lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix pb of recursive include in website module

Browse Source
This commit is contained in:
Laurent Destailleur 2017-07-20 16:49:20 +02:00
parent 84f621fde3
commit 3b8f60f90e
8 changed files with 115 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
htdocs/core/lib/website.lib.php
View File

@ -64,3 +64,38 @@ function dolWebsiteOutput($content)
print $content;
}
/**
* Clean an HTML page to report only content, so we can include it into another page
* It outputs content of file sanitized from html and body part.
*
* @param string $contentfile Path to file to include (must include website root. Example: 'mywebsite/mypage.php')
* @return void
*/
function dolIncludeHtmlContent($contentfile)
{
global $conf, $db, $langs, $mysoc, $user, $website;
global $includehtmlcontentopened;
$MAXLEVEL=20;
$fullpathfile=DOL_DATA_ROOT.'/websites/'.$contentfile;
//$content = file_get_contents($fullpathfile);
//print preg_replace(array('/^.*<body[^>]*>/ims','/<\/body>.*$/ims'), array('', ''), $content);*/
if (empty($includehtmlcontentopened)) $includehtmlcontentopened=0;
$includehtmlcontentopened++;
if ($includehtmlcontentopened > $MAXLEVEL)
{
print 'ERROR: RECURSIVE CONTENT LEVEL. Depth of recursive call is more than the limit of '.$MAXLEVEL.".\n";
return;
}
$res = include $fullpathfile; // Include because we want to execute code content
if (! $res)
{
print 'ERROR: FAILED TO INCLUDE PAGE '.$contentfile.".\n";
}
$includehtmlcontentopened--;
}

28
htdocs/core/website.inc.php Normal file
View File

@ -0,0 +1,28 @@
<?php
/* Copyright (C) 2013 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* or see http://www.gnu.org/
*/
/**
* \file htdocs/core/website.inc.php
* \brief Common file loaded used by all website pages (after master.inc.php)
* The global variable $website must be defined.
*/
include_once DOL_DOCUMENT_ROOT.'/websites/class/website.class.php';
$website=new Website($db);
$website->fetch(0,$websitekey);

9
htdocs/langs/en_US/website.lang
View File

@ -19,8 +19,9 @@ AddPage=Add page
HomePage=Home Page
PreviewOfSiteNotYetAvailable=Preview of your website <strong>%s</strong> not yet available. You must first add a page.
RequestedPageHasNoContentYet=Requested page with id %s has no content yet, or cache file .tpl.php was removed. Edit content of the page to solve this.
PageDeleted=Page '%s' of website %s deleted
PageAdded=Page '%s' added
PageContent=Page/Content
PageDeleted=Page/Content '%s' of website %s deleted
PageAdded=Page/Content '%s' added
ViewSiteInNewTab=View site in new tab
ViewPageInNewTab=View page in new tab
SetAsHomePage=Set as Home page
@ -29,4 +30,6 @@ ViewWebsiteInProduction=View web site using home URLs
SetHereVirtualHost=If you can create, on your web server (Apache, Nginx, ...), a dedicated Virtual Host with PHP enabled and a Root directory on <strong>%s</strong><br>then enter here the virtual hostname you have created, so the preview can be done also using this direct web server access, and not only using Dolibarr server.
PreviewSiteServedByWebServer=Preview %s in a new tab.<br><br>The %s will be served by an external web server (like Apache, Nginx, IIS). You must install and setup this server before to point to directory:<br><strong>%s</strong><br>URL served by external server:<br><strong>%s</strong>
PreviewSiteServedByDolibarr=Preview %s in a new tab.<br><br>The %s will be served by Dolibarr server so it does not need any extra web server (like Apache, Nginx, IIS) to be installed.<br>The inconvenient is that URL of pages are not user friendly and start with path of your Dolibarr.<br>URL served by Dolibarr:<br><strong>%s</strong><br><br>To use your own external web server to serve this web site, create a virtual host on your web server that point on directory<br><strong>%s</strong><br>then enter the name of this virtual server and click on the other preview button.
NoPageYet=No pages yet
NoPageYet=No pages yet
SyntaxHelp=Help on code syntax
YouCanEditHtmlSource=You can edit HTML source code using the "Source" button in editor. You can also include PHP code into this source using tags <strong>&lt;?php ?&gt;</strong>. The following global variables are available: $conf, $langs, $db, $mysoc, $user, $website.<br>You can also include content of another Page/Content with the following syntax: <strong>&lt;?php dolIncludeHtmlContent($websitekey.'/contentaliastoinclude.php'); ?&gt;</strong>

8
htdocs/public/websites/index.php
View File

@ -47,7 +47,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$error=0;
$website=GETPOST('website', 'alpha');
$websitekey=GETPOST('website', 'alpha');
$pageid=GETPOST('page', 'alpha')?GETPOST('page', 'alpha'):GETPOST('pageid', 'alpha');
$accessallowed = 1;
@ -69,7 +69,7 @@ if (empty($pageid))
require_once DOL_DOCUMENT_ROOT.'/websites/class/websitepage.class.php';
$object=new Website($db);
$object->fetch(0, $website);
$object->fetch(0, $websitekey);
if (empty($object->id))
{
if (empty($pageid))
@ -125,11 +125,11 @@ if ($pageid == 'css') // No more used ?
//if (empty($dolibarr_nocache)) header('Cache-Control: max-age=3600, public, must-revalidate');
//else
header('Cache-Control: no-cache');
$original_file=$dolibarr_main_data_root.'/websites/'.$website.'/styles.css.php';
$original_file=$dolibarr_main_data_root.'/websites/'.$websitekey.'/styles.css.php';
}
else
{
$original_file=$dolibarr_main_data_root.'/websites/'.$website.'/page'.$pageid.'.tpl.php';
$original_file=$dolibarr_main_data_root.'/websites/'.$websitekey.'/page'.$pageid.'.tpl.php';
}
// Find the subdirectory name as the reference

5
htdocs/theme/eldy/style.css.php
View File

@ -3347,6 +3347,11 @@ a.websitebuttonsitepreview img {
width: 26px;
display: inline-block;
}
.websitehelp {
vertical-align: middle;
float: right;
padding-top: 8px;
}
/* ============================================================================== */

6
htdocs/theme/md/style.css.php
View File

@ -3428,7 +3428,11 @@ a.websitebuttonsitepreview img {
.websiteiframenoborder {
border: 0px;
}
.websitehelp {
vertical-align: middle;
float: right;
padding-top: 8px;
}
/* ============================================================================== */
/* Module agenda */

35
htdocs/websites/class/website.class.php
View File

@ -48,11 +48,6 @@ class Website extends CommonObject
*/
public $table_element = 'website';
/**
* @var WebsitePage[] Lines of all pages
*/
public $lines = array();
/**
* @var int
*/
@ -85,13 +80,7 @@ class Website extends CommonObject
* @var string
*/
public $virtualhost;
public $records;
/**
*/
/**
* Constructor
@ -218,7 +207,7 @@ class Website extends CommonObject
$sql .= " t.tms";
$sql .= ' FROM ' . MAIN_DB_PREFIX . $this->table_element . ' as t';
if (null !== $ref) {
$sql .= ' WHERE t.ref = ' . '\'' . $ref . '\'';
$sql .= " WHERE t.ref = '" . $this->db->escape($ref) . "'";
} else {
$sql .= ' WHERE t.rowid = ' . $id;
}
@ -230,7 +219,7 @@ class Website extends CommonObject
$obj = $this->db->fetch_object($resql);
$this->id = $obj->rowid;
$this->entity = $obj->entity;
$this->ref = $obj->ref;
$this->description = $obj->description;
@ -297,7 +286,7 @@ class Website extends CommonObject
if (count($sqlwhere) > 0) {
$sql .= ' WHERE ' . implode(' '.$filtermode.' ', $sqlwhere);
}
if (!empty($sortfield)) {
$sql .= $this->db->order($sortfield,$sortorder);
}
@ -314,7 +303,7 @@ class Website extends CommonObject
$line = new self($this->db);
$line->id = $obj->rowid;
$line->entity = $obj->entity;
$line->ref = $obj->ref;
$line->description = $obj->description;
@ -354,7 +343,7 @@ class Website extends CommonObject
dol_syslog(__METHOD__, LOG_DEBUG);
// Clean parameters
if (isset($this->entity)) {
$this->entity = trim($this->entity);
}
@ -552,7 +541,7 @@ class Website extends CommonObject
$result.= $link . $this->ref . $linkend;
return $result;
}
/**
* Retourne le libelle du status d'un user (actif, inactif)
*
@ -607,8 +596,8 @@ class Website extends CommonObject
if ($status == 0) return $langs->trans('Disabled').' '.img_picto($langs->trans('Disabled'),'statut5');
}
}
/**
* Initialise object with example values
* Id must be 0 if object instance is a specimen
@ -618,9 +607,9 @@ class Website extends CommonObject
public function initAsSpecimen()
{
global $user;
$this->id = 0;
$this->entity = 1;
$this->ref = 'myspecimenwebsite';
$this->description = 'A specimen website';
@ -632,7 +621,7 @@ class Website extends CommonObject
$this->date_creation = dol_now();
$this->tms = dol_now();
}
}

34
htdocs/websites/index.php
View File

@ -245,7 +245,7 @@ if ($action == 'updatecss')
// Html header file
$htmlheadercontent = '<!-- BEGIN DOLIBARR-WEBSITE-ADDED-HEADER -->'."\n";
$htmlheadercontent.= '<!-- File generated to save common html header - YOU CAN MODIFY DIRECTLY THIS FILE. Change affects all pages of website. -->'."\n";
$htmlheadercontent.= '<!-- File generated to save common html header - YOU CAN MODIFY DIRECTLY THE FILE header.html. Change affects all pages of website. -->'."\n";
$htmlheadercontent.= '<!-- END -->'."\n";
$htmlheadercontent.= GETPOST('WEBSITE_HTML_HEADER');
@ -264,7 +264,7 @@ if ($action == 'updatecss')
// Css file
$csscontent = '<!-- BEGIN DOLIBARR-WEBSITE-ADDED-HEADER -->'."\n";
$csscontent.= '<!-- File generated to wrap the css file - YOU CAN MODIFY DIRECTLY THIS FILE. Change affects all pages of website. -->'."\n";
$csscontent.= '<!-- File generated to wrap the css file - YOU CAN MODIFY DIRECTLY THE FILE styles.css.php. Change affects all pages of website. -->'."\n";
$csscontent.= '<?php '."\n";
$csscontent.= "header('Content-type: text/css');\n";
$csscontent.= "?>"."\n";
@ -372,12 +372,13 @@ if ($action == 'updatemeta')
// Now generate the master.inc.php page
dol_syslog("We regenerate the master file");
dol_syslog("We regenerate the master file (because we update meta)");
dol_delete_file($filemaster);
$mastercontent = '<?php'."\n";
$mastercontent.= '// File generated to link to the master file - DO NOT MODIFY - It is just an include'."\n";
$mastercontent.= "if (! defined('USEDOLIBARRSERVER')) require '".DOL_DOCUMENT_ROOT."/master.inc.php';\n";
$mastercontent.= '$website = new WebSite($db)'."\n";
$mastercontent.= '?>'."\n";
$result = file_put_contents($filemaster, $mastercontent);
if (! empty($conf->global->MAIN_UMASK))
@ -565,8 +566,10 @@ if ($action == 'updatecontent' || GETPOST('refreshsite') || GETPOST('refreshpage
$tplcontent ='';
$tplcontent.= "<?php // BEGIN PHP\n";
$tplcontent.= '$websitekey=basename(dirname(__FILE__));'."\n";
$tplcontent.= "if (! defined('USEDOLIBARRSERVER')) { require './master.inc.php'; } // Not already loaded"."\n";
$tplcontent.= "require_once DOL_DOCUMENT_ROOT.'/core/lib/website.lib.php';\n";
$tplcontent.= "require_once DOL_DOCUMENT_ROOT.'/core/website.inc.php';\n";
$tplcontent.= "ob_start();\n";
$tplcontent.= "// END PHP ?>\n";
$tplcontent.= '<html>'."\n";
@ -746,12 +749,9 @@ if (count($object->records) > 0)
$urlext=$virtualurl;
$urlint=$urlwithroot.'/public/websites/index.php?website='.$website;
//if (! empty($object->virtualhost))
//{
print '<a class="websitebuttonsitepreview" id="previewsiteext" href="'.$urlext.'" target="tab'.$website.'" alt="'.dol_escape_htmltag($langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Site"), $langs->transnoentitiesnoconv("Site"), $dataroot, $urlext)).'">';
print $form->textwithpicto('', $langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Site"), $langs->transnoentitiesnoconv("Site"), $dataroot, $urlext?$urlext:$langs->trans("VirtualHostUrlNotDefined")), 1, 'preview_ext');
print '</a>';
//}
print '<a class="websitebuttonsitepreview" id="previewsiteext" href="'.$urlext.'" target="tab'.$website.'ext" alt="'.dol_escape_htmltag($langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Site"), $langs->transnoentitiesnoconv("Site"), $dataroot, $urlext)).'">';
print $form->textwithpicto('', $langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Site"), $langs->transnoentitiesnoconv("Site"), $dataroot, $urlext?$urlext:$langs->trans("VirtualHostUrlNotDefined")), 1, 'preview_ext');
print '</a>';
print '<a class="websitebuttonsitepreview" id="previewsite" href="'.$urlwithroot.'/public/websites/index.php?website='.$website.'" target="tab'.$website.'" alt="'.dol_escape_htmltag($langs->trans("PreviewSiteServedByDolibarr", $langs->transnoentitiesnoconv("Site"), $langs->transnoentitiesnoconv("Site"), $urlint)).'">';
print $form->textwithpicto('', $langs->trans("PreviewSiteServedByDolibarr", $langs->transnoentitiesnoconv("Site"), $langs->transnoentitiesnoconv("Site"), $urlint, $dataroot), 1, 'preview');
@ -822,7 +822,6 @@ if (count($object->records) > 0)
}
print '<input type="submit" class="button" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';
//print $form->selectarray('page', $array);
if ($action == 'preview')
{
@ -843,8 +842,6 @@ if (count($object->records) > 0)
}
}
print '</div>';
print '<div class="websiteselection">';
print '</div>';
print '<div class="websitetools">';
@ -859,7 +856,6 @@ if (count($object->records) > 0)
print '<div class="websiteinputurl">';
print '<input type="text" id="previewpageurl" class="minwidth200imp" name="previewsite" value="'.$pagealias.'" disabled="disabled">';
//print '<input type="submit" class="button" name="previewwebsite" target="tab'.$website.'" value="'.$langs->trans("ViewSiteInNewTab").'">';
$htmltext=$langs->trans("PageNameAliasHelp", $langs->transnoentitiesnoconv("EditPageMeta"));
print $form->textwithpicto('', $htmltext, 1, 'help', '', 0, 2, 'helppagealias');
print '</div>';
@ -867,7 +863,7 @@ if (count($object->records) > 0)
if (! empty($object->virtualhost))
{
$urlext=$virtualurl.'/'.$pagealias.'.php';
print '<a class="websitebuttonsitepreview" id="previewpageext" href="'.$urlext.'" target="tab'.$website.'" alt="'.dol_escape_htmltag($langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Page"), $langs->transnoentitiesnoconv("Page"), $dataroot, $urlext)).'">';
print '<a class="websitebuttonsitepreview" id="previewpageext" href="'.$urlext.'" target="tab'.$website.'ext" alt="'.dol_escape_htmltag($langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Page"), $langs->transnoentitiesnoconv("Page"), $dataroot, $urlext)).'">';
print $form->textwithpicto('', $langs->trans("PreviewSiteServedByWebServer", $langs->transnoentitiesnoconv("Page"), $langs->transnoentitiesnoconv("Page"), $dataroot, $urlext?$urlext:$langs->trans("VirtualHostUrlNotDefined")), 1, 'preview_ext');
print '</a>';
}
@ -894,6 +890,16 @@ if (count($object->records) > 0)
print '</div>';
print '<div class="websitehelp">';
if (GETPOST('editcontent', 'alpha'))
{
$htmltext=$langs->transnoentitiesnoconv("YouCanEditHtmlSource");
print $form->textwithpicto($langs->trans("SyntaxHelp"), $htmltext, 1, 'help', 'inline-block', 0, 2, 'tooltipsubstitution');
}
print '</div>';
if ($action == 'preview')
{
// Adding jquery code to change on the fly url of preview ext