diff --git a/ChangeLog b/ChangeLog index 4d184055d28..456ae4978f7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -39,7 +39,9 @@ For users: credit available. - New: Can use variables into the free text on PDF (__TOTAL_TTC_, __TOTAL_VAT...) - New: Increase page loading speed (all changes reported by Google PageSpeed - tool has been added). + tool has been added). +- New: Add support of constant MAIN_ONLY_LOGIN_ALLOWED to allow to lock all + access to any users axcept the one defined in constant. - Fix: "Now" link works when date popup is not used. - Fix: Debug seriously the email notification module. - Fix: Error Call to a member function trans when refusing a supplier order. diff --git a/htdocs/core/conf.class.php b/htdocs/core/conf.class.php index 7e2d6c7a328..242b6114462 100644 --- a/htdocs/core/conf.class.php +++ b/htdocs/core/conf.class.php @@ -36,7 +36,7 @@ */ class Conf { - /** \public */ + /** \public */ //! Object with database handler var $db; //! To store properties found in conf file @@ -71,10 +71,10 @@ class Conf /** - * \brief Load setup values into conf object - * \param $db Handler d'acces base - * \return int < 0 if KO, >= 0 if OK - */ + * \brief Load setup values into conf object (read llx_const) + * \param $db Handler d'acces base + * \return int < 0 if KO, >= 0 if OK + */ function setValues($db) { dol_syslog("Conf::setValues"); @@ -312,7 +312,7 @@ class Conf $this->compta->mode = 'RECETTES-DEPENSES'; // By default if (isset($this->global->COMPTA_MODE)) { // Peut etre 'RECETTES-DEPENSES' ou 'CREANCES-DETTES' - $this->compta->mode = $this->global->COMPTA_MODE; + $this->compta->mode = $this->global->COMPTA_MODE; } // $this->defaulttx @@ -344,17 +344,17 @@ class Conf $this->email_from = $this->global->MAIN_MAIL_EMAIL_FROM; } // $this->notification->email_from = email pour envoi par Dolibarr des notifications - $this->notification->email_from=$this->email_from; + $this->notification->email_from=$this->email_from; if (! empty($this->global->NOTIFICATION_EMAIL_FROM)) { - $this->notification->email_from=$this->global->NOTIFICATION_EMAIL_FROM; + $this->notification->email_from=$this->global->NOTIFICATION_EMAIL_FROM; } // $this->mailing->email_from = email pour envoi par Dolibarr des mailings $this->mailing->email_from=$this->email_from;; if (! empty($this->global->MAILING_EMAIL_FROM)) { - $this->mailing->email_from=$this->global->MAILING_EMAIL_FROM; + $this->mailing->email_from=$this->global->MAILING_EMAIL_FROM; } // Defini MAIN_GRAPH_LIBRARY diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 44ec15bff23..082cb8acd66 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -527,7 +527,7 @@ PDFMerge=PDF Merge Merge=Merge PrintContentArea=Show page to print main content area NoMenu=No sub-menu -WarningYouAreInMaintenanceMode=Warning, you are in a maintenance mode, so only login %s is allowed to connect. +WarningYouAreInMaintenanceMode=Warning, you are in a maintenance mode, so only login %s is allowed to use application at the moment. # Week day Day1=Monday Day2=Tuesday diff --git a/htdocs/langs/fr_FR/main.lang b/htdocs/langs/fr_FR/main.lang index 8421b0e3aa9..37402a02fc3 100644 --- a/htdocs/langs/fr_FR/main.lang +++ b/htdocs/langs/fr_FR/main.lang @@ -526,7 +526,7 @@ PDFMerge=Fusion PDF Merge=Fusion PrintContentArea=Afficher page d'impression de la zone centrale NoMenu=Aucun sous-menu -WarningYouAreInMaintenanceMode=Attention, vous êtes en mode maintenance, aussi seul le login %s est autorisé à se connecter. +WarningYouAreInMaintenanceMode=Attention, vous êtes en mode maintenance, aussi seul le login %s est autorisé à utiliser l'application en ce moment. # Week day Day1=Lundi Day2=Mardi diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index d3806c5dd17..382c1fc2507 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1097,6 +1097,7 @@ function left_menu($menu_array, $helppagename='', $moresearchform='') print "\n"; print '
'."\n"; + if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) print info_admin($langs->trans("WarningYouAreInMaintenanceMode",$conf->global->MAIN_ONLY_LOGIN_ALLOWED)); } diff --git a/htdocs/master.inc.php b/htdocs/master.inc.php index 1fa0d2f4ab4..61891041020 100644 --- a/htdocs/master.inc.php +++ b/htdocs/master.inc.php @@ -58,9 +58,8 @@ error_reporting(E_ALL ^ E_NOTICE); // Include configuration $result=@include_once("conf/conf.php"); -if (! $result && $_SERVER["GATEWAY_INTERFACE"]) +if (! $result && $_SERVER["GATEWAY_INTERFACE"]) // If install not done and we are in a web session { - // If install not done and we are in a web session header("Location: install/index.php"); exit; } @@ -140,7 +139,7 @@ if (empty($dolibarr_main_db_collation)) $dolibarr_main_db_collation='latin1_swed $conf->db->dolibarr_main_db_collation=$dolibarr_main_db_collation; if (empty($dolibarr_main_db_encryption)) $dolibarr_main_db_encryption=0; $conf->db->dolibarr_main_db_encryption = $dolibarr_main_db_encryption; -if (empty($dolibarr_main_db_cryptkey)) $dolibarr_main_db_cryptkey=''; // TODO la cle devra ne doit pas etre stockee sur le serveur +if (empty($dolibarr_main_db_cryptkey)) $dolibarr_main_db_cryptkey=''; $conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey; // Identifiant autres $conf->file->main_authentication = empty($dolibarr_main_authentication)?'':$dolibarr_main_authentication; @@ -177,6 +176,7 @@ if (isset($_SERVER["HTTP_USER_AGENT"])) elseif (eregi('chrome',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='chrome'; elseif (eregi('opera',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='opera'; elseif (eregi('msie',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='ie'; + else $conf->browser->name='unknown'; if (in_array($conf->browser->name,array('firefox','iceweasel'))) $conf->browser->firefox=1; } @@ -209,7 +209,7 @@ if (! defined('NOREQUIREDB')) } // Now database connexion is known, so we can forget password //$dolibarr_main_db_pass=''; // Comment this because this constant is used in a lot of pages -$conf->db->pass=''; // This is to avoid password to be shown in dump +$conf->db->pass=''; // This is to avoid password to be shown in memory/swap dump /* * Creation objet $user @@ -254,7 +254,40 @@ if (! defined('NOREQUIREDB')) } } - $conf->setValues($db); + $conf->setValues($db); // Here we read database (llx_const table) and define $conf->global->XXX var. +} + +// If software has been locked. Only login $conf->global->MAIN_ONLY_LOGIN_ALLOWED is allowed. +if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) +{ + /*print '$_SERVER["GATEWAY_INTERFACE"]='.$_SERVER["GATEWAY_INTERFACE"].'
'; + print 'session_id()='.session_id().'
'; + print '$_SESSION["dol_login"]='.$_SESSION["dol_login"].'
'; + print '$conf->global->MAIN_ONLY_LOGIN_ALLOWED='.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'
'; + exit;*/ + $ok=0; + if ((! session_id() || ! isset($_SESSION["dol_login"])) && ! isset($_POST["username"]) && ! empty($_SERVER["GATEWAY_INTERFACE"])) $ok=1; // We let working pages if not logged and inside a web browser (login form, to allow login by admin) + elseif (isset($_POST["username"]) && $_POST["username"] == $conf->global->MAIN_ONLY_LOGIN_ALLOWED) $ok=1; // We let working pages that is a login submission (login submit, to allow login by admin) + elseif (defined('NOREQUIREDB')) $ok=1; // We let working pages that don't need database access (xxx.css.php) + elseif (defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) $ok=1; // We let working pages that ask to work even if only login enabled (logout.php) + elseif (session_id() && isset($_SESSION["dol_login"]) && $_SESSION["dol_login"] == $conf->global->MAIN_ONLY_LOGIN_ALLOWED) $ok=1; // We let working if user is allowed admin + if (! $ok) + { + if (session_id() && isset($_SESSION["dol_login"]) && $_SESSION["dol_login"] != $conf->global->MAIN_ONLY_LOGIN_ALLOWED) + { + print 'Sorry, your application is offline.'."\n"; + print 'You are logged with user "'.$_SESSION["dol_login"].'" and only administrator user "'.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'" is allowed to connect for the moment.'."\n"; + $nexturl=DOL_URL_ROOT.'/user/logout.php'; + print 'Please try later or click here to disconnect and change login user...'."\n"; + } + else + { + print 'Sorry, your application is offline. Only administrator user "'.$conf->global->MAIN_ONLY_LOGIN_ALLOWED.'" is allowed to connect for the moment.'."\n"; + $nexturl=DOL_URL_ROOT.'/'; + print 'Please try later or click here to change login user...'."\n"; + } + exit; + } } /*