lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add new rule

Browse Source
This commit is contained in:
Frédéric FRANCE 2021-03-01 00:34:15 +01:00
parent 63dad7f25c
commit ed3b637d7a
No known key found for this signature in database
GPG Key ID: 06809324E4B2ABC1
3 changed files with 119 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
htdocs/api/admin/index.php
View File

@ -32,50 +32,44 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
// Load translation files required by the page
$langs->load("admin");
if (!$user->admin)
if (!$user->admin) {
accessforbidden();
}
$action = GETPOST('action', 'aZ09');
//Activate ProfId
if ($action == 'setproductionmode')
{
if ($action == 'setproductionmode') {
$status = GETPOST('status', 'alpha');
if (dolibarr_set_const($db, 'API_PRODUCTION_MODE', $status, 'chaine', 0, '', 0) > 0)
{
if (dolibarr_set_const($db, 'API_PRODUCTION_MODE', $status, 'chaine', 0, '', 0) > 0) {
$error = 0;
if ($status == 1)
{
if ($status == 1) {
$result = dol_mkdir($conf->api->dir_temp);
if ($result < 0)
{
if ($result < 0) {
setEventMessages($langs->trans("ErrorFailedToCreateDir", $conf->api->dir_temp), null, 'errors');
$error++;
}
} else {
// Delete the cache file otherwise it does not update
$result = dol_delete_file($conf->api->dir_temp.'/routes.php');
if ($result < 0)
{
if ($result < 0) {
setEventMessages($langs->trans("ErrorFailedToDeleteFile", $conf->api->dir_temp.'/routes.php'), null, 'errors');
$error++;
}
}
if (!$error)
{
if (!$error) {
header("Location: ".$_SERVER["PHP_SELF"]);
exit;
exit;
}
} else {
dol_print_error($db);
}
}
if ($action == 'save')
{
if ($action == 'save') {
dolibarr_set_const($db, 'API_RESTRICT_ON_IP', GETPOST('API_RESTRICT_ON_IP', 'alpha'));
}
@ -110,8 +104,7 @@ print "</tr>";
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ApiProductionMode").'</td>';
$production_mode = (empty($conf->global->API_PRODUCTION_MODE) ?false:true);
if ($production_mode)
{
if ($production_mode) {
print '<td><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=setproductionmode&token='.newToken().'&value='.($i + 1).'&status=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
@ -155,8 +148,7 @@ print '<br>';
// Explorer
print '<u>'.$langs->trans("ApiExporerIs").':</u><br>';
if (dol_is_dir(DOL_DOCUMENT_ROOT.'/includes/restler/framework/Luracast/Restler/explorer'))
{
if (dol_is_dir(DOL_DOCUMENT_ROOT.'/includes/restler/framework/Luracast/Restler/explorer')) {
$url = DOL_MAIN_URL_ROOT.'/api/index.php/explorer';
print img_picto('', 'globe').' <a href="'.$url.'" target="_blank">'.$url."</a><br>\n";
} else {

90
htdocs/bookmarks/card.php
View File

@ -52,8 +52,7 @@ $object = new Bookmark($db);
* Actions
*/
if ($action == 'add' || $action == 'addproduct' || $action == 'update')
{
if ($action == 'add' || $action == 'addproduct' || $action == 'update') {
if ($action == 'update') {
$invertedaction = 'edit';
} else {
@ -62,14 +61,17 @@ if ($action == 'add' || $action == 'addproduct' || $action == 'update')
$error = 0;
if (GETPOST('cancel', 'alpha'))
{
if (empty($backtopage)) $backtopage = ($urlsource ? $urlsource : ((!empty($url) && !preg_match('/^http/i', $url)) ? $url : DOL_URL_ROOT.'/bookmarks/list.php'));
if (GETPOST('cancel', 'alpha')) {
if (empty($backtopage)) {
$backtopage = ($urlsource ? $urlsource : ((!empty($url) && !preg_match('/^http/i', $url)) ? $url : DOL_URL_ROOT.'/bookmarks/list.php'));
}
header("Location: ".$backtopage);
exit;
}
if ($action == 'update') $object->fetch(GETPOST("id", 'int'));
if ($action == 'update') {
$object->fetch(GETPOST("id", 'int'));
}
// Check if null because user not admin can't set an user and send empty value here.
if (!empty($userid)) {
$object->fk_user = $userid;
@ -89,21 +91,23 @@ if ($action == 'add' || $action == 'addproduct' || $action == 'update')
setEventMessages($langs->transnoentities("ErrorFieldRequired", $langs->trans("UrlOrLink")), null, 'errors');
}
if (!$error)
{
if (!$error) {
$object->favicon = 'none';
if ($action == 'update') $res = $object->update();
else $res = $object->create();
if ($action == 'update') {
$res = $object->update();
} else {
$res = $object->create();
}
if ($res > 0)
{
if (empty($backtopage)) $backtopage = ($urlsource ? $urlsource : ((!empty($url) && !preg_match('/^http/i', $url)) ? $url : DOL_URL_ROOT.'/bookmarks/list.php'));
if ($res > 0) {
if (empty($backtopage)) {
$backtopage = ($urlsource ? $urlsource : ((!empty($url) && !preg_match('/^http/i', $url)) ? $url : DOL_URL_ROOT.'/bookmarks/list.php'));
}
header("Location: ".$backtopage);
exit;
} else {
if ($object->errno == 'DB_ERROR_RECORD_ALREADY_EXISTS')
{
if ($object->errno == 'DB_ERROR_RECORD_ALREADY_EXISTS') {
$langs->load("errors");
setEventMessages($langs->transnoentities("WarningBookmarkAlreadyExists"), null, 'warnings');
} else {
@ -137,8 +141,7 @@ $h++;
$hselected = 'card';
if ($action == 'create')
{
if ($action == 'create') {
/*
* Fact bookmark creation mode
*/
@ -189,8 +192,7 @@ if ($action == 'create')
}
if ($id > 0 && !preg_match('/^add/i', $action))
{
if ($id > 0 && !preg_match('/^add/i', $action)) {
/*
* Fact bookmark mode or visually edition
*/
@ -205,8 +207,7 @@ if ($id > 0 && !preg_match('/^add/i', $action))
)
);
if ($action == 'edit')
{
if ($action == 'edit') {
print '<form name="edit" method="POST" action="'.$_SERVER["PHP_SELF"].'" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="update">';
@ -239,8 +240,11 @@ if ($id > 0 && !preg_match('/^add/i', $action))
}
print '</td><td>';
if ($action == 'edit') print '<input class="flat minwidth300" name="title" value="'.(GETPOSTISSET("title") ? GETPOST("title", '', 2) : $object->title).'">';
else print $object->title;
if ($action == 'edit') {
print '<input class="flat minwidth300" name="title" value="'.(GETPOSTISSET("title") ? GETPOST("title", '', 2) : $object->title).'">';
} else {
print $object->title;
}
print '</td></tr>';
print '<tr><td>';
@ -252,28 +256,32 @@ if ($id > 0 && !preg_match('/^add/i', $action))
print '</span>';
}
print '</td><td>';
if ($action == 'edit') print '<input class="flat minwidth500 quatrevingtpercent" name="url" value="'.(GETPOSTISSET("url") ? GETPOST("url") : $object->url).'">';
else print '<a href="'.(preg_match('/^http/i', $object->url) ? $object->url : DOL_URL_ROOT.$object->url).'"'.($object->target ? ' target="_blank"' : '').'>'.$object->url.'</a>';
if ($action == 'edit') {
print '<input class="flat minwidth500 quatrevingtpercent" name="url" value="'.(GETPOSTISSET("url") ? GETPOST("url") : $object->url).'">';
} else {
print '<a href="'.(preg_match('/^http/i', $object->url) ? $object->url : DOL_URL_ROOT.$object->url).'"'.($object->target ? ' target="_blank"' : '').'>'.$object->url.'</a>';
}
print '</td></tr>';
print '<tr><td>'.$langs->trans("BehaviourOnClick").'</td><td>';
if ($action == 'edit')
{
if ($action == 'edit') {
$liste = array(1=>$langs->trans("OpenANewWindow"), 0=>$langs->trans("ReplaceWindow"));
print $form->selectarray('target', $liste, GETPOSTISSET("target") ? GETPOST("target") : $object->target);
} else {
if ($object->target == 0) print $langs->trans("ReplaceWindow");
if ($object->target == 1) print $langs->trans("OpenANewWindow");
if ($object->target == 0) {
print $langs->trans("ReplaceWindow");
}
if ($object->target == 1) {
print $langs->trans("OpenANewWindow");
}
}
print '</td></tr>';
print '<tr><td>'.$langs->trans("Owner").'</td><td>';
if ($action == 'edit' && $user->admin)
{
if ($action == 'edit' && $user->admin) {
print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : ($object->fk_user ? $object->fk_user : ''), 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300');
} else {
if ($object->fk_user > 0)
{
if ($object->fk_user > 0) {
$fuser = new User($db);
$fuser->fetch($object->fk_user);
print $fuser->getNomUrl(1);
@ -285,8 +293,11 @@ if ($id > 0 && !preg_match('/^add/i', $action))
// Position
print '<tr><td>'.$langs->trans("Position").'</td><td>';
if ($action == 'edit') print '<input class="flat" name="position" size="5" value="'.(GETPOSTISSET("position") ? GETPOST("position", 'int') : $object->position).'">';
else print $object->position;
if ($action == 'edit') {
print '<input class="flat" name="position" size="5" value="'.(GETPOSTISSET("position") ? GETPOST("position", 'int') : $object->position).'">';
} else {
print $object->position;
}
print '</td></tr>';
// Date creation
@ -298,8 +309,7 @@ if ($id > 0 && !preg_match('/^add/i', $action))
print dol_get_fiche_end();
if ($action == 'edit')
{
if ($action == 'edit') {
print '<div align="center"><input class="button button-save" type="submit" name="save" value="'.$langs->trans("Save").'"> &nbsp; &nbsp; <input class="button button-cancel" type="submit" name="cancel" value="'.$langs->trans("Cancel").'"></div>';
print '</form>';
}
@ -310,14 +320,12 @@ if ($id > 0 && !preg_match('/^add/i', $action))
print "<div class=\"tabsAction\">\n";
// Edit
if ($user->rights->bookmark->creer && $action != 'edit')
{
if ($user->rights->bookmark->creer && $action != 'edit') {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=edit&amp;token='.newToken().'">'.$langs->trans("Edit").'</a>'."\n";
}
// Remove
if ($user->rights->bookmark->supprimer && $action != 'edit')
{
if ($user->rights->bookmark->supprimer && $action != 'edit') {
print '<a class="butActionDelete" href="list.php?bid='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a>'."\n";
}

94
htdocs/bookmarks/list.php
View File

@ -45,12 +45,18 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST('sortfield', 'aZ09comma');
$sortorder = GETPOST('sortorder', 'aZ09comma');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; } // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) {
$page = 0;
} // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
if (!$sortfield) $sortfield = 'position';
if (!$sortorder) $sortorder = 'ASC';
if (!$sortfield) {
$sortfield = 'position';
}
if (!$sortorder) {
$sortorder = 'ASC';
}
$id = GETPOST("id", 'int');
@ -65,11 +71,9 @@ $permissiontodelete = $user->rights->bookmark->delete;
* Actions
*/
if ($action == 'delete')
{
if ($action == 'delete') {
$res = $object->remove($id);
if ($res > 0)
{
if ($res > 0) {
header("Location: ".$_SERVER["PHP_SELF"]);
exit;
} else {
@ -93,32 +97,30 @@ $sql .= " u.login, u.lastname, u.firstname";
$sql .= " FROM ".MAIN_DB_PREFIX."bookmark as b LEFT JOIN ".MAIN_DB_PREFIX."user as u ON b.fk_user=u.rowid";
$sql .= " WHERE 1=1";
$sql .= " AND b.entity IN (".getEntity('bookmark').")";
if (!$user->admin) $sql .= " AND (b.fk_user = ".$user->id." OR b.fk_user is NULL OR b.fk_user = 0)";
if (!$user->admin) {
$sql .= " AND (b.fk_user = ".$user->id." OR b.fk_user is NULL OR b.fk_user = 0)";
}
$sql .= $db->order($sortfield.", position", $sortorder);
// Count total nb of records
$nbtotalofrecords = '';
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
$resql = $db->query($sql);
$nbtotalofrecords = $db->num_rows($resql);
if (($page * $limit) > $nbtotalofrecords) // if total of record found is smaller than page * limit, goto and load page 0
{
if (($page * $limit) > $nbtotalofrecords) { // if total of record found is smaller than page * limit, goto and load page 0
$page = 0;
$offset = 0;
}
}
// if total of record found is smaller than limit, no need to do paging and to restart another select with limits set.
if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords)
{
if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords) {
$num = $nbtotalofrecords;
} else {
$sql .= $db->plimit($limit + 1, $offset);
$resql = $db->query($sql);
if (!$resql)
{
if (!$resql) {
dol_print_error($db);
exit;
}
@ -127,9 +129,15 @@ if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords)
}
$param = "";
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage);
if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit);
if ($optioncss != '') $param = '&optioncss='.urlencode($optioncss);
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
$param .= '&contextpage='.urlencode($contextpage);
}
if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.urlencode($limit);
}
if ($optioncss != '') {
$param = '&optioncss='.urlencode($optioncss);
}
$moreforfilter = '';
@ -140,12 +148,18 @@ $arrayofmassactions = array(
//'builddoc'=>$langs->trans("PDFMerge"),
//'presend'=>$langs->trans("SendByMail"),
);
if ($permissiontodelete) $arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete'))) $arrayofmassactions = array();
if ($permissiontodelete) {
$arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
}
if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete'))) {
$arrayofmassactions = array();
}
$massactionbutton = $form->selectMassAction('', $arrayofmassactions);
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="action" value="list">';
@ -176,8 +190,7 @@ print "</tr>\n";
$cacheOfUsers = array();
$i = 0;
while ($i < min($num, $limit))
{
while ($i < min($num, $limit)) {
$obj = $db->fetch_object($resql);
$object->id = $obj->rowid;
@ -197,28 +210,39 @@ while ($i < min($num, $limit))
// Title
print "<td>";
$linkintern = 1;
if ($linkintern) print '<a href="'.$obj->url.'">';
if ($linkintern) {
print '<a href="'.$obj->url.'">';
}
print $title;
if ($linkintern) print "</a>";
if ($linkintern) {
print "</a>";
}
print "</td>\n";
// Url
print '<td class="tdoverflowmax200">';
if (!$linkintern) print '<a href="'.$obj->url.'"'.($obj->target ? ' target="newlink" rel="noopener"' : '').'>';
if (!$linkintern) {
print '<a href="'.$obj->url.'"'.($obj->target ? ' target="newlink" rel="noopener"' : '').'>';
}
print $link;
if (!$linkintern) print '</a>';
if (!$linkintern) {
print '</a>';
}
print "</td>\n";
// Target
print '<td class="center">';
if ($obj->target == 0) print $langs->trans("BookmarkTargetReplaceWindowShort");
if ($obj->target == 1) print $langs->trans("BookmarkTargetNewWindowShort");
if ($obj->target == 0) {
print $langs->trans("BookmarkTargetReplaceWindowShort");
}
if ($obj->target == 1) {
print $langs->trans("BookmarkTargetNewWindowShort");
}
print "</td>\n";
// Author
print '<td class="center">';
if ($obj->fk_user)
{
if ($obj->fk_user) {
if (empty($cacheOfUsers[$obj->fk_user])) {
$tmpuser = new User($db);
$tmpuser->fetch($obj->fk_user);
@ -239,12 +263,10 @@ while ($i < min($num, $limit))
// Actions
print '<td class="nowrap right">';
if ($user->rights->bookmark->creer)
{
if ($user->rights->bookmark->creer) {
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/bookmarks/card.php?action=edit&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit()."</a>";
}
if ($user->rights->bookmark->supprimer)
{
if ($user->rights->bookmark->supprimer) {
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$obj->rowid.'">'.img_delete().'</a>';
} else {
print "&nbsp;";