diff --git a/htdocs/admin/agenda_xcal.php b/htdocs/admin/agenda_xcal.php index ce36d97d06a..e3f2c7307f7 100644 --- a/htdocs/admin/agenda_xcal.php +++ b/htdocs/admin/agenda_xcal.php @@ -207,21 +207,11 @@ $message .= $langs->trans("AgendaUrlOptionsIncludeHolidays", '1', '1').'
'; print info_admin($message); -if (!empty($conf->use_javascript_ajax)) { - print "\n".''; -} +$constname = 'MAIN_AGENDA_XCAL_EXPORTKEY'; + +// Add button to autosuggest a key +include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; +print dolJSToSetRandomPassword($constname); // End of page llxFooter(); diff --git a/htdocs/admin/clicktodial.php b/htdocs/admin/clicktodial.php index a8d33ae5a09..8f98b4d25e9 100644 --- a/htdocs/admin/clicktodial.php +++ b/htdocs/admin/clicktodial.php @@ -188,22 +188,10 @@ if (!empty($conf->global->CLICKTODIAL_URL)) { } } -if (!empty($conf->use_javascript_ajax)) { - print "\n".''; -} +// Add button to autosuggest a key +include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; +print dolJSToSetRandomPassword('CLICKTODIAL_KEY_FOR_CIDLOOKUP'); + // End of page llxFooter(); diff --git a/htdocs/admin/eventorganization.php b/htdocs/admin/eventorganization.php index ee6c2ae6b52..05df4187130 100644 --- a/htdocs/admin/eventorganization.php +++ b/htdocs/admin/eventorganization.php @@ -273,21 +273,10 @@ if ($action == 'edit') { if (!empty($conf->use_javascript_ajax)) { print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); } - if (!empty($conf->use_javascript_ajax)) { - print "\n".''; - } + + // Add button to autosuggest a key + include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + print dolJSToSetRandomPassword($constname, 'generate_token'.$constname); } elseif ($val['type'] == 'product') { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); diff --git a/htdocs/admin/hrm.php b/htdocs/admin/hrm.php index b1b74189d35..cfe40c006b7 100644 --- a/htdocs/admin/hrm.php +++ b/htdocs/admin/hrm.php @@ -540,21 +540,10 @@ if ($action == 'edit') { if (!empty($conf->use_javascript_ajax)) { print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); } - if (!empty($conf->use_javascript_ajax)) { - print "\n".''; - } + + // Add button to autosuggest a key + include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + print dolJSToSetRandomPassword($constname, 'generate_token'.$constname); } elseif ($val['type'] == 'product') { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); diff --git a/htdocs/admin/mailing.php b/htdocs/admin/mailing.php index 37735a43ed3..da2df89b21a 100644 --- a/htdocs/admin/mailing.php +++ b/htdocs/admin/mailing.php @@ -107,21 +107,11 @@ llxHeader('', $langs->trans("MailingSetup")); $linkback = ''.$langs->trans("BackToModuleList").''; print load_fiche_titre($langs->trans("MailingSetup"), $linkback, 'title_setup'); -if (!empty($conf->use_javascript_ajax)) { - print "\n".''; -} +$constname = 'MAILING_EMAIL_UNSUBSCRIBE_KEY'; + +// Add button to autosuggest a key +include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; +print dolJSToSetRandomPassword($constname); print '
'; print '
'; diff --git a/htdocs/admin/webhook.php b/htdocs/admin/webhook.php index 963b76c238a..9dec7a8eeec 100644 --- a/htdocs/admin/webhook.php +++ b/htdocs/admin/webhook.php @@ -338,21 +338,10 @@ if ($action == 'edit') { if (!empty($conf->use_javascript_ajax)) { print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); } - if (!empty($conf->use_javascript_ajax)) { - print "\n".''; - } + + // Add button to autosuggest a key + include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + print dolJSToSetRandomPassword($constname, 'generate_token'.$constname); } elseif ($val['type'] == 'product') { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); diff --git a/htdocs/asset/admin/setup.php b/htdocs/asset/admin/setup.php index 29ee4b074fb..448473003b3 100644 --- a/htdocs/asset/admin/setup.php +++ b/htdocs/asset/admin/setup.php @@ -519,21 +519,10 @@ if ($action == 'edit') { if (!empty($conf->use_javascript_ajax)) { print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); } - if (!empty($conf->use_javascript_ajax)) { - print "\n".''; - } + + // Add button to autosuggest a key + include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + print dolJSToSetRandomPassword($constname, 'generate_token'.$constname); } elseif ($val['type'] == 'product') { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); diff --git a/htdocs/core/ajax/security.php b/htdocs/core/ajax/security.php index 0056120c6bd..1f2143d4b72 100644 --- a/htdocs/core/ajax/security.php +++ b/htdocs/core/ajax/security.php @@ -42,6 +42,9 @@ if (!defined('NOREQUIRETRAN')) { require '../../main.inc.php'; +$action = GETPOST('action'); + + /* * View */ @@ -52,10 +55,10 @@ top_httphead(); //print ''."\n"; // Registering the location of boxes -if (isset($_GET['action']) && !empty($_GET['action'])) { - if ($_GET['action'] == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) { +if ($action) { + if ($action == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) { require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; - $generic = $_GET['generic'] ? true : false; + $generic = GETPOST('generic') ? true : false; echo getRandomPassword($generic); } } diff --git a/htdocs/core/class/html.formsetup.class.php b/htdocs/core/class/html.formsetup.class.php index 1cfddb588fd..2dd729df91d 100644 --- a/htdocs/core/class/html.formsetup.class.php +++ b/htdocs/core/class/html.formsetup.class.php @@ -952,21 +952,11 @@ class FormSetupItem if (!empty($conf->use_javascript_ajax)) { $out.= ' '.img_picto($this->langs->trans('Generate'), 'refresh', 'id="generate_token'.$this->confKey.'" class="linkobject"'); } - if (!empty($conf->use_javascript_ajax)) { - $out .= "\n" . ''; - } + + // Add button to autosuggest a key + include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + $out .= dolJSToSetRandomPassword($this->confKey, 'generate_token'.$this->confKey); + return $out; } diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index 4b70419630f..8f4abca6167 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -449,7 +449,7 @@ function encodedecode_dbpassconf($level = 0) * @param array $replaceambiguouschars Discard ambigous characters. For example array('I'). * @param int $length Length of random string (Used only if $generic is true) * @return string New value for password - * @see dol_hash() + * @see dol_hash(), dolJSToSetRandomPassword() */ function getRandomPassword($generic = false, $replaceambiguouschars = null, $length = 32) { @@ -527,3 +527,34 @@ function getRandomPassword($generic = false, $replaceambiguouschars = null, $len return $generated_password; } + +/** + * Ouput javacript to autoset a generated password using default module into a HTML element. + * + * @param string $htmlname HTML name of element to insert key into + * @param string $htmlnameofbutton HTML name of button + * @return string HTML javascript code to set a password + * @see getRandomPassword() + */ +function dolJSToSetRandomPassword($htmlname, $htmlnameofbutton = 'generate_token') +{ + global $conf; + + if (!empty($conf->use_javascript_ajax)) { + print "\n".''; + } +} diff --git a/htdocs/core/tpl/onlinepaymentlinks.tpl.php b/htdocs/core/tpl/onlinepaymentlinks.tpl.php index e355f9654a3..657d32a0a36 100644 --- a/htdocs/core/tpl/onlinepaymentlinks.tpl.php +++ b/htdocs/core/tpl/onlinepaymentlinks.tpl.php @@ -141,21 +141,11 @@ if (!empty($conf->don->enabled)) { print '
'; } -if (!empty($conf->use_javascript_ajax)) { - print "\n".''; -} +$constname = 'PAYMENT_SECURITY_TOKEN'; + +// Add button to autosuggest a key +include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; +print dolJSToSetRandomPassword($constname); print info_admin($langs->trans("YouCanAddTagOnUrl")); diff --git a/htdocs/cron/admin/cron.php b/htdocs/cron/admin/cron.php index ff413a8a1c2..d214c112aa3 100644 --- a/htdocs/cron/admin/cron.php +++ b/htdocs/cron/admin/cron.php @@ -129,22 +129,11 @@ dol_print_cron_urls(); print '
'; -if (!empty($conf->use_javascript_ajax)) { - print "\n".''; -} +$constname = 'CRON_KEY'; + +// Add button to autosuggest a key +include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; +print dolJSToSetRandomPassword($constname); llxFooter(); $db->close(); diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index 2362036c93a..6713d410fc6 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -41,12 +41,14 @@ ALTER TABLE llx_c_email_templates ADD COLUMN email_from varchar(255); ALTER TABLE llx_c_email_templates ADD COLUMN email_to varchar(255); ALTER TABLE llx_c_email_templates ADD COLUMN email_tocc varchar(255); ALTER TABLE llx_c_email_templates ADD COLUMN email_tobcc varchar(255); +ALTER TABLE llx_c_email_templates ADD COLUMN content_lines text; ALTER TABLE llx_expedition ADD COLUMN billed smallint DEFAULT 0; ALTER TABLE llx_accounting_system MODIFY COLUMN pcg_version varchar(32) NOT NULL; + -- v17 ALTER TABLE llx_facture ADD COLUMN close_missing_amount double(24, 8) after close_code; diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index 30e7b45d198..66200898e95 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -4116,6 +4116,7 @@ function migrate_delete_old_files($db, $langs, $conf) '/core/boxes/box_members.php', '/api/class/api_generic.class.php', + '/asterisk/cidlookup.php', '/categories/class/api_category.class.php', '/categories/class/api_deprecated_category.class.php', '/compta/facture/class/api_invoice.class.php', diff --git a/htdocs/user/card.php b/htdocs/user/card.php index c4f1be97eb8..3015657252b 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -2834,20 +2834,12 @@ if ($action == 'create' || $action == 'adduserldap') { } } -if (!empty($conf->api->enabled) && !empty($conf->use_javascript_ajax)) { - print "\n".''; +if (!empty($conf->api->enabled)) { + $constname = 'api_key'; + + // Add button to autosuggest a key + include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; + print dolJSToSetRandomPassword($constname, 'generate_api_key'); } // End of page diff --git a/htdocs/webservices/admin/index.php b/htdocs/webservices/admin/index.php index 14af2e88b3f..8ae62d1bf3c 100644 --- a/htdocs/webservices/admin/index.php +++ b/htdocs/webservices/admin/index.php @@ -140,21 +140,10 @@ print '
'; print '
'; print $langs->trans("OnlyActiveElementsAreShown", DOL_URL_ROOT.'/admin/modules.php'); -if (!empty($conf->use_javascript_ajax)) { - print "\n".''; -} +$constname = 'WEBSERVICES_KEY'; + +print dolJSToSetRandomPassword($constname); + // End of page llxFooter();