dolibarr  19.0.0-dev
index.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3  * Copyright (C) 2003 Eric Seigne <erics@rycks.com>
4  * Copyright (C) 2004-2010 Laurent Destailleur <eldy@users.sourceforge.net>
5  * Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
6  * Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
7  * Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 3 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program. If not, see <https://www.gnu.org/licenses/>.
21  */
22 
29 if (!defined('NOSCANPOSTFORINJECTION')) {
30  define('NOSCANPOSTFORINJECTION', '1'); // Do not check anti CSRF attack test
31 }
32 
33 // Load Dolibarr environment
34 require '../../main.inc.php';
35 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
36 
37 
38 if (!$user->admin) {
39  accessforbidden();
40 }
41 
42 // Load translation files required by the page
43 $langs->loadLangs(array('admin', 'other', 'externalsite'));
44 
45 $action = GETPOST('action', 'aZ09');
46 
47 
48 /*
49  * Actions
50  */
51 
52 // Sauvegardes parametres
53 if ($action == 'update') {
54  $i = 0;
55 
56  $db->begin();
57 
58  $label = GETPOST('EXTERNALSITE_LABEL', 'alphanohtml');
59 
60  // exturl can be an url or a HTML string
61  $exturl = GETPOST('EXTERNALSITE_URL', 'restricthtml');
62  $exturl = dol_string_onlythesehtmltags($exturl, 1, 1, 0, 1, array(), 1);
63  $exturl = dol_string_onlythesehtmlattributes($exturl);
64 
65  $i += dolibarr_set_const($db, 'EXTERNALSITE_LABEL', trim($label), 'chaine', 0, '', $conf->entity);
66  $i += dolibarr_set_const($db, 'EXTERNALSITE_URL', trim($exturl), 'chaine', 0, '', $conf->entity);
67 
68  if ($i >= 2) {
69  $db->commit();
70  setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
71  } else {
72  $db->rollback();
73  setEventMessages($db->lasterror(), null, 'errors');
74  }
75 }
76 
77 
82 llxHeader();
83 
84 $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
85 print load_fiche_titre($langs->trans("ExternalSiteSetup"), $linkback, 'title_setup');
86 print '<br>';
87 
88 print '<span class="opacitymedium">'.$langs->trans("Module100Desc")."</span><br>\n";
89 print '<br>';
90 
91 print '<form name="externalsiteconfig" action="'.$_SERVER["PHP_SELF"].'" method="POST">';
92 print '<input type="hidden" name="token" value="'.newToken().'">';
93 print '<input type="hidden" name="action" value="update">';
94 print "<table class=\"noborder\" width=\"100%\">";
95 
96 print "<tr class=\"liste_titre\">";
97 print "<td width=\"30%\">".$langs->trans("Parameter")."</td>";
98 print "<td>".$langs->trans("Value")."</td>";
99 print "<td>".$langs->trans("Examples")."</td>";
100 print "</tr>";
101 
102 
103 print '<tr class="oddeven">';
104 print '<td class="fieldrequired">'.$langs->trans("Label")."</td>";
105 print "<td><input type=\"text\" class=\"flat\" name=\"EXTERNALSITE_LABEL\" value=\"".(GETPOST('EXTERNALSITE_LABEL', 'alpha') ?GETPOST('EXTERNALSITE_LABEL', 'alpha') : ((empty($conf->global->EXTERNALSITE_LABEL) || $conf->global->EXTERNALSITE_LABEL == 'ExternalSite') ? '' : $conf->global->EXTERNALSITE_LABEL))."\" size=\"12\"></td>";
106 print "<td>".$langs->trans("ExampleMyMenuEntry")."</td>";
107 print "</tr>";
108 
109 
110 print '<tr class="oddeven">';
111 print '<td class="fieldrequired">'.$langs->trans("ExternalSiteURL")."</td>";
112 print '<td><textarea class="flat minwidth500" name="EXTERNALSITE_URL">';
113 
114 $exturl = GETPOST('EXTERNALSITE_URL', 'restricthtml');
115 $exturl = dol_string_onlythesehtmltags($exturl, 1, 1, 0, 1, array(), 1);
116 $exturl = dol_string_onlythesehtmlattributes($exturl);
117 
118 print (GETPOSTISSET('EXTERNALSITE_URL') ? $exturl : (empty($conf->global->EXTERNALSITE_URL) ? '' : $conf->global->EXTERNALSITE_URL));
119 print '</textarea></td>';
120 print "<td>http://localhost/myurl/";
121 print "<br>https://wikipedia.org/";
122 print "<br>&lt;iframe&gt;...&lt;/iframe&gt;";
123 print "</td>";
124 print "</tr>";
125 
126 print "</table>";
127 
128 
129 print $form->buttonsSaveCancel("Save", '');
130 
131 print "</form>\n";
132 
133 llxFooter();
134 
135 $db->close();
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition: admin.lib.php:638
$form
if($cancel &&! $id) if($action=='add' &&! $cancel) if($action=='delete') if($id) $form
Actions.
Definition: card.php:143
load_fiche_titre
load_fiche_titre($titre, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
Definition: functions.lib.php:5477
dol_string_onlythesehtmltags
dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles=1, $removeclassattribute=1, $cleanalsojavascript=0, $allowiframe=0, $allowed_tags=array(), $allowlink=0)
Clean a string to keep only desirable HTML tags.
Definition: functions.lib.php:7118
dol_string_onlythesehtmlattributes
dol_string_onlythesehtmlattributes($stringtoclean, $allowed_attributes=array("allow", "allowfullscreen", "alt", "class", "contenteditable", "data-html", "frameborder", "height", "href", "id", "name", "src", "style", "target", "title", "width"))
Clean a string from some undesirable HTML tags.
Definition: functions.lib.php:7186
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition: functions.lib.php:609
setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
Definition: functions.lib.php:8673
GETPOSTISSET
GETPOSTISSET($paramname)
Return true if we are in a context of submitting the parameter $paramname from a POST of a form.
Definition: functions.lib.php:509
llxFooter
llxFooter()
Footer empty.
Definition: index.php:71
llxHeader
if(!defined('NOTOKENRENEWAL')) if(!defined('NOLOGIN')) if(!defined('NOCSRFCHECK')) if(!defined('NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined('NOREQUIREAJAX')) if(!defined('NOIPCHECK')) if(!defined('NOBROWSERNOTIF')) llxHeader()
Header empty.
Definition: index.php:63
accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition: security.lib.php:1169
Generated on Mon Apr 1 2024 01:00:31 for dolibarr by Doxygen 1.9.1