diff --git a/htdocs/admin/tools/dolibarr_export.php b/htdocs/admin/tools/dolibarr_export.php index 5f3f5c7ea54..5e990709d19 100644 --- a/htdocs/admin/tools/dolibarr_export.php +++ b/htdocs/admin/tools/dolibarr_export.php @@ -65,6 +65,7 @@ if ($action == 'delete') $action = ''; } + /* * View */ @@ -119,7 +120,9 @@ if (in_array($type, array('pgsql'))) { print "});\n"; print "\n"; -print load_fiche_titre($langs->trans("Backup"), '', 'title_setup'); +$title = $langs->trans("Backup"); + +print load_fiche_titre($title, '', 'title_setup'); //print_barre_liste($langs->trans("Backup"), '', '', '', '', '', $langs->trans("BackupDesc",DOL_DATA_ROOT), 0, 0, 'title_setup'); print '
'; @@ -139,7 +142,9 @@ print '
'; print '
'; -print load_fiche_titre($title ? $title : $langs->trans("BackupDumpWizard")); +$title = $langs->trans("BackupDumpWizard"); + +print load_fiche_titre($title); print ''; print ''; diff --git a/htdocs/admin/tools/export.php b/htdocs/admin/tools/export.php index cbe25f0ff75..7ab26f6f6e0 100644 --- a/htdocs/admin/tools/export.php +++ b/htdocs/admin/tools/export.php @@ -122,7 +122,7 @@ $utils = new Utils($db); // MYSQL if ($what == 'mysql') { - $cmddump = GETPOST("mysqldump"); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg + $cmddump = GETPOST("mysqldump", 'none'); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg $cmddump = dol_sanitizePathName($cmddump); if (!empty($dolibarr_main_restrict_os_commands)) @@ -163,7 +163,7 @@ if ($what == 'mysqlnobin') // POSTGRESQL if ($what == 'postgresql') { - $cmddump = GETPOST("postgresqldump"); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg + $cmddump = GETPOST("postgresqldump", 'none'); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg $cmddump = dol_sanitizePathName($cmddump); /* Not required, the command is output on screen but not ran for pgsql diff --git a/htdocs/admin/tools/export_files.php b/htdocs/admin/tools/export_files.php index 485df8c318b..50866534b5b 100644 --- a/htdocs/admin/tools/export_files.php +++ b/htdocs/admin/tools/export_files.php @@ -113,7 +113,7 @@ $utils = new Utils($db); if ($compression == 'zip') { $file .= '.zip'; - $ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, '/(\.log|\/temp\/|documents\/admin\/documents\/)/'); + $ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, '/(\.log|\/temp\/|documents\/admin\/documents\/)/i'); if ($ret < 0) { if ($ret == -2) { diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 61856b73f49..e2c4b605dcc 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -221,25 +221,25 @@ if (!empty($_POST["DOL_AUTOSET_COOKIE"])) } -// Init session. Name of session is specific to Dolibarr instance. -// Note: the function dol_getprefix may have been redefined to return a different key to manage another area to protect. -$prefix = dol_getprefix(''); +// Init the 5 global objects, this include will make the 'new Xxx()' and set properties for: $conf, $db, $langs, $user, $mysoc +require_once 'master.inc.php'; +// Init session. Name of session is specific to Dolibarr instance. +// Must be done after the include of master.inc.php so $conf file is loaded and vars like $dolibarr_main_force_https are set. +// Note: the function dol_getprefix may have been redefined to return a different key to manage another area to protect. +$prefix = dol_getprefix(''); // This uses the $conf file $sessionname = 'DOLSESSID_'.$prefix; $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix; if (!empty($_COOKIE[$sessiontimeout])) ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]); session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start. session_name($sessionname); -// This create lock, released when session_write_close() or end of page. +// This create lock, released by session_write_close() or end of page. // We need this lock as long as we read/write $_SESSION ['vars']. We can remove lock when finished. if (!defined('NOSESSION')) { session_start(); } -// Init the 5 global objects, this include will make the 'new Xxx()' and set properties for: $conf, $db, $langs, $user, $mysoc -require_once 'master.inc.php'; - // Activate end of page function register_shutdown_function('dol_shutdown');