From a4fb16b4f30277c263dc8086b11655289b8c3294 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 14 Sep 2020 00:03:49 +0200
Subject: [PATCH] Add a warning to warn about security leak

---
 htdocs/admin/system/dolibarr.php | 18 ++++++++++--------
 htdocs/langs/en_US/admin.lang    |  1 +
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/htdocs/admin/system/dolibarr.php b/htdocs/admin/system/dolibarr.php
index 0796d934a74..97e7370a148 100644
--- a/htdocs/admin/system/dolibarr.php
+++ b/htdocs/admin/system/dolibarr.php
@@ -376,8 +376,7 @@ foreach ($configfileparameters as $key => $value)
 			print "<td>";
 			if ($newkey == 'dolibarr_main_db_pass') print preg_replace('/./i', '*', ${$newkey});
 			elseif ($newkey == 'dolibarr_main_url_root' && preg_match('/__auto__/', ${$newkey})) print ${$newkey}.' => '.constant('DOL_MAIN_URL_ROOT');
-			elseif ($newkey == 'dolibarr_main_document_root_alt')
-			{
+			elseif ($newkey == 'dolibarr_main_document_root_alt') {
 				$tmparray = explode(',', ${$newkey});
 				$i = 0;
 				foreach ($tmparray as $value2)
@@ -391,9 +390,7 @@ foreach ($configfileparameters as $key => $value)
 					}
 					++$i;
 				}
-			}
-			elseif ($newkey == 'dolibarr_main_instance_unique_id')
-			{
+			} elseif ($newkey == 'dolibarr_main_instance_unique_id') {
 			    //print $conf->file->instance_unique_id;
 			    global $dolibarr_main_cookie_cryptkey;
 			    $valuetoshow = ${$newkey} ? ${$newkey} : $dolibarr_main_cookie_cryptkey; // Use $dolibarr_main_instance_unique_id first then $dolibarr_main_cookie_cryptkey
@@ -402,9 +399,14 @@ foreach ($configfileparameters as $key => $value)
 			        print img_warning("EditConfigFileToAddEntry", 'dolibarr_main_instance_unique_id');
 			    }
 			    print ' &nbsp; <span class="opacitymedium">('.$langs->trans("HashForPing").'='.md5('dolibarr'.$valuetoshow).')</span>';
-			}
-			else
-			{
+			} elseif ($newkey == 'dolibarr_main_prod') {
+				print ${$newkey};
+
+				$valuetoshow = ${$newkey};
+				if (empty($valuetoshow)) {
+					print img_warning($langs->trans('SwitchThisForABetterSecurity'));
+				}
+			} else {
 			    print ${$newkey};
 			}
 			if ($newkey == 'dolibarr_main_url_root' && ${$newkey} != DOL_MAIN_URL_ROOT) print ' (currently overwritten by autodetected value: '.DOL_MAIN_URL_ROOT.')';
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 482f89b30e7..ed10332352c 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -2022,3 +2022,4 @@ MeasuringScaleDesc=The scale is the number of places you have to move the decima
 TemplateAdded=Template added
 TemplateUpdated=Template updated
 TemplateDeleted=Template deleted
+SwitchThisForABetterSecurity=Switching this value to 1 is recommended for more security