lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

All data from conf file are stored into conf->file->xxx

Browse Source 
Multicompany should be ok to logon with no breaking sessions when disabled
This commit is contained in:
Laurent Destailleur 2009-05-08 01:23:33 +00:00
parent 1eaf133738
commit 326cd8b227
6 changed files with 108 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/actioncomm.class.php
View File

@ -671,7 +671,7 @@ class ActionComm
$resql=$this->db->query($sql);
if ($resql)
{
// Note: Output of sql request is encoded in $conf->character_set_client
// Note: Output of sql request is encoded in $conf->file->character_set_client
while ($obj=$this->db->fetch_object($resql))
{
$qualified=true;

8
htdocs/lib/functions2.lib.php
View File

@ -45,8 +45,8 @@ function dol_print_file($langs,$filename,$searchalt=0)
{
$content=file_get_contents($htmlfile);
$isutf8=utf8_check($content);
if (! $isutf8 && $conf->character_set_client == 'UTF-8') print utf8_encode($content);
elseif ($isutf8 && $conf->character_set_client == 'ISO-8859-1') print utf8_decode($content);
if (! $isutf8 && $conf->file->character_set_client == 'UTF-8') print utf8_encode($content);
elseif ($isutf8 && $conf->file->character_set_client == 'ISO-8859-1') print utf8_decode($content);
else print $content;
return true;
}
@ -62,8 +62,8 @@ function dol_print_file($langs,$filename,$searchalt=0)
{
$content=file_get_contents($htmlfilealt);
$isutf8=utf8_check($content);
if (! $isutf8 && $conf->character_set_client == 'UTF-8') print utf8_encode($content);
elseif ($isutf8 && $conf->character_set_client == 'ISO-8859-1') print utf8_decode($content);
if (! $isutf8 && $conf->file->character_set_client == 'UTF-8') print utf8_encode($content);
elseif ($isutf8 && $conf->file->character_set_client == 'ISO-8859-1') print utf8_decode($content);
else print $content;
return true;
}

57
htdocs/main.inc.php
View File

@ -112,17 +112,18 @@ analyse_sql_injection($_POST);
// This is to make Dolibarr working with Plesk
set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
// Retrieve the entity in login form, and after in the cookie
$entityCookieName = "DOLENTITYID_dolibarr";
if (isset($_POST["entity"])) $_SESSION["dol_entity"] = $_POST["entity"];
if (isset($_COOKIE[$entityCookieName])) $_SESSION["dol_entity"] = $_COOKIE[$entityCookieName];
// Retrieve the entity in login form, and after in the cookie
// Removed: The session has not been initialized yet so using SESSION is forbidden here
//$entityCookieName = "DOLENTITYID_dolibarr";
//if (isset($_POST["entity"])) $_SESSION["dol_entity"] = $_POST["entity"];
//if (isset($_COOKIE[$entityCookieName])) $_SESSION["dol_entity"] = $_COOKIE[$entityCookieName];
// Set and init common variables
// This include will set $conf, $langs and $mysoc objects
// This include will set: $conf, $langs and $mysoc objects
require_once("master.inc.php");
// Check if HTTPS
if ($conf->main_force_https)
if ($conf->file->main_force_https)
{
if (! empty($_SERVER["SCRIPT_URI"])) // If SCRIPT_URI supported by server
{
@ -130,7 +131,7 @@ if ($conf->main_force_https)
{
$newurl=eregi_replace('^http:','https:',$_SERVER["SCRIPT_URI"]);
dol_syslog("dolibarr_main_force_https is on, we make a redirect to ".$newurl,LOG_DEBUG);
dol_syslog("dolibarr_main_force_https is on, we make a redirect to ".$newurl);
header("Location: ".$newurl);
exit;
}
@ -146,7 +147,7 @@ if ($conf->main_force_https)
$newurl='https://'.$domaineport.$_SERVER["REQUEST_URI"];
//print 'eee'.$newurl; exit;
dol_syslog("dolibarr_main_force_https is on, we make a redirect to ".$newurl,LOG_DEBUG);
dol_syslog("dolibarr_main_force_https is on, we make a redirect to ".$newurl);
header("Location: ".$newurl);
exit;
}
@ -166,27 +167,20 @@ if (! empty($conf->global->MAIN_SESSION_TIMEOUT)) ini_set('session.gc_maxlifetim
session_name($sessionname);
session_start();
dol_syslog("Start session name=".$sessionname." Session id()=".session_id().", _SESSION['dol_login']=".(isset($_SESSION["dol_login"])?$_SESSION["dol_login"]:'').", ".ini_get("session.gc_maxlifetime"));
/*
// Retrieve the entity in login form and in the cookie.
// Retrieve the entity in login form or in the cookie.
// This must be after the init of session (session_start) or this create serious pb of corrupted session.
$entityCookieName = "DOLENTITYID_dolibarr";
if (isset($_POST["loginfunction"]) && isset($_POST["entity"]))
/*
$entityCookieName = "DOLENTITYID_dolibarr";
if ((isset($_POST["loginfunction"]) && isset($_POST["entity"])) || isset($_COOKIE[$entityCookieName]))
{
$_SESSION["dol_entity"] = $_POST["entity"];
$_SESSION["dol_entity"] = isset($_POST["entity"])?$_POST["entity"]:$_COOKIE[$entityCookieName];
$conf->entity=$_SESSION["dol_entity"];
dol_syslog("Will work on entity ".$conf->entity);
dol_syslog("We work on entity ".$conf->entity);
// Now we need to reload the conf with the choosed entity
$conf->setValues($db);
}
elseif (isset($_COOKIE[$entityCookieName]))
{
$_SESSION["dol_entity"] = $_COOKIE[$entityCookieName];
$conf->entity=$_SESSION["dol_entity"];
dol_syslog("Will work on entity ".$conf->entity);
// Now we need to reload the conf with the choosed entity
$conf->setValues($db);
}
*/
// Disable modules (this must be after session_start and after conf has been reloaded)
if (! empty($_REQUEST["disablemodules"])) $_SESSION["disablemodules"]=$_REQUEST["disablemodules"];
if (! empty($_SESSION["disablemodules"]))
@ -198,8 +192,9 @@ if (! empty($_SESSION["disablemodules"]))
}
}
/*
* Phase identification
* Phase authentication / login
*/
// $authmode contient la liste des differents modes d'identification a tester par ordre de preference.
@ -396,7 +391,7 @@ else
// Appel des triggers
include_once(DOL_DOCUMENT_ROOT . "/interfaces.class.php");
$interface=new Interfaces($db);
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,$_POST["entity"]);
$result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,(isset($_POST["entity"])?$_POST["entity"]:0));
if ($result < 0) { $error++; }
// Fin appel triggers
@ -413,6 +408,7 @@ if (! isset($_SESSION["dol_login"]))
// New session for this login
$_SESSION["dol_login"]=$user->login;
$_SESSION["dol_authmode"]=$conf->authmode;
if ($conf->multicompany->enabled) $_SESSION["dol_entity"]=$conf->entity;
dol_syslog("This is a new started user session. _SESSION['dol_login']=".$_SESSION["dol_login"].' Session id='.session_id());
$db->begin();
@ -439,6 +435,7 @@ if (! isset($_SESSION["dol_login"]))
}
// Create entity cookie
// TODO Remove this as it is a security hole
if ($conf->multicompany->enabled && isset($_POST["entity"]))
{
$entity = $_POST["entity"];
@ -615,7 +612,6 @@ if (defined("MAIN_NOT_INSTALLED"))
// On charge les fichiers lang principaux
// TODO Optimisation a faire ici
$langs->load("main");
$langs->load("dict");
@ -626,6 +622,10 @@ $user->getrights();
$bc[0]="class=\"impair\"";
$bc[1]="class=\"pair\"";
// Sert uniquement dans module telephonie
$yesno[0]="no";
$yesno[1]="yes";
// Constantes utilisees pour definir le nombre de lignes des textarea
if (! eregi("firefox",$_SERVER["HTTP_USER_AGENT"]))
{
@ -668,7 +668,7 @@ function top_htmlhead($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs
if (empty($conf->css)) $conf->css ='/theme/eldy/eldy.css.php';
//header("Content-type: text/html; charset=UTF-8");
header("Content-type: text/html; charset=".$conf->character_set_client);
header("Content-type: text/html; charset=".$conf->file->character_set_client);
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
//print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd>';
@ -678,7 +678,7 @@ function top_htmlhead($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs
{
print "<head>\n";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=".$conf->character_set_client."\">\n";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=".$conf->file->character_set_client."\">\n";
// Affiche meta
print '<meta name="robots" content="noindex,nofollow">'."\n"; // Evite indexation par robots
@ -848,6 +848,7 @@ function top_menu($head, $title='', $target='')
$htmltext.='<br><b>'.$langs->trans("Type").'</b>: '.($user->societe_id?$langs->trans("External"):$langs->trans("Internal"));
$htmltext.='<br>';
$htmltext.='<br><u>'.$langs->trans("Connection").'</u>';
if ($conf->global->MAIN_MODULE_MULTICOMPANY) $htmltext.='<br><b>'.$langs->trans("ConnectedOnMultiCompany").'</b>: '.$conf->entity.' (user entity '.$user->entity.')';
$htmltext.='<br><b>'.$langs->trans("ConnectedSince").'</b>: '.dol_print_date($user->datelastlogin,"dayhour");
$htmltext.='<br><b>'.$langs->trans("PreviousConnexion").'</b>: '.dol_print_date($user->datepreviouslogin,"dayhour");
$htmltext.='<br><b>'.$langs->trans("AuthenticationMode").'</b>: '.$_SESSION["dol_authmode"];

123
htdocs/master.inc.php
View File

@ -114,10 +114,6 @@ require_once(DOL_DOCUMENT_ROOT."/core/conf.class.php");
$conf = new Conf();
// Retrieve the entity
// Removed: The session has not been initialized yet so using SESSION is forbidden here
if (isset($_SESSION["dol_entity"])) $conf->entity = $_SESSION["dol_entity"];
// Identifiant propres au serveur base de donnee
$conf->db->host = $dolibarr_main_db_host;
if (empty($dolibarr_main_db_port)) $dolibarr_main_db_port=0; // Pour compatibilite avec anciennes configs, si non defini, on prend 'mysql'
@ -134,22 +130,22 @@ $conf->db->prefix = $dolibarr_main_db_prefix;
if (empty($dolibarr_main_db_collation)) $dolibarr_main_db_collation='latin1_swedish_ci';
$conf->db->dolibarr_main_db_collation=$dolibarr_main_db_collation;
// Identifiant autres
$conf->main_authentication = empty($dolibarr_main_authentication)?'':$dolibarr_main_authentication;
$conf->file->main_authentication = empty($dolibarr_main_authentication)?'':$dolibarr_main_authentication;
// Force https
$conf->main_force_https = empty($dolibarr_main_force_https)?'':$dolibarr_main_force_https;
$conf->file->main_force_https = empty($dolibarr_main_force_https)?'':$dolibarr_main_force_https;
// Define charset for HTML Output (can set hidden value force_charset in conf.php file)
if (empty($force_charset_do_notuse)) $force_charset_do_notuse='UTF-8';
$conf->character_set_client=strtoupper($force_charset_do_notuse);
$conf->file->character_set_client=strtoupper($force_charset_do_notuse);
// Define array of document root directories
$conf->dol_document_root=array(DOL_DOCUMENT_ROOT);
$conf->file->dol_document_root=array(DOL_DOCUMENT_ROOT);
if (! empty($dolibarr_main_document_root_alt))
{
// dolibarr_main_document_root_alt contains several directories
$values=split(';',$dolibarr_main_document_root_alt);
foreach($values as $value)
{
$conf->dol_document_root[]=$value;
$conf->file->dol_document_root[]=$value;
}
}
@ -191,9 +187,9 @@ if (! defined('NOREQUIREDB'))
exit;
}
}
// Now database connexion is known we can forget password
//$dolibarr_main_db_pass=''; // Comment this because pass is used in a lot of pages
$conf->db->pass=''; // This is to avoir password to be shown in dump
// Now database connexion is known, so we can forget password
//$dolibarr_main_db_pass=''; // Comment this because this constant is used in a lot of pages
$conf->db->pass=''; // This is to avoid password to be shown in dump
/*
* Creation objet $user
@ -204,56 +200,43 @@ if (! defined('NOREQUIREUSER'))
}
/*
* Chargement objet $conf
* Load object $conf
* After this, all parameters conf->global->CONSTANTS are loaded
*/
if (! defined('NOREQUIREDB'))
{
$entityCookieName="DOLENTITYID_dolibarr";
// Retrieve the entity
if (isset($_POST["loginfunction"]) && isset($_POST["entity"])) // Just after a login page
{
$conf->entity = $_POST["entity"];
}
else if (isset($_COOKIE[$entityCookieName])) // Inside a browser navigation
{
// TODO See to remove this later as it is a security hole
$conf->entity = $_COOKIE[$entityCookieName];
}
elseif (session_id() && isset($_SESSION["dol_entity"])) // Inside an opened session
{
// TODO This is not used for the moment as session is started after for the moment
$conf->entity = $_SESSION["dol_entity"];
}
elseif (isset($_ENV["dol_entity"])) // If inside a CLI script
{
$conf->entity = $_ENV["dol_entity"];
}
$conf->setValues($db);
}
/*
* Set default language (must be after the setValues of $conf)
* Creation objet $mysoc
* Objet Societe qui contient carac de l'institution gérée par Dolibarr.
*/
if (! defined('NOREQUIRETRAN'))
{
$langs->setDefaultLang($conf->global->MAIN_LANG_DEFAULT);
$langs->setPhpLang();
}
/*
* Pour utiliser d'autres versions des librairies externes que les
* versions embarquées dans Dolibarr, définir les constantes adequates:
* Pour FPDF: FPDF_PATH
* Pour PHP_WriteExcel: PHP_WRITEEXCEL_PATH
* Pour MagpieRss: MAGPIERSS_PATH
* Pour PHPlot: PHPLOT_PATH
* Pour JPGraph: JPGRAPH_PATH
* Pour NuSOAP: NUSOAP_PATH
* Pour TCPDF: TCPDF_PATH
*/
// Les path racines
if (! defined('FPDF_PATH')) { define('FPDF_PATH', DOL_DOCUMENT_ROOT .'/includes/fpdf/fpdf/'); }
if (! defined('FPDFI_PATH')) { define('FPDFI_PATH', DOL_DOCUMENT_ROOT .'/includes/fpdf/fpdfi/'); }
if (! defined('MAGPIERSS_PATH')) { define('MAGPIERSS_PATH', DOL_DOCUMENT_ROOT .'/includes/magpierss/'); }
if (! defined('JPGRAPH_PATH')) { define('JPGRAPH_PATH', DOL_DOCUMENT_ROOT .'/includes/jpgraph/'); }
if (! defined('NUSOAP_PATH')) { define('NUSOAP_PATH', DOL_DOCUMENT_ROOT .'/includes/nusoap/lib/'); }
if (! defined('PHP_WRITEEXCEL_PATH')) { define('PHP_WRITEEXCEL_PATH',DOL_DOCUMENT_ROOT .'/includes/php_writeexcel/'); }
if (! defined('PHPEXCELREADER')) { define('PHPEXCELREADER', DOL_DOCUMENT_ROOT .'/includes/phpexcelreader/'); }
// Les autres path
if (! defined('FPDF_FONTPATH')) { define('FPDF_FONTPATH', FPDF_PATH . 'font/'); }
if (! defined('MAGPIE_DIR')) { define('MAGPIE_DIR', MAGPIERSS_PATH); }
if (! defined('MAGPIE_CACHE_DIR')) { define('MAGPIE_CACHE_DIR', $conf->externalrss->dir_temp); }
/*
* Creation objet mysoc
* Objet Societe qui contient carac de l'institution géré par Dolibarr.
*/
if (! defined('NOREQUIRESOC'))
if (! defined('NOREQUIREDB') && ! defined('NOREQUIRESOC'))
{
require_once(DOL_DOCUMENT_ROOT ."/societe.class.php");
$mysoc=new Societe($db);
$mysoc->id=0;
$mysoc->nom=$conf->global->MAIN_INFO_SOCIETE_NOM;
$mysoc->adresse=$conf->global->MAIN_INFO_SOCIETE_ADRESSE;
@ -304,10 +287,40 @@ if (! defined('NOREQUIRESOC'))
$mysoc->logo_mini=$conf->global->MAIN_INFO_SOCIETE_LOGO_MINI;
}
// Sert uniquement dans module telephonie
$yesno[0]="no";
$yesno[1]="yes";
if ( ! defined('MAIN_LABEL_MENTION_NPR') ) define('MAIN_LABEL_MENTION_NPR','NPR');
/*
* Set default language (must be after the setValues of $conf)
*/
if (! defined('NOREQUIRETRAN'))
{
$langs->setDefaultLang($conf->global->MAIN_LANG_DEFAULT);
$langs->setPhpLang();
}
/*
* Pour utiliser d'autres versions des librairies externes que les
* versions embarquées dans Dolibarr, définir les constantes adequates:
* Pour FPDF: FPDF_PATH
* Pour PHP_WriteExcel: PHP_WRITEEXCEL_PATH
* Pour MagpieRss: MAGPIERSS_PATH
* Pour PHPlot: PHPLOT_PATH
* Pour JPGraph: JPGRAPH_PATH
* Pour NuSOAP: NUSOAP_PATH
* Pour TCPDF: TCPDF_PATH
*/
// Les path racines
if (! defined('FPDF_PATH')) { define('FPDF_PATH', DOL_DOCUMENT_ROOT .'/includes/fpdf/fpdf/'); }
if (! defined('FPDFI_PATH')) { define('FPDFI_PATH', DOL_DOCUMENT_ROOT .'/includes/fpdf/fpdfi/'); }
if (! defined('MAGPIERSS_PATH')) { define('MAGPIERSS_PATH', DOL_DOCUMENT_ROOT .'/includes/magpierss/'); }
if (! defined('JPGRAPH_PATH')) { define('JPGRAPH_PATH', DOL_DOCUMENT_ROOT .'/includes/jpgraph/'); }
if (! defined('NUSOAP_PATH')) { define('NUSOAP_PATH', DOL_DOCUMENT_ROOT .'/includes/nusoap/lib/'); }
if (! defined('PHP_WRITEEXCEL_PATH')) { define('PHP_WRITEEXCEL_PATH',DOL_DOCUMENT_ROOT .'/includes/php_writeexcel/'); }
if (! defined('PHPEXCELREADER')) { define('PHPEXCELREADER', DOL_DOCUMENT_ROOT .'/includes/phpexcelreader/'); }
// Les autres path
if (! defined('FPDF_FONTPATH')) { define('FPDF_FONTPATH', FPDF_PATH . 'font/'); }
if (! defined('MAGPIE_DIR')) { define('MAGPIE_DIR', MAGPIERSS_PATH); }
if (! defined('MAGPIE_CACHE_DIR')) { define('MAGPIE_CACHE_DIR', $conf->externalrss->dir_temp); }
if (! defined('MAIN_LABEL_MENTION_NPR') ) define('MAIN_LABEL_MENTION_NPR','NPR');
?>

10
htdocs/translate.class.php
View File

@ -54,12 +54,12 @@ class Translate {
function Translate($dir = "",$conf)
{
// If charset output is forced
if (! empty($conf->character_set_client))
if (! empty($conf->file->character_set_client))
{
$this->charset_output=$conf->character_set_client;
$this->charset_output=$conf->file->character_set_client;
}
if ($dir) $this->dir=array($dir);
else $this->dir=$conf->dol_document_root;
else $this->dir=$conf->file->dol_document_root;
}
@ -356,7 +356,7 @@ class Translate {
$newstr=ereg_replace('<','__lt__',$str);
$newstr=ereg_replace('>','__gt__',$newstr);
$newstr=ereg_replace('"','__quot__',$newstr);
$newstr=$this->convToOutputCharset($newstr); // Convert string to $this->charset_output
// Cryptage en html de la chaine
@ -470,7 +470,7 @@ class Translate {
/**
* \brief Convert a string into output charset (this->charset_output that should be defined to conf->character_set_client)
* \brief Convert a string into output charset (this->charset_output that should be defined to conf->file->character_set_client)
* \param str String to convert
* \param pagecodefrom Page code of src string
* \return string Converted string

2
htdocs/viewimage.php
View File

@ -336,7 +336,7 @@ if ($modulepart == 'barcode')
$readable=$_GET["readable"]?$_GET["readable"]:"Y";
// Output files with barcode generators
foreach ($conf->dol_document_root as $dirroot)
foreach ($conf->file->dol_document_root as $dirroot)
{
$dir=$dirroot . "/includes/modules/barcode/";
$result=@include_once($dir.$generator.".modules.php");