NEW Can get some variables (not available by default)

2020-03-17 13:33:21 +01:00 · 2020-03-17 13:33:21 +01:00 · 76fc722638
commit 76fc722638
parent 4f442905b2
2 changed files with 34 additions and 1 deletions
--- a/htdocs/api/class/api_setup.class.php
+++ b/htdocs/api/class/api_setup.class.php
@ -1401,6 +1401,37 @@ class Setup extends DolibarrApi
        return $this->_cleanObjectDatas($mysoc);
    }

+
+    /**
+     * Get value of a setup variables
+     *
+     * Note that conf variables that stores security key or password hashes can't be loaded with API.
+     *
+     * @url	GET /conf
+     *
+     * @param	string			$confname	Name of conf variable to get
+     * @return  array|mixed 				Data without useless information
+     * @throws  RestException	500			Error Bad or unknown value for constname
+     */
+    public function getConf($confname)
+    {
+    	global $conf;
+
+    	if (!DolibarrApiAccess::$user->admin
+    		&& (empty($conf->global->API_LOGIN_ALLOWED_FOR_ADMIN_CHECK) || DolibarrApiAccess::$user->login != $conf->global->API_LOGIN_ALLOWED_FOR_ADMIN_CHECK)) {
+    		throw new RestException(503, 'Error API open to admin users only or to the login user defined with constant API_LOGIN_ALLOWED_FOR_ADMIN_CHECK');
+    	}
+
+    	if (! preg_match('/[^a-zA-Z0-9_]/', $confname) || ! isset($conf->global->$confname)) {
+    		throw new RestException(500, 'Error Bad or unknown value for constname');
+    	}
+    	if (preg_match('/(_pass|password|secret|_key|key$)/i', $confname)) {
+    		throw new RestException(503, 'Forbidden');
+    	}
+
+    	return $conf->global->$confname;
+    }
+
    /**
     * Do a test of integrity for files and setup.
     *
@ -1418,7 +1449,7 @@ class Setup extends DolibarrApi
    	if (!DolibarrApiAccess::$user->admin
    		&& (empty($conf->global->API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK) || DolibarrApiAccess::$user->login != $conf->global->API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK))
    	{
-    		throw new RestException(503, 'Error API open to admin users only or to login user defined with constant API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK');
+    		throw new RestException(503, 'Error API open to admin users only or to the login user defined with constant API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK');
    	}

    	require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@ -6463,6 +6463,7 @@ function make_substitutions($text, $substitutionarray, $outputlangs = null)
 	// Make substitution for language keys: __(AnyTranslationKey)__ or __(AnyTranslationKey|langfile)__
 	if (is_object($outputlangs))
 	{
+		$reg = array();
 		while (preg_match('/__\(([^\)]+)\)__/', $text, $reg))
 		{
 			$msgishtml = 0;
@ -6478,6 +6479,7 @@ function make_substitutions($text, $substitutionarray, $outputlangs = null)

 	// Make substitution for constant keys.
 	// Must be after the substitution of translation, so if the text of translation contains a string __[xxx]__, it is also converted.
+	$reg = array();
 	while (preg_match('/__\[([^\]]+)\]__/', $text, $reg))
 	{
 		$msgishtml = 0;