lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #23279 from frederic34/fixwarnings

Browse Source 
fix warnings
This commit is contained in:
Laurent Destailleur 2022-12-21 20:01:48 +01:00 committed by GitHub
commit b281924f03
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 115 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/adherents/canvas/default/actions_adherentcard_default.class.php
View File

@ -112,7 +112,7 @@ class ActionsAdherentCardDefault extends ActionsAdherentCardCommon
$this->tpl['actionsdone'] = show_actions_done($conf, $langs, $db, $objsoc, $this->object, 1);
} else {
// Confirm delete contact
if ($action == 'delete' && $user->rights->adherent->supprimer) {
if ($action == 'delete' && $user->hasRight('adherent', 'supprimer')) {
$this->tpl['action_delete'] = $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$this->object->id, $langs->trans("DeleteAdherent"), $langs->trans("ConfirmDeleteAdherent"), "confirm_delete", '', 0, 1);
}
}

6
htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php
View File

@ -128,12 +128,12 @@ if (empty($user->socid)) {
echo '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
}
if (!$this->control->tpl['user_id'] && $user->rights->user->user->creer) {
if (!$this->control->tpl['user_id'] && $user->hasRight('user', 'user', 'creer')) {
echo '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
}
if ($user->rights->adherent->supprimer) {
print dolGetButtonAction($langs->trans("Delete"), '', 'delete', $_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas, 'delete', $user->rights->adherent->supprimer);
if ($user->hasRight('adherent', 'supprimer')) {
print dolGetButtonAction($langs->trans("Delete"), '', 'delete', $_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas, 'delete', $user->hasRight('adherent', 'supprimer'));
}
echo '</div><br>';

54
htdocs/adherents/card.php
View File

@ -6,7 +6,7 @@
* Copyright (C) 2012 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2012-2020 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2015-2018 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2022 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
@ -305,23 +305,23 @@ if (empty($reshook)) {
$object->phone = trim(GETPOST("phone", 'alpha'));
$object->phone_perso = trim(GETPOST("phone_perso", 'alpha'));
$object->phone_mobile = trim(GETPOST("phone_mobile", 'alpha'));
$object->email = preg_replace('/\s+/', '', GETPOST("member_email", 'alpha'));
$object->url = trim(GETPOST('member_url', 'custom', 0, FILTER_SANITIZE_URL));
$object->email = preg_replace('/\s+/', '', GETPOST("member_email", 'alpha'));
$object->url = trim(GETPOST('member_url', 'custom', 0, FILTER_SANITIZE_URL));
$object->socialnetworks = array();
foreach ($socialnetworks as $key => $value) {
if (GETPOSTISSET($key) && GETPOST($key, 'alphanohtml') != '') {
$object->socialnetworks[$key] = trim(GETPOST($key, 'alphanohtml'));
}
}
//$object->skype = trim(GETPOST("skype", 'alpha'));
//$object->twitter = trim(GETPOST("twitter", 'alpha'));
//$object->facebook = trim(GETPOST("facebook", 'alpha'));
//$object->linkedin = trim(GETPOST("linkedin", 'alpha'));
$object->birth = $birthdate;
//$object->skype = trim(GETPOST("skype", 'alpha'));
//$object->twitter = trim(GETPOST("twitter", 'alpha'));
//$object->facebook = trim(GETPOST("facebook", 'alpha'));
//$object->linkedin = trim(GETPOST("linkedin", 'alpha'));
$object->birth = $birthdate;
$object->default_lang = GETPOST('default_lang', 'alpha');
$object->typeid = GETPOST("typeid", 'int');
//$object->note = trim(GETPOST("comment","alpha"));
$object->morphy = GETPOST("morphy", 'alpha');
$object->typeid = GETPOST("typeid", 'int');
//$object->note = trim(GETPOST("comment","alpha"));
$object->morphy = GETPOST("morphy", 'alpha');
if (GETPOST('deletephoto', 'alpha')) {
$object->photo = '';
@ -330,8 +330,8 @@ if (empty($reshook)) {
}
// Get status and public property
$object->statut = GETPOST("statut", 'alpha');
$object->public = GETPOST("public", 'alpha');
$object->statut = GETPOST("statut", 'alpha');
$object->public = GETPOST("public", 'alpha');
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost(null, $object, '@GETPOSTISSET');
@ -342,7 +342,7 @@ if (empty($reshook)) {
// Check if we need to also synchronize user information
$nosyncuser = 0;
if ($object->user_id) { // If linked to a user
if ($user->id != $object->user_id && empty($user->rights->user->user->creer)) {
if ($user->id != $object->user_id && !$user->hasRight('user', 'user', 'creer')) {
$nosyncuser = 1; // Disable synchronizing
}
}
@ -350,7 +350,7 @@ if (empty($reshook)) {
// Check if we need to also synchronize password information
$nosyncuserpass = 0;
if ($object->user_id) { // If linked to a user
if ($user->id != $object->user_id && empty($user->rights->user->user->password)) {
if ($user->id != $object->user_id && !$user->hasRight('user', 'user', 'password')) {
$nosyncuserpass = 1; // Disable synchronizing
}
}
@ -454,7 +454,7 @@ if (empty($reshook)) {
// $facebook=GETPOST("member_facebook", 'alpha');
// $linkedin=GETPOST("member_linkedin", 'alpha');
$email = preg_replace('/\s+/', '', GETPOST("member_email", 'alpha'));
$url = trim(GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL));
$url = trim(GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL));
$login = GETPOST("member_login", 'alphanohtml');
$pass = GETPOST("password", 'none'); // For password, we use 'none'
$photo = GETPOST("photo", 'alphanohtml');
@ -659,7 +659,7 @@ if (empty($reshook)) {
$outputlangs->loadLangs(array("main", "members", "companies", "install", "other"));
// Get email content from template
$arraydefaultmessage = null;
$labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION;
$labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION');
if (!empty($labeltouse)) {
$arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse);
@ -731,7 +731,7 @@ if (empty($reshook)) {
$outputlangs->loadLangs(array("main", "members", "companies", "install", "other"));
// Get email content from template
$arraydefaultmessage = null;
$labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_CANCELATION;
$labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_CANCELATION');
if (!empty($labeltouse)) {
$arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse);
@ -802,7 +802,7 @@ if (empty($reshook)) {
$outputlangs->loadLangs(array("main", "members", "companies", "install", "other"));
// Get email content from template
$arraydefaultmessage = null;
$labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_EXCLUSION;
$labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_EXCLUSION');
if (!empty($labeltouse)) {
$arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse);
@ -1524,7 +1524,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) {
$subject = $arraydefaultmessage->topic;
$msg = $arraydefaultmessage->content;
$msg = $arraydefaultmessage->content;
}
$substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object);
@ -1533,10 +1533,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnValid()), $substitutionarray, $outputlangs);
$tmp = $langs->trans("SendingAnEMailToMember");
$tmp .= '<br>'.$langs->trans("MailFrom").': <b>'.$conf->global->ADHERENT_MAIL_FROM.'</b>, ';
$tmp .= '<br>'.$langs->trans("MailFrom").': <b>'.getDolGlobalString('ADHERENT_MAIL_FROM').'</b>, ';
$tmp .= '<br>'.$langs->trans("MailRecipient").': <b>'.$object->email.'</b>';
$helpcontent = '';
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.$conf->global->ADHERENT_MAIL_FROM.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.getDolGlobalString('ADHERENT_MAIL_FROM').'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailRecipient").'</b>: '.$object->email.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("Subject").'</b>:<br>'."\n";
$helpcontent .= $subjecttosend."\n";
@ -1596,10 +1596,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnResiliate()), $substitutionarray, $outputlangs);
$tmp = $langs->trans("SendingAnEMailToMember");
$tmp .= '<br>('.$langs->trans("MailFrom").': <b>'.$conf->global->ADHERENT_MAIL_FROM.'</b>, ';
$tmp .= '<br>('.$langs->trans("MailFrom").': <b>'.getDolGlobalString('ADHERENT_MAIL_FROM').'</b>, ';
$tmp .= $langs->trans("MailRecipient").': <b>'.$object->email.'</b>)';
$helpcontent = '';
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.$conf->global->ADHERENT_MAIL_FROM.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.getDolGlobalString('ADHERENT_MAIL_FROM').'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailRecipient").'</b>: '.$object->email.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("Subject").'</b>:<br>'."\n";
$helpcontent .= $subjecttosend."\n";
@ -1639,7 +1639,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$outputlangs->loadLangs(array("main", "members"));
// Get email content from template
$arraydefaultmessage = null;
$labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_EXCLUSION;
$labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_EXCLUSION');
if (!empty($labeltouse)) {
$arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse);
@ -1656,10 +1656,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnExclude()), $substitutionarray, $outputlangs);
$tmp = $langs->trans("SendingAnEMailToMember");
$tmp .= '<br>('.$langs->trans("MailFrom").': <b>'.$conf->global->ADHERENT_MAIL_FROM.'</b>, ';
$tmp .= '<br>('.$langs->trans("MailFrom").': <b>'.getDolGlobalString('ADHERENT_MAIL_FROM').'</b>, ';
$tmp .= $langs->trans("MailRecipient").': <b>'.$object->email.'</b>)';
$helpcontent = '';
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.$conf->global->ADHERENT_MAIL_FROM.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.getDolGlobalString('ADHERENT_MAIL_FROM').'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailRecipient").'</b>: '.$object->email.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("Subject").'</b>:<br>'."\n";
$helpcontent .= $subjecttosend."\n";

6
htdocs/adherents/class/adherent.class.php
View File

@ -445,8 +445,8 @@ class Adherent extends CommonObject
// Envoi mail confirmation
$from = $conf->email_from;
if (!empty($conf->global->ADHERENT_MAIL_FROM)) {
$from = $conf->global->ADHERENT_MAIL_FROM;
if (!empty(getDolGlobalString('ADHERENT_MAIL_FROM'))) {
$from = getDolGlobalString('ADHERENT_MAIL_FROM');
}
$trackid = 'mem'.$this->id;
@ -3051,7 +3051,7 @@ class Adherent extends CommonObject
$subject = make_substitutions($arraydefaultmessage->topic, $substitutionarray, $outputlangs);
$msg = make_substitutions($arraydefaultmessage->content, $substitutionarray, $outputlangs);
$from = $conf->global->ADHERENT_MAIL_FROM;
$from = getDolGlobalString('ADHERENT_MAIL_FROM');
$to = $adherent->email;
$trackid = 'mem'.$adherent->id;

16
htdocs/adherents/class/api_members.class.php
View File

@ -62,7 +62,7 @@ class Members extends DolibarrApi
*/
public function get($id)
{
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -99,7 +99,7 @@ class Members extends DolibarrApi
*/
public function getByThirdparty($thirdparty)
{
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -132,7 +132,7 @@ class Members extends DolibarrApi
*/
public function getByThirdpartyEmail($email)
{
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -171,7 +171,7 @@ class Members extends DolibarrApi
*/
public function getByThirdpartyBarcode($barcode)
{
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -217,7 +217,7 @@ class Members extends DolibarrApi
$obj_ret = array();
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -370,7 +370,7 @@ class Members extends DolibarrApi
*/
public function delete($id)
{
if (!DolibarrApiAccess::$user->rights->adherent->supprimer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'supprimer')) {
throw new RestException(401);
}
$member = new Adherent($this->db);
@ -464,7 +464,7 @@ class Members extends DolibarrApi
{
$obj_ret = array();
if (!DolibarrApiAccess::$user->rights->adherent->cotisation->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'cotisation', 'lire')) {
throw new RestException(401);
}
@ -495,7 +495,7 @@ class Members extends DolibarrApi
*/
public function createSubscription($id, $start_date, $end_date, $amount, $label = '')
{
if (!DolibarrApiAccess::$user->rights->adherent->cotisation->creer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'cotisation', 'creer')) {
throw new RestException(401);
}

10
htdocs/adherents/class/api_memberstypes.class.php
View File

@ -55,7 +55,7 @@ class MembersTypes extends DolibarrApi
*/
public function get($id)
{
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -92,7 +92,7 @@ class MembersTypes extends DolibarrApi
$obj_ret = array();
if (!DolibarrApiAccess::$user->rights->adherent->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'lire')) {
throw new RestException(401);
}
@ -151,7 +151,7 @@ class MembersTypes extends DolibarrApi
*/
public function post($request_data = null)
{
if (!DolibarrApiAccess::$user->rights->adherent->configurer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'configurer')) {
throw new RestException(401);
}
// Check mandatory fields
@ -176,7 +176,7 @@ class MembersTypes extends DolibarrApi
*/
public function put($id, $request_data = null)
{
if (!DolibarrApiAccess::$user->rights->adherent->configurer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'configurer')) {
throw new RestException(401);
}
@ -216,7 +216,7 @@ class MembersTypes extends DolibarrApi
*/
public function delete($id)
{
if (!DolibarrApiAccess::$user->rights->adherent->configurer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'configurer')) {
throw new RestException(401);
}
$membertype = new AdherentType($this->db);

8
htdocs/adherents/class/api_subscriptions.class.php
View File

@ -58,7 +58,7 @@ class Subscriptions extends DolibarrApi
*/
public function get($id)
{
if (!DolibarrApiAccess::$user->rights->adherent->cotisation->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'cotisation', 'lire')) {
throw new RestException(401);
}
@ -91,7 +91,7 @@ class Subscriptions extends DolibarrApi
$obj_ret = array();
if (!DolibarrApiAccess::$user->rights->adherent->cotisation->lire) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'cotisation', 'lire')) {
throw new RestException(401);
}
@ -148,7 +148,7 @@ class Subscriptions extends DolibarrApi
*/
public function post($request_data = null)
{
if (!DolibarrApiAccess::$user->rights->adherent->cotisation->creer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'cotisation', 'creer')) {
throw new RestException(401);
}
// Check mandatory fields
@ -206,7 +206,7 @@ class Subscriptions extends DolibarrApi
public function delete($id)
{
// The right to delete a subscription comes with the right to create one.
if (!DolibarrApiAccess::$user->rights->adherent->cotisation->creer) {
if (!DolibarrApiAccess::$user->hasRight('adherent', 'cotisation', 'creer')) {
throw new RestException(401);
}
$subscription = new Subscription($this->db);

2
htdocs/adherents/htpasswd.php
View File

@ -37,7 +37,7 @@ $sortorder = GETPOST('sortorder', 'aZ09');
if (!isModEnabled('adherent')) {
accessforbidden();
}
if (empty($user->rights->adherent->export)) {
if (!$user->hasRight('adherent', 'export')) {
accessforbidden();
}

6
htdocs/adherents/ldap.php
View File

@ -51,14 +51,14 @@ if ($id > 0 || !empty($ref)) {
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = (!empty($user->admin) || !empty($user->rights->user->user->creer));
$canadduser = (!empty($user->admin) || $user->hasRight('user', 'user', 'creer'));
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && !empty($user->rights->user->self->creer))
|| (($user->id != $object->user_id) && !empty($user->rights->user->user->creer)));
|| (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer')));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && !empty($user->rights->user->user->password)));
|| (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password')));
}
}

2
htdocs/adherents/list.php
View File

@ -262,7 +262,7 @@ if (empty($reshook)) {
}
// Create external user
if ($massaction == 'createexternaluser' && $user->hasRight('adherent', 'creer') && $user->rights->user->user->creer) {
if ($massaction == 'createexternaluser' && $user->hasRight('adherent', 'creer') && $user->hasRight('user', 'user', 'creer')) {
$tmpmember = new Adherent($db);
$error = 0;
$nbcreated = 0;

14
htdocs/adherents/partnership.php
View File

@ -76,13 +76,13 @@ foreach ($object->fields as $key => $val) {
// Load object
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
$permissiontoread = $user->rights->partnership->read;
$permissiontoadd = $user->rights->partnership->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$permissiontodelete = $user->rights->partnership->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
$permissionnote = $user->rights->partnership->write; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->rights->partnership->write; // Used by the include of actions_dellink.inc.php
$usercanclose = $user->rights->partnership->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$upload_dir = $conf->partnership->multidir_output[isset($object->entity) ? $object->entity : 1];
$permissiontoread = $user->hasRight('partnership', 'read');
$permissiontoadd = $user->hasRight('partnership', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$permissiontodelete = $user->hasRight('partnership', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT);
$permissionnote = $user->hasRight('partnership', 'write'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('partnership', 'write'); // Used by the include of actions_dellink.inc.php
$usercanclose = $user->hasRight('partnership', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php
$upload_dir = $conf->partnership->multidir_output[isset($object->entity) ? $object->entity : 1];
if (getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR') != 'member') {

12
htdocs/adherents/subscription.php
View File

@ -151,9 +151,9 @@ if (empty($reshook) && $action == 'confirm_create_thirdparty' && $confirm == 'ye
}
}
if (empty($reshook) && $action == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) {
if (empty($reshook) && $action == 'setuserid' && ($user->rights->user->self->creer || $user->hasRight('user', 'user', 'creer'))) {
$error = 0;
if (empty($user->rights->user->user->creer)) { // If can edit only itself user, we can link to itself only
if (!$user->hasRight('user', 'user', 'creer')) { // If can edit only itself user, we can link to itself only
if (GETPOST("userid", 'int') != $user->id && GETPOST("userid", 'int') != $object->user_id) {
$error++;
setEventMessages($langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly"), null, 'errors');
@ -201,7 +201,7 @@ if (empty($reshook) && $action == 'setsocid') {
}
}
if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && !$cancel) {
if ($user->hasRight('adherent', 'cotisation', 'creer') && $action == 'subscription' && !$cancel) {
$error = 0;
$langs->load("banks");
@ -674,7 +674,7 @@ if ($rowid > 0) {
*/
// Button to create a new subscription if member no draft (-1) neither resiliated (0) neither excluded (-2)
if ($user->rights->adherent->cotisation->creer) {
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
if ($action != 'addsubscription' && $action != 'create_thirdparty') {
print '<div class="tabsAction">';
@ -814,7 +814,7 @@ if ($rowid > 0) {
/*
* Add new subscription form
*/
if (($action == 'addsubscription' || $action == 'create_thirdparty') && $user->rights->adherent->cotisation->creer) {
if (($action == 'addsubscription' || $action == 'create_thirdparty') && $user->hasRight('adherent', 'cotisation', 'creer')) {
print '<br>';
print load_fiche_titre($langs->trans("NewCotisation"));
@ -1142,7 +1142,7 @@ if ($rowid > 0) {
$tmp = '<input name="sendmail" type="checkbox"'.(GETPOST('sendmail', 'alpha') ? ' checked' : (!empty($conf->global->ADHERENT_DEFAULT_SENDINFOBYMAIL) ? ' checked' : '')).'>';
$helpcontent = '';
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.$conf->global->ADHERENT_MAIL_FROM.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.getDolGlobalString('ADHERENT_MAIL_FROM').'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailRecipient").'</b>: '.$object->email.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailTopic").'</b>:<br>'."\n";
if ($subjecttosend) {

18
htdocs/adherents/subscription/card.php
View File

@ -49,13 +49,13 @@ $note = GETPOST('note', 'alpha');
$typeid = (int) GETPOST('typeid', 'int');
$amount = price2num(GETPOST('amount', 'alpha'), 'MT');
if (empty($user->rights->adherent->cotisation->lire)) {
if (!$user->hasRight('adherent', 'cotisation', 'lire')) {
accessforbidden();
}
$permissionnote = $user->rights->adherent->cotisation->creer; // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->rights->adherent->cotisation->creer; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $user->rights->adherent->cotisation->creer; // Used by the include of actions_lineupdonw.inc.php
$permissionnote = $user->hasRight('adherent', 'cotisation', 'creer'); // Used by the include of actions_setnotes.inc.php
$permissiondellink = $user->hasRight('adherent', 'cotisation', 'creer'); // Used by the include of actions_dellink.inc.php
$permissiontoedit = $user->hasRight('adherent', 'cotisation', 'creer'); // Used by the include of actions_lineupdonw.inc.php
$hookmanager->initHooks(array('subscriptioncard', 'globalcard'));
@ -78,7 +78,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_dellink.inc.php'; // Must be include, n
//include DOL_DOCUMENT_ROOT.'/core/actions_lineupdown.inc.php'; // Must be include, not include_once
if ($user->rights->adherent->cotisation->creer && $action == 'update' && !$cancel) {
if ($user->hasRight('adherent', 'cotisation', 'creer') && $action == 'update' && !$cancel) {
// Load current object
$result = $object->fetch($rowid);
if ($result > 0) {
@ -140,7 +140,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'update' && !$cance
}
}
if ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->adherent->cotisation->creer) {
if ($action == 'confirm_delete' && $confirm == 'yes' && $user->hasRight('adherent', 'cotisation', 'creer')) {
$result = $object->fetch($rowid);
$result = $object->delete($user);
if ($result > 0) {
@ -166,7 +166,7 @@ llxHeader('', $langs->trans("SubscriptionCard"), $help_url);
dol_htmloutput_errors($errmsg);
if ($user->rights->adherent->cotisation->creer && $action == 'edit') {
if ($user->hasRight('adherent', 'cotisation', 'creer') && $action == 'edit') {
/********************************************
*
* Subscription card in edit mode
@ -350,7 +350,7 @@ if ($rowid && $action != 'edit') {
*/
print '<div class="tabsAction">';
if ($user->rights->adherent->cotisation->creer) {
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
if (!empty($bankline->rappro)) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Modify")."</a></div>";
} else {
@ -359,7 +359,7 @@ if ($rowid && $action != 'edit') {
}
// Delete
if ($user->rights->adherent->cotisation->creer) {
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete")."</a></div>\n";
}

2
htdocs/adherents/subscription/info.php
View File

@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php';
// Load translation files required by the page
$langs->loadLangs(array("companies", "members", "bills", "users"));
if (empty($user->rights->adherent->lire)) {
if (!$user->hasRight('adherent', 'lire')) {
accessforbidden();
}

4
htdocs/adherents/subscription/list.php
View File

@ -291,14 +291,14 @@ $arrayofmassactions = array(
//'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
//'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
);
//if ($user->rights->adherent->supprimer) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
//if ($user->hasRight('adherent', 'supprimer')) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
if (in_array($massaction, array('presend', 'predelete'))) {
$arrayofmassactions = array();
}
$massactionbutton = $form->selectMassAction('', $arrayofmassactions);
$newcardbutton = '';
if ($user->rights->adherent->cotisation->creer) {
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
$newcardbutton .= dolGetButtonTitle($langs->trans('NewSubscription'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/adherents/list.php?status=-1,1');
}

2
htdocs/adherents/tpl/linkedobjectblock.tpl.php
View File

@ -39,7 +39,7 @@ foreach ($linkedObjectBlock as $key => $objectlink) {
echo '<td class="center"></td>';
echo '<td class="center">'.dol_print_date($objectlink->dateh, 'day').'</td>';
echo '<td class="right">';
if ($user->rights->adherent->lire) {
if ($user->hasRight('adherent', 'lire')) {
$total = $total + $objectlink->amount;
echo price($objectlink->amount);
}

8
htdocs/adherents/type.php
View File

@ -171,7 +171,7 @@ if ($action == 'add' && $user->hasRight('adherent', 'configurer')) {
}
}
if ($action == 'update' && $user->rights->adherent->configurer) {
if ($action == 'update' && $user->hasRight('adherent', 'configurer')) {
$object->fetch($rowid);
$object->oldcopy = dol_clone($object);
@ -207,7 +207,7 @@ if ($action == 'update' && $user->rights->adherent->configurer) {
exit;
}
if ($action == 'confirm_delete' && !empty($user->rights->adherent->configurer)) {
if ($action == 'confirm_delete' && $user->hasRight('adherent', 'configurer')) {
$object->fetch($rowid);
$res = $object->delete();
@ -257,7 +257,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
}
$newcardbutton = '';
if ($user->rights->adherent->configurer) {
if ($user->hasRight('adherent', 'configurer')) {
$newcardbutton .= dolGetButtonTitle($langs->trans('NewMemberType'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/adherents/type.php?action=create');
}
@ -323,7 +323,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
print '<td class="center">'.yn($objp->caneditamount).'</td>';
print '<td class="center">'.yn($objp->vote).'</td>';
print '<td class="center">'.$membertype->getLibStatut(5).'</td>';
if ($user->rights->adherent->configurer) {
if ($user->hasRight('adherent', 'configurer')) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
} else {
print '<td class="right">&nbsp;</td>';

6
htdocs/adherents/type_translation.php
View File

@ -71,7 +71,7 @@ if ($action == 'delete' && GETPOST('langtodelete', 'alpha')) {
}
// Add translation
if ($action == 'vadd' && $cancel != $langs->trans("Cancel") && $user->rights->adherent->configurer) {
if ($action == 'vadd' && $cancel != $langs->trans("Cancel") && $user->hasRight('adherent', 'configurer')) {
$object = new AdherentType($db);
$object->fetch($id);
$current_lang = $langs->getDefaultLang();
@ -99,7 +99,7 @@ if ($action == 'vadd' && $cancel != $langs->trans("Cancel") && $user->rights->ad
}
// Edit translation
if ($action == 'vedit' && $cancel != $langs->trans("Cancel") && $user->rights->adherent->configurer) {
if ($action == 'vedit' && $cancel != $langs->trans("Cancel") && $user->hasRight('adherent', 'configurer')) {
$object = new AdherentType($db);
$object->fetch($id);
$current_lang = $langs->getDefaultLang();
@ -125,7 +125,7 @@ if ($action == 'vedit' && $cancel != $langs->trans("Cancel") && $user->rights->a
}
// Delete translation
if ($action == 'vdelete' && $cancel != $langs->trans("Cancel") && $user->rights->adherent->configurer) {
if ($action == 'vdelete' && $cancel != $langs->trans("Cancel") && $user->hasRight('adherent', 'configurer')) {
$object = new AdherentType($db);
$object->fetch($id);
$langtodelete = GETPOST('langdel', 'alpha');

10
htdocs/adherents/vcard.php
View File

@ -42,14 +42,14 @@ if ($id > 0 || !empty($ref)) {
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
$canadduser = ($user->admin || $user->hasRight('user', 'user', 'creer'));
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
$caneditfielduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'creer'))
|| (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'creer')));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->hasRight('user', 'self', 'password'))
|| (($user->id != $object->user_id) && $user->hasRight('user', 'user', 'password')));
}
}

38
htdocs/admin/system/security.php
View File

@ -487,7 +487,7 @@ if (empty($conf->api->enabled) && empty($conf->webservices->enabled)) {
print '<br>';
}
if (!empty($conf->api->enabled)) {
print '<strong>API_ENDPOINT_RULES</strong> = '.(empty($conf->global->API_ENDPOINT_RULES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Example").': login:0,users:0,setup:1,status:1,tickets:1,...)</span>' : $conf->global->API_ENDPOINT_RULES)."<br>\n";
print '<strong>API_ENDPOINT_RULES</strong> = '.getDolGlobalString('API_ENDPOINT_RULES', '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Example").': login:0,users:0,setup:1,status:1,tickets:1,...)</span>')."<br>\n";
print '<br>';
}
}
@ -501,19 +501,19 @@ print '<br>';
print load_fiche_titre($langs->trans("OtherSetup"), '', 'folder');
print '<strong>MAIN_ALLOW_SVG_FILES_AS_IMAGES</strong> = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span><br>';
print '<strong>MAIN_ALLOW_SVG_FILES_AS_IMAGES</strong> = '.getDolGlobalString('MAIN_ALLOW_SVG_FILES_AS_IMAGES', '0').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span><br>';
print '<br>';
print '<strong>MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE</strong> = '.(empty($conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 1)</span><br>';
print '<strong>MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE</strong> = '.getDolGlobalString('MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 1)</span><br>';
print '<br>';
//print '<strong>'.$langs->trans("PasswordEncryption").'</strong>: ';
print '<strong>MAIN_SECURITY_HASH_ALGO</strong> = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_HASH_ALGO)." &nbsp; ";
print '<strong>MAIN_SECURITY_HASH_ALGO</strong> = '.getDolGlobalString('MAIN_SECURITY_HASH_ALGO', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>')." &nbsp; ";
if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) {
print '<span class="opacitymedium"> &nbsp; &nbsp; If unset: \'md5\'</span>';
}
if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
print '<br><strong>MAIN_SECURITY_SALT</strong> = '.(empty($conf->global->MAIN_SECURITY_SALT) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_SALT).'<br>';
print '<br><strong>MAIN_SECURITY_SALT</strong> = '.getDolGlobalString('MAIN_SECURITY_SALT', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').'<br>';
} else {
print '<span class="opacitymedium">('.$langs->trans("Recommended").': password_hash)</span>';
print '<br>';
@ -528,10 +528,10 @@ if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') {
}
print '<br>';
print '<strong>MAIN_SECURITY_ANTI_SSRF_SERVER_IP</strong> = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span> &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': List of static IPs of server separated with coma - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)</span>' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."<br>";
print '<strong>MAIN_SECURITY_ANTI_SSRF_SERVER_IP</strong> = '.getDolGlobalString('MAIN_SECURITY_ANTI_SSRF_SERVER_IP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span> &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': List of static IPs of server separated with coma - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)</span>')."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 2)</span>'."<br>";
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.getDolGlobalString('MAIN_SECURITY_CSRF_WITH_TOKEN', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 2)</span>'."<br>";
print '<br>';
print '<br>';
@ -559,31 +559,32 @@ if ($execmethod == 2) {
print '<br>';
print '<br>';
print '<strong>MAIN_RESTRICTHTML_ONLY_VALID_HTML</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML)."<br>";
print '<strong>MAIN_RESTRICTHTML_ONLY_VALID_HTML</strong> = '.getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML', '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>')."<br>";
print '<br>';
print '<strong>MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."<br>";
print '<strong>MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES</strong> = '.getDolGlobalString('MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES', '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>')."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)</span>' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."<br>";
print '<strong>MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL</strong> = '.getDolGlobalString('MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL', '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)</span>')."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_FORCECSP</strong> = '.(empty($conf->global->MAIN_SECURITY_FORCECSP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_FORCECSP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; img-src *;\")</span><br>";
print '<strong>MAIN_SECURITY_FORCECSP</strong> = '.getDolGlobalString('MAIN_SECURITY_FORCECSP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; img-src *;\")</span><br>";
print '<br>';
print '<strong>MAIN_SECURITY_FORCERP</strong> = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_FORCERP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so browser doesn't send any referrer when going into another web site domain)</span><br>";
print '<strong>MAIN_SECURITY_FORCERP</strong> = '.getDolGlobalString('MAIN_SECURITY_FORCERP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so browser doesn't send any referrer when going into another web site domain)</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCECSP</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")</span><br>";
print '<strong>WEBSITE_MAIN_SECURITY_FORCECSP</strong> = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>');
print ' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCERP</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCERP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCERP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")</span><br>";
print '<strong>WEBSITE_MAIN_SECURITY_FORCERP</strong> = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCESTS</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCESTS) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCESTS).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")</span><br>";
print '<strong>WEBSITE_MAIN_SECURITY_FORCESTS</strong> = '.getDolGlobalString('>WEBSITE_MAIN_SECURITY_FORCESTS', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCEPP</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCEPP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCEPP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"camera: 'none'; microphone: 'none';\")</span><br>";
print '<strong>WEBSITE_MAIN_SECURITY_FORCEPP</strong> = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCEPP', '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>').' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"camera: 'none'; microphone: 'none';\")</span><br>";
print '<br>';
print '<br>';
@ -598,16 +599,13 @@ print '</span>';
print '<br>';
$urlexamplebase = 'https://github.com/Dolibarr/dolibarr/blob/develop/dev/setup/fail2ban/filter.d/';
print '- Login process (see <a target="_blank" rel="noopener" href="'.$urlexamplebase.'web-dolibarr-rulesbruteforce.conf">fail2ban example on GitHub</a>)<br>';
print '- '.DOL_URL_ROOT.'/passwordforgotten.php (see <a target="_blank" rel="noopener" href="'.$urlexamplebase.'web-dolibarr-rulespassgorgotten.conf">fail2ban example on GitHub</a>)<br>';
print '- '.DOL_URL_ROOT.'/passwordforgotten.php (see <a target="_blank" rel="noopener" href="'.$urlexamplebase.'web-dolibarr-rulespassforgotten.conf">fail2ban example on GitHub</a>)<br>';
print '- '.DOL_URL_ROOT.'/public/* (see <a target="_blank" rel="noopener" href="'.$urlexamplebase.'web-dolibarr-limitpublic.conf">fail2ban example on GitHub</a>)<br>';
print '<br>';
$urlexamplebase = 'https://github.com/Dolibarr/dolibarr/blob/develop/dev/setup/apache/';
print '- You can also protect the application using a HTTP Basic authentication layer (see <a target="_blank" rel="noopener" href="'.$urlexamplebase.'virtualhost">apache2 virtualhost example on GitHub</a>)<br>';
// End of page
llxFooter();
$db->close();

2
htdocs/public/members/new.php
View File

@ -402,7 +402,7 @@ if (empty($reshook) && $action == 'add') {
}
$to = $adh->makeSubstitution($conf->global->MAIN_INFO_SOCIETE_MAIL);
$from = $conf->global->ADHERENT_MAIL_FROM;
$from = getDolGlobalString('ADHERENT_MAIL_FROM');
$mailfile = new CMailFile(
'['.$appli.'] '.$conf->global->ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT,
$to,

4
htdocs/takepos/css/pos.css.php
View File

@ -342,9 +342,9 @@ div.paymentbordline
?>
overflow-x: hidden;
overfloy-y: scroll;
<?
<?php
} else {
?>
?>
overflow: visible;
<?php
}