lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New: Add option MAIN_ONLY_LOGIN_ALLOWED to lock login to any user that is not value of constant.

Browse Source 
For example MAIN_ONLY_LOGIN_ALLOWED=admin will lock login to any login except admin.
This make possible to make maintenance works.
A page to add/remove this constant will be added later in system-tools
This commit is contained in:
Laurent Destailleur 2009-08-30 01:39:40 +00:00
parent 4f4d9ab716
commit 070b160450
6 changed files with 53 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -39,7 +39,9 @@ For users:
credit available.
- New: Can use variables into the free text on PDF (__TOTAL_TTC_, __TOTAL_VAT...)
- New: Increase page loading speed (all changes reported by Google PageSpeed
tool has been added).
tool has been added).
- New: Add support of constant MAIN_ONLY_LOGIN_ALLOWED to allow to lock all
access to any users axcept the one defined in constant.
- Fix: "Now" link works when date popup is not used.
- Fix: Debug seriously the email notification module.
- Fix: Error Call to a member function trans when refusing a supplier order.

18
htdocs/core/conf.class.php
View File

@ -36,7 +36,7 @@
*/
class Conf
{
/** \public */
/** \public */
//! Object with database handler
var $db;
//! To store properties found in conf file
@ -71,10 +71,10 @@ class Conf
/**
* \brief Load setup values into conf object
* \param $db Handler d'acces base
* \return int < 0 if KO, >= 0 if OK
*/
* \brief Load setup values into conf object (read llx_const)
* \param $db Handler d'acces base
* \return int < 0 if KO, >= 0 if OK
*/
function setValues($db)
{
dol_syslog("Conf::setValues");
@ -312,7 +312,7 @@ class Conf
$this->compta->mode = 'RECETTES-DEPENSES'; // By default
if (isset($this->global->COMPTA_MODE)) {
// Peut etre 'RECETTES-DEPENSES' ou 'CREANCES-DETTES'
$this->compta->mode = $this->global->COMPTA_MODE;
$this->compta->mode = $this->global->COMPTA_MODE;
}
// $this->defaulttx
@ -344,17 +344,17 @@ class Conf
$this->email_from = $this->global->MAIN_MAIL_EMAIL_FROM;
}
// $this->notification->email_from = email pour envoi par Dolibarr des notifications
$this->notification->email_from=$this->email_from;
$this->notification->email_from=$this->email_from;
if (! empty($this->global->NOTIFICATION_EMAIL_FROM))
{
$this->notification->email_from=$this->global->NOTIFICATION_EMAIL_FROM;
$this->notification->email_from=$this->global->NOTIFICATION_EMAIL_FROM;
}
// $this->mailing->email_from = email pour envoi par Dolibarr des mailings
$this->mailing->email_from=$this->email_from;;
if (! empty($this->global->MAILING_EMAIL_FROM))
{
$this->mailing->email_from=$this->global->MAILING_EMAIL_FROM;
$this->mailing->email_from=$this->global->MAILING_EMAIL_FROM;
}
// Defini MAIN_GRAPH_LIBRARY

2
htdocs/langs/en_US/main.lang
View File

@ -527,7 +527,7 @@ PDFMerge=PDF Merge
Merge=Merge
PrintContentArea=Show page to print main content area
NoMenu=No sub-menu
WarningYouAreInMaintenanceMode=Warning, you are in a maintenance mode, so only login <b>%s</b> is allowed to connect.
WarningYouAreInMaintenanceMode=Warning, you are in a maintenance mode, so only login <b>%s</b> is allowed to use application at the moment.
# Week day
Day1=Monday
Day2=Tuesday

2
htdocs/langs/fr_FR/main.lang
View File

@ -526,7 +526,7 @@ PDFMerge=Fusion PDF
Merge=Fusion
PrintContentArea=Afficher page d'impression de la zone centrale
NoMenu=Aucun sous-menu
WarningYouAreInMaintenanceMode=Attention, vous êtes en mode maintenance, aussi seul le login <b>%s</b> est autorisé à se connecter.
WarningYouAreInMaintenanceMode=Attention, vous êtes en mode maintenance, aussi seul le login <b>%s</b> est autorisé à utiliser l'application en ce moment.
# Week day
Day1=Lundi
Day2=Mardi

1
htdocs/main.inc.php
View File

@ -1097,6 +1097,7 @@ function left_menu($menu_array, $helppagename='', $moresearchform='')
print "\n";
print '<div class="fiche"> <!-- begin main area -->'."\n";
if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) print info_admin($langs->trans("WarningYouAreInMaintenanceMode",$conf->global->MAIN_ONLY_LOGIN_ALLOWED));
}

43
htdocs/master.inc.php
View File

@ -58,9 +58,8 @@ error_reporting(E_ALL ^ E_NOTICE);
// Include configuration
$result=@include_once("conf/conf.php");
if (! $result && $_SERVER["GATEWAY_INTERFACE"])
if (! $result && $_SERVER["GATEWAY_INTERFACE"]) // If install not done and we are in a web session
{
// If install not done and we are in a web session
header("Location: install/index.php");
exit;
}
@ -140,7 +139,7 @@ if (empty($dolibarr_main_db_collation)) $dolibarr_main_db_collation='latin1_swed
$conf->db->dolibarr_main_db_collation=$dolibarr_main_db_collation;
if (empty($dolibarr_main_db_encryption)) $dolibarr_main_db_encryption=0;
$conf->db->dolibarr_main_db_encryption = $dolibarr_main_db_encryption;
if (empty($dolibarr_main_db_cryptkey)) $dolibarr_main_db_cryptkey=''; // TODO la cle devra ne doit pas etre stockee sur le serveur
if (empty($dolibarr_main_db_cryptkey)) $dolibarr_main_db_cryptkey='';
$conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;
// Identifiant autres
$conf->file->main_authentication = empty($dolibarr_main_authentication)?'':$dolibarr_main_authentication;
@ -177,6 +176,7 @@ if (isset($_SERVER["HTTP_USER_AGENT"]))
elseif (eregi('chrome',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='chrome';
elseif (eregi('opera',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='opera';
elseif (eregi('msie',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='ie';
else $conf->browser->name='unknown';
if (in_array($conf->browser->name,array('firefox','iceweasel'))) $conf->browser->firefox=1;
}
@ -209,7 +209,7 @@ if (! defined('NOREQUIREDB'))
}
// Now database connexion is known, so we can forget password
//$dolibarr_main_db_pass=''; // Comment this because this constant is used in a lot of pages
$conf->db->pass=''; // This is to avoid password to be shown in dump
$conf->db->pass=''; // This is to avoid password to be shown in memory/swap dump
/*
* Creation objet $user
@ -254,7 +254,40 @@ if (! defined('NOREQUIREDB'))
}
}
$conf->setValues($db);
$conf->setValues($db); // Here we read database (llx_const table) and define $conf->global->XXX var.
}
// If software has been locked. Only login $conf->global->MAIN_ONLY_LOGIN_ALLOWED is allowed.
if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED))
{
/*print '$_SERVER["GATEWAY_INTERFACE"]='.$_SERVER["GATEWAY_INTERFACE"].'<br>';
print 'session_id()='.session_id().'<br>';
print '$_SESSION["dol_login"]='.$_SESSION["dol_login"].'<br>';
print '$conf->global->MAIN_ONLY_LOGIN_ALLOWED='.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'<br>';
exit;*/
$ok=0;
if ((! session_id() || ! isset($_SESSION["dol_login"])) && ! isset($_POST["username"]) && ! empty($_SERVER["GATEWAY_INTERFACE"])) $ok=1; // We let working pages if not logged and inside a web browser (login form, to allow login by admin)
elseif (isset($_POST["username"]) && $_POST["username"] == $conf->global->MAIN_ONLY_LOGIN_ALLOWED) $ok=1; // We let working pages that is a login submission (login submit, to allow login by admin)
elseif (defined('NOREQUIREDB')) $ok=1; // We let working pages that don't need database access (xxx.css.php)
elseif (defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) $ok=1; // We let working pages that ask to work even if only login enabled (logout.php)
elseif (session_id() && isset($_SESSION["dol_login"]) && $_SESSION["dol_login"] == $conf->global->MAIN_ONLY_LOGIN_ALLOWED) $ok=1; // We let working if user is allowed admin
if (! $ok)
{
if (session_id() && isset($_SESSION["dol_login"]) && $_SESSION["dol_login"] != $conf->global->MAIN_ONLY_LOGIN_ALLOWED)
{
print 'Sorry, your application is offline.'."\n";
print 'You are logged with user "'.$_SESSION["dol_login"].'" and only administrator user "'.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'" is allowed to connect for the moment.'."\n";
$nexturl=DOL_URL_ROOT.'/user/logout.php';
print 'Please try later or <a href="'.$nexturl.'">click here to disconnect and change login user</a>...'."\n";
}
else
{
print 'Sorry, your application is offline. Only administrator user "'.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'" is allowed to connect for the moment.'."\n";
$nexturl=DOL_URL_ROOT.'/';
print 'Please try later or <a href="'.$nexturl.'">click here to change login user</a>...'."\n";
}
exit;
}
}
/*