined(
'CSRFCHECK_WITH_TOKEN')) {
669 dol_syslog(
"--- Access to ".(empty($_SERVER[
"REQUEST_METHOD"]) ?
'' : $_SERVER[
"REQUEST_METHOD"].
' ').$_SERVER[
"PHP_SELF"].
" refused by CSRF protection (CSRFCHECK_WITH_TOKEN protection) in main.inc.php. Token not provided.", LOG_WARNING);
670 print
"Access to a page that needs a token (constant CSRFCHECK_WITH_TOKEN is defined) is refused by CSRF protection in main.inc.php. Token not provided.\n";
672 dol_syslog(
"--- Access to ".(empty($_SERVER[
"REQUEST_METHOD"]) ?
'' : $_SERVER[
"REQUEST_METHOD"].
' ').$_SERVER[
"PHP_SELF"].
" refused by CSRF protection (POST method or GET with a sensible value for 'action' parameter) in main.inc.php. Token not provided.", LOG_WARNING);
673 print
"Access to this page this way (POST method or GET with a sensible value for 'action' parameter) is refused by CSRF protection in main.inc.php. Token not provided.\n";
674 print
"If you access your server behind a proxy using url rewriting and the parameter is provided by caller, you might check that all HTTP header are propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file or MAIN_SECURITY_CSRF_WITH_TOKEN to 0";
678 print
" into setup).\n";
685 $sessiontokenforthisurl = (empty($_SESSION[
'token']) ?
'' : $_SESSION[
'token']);
687 if (GETPOSTISSET(
'token') &&
GETPOST(
'token') !=
'notrequired' &&
GETPOST(
'token',
'alpha') != $sessiontokenforthisurl) {
688 dol_syslog(
"--- Access to ".(empty($_SERVER[
"REQUEST_METHOD"]) ?
'' : $_SERVER[
"REQUEST_METHOD"].
' ').$_SERVER[
"PHP_SELF"].
" refused by CSRF protection (invalid token), so we disable POST and some GET parameters - referrer=".(empty($_SERVER[
'HTTP_REFERER']) ?
'' : $_SERVER[
'HTTP_REFERER']).
", action=".
GETPOST(
'action',
'aZ09').
", _GET|POST['token']=".
GETPOST(
'token',
'alpha'), LOG_WARNING);
691 if (!defined(
'NOTOKENRENEWAL')) {
693 setEventMessages(
'SecurityTokenHasExpiredSoActionHasBeenCanceledPleaseRetry',
null,
'warnings',
'', 1);
696 if (isset($_POST[
'id'])) {
697 $savid = ((int) $_POST[
'id']);
700 unset($_GET[
'confirm']);
701 unset($_GET[
'action']);
702 unset($_GET[
'confirmmassaction']);
703 unset($_GET[
'massaction']);
704 unset($_GET[
'token']);
706 $_POST[
'id'] = ((int) $savid);
709 $_GET[
'errorcode'] =
'InvalidToken';
716if (GETPOSTISSET(
'disablemodules')) {
717 $_SESSION[
"disablemodules"] =
GETPOST(
'disablemodules',
'alpha');
719if (!empty($_SESSION[
"disablemodules"])) {
720 $modulepartkeys = array(
'css',
'js',
'tabs',
'triggers',
'login',
'substitutions',
'menus',
'theme',
'sms',
'tpl',
'barcode',
'models',
'societe',
'hooks',
'dir',
'syslog',
'tpllinkable',
'contactelement',
'moduleforexternal',
'websitetemplates');
722 $disabled_modules = explode(
',', $_SESSION[
"disablemodules"]);
723 foreach ($disabled_modules as $module) {
725 if (empty($conf->$module)) {
728 $conf->$module->enabled =
false;
729 foreach ($modulepartkeys as $modulepartkey) {
730 unset($conf->modules_parts[$modulepartkey][$module]);
732 if ($module ==
'fournisseur') {
733 $conf->supplier_order->enabled = 0;
734 $conf->supplier_invoice->enabled = 0;
741$modulepart = explode(
"/", $_SERVER[
"PHP_SELF"]);
742if (is_array($modulepart) && count($modulepart) > 0) {
743 foreach ($conf->modules as $module) {
744 if (in_array($module, $modulepart)) {
745 $modulepart = $module;
750if (is_array($modulepart)) {
761if (!defined(
'NOLOGIN')) {
765 if (defined(
'MAIN_AUTHENTICATION_MODE')) {
766 $dolibarr_main_authentication = constant(
'MAIN_AUTHENTICATION_MODE');
769 if (empty($dolibarr_main_authentication)) {
770 $dolibarr_main_authentication =
'dolibarr';
773 if ($dolibarr_main_authentication ==
'forceuser' && empty($dolibarr_auto_user)) {
774 $dolibarr_auto_user =
'auto';
778 $authmode = explode(
',', $dolibarr_main_authentication);
781 if (!count($authmode)) {
782 $langs->load(
'main');
783 dol_print_error(
null, $langs->trans(
"ErrorConfigParameterNotDefined",
'dolibarr_main_authentication'));
790 $resultFetchUser =
'';
792 if (!isset($_SESSION[
"dol_login"])) {
794 include_once DOL_DOCUMENT_ROOT.
'/core/lib/security2.lib.php';
796 $dol_dst_observed =
GETPOSTINT(
"dst_observed", 3);
798 $dol_dst_second =
GETPOSTINT(
"dst_second", 3);
799 $dol_screenwidth =
GETPOSTINT(
"screenwidth", 3);
800 $dol_screenheight =
GETPOSTINT(
"screenheight", 3);
801 $dol_hide_topmenu =
GETPOSTINT(
'dol_hide_topmenu', 3);
802 $dol_hide_leftmenu =
GETPOSTINT(
'dol_hide_leftmenu', 3);
803 $dol_optimize_smallscreen =
GETPOSTINT(
'dol_optimize_smallscreen', 3);
804 $dol_no_mouse_hover =
GETPOSTINT(
'dol_no_mouse_hover', 3);
805 $dol_use_jmobile =
GETPOSTINT(
'dol_use_jmobile', 3);
808 if (!empty($dolibarr_main_demo) && $_SERVER[
'PHP_SELF'] == DOL_URL_ROOT.
'/index.php') {
809 if (empty($_SERVER[
'HTTP_REFERER']) || !preg_match(
'/public/', $_SERVER[
'HTTP_REFERER'])) {
810 dol_syslog(
"Call index page from another url than demo page (call is done from page ".(empty($_SERVER[
'HTTP_REFERER']) ?
'' : $_SERVER[
'HTTP_REFER']).
")");
812 $url .= ($url ?
'&' :
'').($dol_hide_topmenu ?
'dol_hide_topmenu='.$dol_hide_topmenu :
'');
813 $url .= ($url ?
'&' :
'').($dol_hide_leftmenu ?
'dol_hide_leftmenu='.$dol_hide_leftmenu :
'');
814 $url .= ($url ?
'&' :
'').($dol_optimize_smallscreen ?
'dol_optimize_smallscreen='.$dol_optimize_smallscreen :
'');
815 $url .= ($url ?
'&' :
'').($dol_no_mouse_hover ?
'dol_no_mouse_hover='.$dol_no_mouse_hover :
'');
816 $url .= ($url ?
'&' :
'').($dol_use_jmobile ?
'dol_use_jmobile='.$dol_use_jmobile :
'');
817 $url = DOL_URL_ROOT.
'/public/demo/index.php'.($url ?
'?'.$url :
'');
818 header(
"Location: ".$url);
825 $hookmanager->initHooks(array(
'login'));
826 $parameters = array();
827 $reshook = $hookmanager->executeHooks(
'beforeLoginAuthentication', $parameters, $user, $action);
834 if ($test &&
GETPOST(
"username",
"alpha", 2) &&
getDolGlobalString(
'MAIN_SECURITY_ENABLECAPTCHA') && !isset($_SESSION[
'dol_bypass_antispam'])) {
835 $sessionkey =
'dol_antispam_value';
836 $ok = (array_key_exists($sessionkey, $_SESSION) ===
true && (strtolower($_SESSION[$sessionkey]) === strtolower(
GETPOST(
'code',
'restricthtml'))));
840 dol_syslog(
'Bad value for code, connection refused', LOG_NOTICE);
842 $langs->loadLangs(array(
'main',
'errors'));
844 $_SESSION[
"dol_loginmesg"] = $langs->transnoentitiesnoconv(
"ErrorBadValueForCode");
848 $user->context[
'audit'] =
'ErrorBadValueForCode - login='.GETPOST(
"username",
"alpha", 2);
851 $result = $user->call_trigger(
'USER_LOGIN_FAILED', $user);
859 $hookmanager->initHooks(array(
'login'));
860 $parameters = array(
'dol_authmode' => $authmode,
'dol_loginmesg' => $_SESSION[
"dol_loginmesg"]);
861 $reshook = $hookmanager->executeHooks(
'afterLoginFailed', $parameters, $user, $action);
870 $allowedmethodtopostusername = 3;
871 if (defined(
'MAIN_AUTHENTICATION_POST_METHOD')) {
872 $allowedmethodtopostusername = constant(
'MAIN_AUTHENTICATION_POST_METHOD');
875 $usertotest = (!empty($_COOKIE[
'login_dolibarr']) ? preg_replace(
'/[^a-zA-Z0-9_@\-\.]/',
'', $_COOKIE[
'login_dolibarr']) :
GETPOST(
"username",
"alpha", $allowedmethodtopostusername));
876 $passwordtotest =
GETPOST(
'password',
'password', $allowedmethodtopostusername);
877 $entitytotest = (
GETPOSTINT(
'entity') ?
GETPOSTINT(
'entity') : (!empty($conf->entity) ? $conf->entity : 1));
880 $goontestloop =
false;
881 if (isset($_SERVER[
"REMOTE_USER"]) && in_array(
'http', $authmode)) {
882 $goontestloop =
true;
884 if ($dolibarr_main_authentication ==
'forceuser' && !empty($dolibarr_auto_user)) {
885 $goontestloop =
true;
887 if (
GETPOST(
"username",
"alpha", $allowedmethodtopostusername)) {
888 $goontestloop =
true;
890 if (
GETPOST(
'openid_mode',
'alpha')) {
891 $goontestloop =
true;
893 if (
GETPOST(
'beforeoauthloginredirect') ||
GETPOST(
'afteroauthloginreturn')) {
894 $goontestloop =
true;
896 if (!empty($_COOKIE[
'login_dolibarr'])) {
897 $goontestloop =
true;
900 if (!is_object($langs)) {
901 include_once DOL_DOCUMENT_ROOT.
'/core/class/translate.class.php';
904 if (defined(
'MAIN_LANG_DEFAULT')) {
905 $langcode = constant(
'MAIN_LANG_DEFAULT');
907 $langs->setDefaultLang($langcode);
913 if ($test && $goontestloop && (
GETPOST(
'actionlogin',
'aZ09') ==
'login' || $dolibarr_main_authentication !=
'dolibarr')) {
916 $oauthmodetotestarray = array(
'google');
917 foreach ($oauthmodetotestarray as $oauthmodetotest) {
918 if (in_array($oauthmodetotest.
'oauth', $authmode)) {
920 if (
GETPOST(
'beforeoauthloginredirect') == $oauthmodetotest ||
GETPOST(
'afteroauthloginreturn')) {
924 dol_syslog(
"User did not click on link for OAuth or is not on the OAuth return, so we disable check using ".$oauthmodetotest);
925 foreach ($authmode as $tmpkey => $tmpval) {
926 if ($tmpval == $oauthmodetotest.
'oauth') {
927 unset($authmode[$tmpkey]);
936 if ($login ===
'--bad-login-validity--') {
943 $dol_authmode = $conf->authmode;
944 $dol_tz = empty($_POST[
"tz"]) ? (empty($_SESSION[
"tz"]) ?
'' : $_SESSION[
"tz"]) : $_POST[
"tz"];
945 $dol_tz_string = empty($_POST[
"tz_string"]) ? (empty($_SESSION[
"tz_string"]) ?
'' : $_SESSION[
"tz_string"]) : $_POST[
"tz_string"];
946 $dol_tz_string = preg_replace(
'/\s*\(.+\)$/',
'', $dol_tz_string);
947 $dol_tz_string = preg_replace(
'/,/',
'/', $dol_tz_string);
948 $dol_tz_string = preg_replace(
'/\s/',
'_', $dol_tz_string);
951 $dol_dst_first = empty($_POST[
"dst_first"]) ? (empty($_SESSION[
"dst_first"]) ?
'' : $_SESSION[
"dst_first"]) : $_POST[
"dst_first"];
952 $dol_dst_second = empty($_POST[
"dst_second"]) ? (empty($_SESSION[
"dst_second"]) ?
'' : $_SESSION[
"dst_second"]) : $_POST[
"dst_second"];
953 if ($dol_dst_first && $dol_dst_second) {
954 include_once DOL_DOCUMENT_ROOT.
'/core/lib/date.lib.php';
958 if ($datenow >= $datefirst && $datenow < $datesecond) {
962 $dol_screenheight = empty($_POST[
"screenheight"]) ? (empty($_SESSION[
"dol_screenheight"]) ?
'' : $_SESSION[
"dol_screenheight"]) : $_POST[
"screenheight"];
963 $dol_screenwidth = empty($_POST[
"screenwidth"]) ? (empty($_SESSION[
"dol_screenwidth"]) ?
'' : $_SESSION[
"dol_screenwidth"]) : $_POST[
"screenwidth"];
968 dol_syslog(
'Bad password, connection refused (see a previous notice message for more info)', LOG_NOTICE);
970 $langs->loadLangs(array(
'main',
'errors'));
974 if (empty($_SESSION[
"dol_loginmesg"])) {
975 $_SESSION[
"dol_loginmesg"] = $langs->transnoentitiesnoconv(
"ErrorBadLoginPassword");
979 $user->context[
'audit'] = $langs->trans(
"ErrorBadLoginPassword").
' - login='.
GETPOST(
"username",
"alpha", 2);
982 $result = $user->call_trigger(
'USER_LOGIN_FAILED', $user);
990 $hookmanager->initHooks(array(
'login'));
991 $parameters = array(
'dol_authmode' => $dol_authmode,
'dol_loginmesg' => $_SESSION[
"dol_loginmesg"]);
992 $reshook = $hookmanager->executeHooks(
'afterLoginFailed', $parameters, $user, $action);
1002 if (!$login || (in_array(
'ldap', $authmode) && empty($passwordtotest))) {
1004 dol_syslog(
"--- Access to ".(empty($_SERVER[
"REQUEST_METHOD"]) ?
'' : $_SERVER[
"REQUEST_METHOD"].
' ').$_SERVER[
"PHP_SELF"].
" - action=".
GETPOST(
'action',
'aZ09').
" - actionlogin=".
GETPOST(
'actionlogin',
'aZ09').
" - showing the login form and exit", LOG_NOTICE);
1005 if (defined(
'NOREDIRECTBYMAINTOLOGIN')) {
1010 return 'ERROR_NOT_LOGGED';
1012 if (!empty($_SERVER[
"HTTP_USER_AGENT"]) && $_SERVER[
"HTTP_USER_AGENT"] ==
'securitytest') {
1013 http_response_code(401);
1015 dol_loginfunction($langs, $conf, (!empty($mysoc) ? $mysoc :
''));
1020 $resultFetchUser = $user->fetch(
'', $login,
'', 1, ($entitytotest > 0 ? $entitytotest : -1));
1021 if ($resultFetchUser <= 0 || $user->isNotIntoValidityDateRange()) {
1022 dol_syslog(
'User not found or not valid, connection refused');
1024 session_set_cookie_params(0,
'/',
null, (empty($dolibarr_main_force_https) ?
false : true), true);
1025 session_name($sessionname);
1028 if ($resultFetchUser == 0) {
1030 $langs->loadLangs(array(
'main',
'errors'));
1032 $_SESSION[
"dol_loginmesg"] = $langs->transnoentitiesnoconv(
"ErrorCantLoadUserFromDolibarrDatabase", $login);
1034 $user->context[
'audit'] =
'ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
1035 } elseif ($resultFetchUser < 0) {
1036 $_SESSION[
"dol_loginmesg"] = $user->error;
1038 $user->context[
'audit'] = $user->error;
1041 $langs->loadLangs(array(
'main',
'errors'));
1043 $_SESSION[
"dol_loginmesg"] = $langs->transnoentitiesnoconv(
"ErrorLoginDateValidity");
1045 $user->context[
'audit'] = $langs->trans(
"ErrorLoginDateValidity").
' - login='.$login;
1049 $result = $user->call_trigger(
'USER_LOGIN_FAILED', $user);
1058 $hookmanager->initHooks(array(
'login'));
1059 $parameters = array(
'dol_authmode' => $dol_authmode,
'dol_loginmesg' => $_SESSION[
"dol_loginmesg"]);
1060 $reshook = $hookmanager->executeHooks(
'afterLoginFailed', $parameters, $user, $action);
1065 $paramsurl = array();
1067 $paramsurl[] =
'textbrowser='.GETPOSTINT(
'textbrowser');
1070 $paramsurl[] =
'nojs='.GETPOSTINT(
'nojs');
1072 if (
GETPOST(
'lang',
'aZ09')) {
1073 $paramsurl[] =
'lang='.GETPOST(
'lang',
'aZ09');
1075 header(
'Location: '.DOL_URL_ROOT.
'/index.php'.(count($paramsurl) ?
'?'.implode(
'&', $paramsurl) :
''));
1079 if (!empty($user->conf->MAIN_LANG_DEFAULT)) {
1080 $langs->setDefaultLang($user->conf->MAIN_LANG_DEFAULT);
1085 $login = $_SESSION[
"dol_login"];
1086 $entity = isset($_SESSION[
"dol_entity"]) ? $_SESSION[
"dol_entity"] : 0;
1087 dol_syslog(
"- This is an already logged session. _SESSION['dol_login']=".$login.
" _SESSION['dol_entity']=".$entity, LOG_DEBUG);
1089 $resultFetchUser = $user->fetch(
'', $login,
'', 1, ($entity > 0 ? $entity : -1));
1093 if ($resultFetchUser <= 0
1094 || ($user->flagdelsessionsbefore && !empty($_SESSION[
"dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION[
"dol_logindate"])
1095 || ($user->status != $user::STATUS_ENABLED)
1096 || ($user->isNotIntoValidityDateRange())) {
1097 if ($resultFetchUser <= 0) {
1099 dol_syslog(
"Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING);
1100 } elseif ($user->flagdelsessionsbefore && !empty($_SESSION[
"dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION[
"dol_logindate"]) {
1102 dol_syslog(
"The user has a date for session invalidation = ".$user->flagdelsessionsbefore.
" and a session date = ".$_SESSION[
"dol_logindate"].
". We must invalidate its sessions.");
1103 } elseif ($user->status != $user::STATUS_ENABLED) {
1108 dol_syslog(
"The user login has a validity between [".$user->datestartvalidity.
" and ".$user->dateendvalidity.
"], current date is ".
dol_now());
1111 session_set_cookie_params(0,
'/',
null, (empty($dolibarr_main_force_https) ?
false : true), true);
1112 session_name($sessionname);
1115 if ($resultFetchUser == 0) {
1116 $langs->loadLangs(array(
'main',
'errors'));
1118 $_SESSION[
"dol_loginmesg"] = $langs->transnoentitiesnoconv(
"ErrorCantLoadUserFromDolibarrDatabase", $login);
1120 $user->context[
'audit'] =
'ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
1121 } elseif ($resultFetchUser < 0) {
1122 $_SESSION[
"dol_loginmesg"] = $user->error;
1124 $user->context[
'audit'] = $user->error;
1126 $langs->loadLangs(array(
'main',
'errors'));
1128 $_SESSION[
"dol_loginmesg"] = $langs->transnoentitiesnoconv(
"ErrorSessionInvalidatedAfterPasswordChange");
1130 $user->context[
'audit'] =
'ErrorUserSessionWasInvalidated - login='.$login;
1134 $result = $user->call_trigger(
'USER_LOGIN_FAILED', $user);
1142 $hookmanager->initHooks(array(
'login'));
1143 $parameters = array(
'dol_authmode' => (isset($dol_authmode) ? $dol_authmode :
''),
'dol_loginmesg' => $_SESSION[
"dol_loginmesg"]);
1144 $reshook = $hookmanager->executeHooks(
'afterLoginFailed', $parameters, $user, $action);
1149 $paramsurl = array();
1151 $paramsurl[] =
'textbrowser='.GETPOSTINT(
'textbrowser');
1154 $paramsurl[] =
'nojs='.GETPOSTINT(
'nojs');
1156 if (
GETPOST(
'lang',
'aZ09')) {
1157 $paramsurl[] =
'lang='.GETPOST(
'lang',
'aZ09');
1160 header(
'Location: '.DOL_URL_ROOT.
'/index.php'.(count($paramsurl) ?
'?'.implode(
'&', $paramsurl) :
''));
1164 $hookmanager->initHooks(array(
'main'));
1167 if (!empty($_GET[
'save_lastsearch_values']) && !empty($_SERVER[
"HTTP_REFERER"])) {
1168 $relativepathstring = preg_replace(
'/\?.*$/',
'', $_SERVER[
"HTTP_REFERER"]);
1169 $relativepathstring = preg_replace(
'/^https?:\/\/[^\/]*/',
'', $relativepathstring);
1171 if (constant(
'DOL_URL_ROOT')) {
1172 $relativepathstring = preg_replace(
'/^'.preg_quote(constant(
'DOL_URL_ROOT'),
'/').
'/',
'', $relativepathstring);
1174 $relativepathstring = preg_replace(
'/^\//',
'', $relativepathstring);
1175 $relativepathstring = preg_replace(
'/^custom\//',
'', $relativepathstring);
1179 if (!empty($_SESSION[
'lastsearch_values_tmp_'.$relativepathstring])) {
1180 $_SESSION[
'lastsearch_values_'.$relativepathstring] = $_SESSION[
'lastsearch_values_tmp_'.$relativepathstring];
1181 unset($_SESSION[
'lastsearch_values_tmp_'.$relativepathstring]);
1183 if (!empty($_SESSION[
'lastsearch_contextpage_tmp_'.$relativepathstring])) {
1184 $_SESSION[
'lastsearch_contextpage_'.$relativepathstring] = $_SESSION[
'lastsearch_contextpage_tmp_'.$relativepathstring];
1185 unset($_SESSION[
'lastsearch_contextpage_tmp_'.$relativepathstring]);
1187 if (!empty($_SESSION[
'lastsearch_limit_tmp_'.$relativepathstring]) && $_SESSION[
'lastsearch_limit_tmp_'.$relativepathstring] != $conf->liste_limit) {
1188 $_SESSION[
'lastsearch_limit_'.$relativepathstring] = $_SESSION[
'lastsearch_limit_tmp_'.$relativepathstring];
1189 unset($_SESSION[
'lastsearch_limit_tmp_'.$relativepathstring]);
1191 if (!empty($_SESSION[
'lastsearch_page_tmp_'.$relativepathstring]) && $_SESSION[
'lastsearch_page_tmp_'.$relativepathstring] > 0) {
1192 $_SESSION[
'lastsearch_page_'.$relativepathstring] = $_SESSION[
'lastsearch_page_tmp_'.$relativepathstring];
1193 unset($_SESSION[
'lastsearch_page_tmp_'.$relativepathstring]);
1195 if (!empty($_SESSION[
'lastsearch_mode_tmp_'.$relativepathstring])) {
1196 $_SESSION[
'lastsearch_mode_'.$relativepathstring] = $_SESSION[
'lastsearch_mode_tmp_'.$relativepathstring];
1197 unset($_SESSION[
'lastsearch_mode_tmp_'.$relativepathstring]);
1200 if (!empty($_GET[
'save_pageforbacktolist']) && !empty($_SERVER[
"HTTP_REFERER"])) {
1201 if (empty($_SESSION[
'pageforbacktolist'])) {
1202 $pageforbacktolistarray = array();
1204 $pageforbacktolistarray = $_SESSION[
'pageforbacktolist'];
1206 $tmparray = explode(
':', $_GET[
'save_pageforbacktolist'], 2);
1207 if (!empty($tmparray[0]) && !empty($tmparray[1])) {
1208 $pageforbacktolistarray[$tmparray[0]] = $tmparray[1];
1209 $_SESSION[
'pageforbacktolist'] = $pageforbacktolistarray;
1214 $parameters = array();
1215 $reshook = $hookmanager->executeHooks(
'updateSession', $parameters, $user, $action);
1224 if (!isset($_SESSION[
"dol_login"])) {
1229 $_SESSION[
"dol_login"] = $user->login;
1230 $_SESSION[
"dol_logindate"] =
dol_now(
'gmt');
1231 $_SESSION[
"dol_authmode"] = isset($dol_authmode) ? $dol_authmode :
'';
1232 $_SESSION[
"dol_tz"] = isset($dol_tz) ? $dol_tz :
'';
1233 $_SESSION[
"dol_tz_string"] = isset($dol_tz_string) ? $dol_tz_string :
'';
1234 $_SESSION[
"dol_dst"] = isset($dol_dst) ? $dol_dst :
'';
1235 $_SESSION[
"dol_dst_observed"] = isset($dol_dst_observed) ? $dol_dst_observed :
'';
1236 $_SESSION[
"dol_dst_first"] = isset($dol_dst_first) ? $dol_dst_first :
'';
1237 $_SESSION[
"dol_dst_second"] = isset($dol_dst_second) ? $dol_dst_second :
'';
1238 $_SESSION[
"dol_screenwidth"] = isset($dol_screenwidth) ? $dol_screenwidth :
'';
1239 $_SESSION[
"dol_screenheight"] = isset($dol_screenheight) ? $dol_screenheight :
'';
1241 $_SESSION[
"dol_entity"] = $conf->entity;
1243 if (!empty($dol_hide_topmenu)) {
1244 $_SESSION[
'dol_hide_topmenu'] = $dol_hide_topmenu;
1246 if (!empty($dol_hide_leftmenu)) {
1247 $_SESSION[
'dol_hide_leftmenu'] = $dol_hide_leftmenu;
1249 if (!empty($dol_optimize_smallscreen)) {
1250 $_SESSION[
'dol_optimize_smallscreen'] = $dol_optimize_smallscreen;
1252 if (!empty($dol_no_mouse_hover)) {
1253 $_SESSION[
'dol_no_mouse_hover'] = $dol_no_mouse_hover;
1255 if (!empty($dol_use_jmobile)) {
1256 $_SESSION[
'dol_use_jmobile'] = $dol_use_jmobile;
1259 dol_syslog(
"This is a new started user session. _SESSION['dol_login']=".$_SESSION[
"dol_login"].
" Session id=".session_id());
1263 $user->update_last_login_date();
1265 $loginfo =
'TZ='.$_SESSION[
"dol_tz"].
';TZString='.$_SESSION[
"dol_tz_string"].
';Screen='.$_SESSION[
"dol_screenwidth"].
'x'.$_SESSION[
"dol_screenheight"];
1266 $loginfo .=
' - authmode='.$dol_authmode.
' - entity='.$conf->entity;
1269 $user->context[
'audit'] = $loginfo;
1270 $user->context[
'authentication_method'] = $dol_authmode;
1273 $result = $user->call_trigger(
'USER_LOGIN', $user);
1281 $hookmanager->initHooks(array(
'login'));
1282 $parameters = array(
'dol_authmode' => $dol_authmode,
'dol_loginfo' => $loginfo);
1283 $reshook = $hookmanager->executeHooks(
'afterLogin', $parameters, $user, $action);
1291 dol_print_error($db,
'Error in some triggers USER_LOGIN or in some hooks afterLogin');
1298 $landingpage = (empty($user->conf->MAIN_LANDING_PAGE) ? (!
getDolGlobalString(
'MAIN_LANDING_PAGE') ?
'' : $conf->global->MAIN_LANDING_PAGE) : $user->
conf->MAIN_LANDING_PAGE);
1299 if (!empty($landingpage)) {
1301 if ($_SERVER[
"PHP_SELF"] != $newpath) {
1302 header(
'Location: '.$newpath);
1311 $user->rights->user->user->lire = 1;
1312 $user->rights->user->user->creer = 1;
1313 $user->rights->user->user->password = 1;
1314 $user->rights->user->user->supprimer = 1;
1315 $user->rights->user->self->creer = 1;
1316 $user->rights->user->self->password = 1;
1320 if (!$user->hasRight(
'user',
'user_advance')) {
1321 $user->rights->user->user_advance =
new stdClass();
1323 if (!$user->hasRight(
'user',
'self_advance')) {
1324 $user->rights->user->self_advance =
new stdClass();
1326 if (!$user->hasRight(
'user',
'group_advance')) {
1327 $user->rights->user->group_advance =
new stdClass();
1330 $user->rights->user->user_advance->readperms = 1;
1331 $user->rights->user->user_advance->write = 1;
1332 $user->rights->user->self_advance->readperms = 1;
1333 $user->rights->user->self_advance->writeperms = 1;
1334 $user->rights->user->group_advance->read = 1;
1335 $user->rights->user->group_advance->readperms = 1;
1336 $user->rights->user->group_advance->write = 1;
1337 $user->rights->user->group_advance->delete = 1;
1346 if (isset($user->conf->MAIN_SIZE_LISTE_LIMIT)) {
1347 $conf->liste_limit =
getDolUserInt(
'MAIN_SIZE_LISTE_LIMIT');
1349 if ((
int) $conf->liste_limit <= 0) {
1351 $conf->liste_limit = 15;
1352 if (!empty($_SESSION[
'dol_screenheight']) && $_SESSION[
'dol_screenheight'] < 910) {
1353 $conf->liste_limit = 10;
1354 } elseif (!empty($_SESSION[
'dol_screenheight']) && $_SESSION[
'dol_screenheight'] > 1130) {
1355 $conf->liste_limit = 20;
1362 $conf->css =
"/theme/".$conf->theme.
"/style.css.php";
1366 if (!empty($user) && method_exists($user,
'loadDefaultValues') && !defined(
'NODEFAULTVALUES')) {
1367 $user->loadDefaultValues();
1373if (
GETPOST(
'theme',
'aZ09')) {
1374 $conf->theme =
GETPOST(
'theme',
'aZ09', 1);
1375 $conf->css =
"/theme/".$conf->theme.
"/style.css.php";
1380 $conf->use_javascript_ajax = 0;
1389 $conf->global->MAIN_OPTIMIZEFORTEXTBROWSER =
getDolUserString(
'MAIN_OPTIMIZEFORTEXTBROWSER');
1391 $conf->global->THEME_TOPMENU_DISABLE_IMAGE = 1;
1398$conf->global->MAIN_OPTIMIZEFORCOLORBLIND =
getDolUserString(
'MAIN_OPTIMIZEFORCOLORBLIND');
1401if (
GETPOSTINT(
'dol_hide_leftmenu') || !empty($_SESSION[
'dol_hide_leftmenu'])) {
1402 $conf->dol_hide_leftmenu = 1;
1404if (
GETPOSTINT(
'dol_hide_topmenu') || !empty($_SESSION[
'dol_hide_topmenu'])) {
1405 $conf->dol_hide_topmenu = 1;
1407if (
GETPOSTINT(
'dol_optimize_smallscreen') || !empty($_SESSION[
'dol_optimize_smallscreen'])) {
1408 $conf->dol_optimize_smallscreen = 1;
1410if (
GETPOSTINT(
'dol_no_mouse_hover') || !empty($_SESSION[
'dol_no_mouse_hover'])) {
1411 $conf->dol_no_mouse_hover = 1;
1413if (
GETPOSTINT(
'dol_use_jmobile') || !empty($_SESSION[
'dol_use_jmobile'])) {
1414 $conf->dol_use_jmobile = 1;
1417if (!empty($conf->browser->layout) && $conf->browser->layout !=
'classic') {
1418 $conf->dol_no_mouse_hover = 1;
1422if ((!empty($conf->browser->layout) && $conf->browser->layout ==
'phone')
1423 || (!empty($_SESSION[
'dol_screenwidth']) && $_SESSION[
'dol_screenwidth'] < 400)
1424 || (!empty($_SESSION[
'dol_screenheight']) && $_SESSION[
'dol_screenheight'] < 400
1427 $conf->dol_optimize_smallscreen = 1;
1430 $conf->global->PRODUIT_DESC_IN_FORM_ACCORDING_TO_DEVICE = 0;
1434if (!empty($conf->dol_use_jmobile) && in_array($conf->theme, array(
'bureau2crea',
'cameleo',
'amarok'))) {
1435 $conf->theme =
'eldy';
1436 $conf->css =
"/theme/".$conf->theme.
"/style.css.php";
1439if (!defined(
'NOREQUIRETRAN')) {
1440 if (!
GETPOST(
'lang',
'aZ09')) {
1442 if (!empty($user->conf->MAIN_LANG_DEFAULT)) {
1445 if ($langs->getDefaultLang() != $user->conf->MAIN_LANG_DEFAULT) {
1446 $langs->setDefaultLang($user->conf->MAIN_LANG_DEFAULT);
1452if (!defined(
'NOLOGIN')) {
1455 if (!$user->login) {
1460 if ($user->statut < 1) {
1462 $langs->loadLangs(array(
"errors",
"other"));
1463 dol_syslog(
"Authentication KO as login is disabled", LOG_NOTICE);
1471dol_syslog(
"--- Access to ".(empty($_SERVER[
"REQUEST_METHOD"]) ?
'' : $_SERVER[
"REQUEST_METHOD"].
' ').$_SERVER[
"PHP_SELF"].
' - action='.
GETPOST(
'action',
'aZ09').
', massaction='.
GETPOST(
'massaction',
'aZ09').(defined(
'NOTOKENRENEWAL') ?
' NOTOKENRENEWAL='.constant(
'NOTOKENRENEWAL') :
''), LOG_NOTICE);
1476if (!defined(
'NOREQUIRETRAN')) {
1478 $langs->loadLangs(array(
'main',
'dict'));
1482$bc = array(0 =>
'class="impair"', 1 =>
'class="pair"');
1483$bcdd = array(0 =>
'class="drag drop oddeven"', 1 =>
'class="drag drop oddeven"');
1484$bcnd = array(0 =>
'class="nodrag nodrop nohover"', 1 =>
'class="nodrag nodrop nohoverpair"');
1485$bctag = array(0 =>
'class="impair tagtr"', 1 =>
'class="pair tagtr"');
1497if (empty($conf->browser->firefox)) {
1498 define(
'ROWS_1', 1);
1499 define(
'ROWS_2', 2);
1500 define(
'ROWS_3', 3);
1501 define(
'ROWS_4', 4);
1502 define(
'ROWS_5', 5);
1503 define(
'ROWS_6', 6);
1504 define(
'ROWS_7', 7);
1505 define(
'ROWS_8', 8);
1506 define(
'ROWS_9', 9);
1508 define(
'ROWS_1', 0);
1509 define(
'ROWS_2', 1);
1510 define(
'ROWS_3', 2);
1511 define(
'ROWS_4', 3);
1512 define(
'ROWS_5', 4);
1513 define(
'ROWS_6', 5);
1514 define(
'ROWS_7', 6);
1515 define(
'ROWS_8', 7);
1516 define(
'ROWS_9', 8);
1519$heightforframes = 50;
1522if (!defined(
'NOREQUIREMENU')) {
1523 if (empty($user->socid)) {
1531 $file_menu = $conf->standard_menu;
1532 if (
GETPOST(
'menu',
'alpha')) {
1533 $file_menu =
GETPOST(
'menu',
'alpha');
1535 if (!class_exists(
'MenuManager')) {
1537 $dirmenus = array_merge(array(
"/core/menus/"), (array) $conf->modules_parts[
'menus']);
1538 foreach ($dirmenus as $dirmenu) {
1540 if (class_exists(
'MenuManager')) {
1544 if (!class_exists(
'MenuManager')) {
1545 dol_syslog(
"You define a menu manager '".$file_menu.
"' that can not be loaded.", LOG_WARNING);
1546 $file_menu =
'eldy_menu.php';
1547 include_once DOL_DOCUMENT_ROOT.
"/core/menus/standard/".$file_menu;
1550 $menumanager =
new MenuManager($db, empty($user->socid) ? 0 : 1);
1554if (!empty(
GETPOST(
'seteventmessages',
'alpha'))) {
1555 $message =
GETPOST(
'seteventmessages',
'alpha');
1556 $messages = explode(
',', $message);
1557 foreach ($messages as $key => $msg) {
1558 $tmp = explode(
':', $msg);
1565if (!function_exists(
"llxHeader")) {
1586 function llxHeader($head =
'', $title =
'', $help_url =
'', $target =
'', $disablejs = 0, $disablehead = 0, $arrayofjs =
'', $arrayofcss =
'', $morequerystring =
'', $morecssonbody =
'', $replacemainareaby =
'', $disablenofollow = 0, $disablenoindex = 0)
1588 global $conf, $hookmanager;
1590 $parameters = array(
1592 'title' => & $title,
1593 'help_url' => & $help_url,
1594 'target' => & $target,
1595 'disablejs' => & $disablejs,
1596 'disablehead' => & $disablehead,
1597 'arrayofjs' => & $arrayofjs,
1598 'arrayofcss' => & $arrayofcss,
1599 'morequerystring' => & $morequerystring,
1600 'morecssonbody' => & $morecssonbody,
1601 'replacemainareaby' => & $replacemainareaby,
1602 'disablenofollow' => & $disablenofollow,
1603 'disablenoindex' => & $disablenoindex
1606 $reshook = $hookmanager->executeHooks(
'llxHeader', $parameters);
1608 print $hookmanager->resPrint;
1613 top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss, 0, $disablenofollow, $disablenoindex);
1615 $tmpcsstouse =
'sidebar-collapse'.($morecssonbody ?
' '.$morecssonbody :
'');
1617 if ($conf->theme ==
'md' && !in_array($conf->browser->layout, array(
'phone',
'tablet')) && !
getDolGlobalString(
'MAIN_OPTIMIZEFORTEXTBROWSER')) {
1619 if ($mainmenu !=
'website') {
1620 $tmpcsstouse = $morecssonbody;
1625 $tmpcsstouse .=
' colorblind-'.strip_tags($conf->global->MAIN_OPTIMIZEFORCOLORBLIND);
1628 print
'<body id="mainbody" class="'.$tmpcsstouse.
'">'.
"\n";
1631 if ((empty($conf->dol_hide_topmenu) ||
GETPOSTINT(
'dol_invisible_topmenu')) && !
GETPOSTINT(
'dol_openinpopup')) {
1632 top_menu($head, $title, $target, $disablejs, $disablehead, $arrayofjs, $arrayofcss, $morequerystring, $help_url);
1635 if (empty($conf->dol_hide_leftmenu) && !
GETPOST(
'dol_openinpopup',
'aZ09')) {
1636 left_menu(array(), $help_url,
'', array(), 1, $title, 1);
1640 if ($replacemainareaby) {
1641 print $replacemainareaby;
1796function top_htmlhead($head, $title =
'', $disablejs = 0, $disablehead = 0, $arrayofjs = array(), $arrayofcss = array(), $disableforlogin = 0, $disablenofollow = 0, $disablenoindex = 0)
1798 global $db, $conf, $langs, $user, $mysoc, $hookmanager;
1802 if (empty($conf->css)) {
1803 $conf->css =
'/theme/eldy/style.css.php';
1806 print
'<!doctype html>'.
"\n";
1808 print
'<html lang="'.substr($langs->defaultlang, 0, 2).
'">'.
"\n";
1811 if (empty($disablehead)) {
1812 if (!is_object($hookmanager)) {
1813 include_once DOL_DOCUMENT_ROOT.
'/core/class/hookmanager.class.php';
1816 $hookmanager->initHooks(array(
"main"));
1818 $ext =
'layout='.(empty($conf->browser->layout) ?
'' : $conf->browser->layout).
'&version='.urlencode(DOL_VERSION);
1822 if (
GETPOST(
'dol_basehref',
'alpha')) {
1823 print
'<base href="'.dol_escape_htmltag(
GETPOST(
'dol_basehref',
'alpha')).
'">'.
"\n";
1827 print
'<meta charset="utf-8">'.
"\n";
1828 print
'<meta name="robots" content="'.($disablenoindex ?
'index' :
'noindex').($disablenofollow ?
',follow' :
',nofollow').
'">'.
"\n";
1829 print
'<meta name="viewport" content="width=device-width, initial-scale=1.0">'.
"\n";
1830 print
'<meta name="author" content="Dolibarr Development Team">'.
"\n";
1831 print
'<meta name="anti-csrf-newtoken" content="'.newToken().
'">'.
"\n";
1832 print
'<meta name="anti-csrf-currenttoken" content="'.currentToken().
'">'.
"\n";
1834 print
'<meta name="MAIN_FEATURES_LEVEL" content="'.getDolGlobalInt(
'MAIN_FEATURES_LEVEL').
'">'.
"\n";
1837 $favicon = DOL_URL_ROOT.
'/theme/dolibarr_256x256_color.png';
1838 if (!empty($mysoc->logo_squarred_mini)) {
1839 $favicon = DOL_URL_ROOT.
'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode(
'logos/thumbs/'.$mysoc->logo_squarred_mini);
1844 if (empty($conf->dol_use_jmobile)) {
1845 print
'<link rel="shortcut icon" type="image/x-icon" href="'.$favicon.
'"/>'.
"\n";
1849 $manifest = DOL_URL_ROOT.
'/theme/'.$conf->theme.
'/manifest.json.php';
1850 $parameters = array(
'manifest' => $manifest);
1851 $resHook = $hookmanager->executeHooks(
'hookSetManifest', $parameters);
1853 $manifest = $hookmanager->resPrint;
1855 $manifest .= $hookmanager->resPrint;
1857 if (!empty($manifest)) {
1858 print
'<link rel="manifest" href="'.$manifest.
'" />'.
"\n";
1863 print
'<meta name="theme-color" content="rgb(' .
getDolGlobalString(
'THEME_ELDY_TOPMENU_BACK1').
')">'.
"\n";
1868 print
'<meta http-equiv="refresh" content="'.GETPOSTINT(
'autorefresh').
'">';
1872 $appli = constant(
'DOL_APPLICATION_TITLE');
1887 $parameters = array(
'title' => $titletoshow);
1888 $result = $hookmanager->executeHooks(
'setHtmlTitle', $parameters);
1890 $titletoshow = $hookmanager->resPrint;
1892 $titletoshow .= $hookmanager->resPrint;
1901 $ext =
'version='.GETPOSTINT(
'version');
1904 if (
GETPOST(
'dol_resetcache')) {
1905 include_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
1909 $themeparam =
'?lang='.$langs->defaultlang.
'&theme='.$conf->theme.(GETPOST(
'optioncss',
'aZ09') ?
'&optioncss='.GETPOST(
'optioncss',
'aZ09', 1) :
'').(empty($user->id) ?
'' : (
'&userid='.$user->id)).
'&entity='.$conf->entity;
1911 $themeparam .= ($ext ?
'&'.$ext :
'').
'&revision='.
getDolGlobalInt(
"MAIN_IHM_PARAMS_REV");
1912 if (GETPOSTISSET(
'dol_hide_topmenu')) {
1913 $themeparam .=
'&dol_hide_topmenu='.GETPOSTINT(
'dol_hide_topmenu');
1915 if (GETPOSTISSET(
'dol_hide_leftmenu')) {
1916 $themeparam .=
'&dol_hide_leftmenu='.GETPOSTINT(
'dol_hide_leftmenu');
1918 if (GETPOSTISSET(
'dol_optimize_smallscreen')) {
1919 $themeparam .=
'&dol_optimize_smallscreen='.GETPOSTINT(
'dol_optimize_smallscreen');
1921 if (GETPOSTISSET(
'dol_no_mouse_hover')) {
1922 $themeparam .=
'&dol_no_mouse_hover='.GETPOSTINT(
'dol_no_mouse_hover');
1924 if (GETPOSTISSET(
'dol_use_jmobile')) {
1925 $themeparam .=
'&dol_use_jmobile='.GETPOSTINT(
'dol_use_jmobile');
1926 $conf->dol_use_jmobile =
GETPOSTINT(
'dol_use_jmobile');
1928 if (GETPOSTISSET(
'THEME_DARKMODEENABLED')) {
1929 $themeparam .=
'&THEME_DARKMODEENABLED='.GETPOSTINT(
'THEME_DARKMODEENABLED');
1931 if (GETPOSTISSET(
'THEME_SATURATE_RATIO')) {
1932 $themeparam .=
'&THEME_SATURATE_RATIO='.GETPOSTINT(
'THEME_SATURATE_RATIO');
1936 print
'<link rel="preconnect" href="https://fonts.gstatic.com">'.
"\n";
1937 print
'<link href="https://fonts.googleapis.com/css2?family=Roboto:wght@200;300;400;500;600&display=swap" rel="stylesheet">'.
"\n";
1940 if (!defined(
'DISABLE_JQUERY') && !$disablejs && $conf->use_javascript_ajax) {
1941 print
'<!-- Includes CSS for JQuery (Ajax library) -->'.
"\n";
1942 $jquerytheme =
'base';
1946 if (constant(
'JS_JQUERY_UI')) {
1947 print
'<link rel="stylesheet" type="text/css" href="'.JS_JQUERY_UI.
'css/'.$jquerytheme.
'/jquery-ui.min.css'.($ext ?
'?'.$ext :
'').
'">'.
"\n";
1949 print
'<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.
'/includes/jquery/css/'.$jquerytheme.
'/jquery-ui.css'.($ext ?
'?'.$ext :
'').
'">'.
"\n";
1951 if (!defined(
'DISABLE_JQUERY_JNOTIFY')) {
1952 print
'<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.
'/includes/jquery/plugins/jnotify/jquery.jnotify-alt.min.css'.($ext ?
'?'.$ext :
'').
'">'.
"\n";
1954 if (!defined(
'DISABLE_SELECT2') && (
getDolGlobalString(
'MAIN_USE_JQUERY_MULTISELECT') || defined(
'REQUIRE_JQUERY_MULTISELECT'))) {
1955 $tmpplugin = !
getDolGlobalString(
'MAIN_USE_JQUERY_MULTISELECT') ? constant(
'REQUIRE_JQUERY_MULTISELECT') : $conf->global->MAIN_USE_JQUERY_MULTISELECT;
1956 print
'<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.
'/includes/jquery/plugins/'.$tmpplugin.
'/dist/css/'.$tmpplugin.
'.css'.($ext ?
'?'.$ext :
'').
'">'.
"\n";
1960 if (!defined(
'DISABLE_FONT_AWSOME')) {
1961 print
'<!-- Includes CSS for font awesome -->'.
"\n";
1962 $fontawesome_directory =
getDolGlobalString(
'MAIN_FONTAWESOME_DIRECTORY',
'/theme/common/fontawesome-5');
1963 print
'<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.$fontawesome_directory.
'/css/all.min.css'.($ext ?
'?'.$ext :
'').
'">'.
"\n";
1966 print
'<!-- Includes CSS for Dolibarr theme -->'.
"\n";
1970 if (!empty($conf->modules_parts[
'theme'])) {
1971 foreach ($conf->modules_parts[
'theme'] as $reldir) {
1974 $themesubdir = $reldir;
1981 print
'<link rel="stylesheet" type="text/css" href="'.$themepath.$themeparam.
'">'.
"\n";
1983 print
'<!-- Includes CSS that does not exists as a workaround of flash bug of chrome -->'.
"\n".
'<link rel="stylesheet" type="text/css" href="filethatdoesnotexiststosolvechromeflashbug">'.
"\n";
1988 print
'<link rel="stylesheet" href="'.DOL_URL_ROOT.
'/includes/leaflet/leaflet.css'.($ext ?
'?'.$ext :
'').
"\">\n";
1989 print
'<link rel="stylesheet" href="'.DOL_URL_ROOT.
'/includes/leaflet/leaflet-geoman.css'.($ext ?
'?'.$ext :
'').
"\">\n";
1993 if (!empty($conf->modules_parts[
'css'])) {
1994 $arraycss = (array) $conf->modules_parts[
'css'];
1995 foreach ($arraycss as $modcss => $filescss) {
1996 $filescss = (array) $filescss;
1997 foreach ($filescss as $cssfile) {
1998 if (empty($cssfile)) {
1999 dol_syslog(
"Warning: module ".$modcss.
" declared a css path file into its descriptor that is empty.", LOG_WARNING);
2003 if ($urlforcss && $urlforcss !=
'/') {
2004 print
'<!-- Includes CSS added by module '.$modcss.
' -->'.
"\n".
'<link rel="stylesheet" type="text/css" href="'.$urlforcss;
2006 if (!preg_match(
'/\.css$/i', $cssfile)) {
2011 dol_syslog(
"Warning: module ".$modcss.
" declared a css path file for a file we can't find.", LOG_WARNING);
2017 if (is_array($arrayofcss)) {
2018 foreach ($arrayofcss as $cssfile) {
2019 if (preg_match(
'/^(http|\/\/)/i', $cssfile)) {
2020 $urltofile = $cssfile;
2024 print
'<!-- Includes CSS added by page -->'.
"\n".
'<link rel="stylesheet" type="text/css" title="default" href="'.$urltofile;
2026 if (!preg_match(
'/\.css$/i', $cssfile)) {
2036 print
'<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.
'/theme/custom.css.php'.($ext ?
'?'.$ext :
'').
'&revision='.
getDolGlobalInt(
"MAIN_IHM_PARAMS_REV").
'">'.
"\n";
2040 if (!defined(
'DISABLE_JQUERY') && !$disablejs && !empty($conf->use_javascript_ajax)) {
2042 print
'<!-- Includes JS for JQuery -->'.
"\n";
2043 if (defined(
'JS_JQUERY') && constant(
'JS_JQUERY')) {
2044 print
'<script nonce="'.getNonce().
'" src="'.JS_JQUERY.
'jquery.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2046 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/js/jquery.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2048 if (defined(
'JS_JQUERY_UI') && constant(
'JS_JQUERY_UI')) {
2049 print
'<script nonce="'.getNonce().
'" src="'.JS_JQUERY_UI.
'jquery-ui.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2051 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/js/jquery-ui.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2054 if (!
getDolGlobalString(
'MAIN_DISABLE_JQUERY_JNOTIFY') && !defined(
'DISABLE_JQUERY_JNOTIFY')) {
2055 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/jnotify/jquery.jnotify.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2058 if (empty($disableforlogin) && !defined(
'DISABLE_JQUERY_TABLEDND')) {
2059 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/tablednd/jquery.tablednd.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2063 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/nnnick/chartjs/dist/chart.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2067 if (
getDolGlobalString(
'MAIN_USE_JQUERY_JEDITABLE') && !defined(
'DISABLE_JQUERY_JEDITABLE')) {
2068 print
'<!-- JS to manage editInPlace feature -->'.
"\n";
2069 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/jeditable/jquery.jeditable.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2070 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/jeditable/jquery.jeditable.ui-datepicker.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2071 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/jeditable/jquery.jeditable.ui-autocomplete.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2072 print
'<script>'.
"\n";
2073 print
'var urlSaveInPlace = \''.DOL_URL_ROOT.
'/core/ajax/saveinplace.php\';'.
"\n";
2074 print
'var urlLoadInPlace = \''.DOL_URL_ROOT.
'/core/ajax/loadinplace.php\';'.
"\n";
2075 print
'var tooltipInPlace = \''.$langs->transnoentities(
'ClickToEdit').
'\';
'."\n"; // Added in title attribute of span
2076 print 'var placeholderInPlace = \
' \';'.
"\n";
2077 print
'var cancelInPlace = \''.$langs->trans(
"Cancel").
'\';
'."\n";
2078 print 'var submitInPlace = \
''.$langs->trans(
'Ok').
'\';
'."\n";
2079 print 'var indicatorInPlace = \
'<img src="'.DOL_URL_ROOT.
"/theme/".$conf->theme.
"/img/working.gif".
'">\';'.
"\n";
2080 print
'var withInPlace = 300;';
2081 print
'</script>'.
"\n";
2082 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/core/js/editinplace.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2083 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/jeditable/jquery.jeditable.ckeditor.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2086 if (
getDolGlobalString(
'MAIN_USE_JQUERY_TIMEPICKER') || defined(
'REQUIRE_JQUERY_TIMEPICKER')) {
2087 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/timepicker/jquery-ui-timepicker-addon.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2088 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/core/js/timepicker.js.php?lang='.$langs->defaultlang.($ext ?
'&'.$ext :
'').
'"></script>'.
"\n";
2090 if (!defined(
'DISABLE_SELECT2') && (
getDolGlobalString(
'MAIN_USE_JQUERY_MULTISELECT') || defined(
'REQUIRE_JQUERY_MULTISELECT'))) {
2092 $tmpplugin = !
getDolGlobalString(
'MAIN_USE_JQUERY_MULTISELECT') ? constant(
'REQUIRE_JQUERY_MULTISELECT') : $conf->global->MAIN_USE_JQUERY_MULTISELECT;
2093 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/'.$tmpplugin.
'/dist/js/'.$tmpplugin.
'.full.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2095 if (!defined(
'DISABLE_MULTISELECT')) {
2096 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/jquery/plugins/multiselect/jquery.multi-select.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2100 if (!$disablejs && !empty($conf->use_javascript_ajax)) {
2102 if (empty($disableforlogin) && (isModEnabled(
'fckeditor') && (!
getDolGlobalString(
'FCKEDITOR_EDITORNAME') ||
getDolGlobalString(
'FCKEDITOR_EDITORNAME') ==
'ckeditor') && !defined(
'DISABLE_CKEDITOR')) || defined(
'FORCE_CKEDITOR')) {
2103 print
'<!-- Includes JS for CKEditor -->'.
"\n";
2104 $pathckeditor = DOL_URL_ROOT.
'/includes/ckeditor/ckeditor/';
2105 $jsckeditor =
'ckeditor.js';
2106 if (constant(
'JS_CKEDITOR')) {
2108 $pathckeditor = constant(
'JS_CKEDITOR');
2110 print
'<script nonce="'.getNonce().
'">';
2111 print
'/* enable ckeditor by main.inc.php */';
2112 print
'var CKEDITOR_BASEPATH = \''.dol_escape_js($pathckeditor).
'\';
'."\n";
2113 print 'var ckeditorConfig = \
''.dol_escape_js(
dol_buildpath($themesubdir.
'/theme/'.$conf->theme.
'/ckeditor/config.js'.($ext ?
'?'.$ext :
''), 1)).
'\';
'."\n"; // $themesubdir='' in standard usage
2114 print 'var ckeditorFilebrowserBrowseUrl = \
''.DOL_URL_ROOT.
'/core/filemanagerdol/browser/default/browser.php?Connector='.DOL_URL_ROOT.
'/core/filemanagerdol/connectors/php/connector.php\';'.
"\n";
2115 print
'var ckeditorFilebrowserImageBrowseUrl = \''.DOL_URL_ROOT.
'/core/filemanagerdol/browser/default/browser.php?Type=Image&Connector='.DOL_URL_ROOT.
'/core/filemanagerdol/connectors/php/connector.php\';'.
"\n";
2116 print
'</script>'.
"\n";
2117 print
'<script src="'.$pathckeditor.$jsckeditor.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2119 if (
GETPOST(
'mode',
'aZ09') ==
'Full_inline') {
2120 print
'CKEDITOR.disableAutoInline = false;'.
"\n";
2122 print
'CKEDITOR.disableAutoInline = true;'.
"\n";
2124 print
'</script>'.
"\n";
2128 if (!defined(
'NOBROWSERNOTIF') && !defined(
'NOREQUIREMENU') && !defined(
'NOLOGIN')) {
2129 $enablebrowsernotif =
false;
2131 $enablebrowsernotif =
true;
2133 if ($conf->browser->layout ==
'phone') {
2134 $enablebrowsernotif =
false;
2136 if ($enablebrowsernotif) {
2137 print
'<!-- Includes JS of Dolibarr (browser layout = '.$conf->browser->layout.
')-->'.
"\n";
2138 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/core/js/lib_notification.js.php'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2143 print
'<!-- Includes JS of Dolibarr -->'.
"\n";
2144 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/core/js/lib_head.js.php?lang='.$langs->defaultlang.($ext ?
'&'.$ext :
'').
'"></script>'.
"\n";
2148 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/leaflet/leaflet.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2149 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/includes/leaflet/leaflet-geoman.min.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2153 if (!empty($conf->modules_parts[
'js'])) {
2154 $arrayjs = (array) $conf->modules_parts[
'js'];
2155 foreach ($arrayjs as $modjs => $filesjs) {
2156 $filesjs = (array) $filesjs;
2157 foreach ($filesjs as $jsfile) {
2160 if ($urlforjs && $urlforjs !=
'/') {
2161 print
'<!-- Include JS added by module '.$modjs.
'-->'.
"\n";
2162 print
'<script nonce="'.getNonce().
'" src="'.$urlforjs.((strpos($jsfile,
'?') ===
false) ?
'?' :
'&').
'lang='.$langs->defaultlang.
'"></script>'.
"\n";
2164 dol_syslog(
"Warning: module ".$modjs.
" declared a js path file for a file we can't find.", LOG_WARNING);
2170 if (is_array($arrayofjs)) {
2171 print
'<!-- Includes JS added by page -->'.
"\n";
2172 foreach ($arrayofjs as $jsfile) {
2173 if (preg_match(
'/^(http|\/\/)/i', $jsfile)) {
2174 print
'<script nonce="'.getNonce().
'" src="'.$jsfile.((strpos($jsfile,
'?') ===
false) ?
'?' :
'&').
'lang='.$langs->defaultlang.
'"></script>'.
"\n";
2176 print
'<script nonce="'.getNonce().
'" src="'.
dol_buildpath($jsfile, 1).((strpos($jsfile,
'?') ===
false) ?
'?' :
'&').
'lang='.$langs->defaultlang.
'"></script>'.
"\n";
2184 $theme_js =
dol_buildpath(
'/theme/'.$conf->theme.
'/'.$conf->theme.
'.js', 0);
2185 if (file_exists($theme_js)) {
2186 print
'<script nonce="'.getNonce().
'" src="'.DOL_URL_ROOT.
'/theme/'.$conf->theme.
'/'.$conf->theme.
'.js'.($ext ?
'?'.$ext :
'').
'"></script>'.
"\n";
2190 if (!empty($head)) {
2197 $parameters = array();
2198 $result = $hookmanager->executeHooks(
'addHtmlHeader', $parameters);
2199 print $hookmanager->resPrint;
2201 print
"</head>\n\n";
2204 $conf->headerdone = 1;
3282function left_menu($menu_array_before, $helppagename =
'', $notused =
'', $menu_array_after = array(), $leftmenuwithoutmainarea = 0, $title =
'', $acceptdelayedhtml = 0)
3284 global $user, $conf, $langs, $db, $form;
3285 global $hookmanager, $menumanager;
3289 if (!empty($menu_array_before)) {
3290 dol_syslog(
"Deprecated parameter menu_array_before was used when calling main::left_menu function. Menu entries of module should now be defined into module descriptor and not provided when calling left_menu.", LOG_WARNING);
3293 if (empty($conf->dol_hide_leftmenu) && (!defined(
'NOREQUIREMENU') || !constant(
'NOREQUIREMENU'))) {
3295 $hookmanager->initHooks(array(
'leftblock'));
3297 print
"\n".
'<!-- Begin side-nav id-left -->'.
"\n".
'<div class="side-nav"><div id="id-left">'.
"\n";
3300 if (!is_object($form)) {
3301 $form =
new Form($db);
3306 if ($conf->browser->layout ==
'phone') {
3307 $conf->global->MAIN_USE_OLD_SEARCH_FORM = 1;
3311 $arrayresult = array();
3312 include DOL_DOCUMENT_ROOT.
'/core/ajax/selectsearchbox.php';
3317 $stringforfirstkey = $langs->trans(
"KeyboardShortcut");
3318 if ($conf->browser->name ==
'chrome') {
3319 $stringforfirstkey .=
' ALT +';
3320 } elseif ($conf->browser->name ==
'firefox') {
3321 $stringforfirstkey .=
' ALT + SHIFT +';
3323 $stringforfirstkey .=
' CTL +';
3327 $textsearch =
'<span class="fa fa-search paddingright pictofixedwidth"></span>'.$langs->trans(
"Search");
3328 $searchform .= $form->selectArrayFilter(
'searchselectcombo', $arrayresult, $selected,
'accesskey="s"', 1, 0, (!
getDolGlobalString(
'MAIN_SEARCHBOX_CONTENT_LOADED_BEFORE_KEY') ? 1 : 0),
'vmenusearchselectcombo', 1, $textsearch, 1, $stringforfirstkey.
' s');
3330 if (is_array($arrayresult)) {
3331 foreach ($arrayresult as $key => $val) {
3332 $searchform .=
printSearchForm($val[
'url'], $val[
'url'], $val[
'label'],
'maxwidth125',
'search_all', (empty($val[
'shortcut']) ?
'' : $val[
'shortcut']),
'searchleft'.$key, $val[
'img']);
3338 $parameters = array(
'searchform' => $searchform);
3339 $reshook = $hookmanager->executeHooks(
'printSearchForm', $parameters);
3340 if (empty($reshook)) {
3341 $searchform .= $hookmanager->resPrint;
3343 $searchform = $hookmanager->resPrint;
3347 if (
getDolGlobalString(
'MAIN_OPTIMIZEFORTEXTBROWSER') || empty($conf->use_javascript_ajax)) {
3348 $urltosearch = DOL_URL_ROOT.
'/core/search_page.php?showtitlebefore=1';
3349 $searchform =
'<div class="blockvmenuimpair blockvmenusearchphone"><div id="divsearchforms1"><a href="'.$urltosearch.
'" accesskey="s" alt="'.
dol_escape_htmltag($langs->trans(
"ShowSearchFields")).
'">'.$langs->trans(
"Search").
'...</a></div></div>';
3350 } elseif ($conf->use_javascript_ajax &&
getDolGlobalString(
'MAIN_USE_OLD_SEARCH_FORM')) {
3351 $searchform =
'<div class="blockvmenuimpair blockvmenusearchphone"><div id="divsearchforms1"><a href="#" alt="'.dol_escape_htmltag($langs->trans(
"ShowSearchFields")).
'">'.$langs->trans(
"Search").
'...</a></div><div id="divsearchforms2" style="display: none">'.$searchform.
'</div>';
3352 $searchform .=
'<script>
3353 jQuery(document).ready(function () {
3354 jQuery("#divsearchforms1").click(function(){
3355 jQuery("#divsearchforms2").toggle();
3359 $searchform .=
'</div>';
3363 $searchform .=
'<script>
3364 jQuery(document).keydown(function(e){
3365 if( e.which === 70 && e.ctrlKey && e.shiftKey ){
3366 console.log(\'control + shift + f : trigger open global-search dropdown\');
3367 openGlobalSearchDropDown();
3369 if( (e.which === 83 || e.which === 115) && e.altKey ){
3370 console.log(\'alt + s : trigger open global-search dropdown\');
3371 openGlobalSearchDropDown();
3375 var openGlobalSearchDropDown = function() {
3376 jQuery("#searchselectcombo").select2(\'open\');
3382 print
'<!-- Begin left menu -->'.
"\n";
3384 print
'<div class="vmenu"'.(getDolGlobalString(
'MAIN_OPTIMIZEFORTEXTBROWSER') ?
' alt="Left menu"' :
'').
'>'.
"\n\n";
3387 $menumanager->menu_array = $menu_array_before;
3388 $menumanager->menu_array_after = $menu_array_after;
3390 $menumanager->showmenu(
'leftdropdown', array(
'searchform' => $searchform));
3392 $menumanager->showmenu(
'left', array(
'searchform' => $searchform));
3397 print
"<!-- Begin Help Block-->\n";
3398 print
'<div id="blockvmenuhelp" class="blockvmenuhelp">'.
"\n";
3402 $doliurl =
'https://www.dolibarr.org';
3404 if (preg_match(
'/fr/i', $langs->defaultlang)) {
3405 $doliurl =
'https://www.dolibarr.fr';
3407 if (preg_match(
'/es/i', $langs->defaultlang)) {
3408 $doliurl =
'https://www.dolibarr.es';
3410 if (preg_match(
'/de/i', $langs->defaultlang)) {
3411 $doliurl =
'https://www.dolibarr.de';
3413 if (preg_match(
'/it/i', $langs->defaultlang)) {
3414 $doliurl =
'https://www.dolibarr.it';
3416 if (preg_match(
'/gr/i', $langs->defaultlang)) {
3417 $doliurl =
'https://www.dolibarr.gr';
3420 $appli = constant(
'DOL_APPLICATION_TITLE');
3424 if (preg_match(
'/\d\.\d/', $appli)) {
3425 if (!preg_match(
'/'.preg_quote(DOL_VERSION).
'/', $appli)) {
3426 $appli .=
" (".DOL_VERSION.
")";
3429 $appli .=
" ".DOL_VERSION;
3432 $appli .=
" ".DOL_VERSION;
3434 print
'<div id="blockvmenuhelpapp" class="blockvmenuhelp">';
3436 print
'<a class="help" target="_blank" rel="noopener noreferrer" href="'.$doliurl.
'">';
3438 print
'<span class="help">';
3446 print
'</div>'.
"\n";
3451 require_once DOL_DOCUMENT_ROOT.
'/core/lib/functions2.lib.php';
3454 $bugbaseurl =
'https://github.com/Dolibarr/dolibarr/issues/new?labels=Bug';
3455 $bugbaseurl .=
'&title=';
3456 $bugbaseurl .= urlencode(
"Bug: ");
3457 $bugbaseurl .=
'&body=';
3458 $bugbaseurl .= urlencode(
"# Instructions\n");
3459 $bugbaseurl .= urlencode(
"*This is a template to help you report good issues. You may use [Github Markdown](https://help.github.com/articles/getting-started-with-writing-and-formatting-on-github/) syntax to format your issue report.*\n");
3460 $bugbaseurl .= urlencode(
"*Please:*\n");
3461 $bugbaseurl .= urlencode(
"- *replace the bracket enclosed texts with meaningful information*\n");
3462 $bugbaseurl .= urlencode(
"- *remove any unused sub-section*\n");
3463 $bugbaseurl .= urlencode(
"\n");
3464 $bugbaseurl .= urlencode(
"\n");
3465 $bugbaseurl .= urlencode(
"# Bug\n");
3466 $bugbaseurl .= urlencode(
"[*Short description*]\n");
3467 $bugbaseurl .= urlencode(
"\n");
3468 $bugbaseurl .= urlencode(
"## Environment\n");
3469 $bugbaseurl .= urlencode(
"- **Version**: ".DOL_VERSION.
"\n");
3470 $bugbaseurl .= urlencode(
"- **OS**: ".php_uname(
's').
"\n");
3471 $bugbaseurl .= urlencode(
"- **Web server**: ".$_SERVER[
"SERVER_SOFTWARE"].
"\n");
3472 $bugbaseurl .= urlencode(
"- **PHP**: ".php_sapi_name().
' '.phpversion().
"\n");
3473 $bugbaseurl .= urlencode(
"- **Database**: ".$db::LABEL.
' '.$db->getVersion().
"\n");
3474 $bugbaseurl .= urlencode(
"- **URL(s)**: ".$_SERVER[
"REQUEST_URI"].
"\n");
3475 $bugbaseurl .= urlencode(
"\n");
3476 $bugbaseurl .= urlencode(
"## Expected and actual behavior\n");
3477 $bugbaseurl .= urlencode(
"[*Verbose description*]\n");
3478 $bugbaseurl .= urlencode(
"\n");
3479 $bugbaseurl .= urlencode(
"## Steps to reproduce the behavior\n");
3480 $bugbaseurl .= urlencode(
"[*Verbose description*]\n");
3481 $bugbaseurl .= urlencode(
"\n");
3482 $bugbaseurl .= urlencode(
"## [Attached files](https://help.github.com/articles/issue-attachments) (Screenshots, screencasts, dolibarr.log, debugging information…)\n");
3483 $bugbaseurl .= urlencode(
"[*Files*]\n");
3484 $bugbaseurl .= urlencode(
"\n");
3486 $bugbaseurl .= urlencode(
"\n");
3487 $bugbaseurl .= urlencode(
"## Report\n");
3495 $parameters = array(
'bugbaseurl' => $bugbaseurl);
3496 $reshook = $hookmanager->executeHooks(
'printBugtrackInfo', $parameters);
3497 if (empty($reshook)) {
3498 $bugbaseurl .= $hookmanager->resPrint;
3500 $bugbaseurl = $hookmanager->resPrint;
3503 print
'<div id="blockvmenuhelpbugreport" class="blockvmenuhelp">';
3504 print
'<a class="help" target="_blank" rel="noopener noreferrer" href="'.$bugbaseurl.
'"><i class="fas fa-bug"></i> '.$langs->trans(
"FindBug").
'</a>';
3509 print
"<!-- End Help Block-->\n";
3513 print
"<!-- End left menu -->\n";
3517 $parameters = array();
3518 $reshook = $hookmanager->executeHooks(
'printLeftBlock', $parameters);
3519 print $hookmanager->resPrint;
3521 print
'</div></div> <!-- End side-nav id-left -->';
3525 print
'<!-- Begin right area -->'.
"\n";
3527 if (empty($leftmenuwithoutmainarea)) {