dolibarr 21.0.0-beta
security2.lib.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2008-2017 Regis Houssin <regis.houssin@inodbox.com>
4 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
5 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 * or see https://www.gnu.org/
20 */
21
37function dol_getwebuser($mode)
38{
39 $t = '?';
40 if ($mode == 'user') {
41 $t = getenv('APACHE_RUN_USER'); // $_ENV['APACHE_RUN_USER'] is empty
42 }
43 if ($mode == 'group') {
44 $t = getenv('APACHE_RUN_GROUP');
45 }
46 return $t;
47}
48
59function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $authmode, $context = '')
60{
61 global $conf, $langs;
62
63 // Check parameters
64 if ($entitytotest == '') {
65 $entitytotest = 1;
66 }
67
68 dol_syslog("checkLoginPassEntity usertotest=".$usertotest." entitytotest=".$entitytotest." authmode=".implode(',', $authmode));
69 $login = '';
70
71 // Validation of login/pass/entity with standard modules
72 if (empty($login)) {
73 $test = true;
74 foreach ($authmode as $mode) {
75 if ($test && $mode && !$login) {
76 // Validation of login/pass/entity for mode $mode
77 $mode = trim($mode);
78 $authfile = 'functions_'.$mode.'.php';
79 $fullauthfile = '';
80
81 $dirlogin = array_merge(array("/core/login"), (array) $conf->modules_parts['login']);
82 foreach ($dirlogin as $reldir) {
83 $dir = dol_buildpath($reldir, 0);
84 $newdir = dol_osencode($dir);
85
86 // Check if file found (do not use dol_is_file to avoid loading files.lib.php)
87 $tmpnewauthfile = $newdir.(preg_match('/\/$/', $newdir) ? '' : '/').$authfile;
88 if (is_file($tmpnewauthfile)) {
89 $fullauthfile = $tmpnewauthfile;
90 }
91 }
92
93 $result = false;
94 if ($fullauthfile) {
95 $result = include_once $fullauthfile;
96 }
97 if ($fullauthfile && $result) {
98 // Call function to check user/password
99 $function = 'check_user_password_'.$mode;
100 $login = call_user_func($function, $usertotest, $passwordtotest, $entitytotest, $context);
101 if ($login && $login != '--bad-login-validity--') {
102 // Login is successful with this method
103 $test = false; // To stop once at first login success
104 $conf->authmode = $mode; // This properties is defined only when logged to say what mode was successfully used
105 /*$dol_tz = GETPOST('tz');
106 $dol_dst = GETPOST('dst');
107 $dol_screenwidth = GETPOST('screenwidth');
108 $dol_screenheight = GETPOST('screenheight');*/
109 }
110 } else {
111 dol_syslog("Authentication KO - failed to load file '".$authfile."'", LOG_ERR);
112 sleep(1);
113 // Load translation files required by the page
114 $langs->loadLangs(array('other', 'main', 'errors'));
115
116 $_SESSION["dol_loginmesg"] = (empty($_SESSION["dol_loginmesg"]) ? '' : $_SESSION["dol_loginmesg"].', ').$langs->transnoentitiesnoconv("ErrorFailedToLoadLoginFileForMode", $mode);
117 }
118 }
119 }
120 }
121
122 return $login;
123}
124
125
126if (!function_exists('dol_loginfunction')) {
136 function dol_loginfunction($langs, $conf, $mysoc)
137 {
138 global $dolibarr_main_demo, $dolibarr_main_force_https;
139 global $db, $hookmanager;
140
141 $langs->loadLangs(array("main", "other", "help", "admin"));
142
143 // Instantiate hooks of thirdparty module only if not already define
144 $hookmanager->initHooks(array('mainloginpage'));
145
146 $main_authentication = $conf->file->main_authentication;
147
148 $session_name = session_name(); // Get current session name
149
150 $dol_url_root = DOL_URL_ROOT;
151
152 // Title
153 $appli = constant('DOL_APPLICATION_TITLE');
154 $title = $appli.(getDolGlobalString('MAIN_OPTIMIZEFORTEXTBROWSER') ? '' : ' '.constant('DOL_VERSION'));
155 if (getDolGlobalString('MAIN_APPLICATION_TITLE')) {
156 $title = getDolGlobalString('MAIN_APPLICATION_TITLE');
157 }
158 $titletruedolibarrversion = constant('DOL_VERSION'); // $title used by login template after the @ to inform of true Dolibarr version
159
160 // Note: $conf->css looks like '/theme/eldy/style.css.php'
161 /*
162 $conf->css = "/theme/".(GETPOST('theme','aZ09')?GETPOST('theme','aZ09'):$conf->theme)."/style.css.php";
163 $themepath=dol_buildpath($conf->css,1);
164 if (!empty($conf->modules_parts['theme'])) // Using this feature slow down application
165 {
166 foreach($conf->modules_parts['theme'] as $reldir)
167 {
168 if (file_exists(dol_buildpath($reldir.$conf->css, 0)))
169 {
170 $themepath=dol_buildpath($reldir.$conf->css, 1);
171 break;
172 }
173 }
174 }
175 $conf_css = $themepath."?lang=".$langs->defaultlang;
176 */
177
178 // Select templates dir
179 $template_dir = '';
180 if (!empty($conf->modules_parts['tpl'])) { // Using this feature slow down application
181 $dirtpls = array_merge($conf->modules_parts['tpl'], array('/core/tpl/'));
182 foreach ($dirtpls as $reldir) {
183 $tmp = dol_buildpath($reldir.'login.tpl.php');
184 if (file_exists($tmp)) {
185 $template_dir = preg_replace('/login\.tpl\.php$/', '', $tmp);
186 break;
187 }
188 }
189 } else {
190 $template_dir = DOL_DOCUMENT_ROOT."/core/tpl/";
191 }
192
193 // Set cookie for timeout management. We set it as a cookie so we will be able to use it to set timeout on next page before the session start
194 // and the conf file is loaded.
195 $prefix = dol_getprefix('');
196 $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix;
197
198 if (getDolGlobalString('MAIN_SESSION_TIMEOUT')) {
199 if (session_status() != PHP_SESSION_ACTIVE) {
200 if (PHP_VERSION_ID < 70300) {
201 session_set_cookie_params(0, '/', null, !(empty($dolibarr_main_force_https) && isHTTPS() === false), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
202 } else {
203 // Only available for php >= 7.3
204 $sessioncookieparams = array(
205 'lifetime' => 0,
206 'path' => '/',
207 //'domain' => '.mywebsite.com', // the dot at the beginning allows compatibility with subdomains
208 'secure' => !(empty($dolibarr_main_force_https) && isHTTPS() === false),
209 'httponly' => true,
210 'samesite' => 'Lax' // None || Lax || Strict
211 );
212 session_set_cookie_params($sessioncookieparams);
213 }
214
215 setcookie($sessiontimeout, getDolGlobalString('MAIN_SESSION_TIMEOUT'), 0, "/", '', !empty($dolibarr_main_force_https), true);
216 }
217 }
218
219 if (GETPOST('urlfrom', 'alpha')) {
220 $_SESSION["urlfrom"] = GETPOST('urlfrom', 'alpha');
221 } else {
222 unset($_SESSION["urlfrom"]);
223 }
224
225 if (!GETPOST("username", 'alpha')) {
226 $focus_element = 'username';
227 } else {
228 $focus_element = 'password';
229 }
230
231 $demologin = '';
232 $demopassword = '';
233 if (!empty($dolibarr_main_demo)) {
234 $tab = explode(',', $dolibarr_main_demo);
235 $demologin = $tab[0];
236 $demopassword = $tab[1];
237 }
238
239 // Execute hook getLoginPageOptions (for table)
240 $parameters = array('entity' => GETPOSTINT('entity'), 'switchentity' => GETPOSTINT('switchentity'));
241 $reshook = $hookmanager->executeHooks('getLoginPageOptions', $parameters); // Note that $action and $object may have been modified by some hooks.
242 $morelogincontent = $hookmanager->resPrint;
243
244 // Execute hook getLoginPageExtraOptions (eg for js)
245 $parameters = array('entity' => GETPOSTINT('entity'), 'switchentity' => GETPOSTINT('switchentity'));
246 $reshook = $hookmanager->executeHooks('getLoginPageExtraOptions', $parameters); // Note that $action and $object may have been modified by some hooks.
247 $moreloginextracontent = $hookmanager->resPrint;
248
249 //Redirect after connection
250 $parameters = array('entity' => GETPOSTINT('entity'), 'switchentity' => GETPOSTINT('switchentity'));
251 $reshook = $hookmanager->executeHooks('redirectAfterConnection', $parameters); // Note that $action and $object may have been modified by some hooks.
252 $php_self = $hookmanager->resPrint;
253
254 // Login
255 $login = (!empty($hookmanager->resArray['username']) ? $hookmanager->resArray['username'] : (GETPOST("username", "alpha") ? GETPOST("username", "alpha") : $demologin));
256 $password = $demopassword;
257
258 // Show logo (search in order: small company logo, large company logo, theme logo, common logo)
259 $width = 0;
260 $urllogo = DOL_URL_ROOT.'/theme/common/login_logo.png';
261
262 if (!empty($mysoc->logo_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small)) {
263 $urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/thumbs/'.$mysoc->logo_small);
264 } elseif (!empty($mysoc->logo) && is_readable($conf->mycompany->dir_output.'/logos/'.$mysoc->logo)) {
265 $urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/'.$mysoc->logo);
266 $width = 128;
267 } elseif (!empty($mysoc->logo_squarred_small) && is_readable($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_squarred_small)) {
268 $urllogo = DOL_URL_ROOT.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode('logos/thumbs/'.$mysoc->logo_squarred_small);
269 } elseif (is_readable(DOL_DOCUMENT_ROOT.'/theme/dolibarr_logo.svg')) {
270 $urllogo = DOL_URL_ROOT.'/theme/dolibarr_logo.svg';
271 }
272
273 // Security graphical code
274 $captcha = '';
275 if (getDolGlobalString('MAIN_SECURITY_ENABLECAPTCHA')) {
276 $captcha = getDolGlobalString('MAIN_SECURITY_ENABLECAPTCHA_HANDLER', 'standard');
277 }
278
279 // Extra link
280 $forgetpasslink = 0;
281 $helpcenterlink = 0;
282 if (!getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK') || getDolGlobalString('MAIN_HELPCENTER_LINKTOUSE')) {
283 if (!getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) {
284 $forgetpasslink = 1;
285 }
286
287 if (getDolGlobalString('MAIN_HELPCENTER_LINKTOUSE')) {
288 $helpcenterlink = 1;
289 }
290 }
291
292 // Home message
293 $main_home = '';
294 if (getDolGlobalString('MAIN_HOME')) {
295 $substitutionarray = getCommonSubstitutionArray($langs);
296 complete_substitutions_array($substitutionarray, $langs);
297 $texttoshow = make_substitutions(getDolGlobalString('MAIN_HOME'), $substitutionarray, $langs);
298
299 $main_home = dol_htmlcleanlastbr($texttoshow);
300 }
301
302 // Google AD
303 $main_google_ad_client = ((getDolGlobalString('MAIN_GOOGLE_AD_CLIENT') && getDolGlobalString('MAIN_GOOGLE_AD_SLOT')) ? 1 : 0);
304
305 // Set jquery theme
306 $dol_loginmesg = (!empty($_SESSION["dol_loginmesg"]) ? $_SESSION["dol_loginmesg"] : '');
307
308 $favicon = DOL_URL_ROOT.'/theme/dolibarr_256x256_color.png';
309 if (!empty($mysoc->logo_squarred_mini)) {
310 $favicon = DOL_URL_ROOT.'/viewimage.php?cache=1&modulepart=mycompany&file='.urlencode('logos/thumbs/'.$mysoc->logo_squarred_mini);
311 }
312 if (getDolGlobalString('MAIN_FAVICON_URL')) {
313 $favicon = getDolGlobalString('MAIN_FAVICON_URL');
314 }
315
316 $jquerytheme = 'base';
317 if (getDolGlobalString('MAIN_USE_JQUERY_THEME')) {
318 $jquerytheme = getDolGlobalString('MAIN_USE_JQUERY_THEME');
319 }
320
321 // Set dol_hide_topmenu, dol_hide_leftmenu, dol_optimize_smallscreen, dol_no_mouse_hover
322 $dol_hide_topmenu = GETPOSTINT('dol_hide_topmenu');
323 $dol_hide_leftmenu = GETPOSTINT('dol_hide_leftmenu');
324 $dol_optimize_smallscreen = GETPOSTINT('dol_optimize_smallscreen');
325 $dol_no_mouse_hover = GETPOSTINT('dol_no_mouse_hover');
326 $dol_use_jmobile = GETPOSTINT('dol_use_jmobile');
327
328 // Include login page template
329 include $template_dir.'login.tpl.php';
330
331 // Global html output events ($mesgs, $errors, $warnings)
333
334 $_SESSION["dol_loginmesg"] = '';
335 }
336}
337
346function makesalt($type = CRYPT_SALT_LENGTH)
347{
348 dol_syslog("makesalt type=".$type);
349 switch ($type) {
350 case 12: // 8 + 4
351 $saltlen = 8;
352 $saltprefix = '$1$';
353 $saltsuffix = '$';
354 break;
355 case 8: // 8 (For compatibility, do not use this)
356 $saltlen = 8;
357 $saltprefix = '$1$';
358 $saltsuffix = '$';
359 break;
360 case 2: // 2
361 default: // by default, fall back on Standard DES (should work everywhere)
362 $saltlen = 2;
363 $saltprefix = '';
364 $saltsuffix = '';
365 break;
366 }
367 $salt = '';
368 while (dol_strlen($salt) < $saltlen) {
369 $salt .= chr(mt_rand(64, 126));
370 }
371
372 $result = $saltprefix.$salt.$saltsuffix;
373 dol_syslog("makesalt return=".$result);
374 return $result;
375}
376
383function encodedecode_dbpassconf($level = 0)
384{
385 dol_syslog("encodedecode_dbpassconf level=".$level, LOG_DEBUG);
386 $config = '';
387 $passwd = '';
388 $passwd_crypted = '';
389
390 if ($fp = fopen(DOL_DOCUMENT_ROOT.'/conf/conf.php', 'r')) {
391 while (!feof($fp)) {
392 $buffer = fgets($fp, 4096);
393
394 $lineofpass = 0;
395
396 $reg = array();
397 $mode = '';
398 if (preg_match('/^[^#]*dolibarr_main_db_encrypted_pass[\s]*=[\s]*(.*)/i', $buffer, $reg)) { // Old way to save encrypted value
399 $val = trim($reg[1]); // This also remove CR/LF
400 $val = preg_replace('/^["\']/', '', $val);
401 $val = preg_replace('/["\'][\s;]*$/', '', $val);
402 if (!empty($val)) {
403 $passwd_crypted = $val;
404 // method dol_encode/dol_decode
405 $val = dol_decode($val);
406 //$val = dolEncrypt($val);
407 $passwd = $val;
408 $lineofpass = 1;
409 }
410 } elseif (preg_match('/^[^#]*dolibarr_main_db_pass[\s]*=[\s]*(.*)/i', $buffer, $reg)) {
411 $val = trim($reg[1]); // This also remove CR/LF
412 $val = preg_replace('/^["\']/', '', $val);
413 $val = preg_replace('/["\'][\s;]*$/', '', $val);
414 if (preg_match('/crypted:/i', $buffer)) {
415 // method dol_encode/dol_decode
416 $mode = 'crypted:';
417 $val = preg_replace('/crypted:/i', '', $val);
418 $passwd_crypted = $val;
419 $val = dol_decode($val);
420 $passwd = $val;
421 } elseif (preg_match('/^dolcrypt:([^:]+):(.*)$/i', $buffer, $reg)) {
422 // method dolEncrypt/dolDecrypt
423 $mode = 'dolcrypt:';
424 $val = preg_replace('/crypted:([^:]+):/i', '', $val);
425 $passwd_crypted = $val;
426 $val = dolDecrypt($buffer);
427 $passwd = $val;
428 } else {
429 $passwd = $val;
430 $mode = 'crypted:';
431 $val = dol_encode($val);
432 $passwd_crypted = $val;
433 // TODO replace with dolEncrypt()
434 // ...
435 }
436 $lineofpass = 1;
437 }
438
439 // Output line
440 if ($lineofpass) {
441 // Add value at end of file
442 if ($level == 0) {
443 $config .= '$dolibarr_main_db_pass=\''.$passwd.'\';'."\n";
444 }
445 if ($level == 1) {
446 $config .= '$dolibarr_main_db_pass=\''.$mode.$passwd_crypted.'\';'."\n";
447 }
448
449 //print 'passwd = '.$passwd.' - passwd_crypted = '.$passwd_crypted;
450 //exit;
451 } else {
452 $config .= $buffer;
453 }
454 }
455 fclose($fp);
456
457 // Write new conf file
458 $file = DOL_DOCUMENT_ROOT.'/conf/conf.php';
459 if ($fp = @fopen($file, 'w')) {
460 fwrite($fp, $config);
461 fflush($fp);
462 fclose($fp);
463 clearstatcache();
464
465 // It's config file, so we set read permission for creator only.
466 // Should set permission to web user and groups for users used by batch
467 //dolChmod($file, '0600');
468
469 return 1;
470 } else {
471 dol_syslog("encodedecode_dbpassconf Failed to open conf.php file for writing", LOG_WARNING);
472 return -1;
473 }
474 } else {
475 dol_syslog("encodedecode_dbpassconf Failed to read conf.php", LOG_ERR);
476 return -2;
477 }
478}
479
489function getRandomPassword($generic = false, $replaceambiguouschars = null, $length = 32)
490{
491 global $db, $conf, $langs, $user;
492
493 $generated_password = '';
494 if ($generic) {
495 $lowercase = "qwertyuiopasdfghjklzxcvbnm";
496 $uppercase = "ASDFGHJKLZXCVBNMQWERTYUIOP";
497 $numbers = "1234567890";
498 $randomCode = "";
499 $nbofchar = round($length / 3);
500 $nbofcharlast = ($length - 2 * $nbofchar);
501 //var_dump($nbofchar.'-'.$nbofcharlast);
502 if (function_exists('random_int')) { // Cryptographic random
503 $max = strlen($lowercase) - 1;
504 for ($x = 0; $x < $nbofchar; $x++) {
505 $tmp = random_int(0, $max);
506 $randomCode .= $lowercase[$tmp];
507 }
508 $max = strlen($uppercase) - 1;
509 for ($x = 0; $x < $nbofchar; $x++) {
510 $tmp = random_int(0, $max);
511 $randomCode .= $uppercase[$tmp];
512 }
513 $max = strlen($numbers) - 1;
514 for ($x = 0; $x < $nbofcharlast; $x++) {
515 $tmp = random_int(0, $max);
516 $randomCode .= $numbers[$tmp];
517 }
518
519 $generated_password = str_shuffle($randomCode);
520 } else {
521 // Old platform, non cryptographic random
522 $max = strlen($lowercase) - 1;
523 for ($x = 0; $x < $nbofchar; $x++) {
524 $tmp = mt_rand(0, $max);
525 $randomCode .= $lowercase[$tmp];
526 }
527 $max = strlen($uppercase) - 1;
528 for ($x = 0; $x < $nbofchar; $x++) {
529 $tmp = mt_rand(0, $max);
530 $randomCode .= $uppercase[$tmp];
531 }
532 $max = strlen($numbers) - 1;
533 for ($x = 0; $x < $nbofcharlast; $x++) {
534 $tmp = mt_rand(0, $max);
535 $randomCode .= $numbers[$tmp];
536 }
537
538 $generated_password = str_shuffle($randomCode);
539 }
540 } elseif (getDolGlobalString('USER_PASSWORD_GENERATED')) {
541 $nomclass = "modGeneratePass".ucfirst($conf->global->USER_PASSWORD_GENERATED);
542 $nomfichier = $nomclass.".class.php";
543 //print DOL_DOCUMENT_ROOT."/core/modules/security/generate/".$nomclass;
544 require_once DOL_DOCUMENT_ROOT."/core/modules/security/generate/".$nomfichier;
545 $genhandler = new $nomclass($db, $conf, $langs, $user);
546 '@phan-var-force ModeleGenPassword $genhandler';
547 $generated_password = $genhandler->getNewGeneratedPassword();
548 unset($genhandler);
549 }
550
551 // Do we have to discard some alphabetic characters ?
552 if (is_array($replaceambiguouschars) && count($replaceambiguouschars) > 0) {
553 $numbers = "ABCDEF";
554 $max = strlen($numbers) - 1;
555 if (function_exists('random_int')) { // Cryptographic random
556 $tmp = random_int(0, $max);
557 $generated_password = str_replace($replaceambiguouschars, $numbers[$tmp], $generated_password);
558 } else {
559 $tmp = mt_rand(0, $max);
560 $generated_password = str_replace($replaceambiguouschars, $numbers[$tmp], $generated_password);
561 }
562 }
563
564 return $generated_password;
565}
566
576function dolJSToSetRandomPassword($htmlname, $htmlnameofbutton = 'generate_token', $generic = 1)
577{
578 global $conf;
579
580 $out = '';
581
582 if (!empty($conf->use_javascript_ajax)) {
583 $out .= "\n".'<!-- Js code to suggest a security key -->';
584 $out .= '<script nonce="'.getNonce().'" type="text/javascript">';
585 $out .= 'jQuery(document).ready(function () {
586 jQuery("#'.dol_escape_js($htmlnameofbutton).'").click(function() {
587 var currenttoken = jQuery("meta[name=anti-csrf-currenttoken]").attr("content");
588 console.log("We click on the button '.dol_escape_js($htmlnameofbutton).' to suggest a key. anti-csrf-currenttoken is "+currenttoken+". We will fill '.dol_escape_js($htmlname).'");
589 jQuery.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
590 action: \'getrandompassword\',
591 generic: '.($generic ? '1' : '0').',
592 token: currenttoken
593 },
594 function(result) {
595 if (jQuery("input#'.dol_escape_js($htmlname).'").attr("type") == "password") {
596 jQuery("input#'.dol_escape_js($htmlname).'").attr("type", "text");
597 }
598 jQuery("#'.dol_escape_js($htmlname).'").val(result);
599 });
600 });
601 });'."\n";
602 $out .= '</script>';
603 }
604
605 return $out;
606}
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
dol_osencode($str)
Return a string encoded into OS filesystem encoding.
isHTTPS()
Return if we are using a HTTPS connection Check HTTPS (no way to be modified by user but may be empty...
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
dol_escape_js($stringtoescape, $mode=0, $noescapebackslashn=0)
Returns text escaped for inclusion into javascript code.
dol_htmlcleanlastbr($stringtodecode)
This function remove all ending and br at end.
dol_htmloutput_events($disabledoutputofmessages=0)
Print formatted messages to output (Used to show messages on html output).
complete_substitutions_array(&$substitutionarray, $outputlangs, $object=null, $parameters=null, $callfunc="completesubstitutionarray")
Complete the $substitutionarray with more entries coming from external module that had set the "subst...
make_substitutions($text, $substitutionarray, $outputlangs=null, $converttextinhtmlifnecessary=0)
Make substitution into a text string, replacing keys with vals from $substitutionarray (oldval=>newva...
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_buildpath($path, $type=0, $returnemptyifnotfound=0)
Return path of url or filesystem.
getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $object=null, $include=null)
Return array of possible common substitutions.
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
conf($dolibarr_main_document_root)
Load conf file (file must exists)
Definition inc.php:420
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
Definition member.php:79
$context
@method int call_trigger(string $triggerName, User $user)
Definition logout.php:42
dolJSToSetRandomPassword($htmlname, $htmlnameofbutton='generate_token', $generic=1)
Output javascript to autoset a generated password using default module into a HTML element.
dol_getwebuser($mode)
Return user/group account of web server.
encodedecode_dbpassconf($level=0)
Encode or decode database password in config file.
checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $authmode, $context='')
Return a login if login/pass was successful.
getRandomPassword($generic=false, $replaceambiguouschars=null, $length=32)
Return a generated password using default module.
if(!function_exists( 'dol_loginfunction')) makesalt($type=CRYPT_SALT_LENGTH)
Initialise the salt for the crypt function.
dol_encode($chain, $key='1')
Encode a string with base 64 algorithm + specific delta change.
dol_decode($chain, $key='1')
Decode a base 64 encoded + specific delta change.
dolDecrypt($chain, $key='')
Decode a string with a symmetric encryption.