PageRenderTime 57ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 0ms

/htdocs/main.inc.php

https://github.com/zeert/dolibarr
PHP | 1702 lines | 1319 code | 149 blank | 234 comment | 237 complexity | 1a800985c8105ea858d67488d8aec5cb MD5 | raw file
Possible License(s): LGPL-2.0
  1. <?php
  2. /* Copyright (C) 2002-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  3. * Copyright (C) 2003 Xavier Dutoit <doli@sydesy.com>
  4. * Copyright (C) 2004-2012 Laurent Destailleur <eldy@users.sourceforge.net>
  5. * Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
  6. * Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
  7. * Copyright (C) 2005-2012 Regis Houssin <regis@dolibarr.fr>
  8. * Copyright (C) 2011 Philippe Grand <philippe.grand@atoo-net.com>
  9. * Copyright (C) 2008 Matteli
  10. * Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
  11. *
  12. * This program is free software; you can redistribute it and/or modify
  13. * it under the terms of the GNU General Public License as published by
  14. * the Free Software Foundation; either version 2 of the License, or
  15. * (at your option) any later version.
  16. *
  17. * This program is distributed in the hope that it will be useful,
  18. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  20. * GNU General Public License for more details.
  21. *
  22. * You should have received a copy of the GNU General Public License
  23. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  24. */
  25. /**
  26. * \file htdocs/main.inc.php
  27. * \ingroup core
  28. * \brief File that defines environment for Dolibarr pages only (variables not required by scripts)
  29. */
  30. //@ini_set('memory_limit', '64M'); // This may be useless if memory is hard limited by your PHP
  31. // For optionnal tuning. Enabled if environment variable DOL_TUNING is defined.
  32. // A call first. Is the equivalent function dol_microtime_float not yet loaded.
  33. $micro_start_time=0;
  34. if (! empty($_SERVER['DOL_TUNING']))
  35. {
  36. list($usec, $sec) = explode(" ", microtime());
  37. $micro_start_time=((float) $usec + (float) $sec);
  38. // Add Xdebug code coverage
  39. //define('XDEBUGCOVERAGE',1);
  40. if (defined('XDEBUGCOVERAGE')) {
  41. xdebug_start_code_coverage();
  42. }
  43. }
  44. // Removed magic_quotes
  45. if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* removed in PHP6
  46. {
  47. if (get_magic_quotes_gpc())
  48. {
  49. // Forcing parameter setting magic_quotes_gpc and cleaning parameters
  50. // (Otherwise he would have for each position, condition
  51. // Reading stripslashes variable according to state get_magic_quotes_gpc).
  52. // Off mode recommended (just do $db->escape for insert / update).
  53. function stripslashes_deep($value)
  54. {
  55. return (is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value));
  56. }
  57. $_GET = array_map('stripslashes_deep', $_GET);
  58. $_POST = array_map('stripslashes_deep', $_POST);
  59. $_FILES = array_map('stripslashes_deep', $_FILES);
  60. //$_COOKIE = array_map('stripslashes_deep', $_COOKIE); // Useless because a cookie should never be outputed on screen nor used into sql
  61. @set_magic_quotes_runtime(0);
  62. }
  63. }
  64. /**
  65. * Security: SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
  66. *
  67. * @param string $val Value
  68. * @param string $type 1=GET, 0=POST, 2=PHP_SELF
  69. * @return boolean true if there is an injection
  70. */
  71. function test_sql_and_script_inject($val, $type)
  72. {
  73. $sql_inj = 0;
  74. // For SQL Injection (only GET and POST are used to be included into bad escaped SQL requests)
  75. if ($type != 2)
  76. {
  77. $sql_inj += preg_match('/delete[\s]+from/i', $val);
  78. $sql_inj += preg_match('/create[\s]+table/i', $val);
  79. $sql_inj += preg_match('/update.+set.+=/i', $val);
  80. $sql_inj += preg_match('/insert[\s]+into/i', $val);
  81. $sql_inj += preg_match('/select.+from/i', $val);
  82. $sql_inj += preg_match('/union.+select/i', $val);
  83. $sql_inj += preg_match('/(\.\.%2f)+/i', $val);
  84. }
  85. // For XSS Injection done by adding javascript with script
  86. // This is all cases a browser consider text is javascript:
  87. // When it found '<script', 'javascript:', '<style', 'onload\s=' on body tag, '="&' on a tag size with old browsers
  88. // All examples on page: http://ha.ckers.org/xss.html#XSScalc
  89. $sql_inj += preg_match('/<script/i', $val);
  90. $sql_inj += preg_match('/<style/i', $val);
  91. $sql_inj += preg_match('/base[\s]+href/i', $val);
  92. if ($type == 1)
  93. {
  94. $sql_inj += preg_match('/javascript:/i', $val);
  95. $sql_inj += preg_match('/vbscript:/i', $val);
  96. }
  97. // For XSS Injection done by adding javascript closing html tags like with onmousemove, etc... (closing a src or href tag with not cleaned param)
  98. if ($type == 1) $sql_inj += preg_match('/"/i', $val); // We refused " in GET parameters value
  99. if ($type == 2) $sql_inj += preg_match('/[\s;"]/', $val); // PHP_SELF is an url and must match url syntax
  100. return $sql_inj;
  101. }
  102. /**
  103. * Security: Return true if OK, false otherwise.
  104. *
  105. * @param string &$var Variable name
  106. * @param string $type 1=GET, 0=POST, 2=PHP_SELF
  107. * @return boolean true if ther is an injection
  108. */
  109. function analyse_sql_and_script(&$var, $type)
  110. {
  111. if (is_array($var))
  112. {
  113. foreach ($var as $key => $value)
  114. {
  115. if (analyse_sql_and_script($value,$type))
  116. {
  117. $var[$key] = $value;
  118. }
  119. else
  120. {
  121. print 'Access refused by SQL/Script injection protection in main.inc.php';
  122. exit;
  123. }
  124. }
  125. return true;
  126. }
  127. else
  128. {
  129. return (test_sql_and_script_inject($var,$type) <= 0);
  130. }
  131. }
  132. // Sanity check on URL
  133. if (! empty($_SERVER["PHP_SELF"]))
  134. {
  135. $morevaltochecklikepost=array($_SERVER["PHP_SELF"]);
  136. analyse_sql_and_script($morevaltochecklikepost,2);
  137. }
  138. // Sanity check on GET parameters
  139. if (! empty($_SERVER["QUERY_STRING"]))
  140. {
  141. $morevaltochecklikeget=array($_SERVER["QUERY_STRING"]);
  142. analyse_sql_and_script($morevaltochecklikeget,1);
  143. }
  144. // Sanity check on POST
  145. analyse_sql_and_script($_POST,0);
  146. // This is to make Dolibarr working with Plesk
  147. if (! empty($_SERVER['DOCUMENT_ROOT'])) set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
  148. // Include the conf.php and functions.lib.php
  149. require_once("filefunc.inc.php");
  150. // Init session. Name of session is specific to Dolibarr instance.
  151. $prefix=dol_getprefix();
  152. $sessionname='DOLSESSID_'.$prefix;
  153. $sessiontimeout='DOLSESSTIMEOUT_'.$prefix;
  154. if (! empty($_COOKIE[$sessiontimeout])) ini_set('session.gc_maxlifetime',$_COOKIE[$sessiontimeout]);
  155. session_name($sessionname);
  156. session_start();
  157. if (ini_get('register_globals')) // To solve bug in using $_SESSION
  158. {
  159. foreach ($_SESSION as $key=>$value)
  160. {
  161. if (isset($GLOBALS[$key])) unset($GLOBALS[$key]);
  162. }
  163. }
  164. // Init the 5 global objects
  165. // This include will set: $conf, $db, $langs, $user, $mysoc objects
  166. require_once("master.inc.php");
  167. // Activate end of page function
  168. register_shutdown_function('dol_shutdown');
  169. // Detection browser
  170. if (isset($_SERVER["HTTP_USER_AGENT"]))
  171. {
  172. $tmp=getBrowserInfo();
  173. $conf->browser->phone=$tmp['phone'];
  174. $conf->browser->name=$tmp['browsername'];
  175. $conf->browser->os=$tmp['browseros'];
  176. $conf->browser->firefox=$tmp['browserfirefox'];
  177. $conf->browser->version=$tmp['browserversion'];
  178. }
  179. // Force HTTPS if required ($conf->file->main_force_https is 0/1 or https dolibarr root url)
  180. if (! empty($conf->file->main_force_https))
  181. {
  182. $newurl='';
  183. if ($conf->file->main_force_https == '1')
  184. {
  185. if (! empty($_SERVER["SCRIPT_URI"])) // If SCRIPT_URI supported by server
  186. {
  187. if (preg_match('/^http:/i',$_SERVER["SCRIPT_URI"]) && ! preg_match('/^https:/i',$_SERVER["SCRIPT_URI"])) // If link is http
  188. {
  189. $newurl=preg_replace('/^http:/i','https:',$_SERVER["SCRIPT_URI"]);
  190. }
  191. }
  192. else // Check HTTPS environment variable (Apache/mod_ssl only)
  193. {
  194. // $_SERVER["HTTPS"] is 'on' when link is https, otherwise $_SERVER["HTTPS"] is empty or 'off'
  195. if (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != 'on') // If link is http
  196. {
  197. $newurl=preg_replace('/^http:/i','https:',DOL_MAIN_URL_ROOT).$_SERVER["REQUEST_URI"];
  198. }
  199. }
  200. }
  201. else
  202. {
  203. $newurl=$conf->file->main_force_https.$_SERVER["REQUEST_URI"];
  204. }
  205. // Start redirect
  206. if ($newurl)
  207. {
  208. dol_syslog("main.inc: dolibarr_main_force_https is on, we make a redirect to ".$newurl);
  209. header("Location: ".$newurl);
  210. exit;
  211. }
  212. else
  213. {
  214. dol_syslog("main.inc: dolibarr_main_force_https is on but we failed to forge new https url so no redirect is done", LOG_WARNING);
  215. }
  216. }
  217. // Chargement des includes complementaires de presentation
  218. if (! defined('NOREQUIREMENU')) require_once(DOL_DOCUMENT_ROOT ."/core/class/menu.class.php"); // Need 10ko memory (11ko in 2.2)
  219. if (! defined('NOREQUIREHTML')) require_once(DOL_DOCUMENT_ROOT ."/core/class/html.form.class.php"); // Need 660ko memory (800ko in 2.2)
  220. if (! defined('NOREQUIREAJAX') && $conf->use_javascript_ajax) require_once(DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'); // Need 22ko memory
  221. // If install or upgrade process not done or not completely finished, we call the install page.
  222. if (! empty($conf->global->MAIN_NOT_INSTALLED) || ! empty($conf->global->MAIN_NOT_UPGRADED))
  223. {
  224. dol_syslog("main.inc: A previous install or upgrade was not complete. Redirect to install page.", LOG_WARNING);
  225. Header("Location: ".DOL_URL_ROOT."/install/index.php");
  226. exit;
  227. }
  228. // If an upgrade process is required, we call the install page.
  229. if ((! empty($conf->global->MAIN_VERSION_LAST_UPGRADE) && ($conf->global->MAIN_VERSION_LAST_UPGRADE != DOL_VERSION))
  230. || (empty($conf->global->MAIN_VERSION_LAST_UPGRADE) && ! empty($conf->global->MAIN_VERSION_LAST_INSTALL) && ($conf->global->MAIN_VERSION_LAST_INSTALL != DOL_VERSION)))
  231. {
  232. $versiontocompare=empty($conf->global->MAIN_VERSION_LAST_UPGRADE)?$conf->global->MAIN_VERSION_LAST_INSTALL:$conf->global->MAIN_VERSION_LAST_UPGRADE;
  233. require_once(DOL_DOCUMENT_ROOT ."/core/lib/admin.lib.php");
  234. $dolibarrversionlastupgrade=preg_split('/[.-]/',$versiontocompare);
  235. $dolibarrversionprogram=preg_split('/[.-]/',DOL_VERSION);
  236. $rescomp=versioncompare($dolibarrversionprogram,$dolibarrversionlastupgrade);
  237. if ($rescomp > 0) // Programs have a version higher than database. We did not add "&& $rescomp < 3" because we want upgrade process for build upgrades
  238. {
  239. dol_syslog("main.inc: database version ".$versiontocompare." is lower than programs version ".DOL_VERSION.". Redirect to install page.", LOG_WARNING);
  240. Header("Location: ".DOL_URL_ROOT."/install/index.php");
  241. exit;
  242. }
  243. }
  244. // Creation of a token against CSRF vulnerabilities
  245. if (! defined('NOTOKENRENEWAL'))
  246. {
  247. $token = dol_hash(uniqid(mt_rand(),TRUE)); // Genere un hash d'un nombre aleatoire
  248. // roulement des jetons car cree a chaque appel
  249. if (isset($_SESSION['newtoken'])) $_SESSION['token'] = $_SESSION['newtoken'];
  250. $_SESSION['newtoken'] = $token;
  251. }
  252. if (! empty($conf->global->MAIN_SECURITY_CSRF)) // Check validity of token, only if option enabled (this option breaks some features sometimes)
  253. {
  254. if (isset($_POST['token']) && isset($_SESSION['token']))
  255. {
  256. if (($_POST['token'] != $_SESSION['token']))
  257. {
  258. dol_syslog("Invalid token in ".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action').", _POST['token']=".GETPOST('token').", _SESSION['token']=".$_SESSION['token'],LOG_WARNING);
  259. //print 'Unset POST by CSRF protection in main.inc.php.'; // Do not output anything because this create problems when using the BACK button on browsers.
  260. unset($_POST);
  261. }
  262. }
  263. }
  264. // Disable modules (this must be after session_start and after conf has been loaded)
  265. if (GETPOST('disablemodules')) $_SESSION["disablemodules"]=GETPOST('disablemodules');
  266. if (! empty($_SESSION["disablemodules"]))
  267. {
  268. $disabled_modules=explode(',',$_SESSION["disablemodules"]);
  269. foreach($disabled_modules as $module)
  270. {
  271. if ($module) $conf->$module->enabled=false;
  272. }
  273. }
  274. /*
  275. * Phase authentication / login
  276. */
  277. $login='';
  278. if (! defined('NOLOGIN'))
  279. {
  280. // $authmode lists the different means of identification to be tested in order of preference.
  281. // Example: 'http', 'dolibarr', 'ldap', 'http,forceuser'
  282. // Authentication mode
  283. if (empty($dolibarr_main_authentication)) $dolibarr_main_authentication='http,dolibarr';
  284. // Authentication mode: forceuser
  285. if ($dolibarr_main_authentication == 'forceuser' && empty($dolibarr_auto_user)) $dolibarr_auto_user='auto';
  286. // Set authmode
  287. $authmode=explode(',',$dolibarr_main_authentication);
  288. // No authentication mode
  289. if (! count($authmode))
  290. {
  291. $langs->load('main');
  292. dol_print_error('',$langs->trans("ErrorConfigParameterNotDefined",'dolibarr_main_authentication'));
  293. exit;
  294. }
  295. // If requested by the login has already occurred, it is retrieved from the session
  296. // Call module if not realized that his request.
  297. // At the end of this phase, the variable $login is defined.
  298. $resultFetchUser='';
  299. $test=true;
  300. if (! isset($_SESSION["dol_login"]))
  301. {
  302. // It is not already authenticated and it requests the login / password
  303. include_once(DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php');
  304. // If in demo mode, we check we go to home page through the public/demo/index.php page
  305. if (! empty($dolibarr_main_demo) && $_SERVER['PHP_SELF'] == DOL_URL_ROOT.'/index.php') // We ask index page
  306. {
  307. if (! preg_match('/public/',$_SERVER['HTTP_REFERER']))
  308. {
  309. dol_syslog("Call index page from another url than demo page");
  310. header("Location: ".DOL_URL_ROOT.'/public/demo/index.php');
  311. exit;
  312. }
  313. }
  314. // Verification security graphic code
  315. if (GETPOST("username","alpha",2) && ! empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA))
  316. {
  317. $sessionkey = 'dol_antispam_value';
  318. $ok=(array_key_exists($sessionkey, $_SESSION) === TRUE && (strtolower($_SESSION[$sessionkey]) == strtolower($_POST['code'])));
  319. // Verifie code
  320. if (! $ok)
  321. {
  322. dol_syslog('Bad value for code, connexion refused');
  323. $langs->load('main');
  324. $langs->load('errors');
  325. $user->trigger_mesg='ErrorBadValueForCode - login='.GETPOST("username","alpha",2);
  326. $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadValueForCode");
  327. $test=false;
  328. // Appel des triggers
  329. include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
  330. $interface=new Interfaces($db);
  331. $result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,GETPOST('entity','int'));
  332. if ($result < 0) {
  333. $error++;
  334. }
  335. // Fin appel triggers
  336. }
  337. }
  338. $usertotest = (! empty($_COOKIE['login_dolibarr']) ? $_COOKIE['login_dolibarr'] : GETPOST("username","alpha",2));
  339. $passwordtotest = (! empty($_COOKIE['password_dolibarr']) ? $_COOKIE['password_dolibarr'] : GETPOST('password'));
  340. $entitytotest = (GETPOST('entity','int') ? GETPOST('entity','int') : 1);
  341. // Validation of login/pass/entity
  342. // If ok, the variable login will be returned
  343. // If error, we will put error message in session under the name dol_loginmesg
  344. $goontestloop=false;
  345. if (isset($_SERVER["REMOTE_USER"]) && in_array('http',$authmode)) $goontestloop=true;
  346. if (GETPOST("username","alpha",2) || ! empty($_COOKIE['login_dolibarr']) || GETPOST('openid_mode','alpha',1)) $goontestloop=true;
  347. if ($test && $goontestloop)
  348. {
  349. $login = checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmode);
  350. if ($login)
  351. {
  352. $dol_authmode=$conf->authmode; // This properties is defined only when logged to say what mode was successfully used
  353. $dol_tz=$_POST["tz"];
  354. $dol_tz_string=$_POST["tz_string"];
  355. $dol_dst=0;
  356. if (isset($_POST["dst_first"]) && isset($_POST["dst_second"]))
  357. {
  358. include_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php");
  359. $datenow=dol_now();
  360. $datefirst=dol_stringtotime($_POST["dst_first"]);
  361. $datesecond=dol_stringtotime($_POST["dst_second"]);
  362. if ($datenow >= $datefirst && $datenow < $datesecond) $dol_dst=1;
  363. }
  364. //print $datefirst.'-'.$datesecond.'-'.$datenow; exit;
  365. $dol_dst_observed=$_POST["dst_observed"];
  366. $dol_dst_first=$_POST["dst_first"];
  367. $dol_dst_second=$_POST["dst_second"];
  368. $dol_screenwidth=$_POST["screenwidth"];
  369. $dol_screenheight=$_POST["screenheight"];
  370. }
  371. if (! $login)
  372. {
  373. dol_syslog('Bad password, connexion refused',LOG_DEBUG);
  374. $langs->load('main');
  375. $langs->load('errors');
  376. // Bad password. No authmode has found a good password.
  377. $user->trigger_mesg=$langs->trans("ErrorBadLoginPassword").' - login='.GETPOST("username","alpha",2);
  378. $_SESSION["dol_loginmesg"]=$langs->trans("ErrorBadLoginPassword");
  379. // Appel des triggers
  380. include_once(DOL_DOCUMENT_ROOT."/core/class/interfaces.class.php");
  381. $interface=new Interfaces($db);
  382. $result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,GETPOST("username","alpha",2));
  383. if ($result < 0) {
  384. $error++;
  385. }
  386. // Fin appel triggers
  387. }
  388. }
  389. // End test login / passwords
  390. if (! $login)
  391. {
  392. // We show login page
  393. if (! is_object($langs)) // This can occurs when calling page with NOREQUIRETRAN defined
  394. {
  395. include_once(DOL_DOCUMENT_ROOT."/core/class/translate.class.php");
  396. $langs=new Translate("",$conf);
  397. }
  398. dol_loginfunction($langs,$conf,$mysoc);
  399. exit;
  400. }
  401. $resultFetchUser=$user->fetch('',$login);
  402. if ($resultFetchUser <= 0)
  403. {
  404. dol_syslog('User not found, connexion refused');
  405. session_destroy();
  406. session_name($sessionname);
  407. session_start(); // Fixing the bug of register_globals here is useless since session is empty
  408. if ($resultFetchUser == 0)
  409. {
  410. $langs->load('main');
  411. $langs->load('errors');
  412. $user->trigger_mesg='ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
  413. $_SESSION["dol_loginmesg"]=$langs->trans("ErrorCantLoadUserFromDolibarrDatabase",$login);
  414. }
  415. if ($resultFetchUser < 0)
  416. {
  417. $user->trigger_mesg=$user->error;
  418. $_SESSION["dol_loginmesg"]=$user->error;
  419. }
  420. // Call triggers
  421. include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
  422. $interface=new Interfaces($db);
  423. $result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,$_POST["entity"]);
  424. if ($result < 0) {
  425. $error++;
  426. }
  427. // End call triggers
  428. header('Location: '.DOL_URL_ROOT.'/index.php');
  429. exit;
  430. }
  431. }
  432. else
  433. {
  434. // We are already into an authenticated session
  435. $login=$_SESSION["dol_login"];
  436. dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login);
  437. $resultFetchUser=$user->fetch('',$login);
  438. if ($resultFetchUser <= 0)
  439. {
  440. // Account has been removed after login
  441. dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING);
  442. session_destroy();
  443. session_name($sessionname);
  444. session_start(); // Fixing the bug of register_globals here is useless since session is empty
  445. if ($resultFetchUser == 0)
  446. {
  447. $langs->load('main');
  448. $langs->load('errors');
  449. $user->trigger_mesg='ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
  450. $_SESSION["dol_loginmesg"]=$langs->trans("ErrorCantLoadUserFromDolibarrDatabase",$login);
  451. }
  452. if ($resultFetchUser < 0)
  453. {
  454. $user->trigger_mesg=$user->error;
  455. $_SESSION["dol_loginmesg"]=$user->error;
  456. }
  457. // Call triggers
  458. include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
  459. $interface=new Interfaces($db);
  460. $result=$interface->run_triggers('USER_LOGIN_FAILED',$user,$user,$langs,$conf,(isset($_POST["entity"])?$_POST["entity"]:0));
  461. if ($result < 0) {
  462. $error++;
  463. }
  464. // End call triggers
  465. header('Location: '.DOL_URL_ROOT.'/index.php');
  466. exit;
  467. }
  468. else
  469. {
  470. if (! empty($conf->global->MAIN_ACTIVATE_UPDATESESSIONTRIGGER)) // We do not execute such trigger at each page load by default
  471. {
  472. // Call triggers
  473. include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
  474. $interface=new Interfaces($db);
  475. $result=$interface->run_triggers('USER_UPDATE_SESSION',$user,$user,$langs,$conf,$conf->entity);
  476. if ($result < 0) {
  477. $error++;
  478. }
  479. // End call triggers
  480. }
  481. }
  482. }
  483. // Is it a new session that has started ?
  484. // If we are here, this means authentication was successfull.
  485. if (! isset($_SESSION["dol_login"]))
  486. {
  487. $error=0;
  488. // New session for this login
  489. $_SESSION["dol_login"]=$user->login;
  490. $_SESSION["dol_authmode"]=isset($dol_authmode)?$dol_authmode:'';
  491. $_SESSION["dol_tz"]=isset($dol_tz)?$dol_tz:'';
  492. $_SESSION["dol_tz_string"]=isset($dol_tz_string)?$dol_tz_string:'';
  493. $_SESSION["dol_dst"]=isset($dol_dst)?$dol_dst:'';
  494. $_SESSION["dol_dst_observed"]=isset($dol_dst_observed)?$dol_dst_observed:'';
  495. $_SESSION["dol_dst_first"]=isset($dol_dst_first)?$dol_dst_first:'';
  496. $_SESSION["dol_dst_second"]=isset($dol_dst_second)?$dol_dst_second:'';
  497. $_SESSION["dol_screenwidth"]=isset($dol_screenwidth)?$dol_screenwidth:'';
  498. $_SESSION["dol_screenheight"]=isset($dol_screenheight)?$dol_screenheight:'';
  499. $_SESSION["dol_company"]=$conf->global->MAIN_INFO_SOCIETE_NOM;
  500. $_SESSION["dol_entity"]=$conf->entity;
  501. dol_syslog("This is a new started user session. _SESSION['dol_login']=".$_SESSION["dol_login"].' Session id='.session_id());
  502. $db->begin();
  503. $user->update_last_login_date();
  504. // Call triggers
  505. include_once(DOL_DOCUMENT_ROOT . "/core/class/interfaces.class.php");
  506. $interface=new Interfaces($db);
  507. $result=$interface->run_triggers('USER_LOGIN',$user,$user,$langs,$conf,GETPOST('entity','int'));
  508. if ($result < 0) {
  509. $error++;
  510. }
  511. // End call triggers
  512. if ($error)
  513. {
  514. $db->rollback();
  515. session_destroy();
  516. dol_print_error($db,'Error in some triggers on action USER_LOGIN',LOG_ERR);
  517. exit;
  518. }
  519. else
  520. {
  521. $db->commit();
  522. }
  523. // Create entity cookie, just used for login page
  524. if (! empty($conf->multicompany->enabled) && ! empty($conf->global->MULTICOMPANY_COOKIE_ENABLED) && isset($_POST["entity"]))
  525. {
  526. include_once(DOL_DOCUMENT_ROOT."/core/class/cookie.class.php");
  527. $entity = $_SESSION["dol_login"].'|'.$_POST["entity"];
  528. $prefix=dol_getprefix();
  529. $entityCookieName = 'DOLENTITYID_'.$prefix;
  530. // TTL : is defined in the config page multicompany
  531. $ttl = (! empty($conf->global->MULTICOMPANY_COOKIE_TTL) ? dol_now()+$conf->global->MULTICOMPANY_COOKIE_TTL : dol_now()+60*60*8 );
  532. // Cryptkey : will be created randomly in the config page multicompany
  533. $cryptkey = (! empty($conf->file->cookie_cryptkey) ? $conf->file->cookie_cryptkey : '' );
  534. $entityCookie = new DolCookie($cryptkey);
  535. $entityCookie->_setCookie($entityCookieName, $entity, $ttl);
  536. }
  537. // Hooks on successfull login
  538. $action='';
  539. include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');
  540. $hookmanager=new HookManager($db);
  541. $hookmanager->initHooks(array('login'));
  542. $parameters=array('dol_authmode'=>$dol_authmode);
  543. $reshook=$hookmanager->executeHooks('afterLogin',$parameters,$user,$action); // Note that $action and $object may have been modified by some hooks
  544. if ($reshook < 0) $error++;
  545. }
  546. // If user admin, we force the rights-based modules
  547. if ($user->admin)
  548. {
  549. $user->rights->user->user->lire=1;
  550. $user->rights->user->user->creer=1;
  551. $user->rights->user->user->password=1;
  552. $user->rights->user->user->supprimer=1;
  553. $user->rights->user->self->creer=1;
  554. $user->rights->user->self->password=1;
  555. }
  556. /*
  557. * Overwrite configs global by personal configs
  558. */
  559. // Set liste_limit
  560. if (isset($user->conf->MAIN_SIZE_LISTE_LIMIT)) // Can be 0
  561. {
  562. $conf->liste_limit = $user->conf->MAIN_SIZE_LISTE_LIMIT;
  563. }
  564. if (isset($user->conf->PRODUIT_LIMIT_SIZE)) // Can be 0
  565. {
  566. $conf->product->limit_size = $user->conf->PRODUIT_LIMIT_SIZE;
  567. }
  568. // Replace conf->css by personalized value
  569. if (isset($user->conf->MAIN_THEME) && $user->conf->MAIN_THEME)
  570. {
  571. $conf->theme=$user->conf->MAIN_THEME;
  572. $conf->css = "/theme/".$conf->theme."/style.css.php";
  573. }
  574. // If theme support option like flip-hide left menu and we use a smartphone, we force it
  575. if (! empty($conf->global->MAIN_SMARTPHONE_OPTIM) && $conf->browser->phone && $conf->theme == 'eldy') $conf->global->MAIN_MENU_USE_JQUERY_LAYOUT='forced';
  576. // Set javascript option
  577. if (! GETPOST('nojs')) // If javascript was not disabled on URL
  578. {
  579. if (! empty($user->conf->MAIN_DISABLE_JAVASCRIPT))
  580. {
  581. $conf->use_javascript_ajax=! $user->conf->MAIN_DISABLE_JAVASCRIPT;
  582. }
  583. }
  584. else $conf->use_javascript_ajax=0;
  585. }
  586. if (! defined('NOREQUIRETRAN'))
  587. {
  588. if (! GETPOST('lang')) // If language was not forced on URL
  589. {
  590. // If user has chosen its own language
  591. if (! empty($user->conf->MAIN_LANG_DEFAULT))
  592. {
  593. // If different than current language
  594. //print ">>>".$langs->getDefaultLang()."-".$user->conf->MAIN_LANG_DEFAULT;
  595. if ($langs->getDefaultLang() != $user->conf->MAIN_LANG_DEFAULT)
  596. {
  597. $langs->setDefaultLang($user->conf->MAIN_LANG_DEFAULT);
  598. }
  599. }
  600. }
  601. else // If language was forced on URL
  602. {
  603. $langs->setDefaultLang(GETPOST('lang','alpha',1));
  604. }
  605. }
  606. // Use php template engine
  607. if (! empty($conf->global->MAIN_USE_TEMPLATE_ENGINE) && ! defined('NOTEMPLATEENGINE'))
  608. {
  609. require_once(DOL_DOCUMENT_ROOT.'/includes/savant/Savant3.php');
  610. $tpl = new Savant3();
  611. }
  612. // Case forcing style from url
  613. if (GETPOST('theme'))
  614. {
  615. $conf->theme=GETPOST('theme','alpha',1);
  616. $conf->css = "/theme/".$conf->theme."/style.css.php";
  617. }
  618. if (! defined('NOLOGIN'))
  619. {
  620. // If the login is not recovered, it is identified with an account that does not exist.
  621. // Hacking attempt?
  622. if (! $user->login) accessforbidden();
  623. // Check if user is active
  624. if ($user->statut < 1)
  625. {
  626. // If not active, we refuse the user
  627. $langs->load("other");
  628. dol_syslog("Authentification ko as login is disabled");
  629. accessforbidden($langs->trans("ErrorLoginDisabled"));
  630. exit;
  631. }
  632. // Load permissions
  633. $user->getrights();
  634. }
  635. dol_syslog("--- Access to ".$_SERVER["PHP_SELF"]);
  636. //Another call for easy debugg
  637. //dol_syslog("Access to ".$_SERVER["PHP_SELF"].' GET='.join(',',array_keys($_GET)).'->'.join(',',$_GET).' POST:'.join(',',array_keys($_POST)).'->'.join(',',$_POST));
  638. // Load main languages files
  639. if (! defined('NOREQUIRETRAN'))
  640. {
  641. $langs->load("main");
  642. $langs->load("dict");
  643. }
  644. // Define some constants used for style of arrays
  645. $bc=array(0=>'class="impair"',1=>'class="pair"');
  646. $bcdd=array(0=>'class="impair drag drop"',1=>'class="pair drag drop"');
  647. $bcnd=array(0=>'class="impair nodrag nodrop"',1=>'class="pair nodrag nodrop"');
  648. // Define messages variables
  649. $mesg=''; $warning=''; $error=0;
  650. // deprecated, see setEventMessage() and dol_htmloutput_events()
  651. $mesgs=array(); $warnings=array(); $errors=array();
  652. // Constants used to defined number of lines in textarea
  653. if (empty($conf->browser->firefox))
  654. {
  655. define('ROWS_1',1);
  656. define('ROWS_2',2);
  657. define('ROWS_3',3);
  658. define('ROWS_4',4);
  659. define('ROWS_5',5);
  660. define('ROWS_6',6);
  661. define('ROWS_7',7);
  662. define('ROWS_8',8);
  663. define('ROWS_9',9);
  664. }
  665. else
  666. {
  667. define('ROWS_1',0);
  668. define('ROWS_2',1);
  669. define('ROWS_3',2);
  670. define('ROWS_4',3);
  671. define('ROWS_5',4);
  672. define('ROWS_6',5);
  673. define('ROWS_7',6);
  674. define('ROWS_8',7);
  675. define('ROWS_9',8);
  676. }
  677. $heightforframes=52;
  678. // Switch to another entity
  679. if (! empty($conf->multicompany->enabled) && GETPOST('action') == 'switchentity')
  680. {
  681. if ($mc->switchEntity(GETPOST('entity','int')) > 0)
  682. {
  683. Header("Location: ".DOL_URL_ROOT.'/');
  684. exit;
  685. }
  686. }
  687. // Functions
  688. if (! function_exists("llxHeader"))
  689. {
  690. /**
  691. * Show HTML header HTML + BODY + Top menu + left menu + DIV
  692. *
  693. * @param string $head Optionnal head lines
  694. * @param string $title HTML title
  695. * @param string $help_url Url links to help page
  696. * Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage
  697. * For other external page: http://server/url
  698. * @param string $target Target to use on links
  699. * @param int $disablejs More content into html header
  700. * @param int $disablehead More content into html header
  701. * @param array $arrayofjs Array of complementary js files
  702. * @param array $arrayofcss Array of complementary css files
  703. * @param string $morequerystring Query string to add to the link "print" to get same parameters (use only if autodetect fails)
  704. * @return void
  705. */
  706. function llxHeader($head = '', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='')
  707. {
  708. top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss); // Show html headers
  709. top_menu($head, $title, $target, $disablejs, $disablehead, $arrayofjs, $arrayofcss, $morequerystring);
  710. if (empty($conf->global->MAIN_HIDE_LEFT_MENU)) {
  711. left_menu('', $help_url, '', '', 1, $title);
  712. }
  713. main_area($title);
  714. }
  715. }
  716. /**
  717. * Show HTTP header
  718. *
  719. * @return void
  720. */
  721. function top_httphead()
  722. {
  723. global $conf;
  724. //header("Content-type: text/html; charset=UTF-8");
  725. header("Content-type: text/html; charset=".$conf->file->character_set_client);
  726. // On the fly GZIP compression for all pages (if browser support it). Must set the bit 3 of constant to 1.
  727. if (isset($conf->global->MAIN_OPTIMIZE_SPEED) && ($conf->global->MAIN_OPTIMIZE_SPEED & 0x04)) {
  728. ob_start("ob_gzhandler");
  729. }
  730. }
  731. /**
  732. * Ouput html header of a page.
  733. * This code is also duplicated into security2.lib.php::dol_loginfunction
  734. *
  735. * @param string $head Optionnal head lines
  736. * @param string $title HTML title
  737. * @param int $disablejs More content into html header
  738. * @param int $disablehead More content into html header
  739. * @param array $arrayofjs Array of complementary js files
  740. * @param array $arrayofcss Array of complementary css files
  741. * @return void
  742. */
  743. function top_htmlhead($head, $title='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='')
  744. {
  745. global $user, $conf, $langs, $db;
  746. top_httphead();
  747. if (empty($conf->css)) $conf->css = '/theme/eldy/style.css.php'; // If not defined, eldy by default
  748. print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
  749. //print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd">';
  750. //print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
  751. //print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
  752. //print '<!DOCTYPE HTML>';
  753. print "\n";
  754. if (! empty($conf->global->MAIN_USE_CACHE_MANIFEST)) print '<html manifest="cache.manifest">'."\n";
  755. else print '<html>'."\n";
  756. //print '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr">'."\n";
  757. if (empty($disablehead))
  758. {
  759. print "<head>\n";
  760. // Displays meta
  761. print '<meta name="robots" content="noindex,nofollow">'."\n"; // Evite indexation par robots
  762. print '<meta name="author" content="Dolibarr Development Team">'."\n";
  763. $favicon=DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/favicon.ico';
  764. print '<link rel="shortcut icon" type="image/x-icon" href="'.$favicon.'"/>'."\n";
  765. // Displays title
  766. $appli='Dolibarr';
  767. if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE;
  768. if ($title) print '<title>'.$appli.' - '.$title.'</title>';
  769. else print "<title>".$appli."</title>";
  770. print "\n";
  771. if (! defined('DISABLE_JQUERY') && ! $disablejs && $conf->use_javascript_ajax)
  772. {
  773. print '<!-- Includes for JQuery (Ajax library) -->'."\n";
  774. $jquerytheme = 'smoothness';
  775. if (!empty($conf->global->MAIN_USE_JQUERY_THEME)) $jquerytheme = $conf->global->MAIN_USE_JQUERY_THEME;
  776. if (constant('JS_JQUERY_UI')) print '<link rel="stylesheet" type="text/css" href="'.JS_JQUERY_UI.'css/'.$jquerytheme.'/jquery-ui.min.css" />'."\n"; // JQuery
  777. else print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/css/'.$jquerytheme.'/jquery-ui-latest.custom.css" />'."\n"; // JQuery
  778. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/tiptip/tipTip.css" />'."\n"; // Tooltip
  779. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/jnotify/jquery.jnotify-alt.min.css" />'."\n"; // JNotify
  780. //print '<link rel="stylesheet" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/lightbox/css/jquery.lightbox-0.5.css" media="screen" />'."\n"; // Lightbox
  781. if (! empty($conf->global->MAIN_USE_JQUERY_FILEUPLOAD)) // jQuery fileupload
  782. {
  783. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/css/jquery.fileupload-ui.css" />'."\n";
  784. }
  785. if (! empty($conf->global->MAIN_USE_JQUERY_DATATABLES)) // jQuery datatables
  786. {
  787. //print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/css/jquery.dataTables.css" />'."\n";
  788. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/css/jquery.dataTables_jui.css" />'."\n";
  789. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/ColReorder/css/ColReorder.css" />'."\n";
  790. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/ColVis/css/ColVis.css" />'."\n";
  791. //print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/ColVis/css/ColVisAlt.css" />'."\n";
  792. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/TableTools/css/TableTools.css" />'."\n";
  793. }
  794. if (! empty($conf->global->MAIN_USE_JQUERY_MULTISELECT)) // jQuery multiselect
  795. {
  796. print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.'/includes/jquery/plugins/multiselect/css/ui.multiselect.css" />'."\n";
  797. }
  798. }
  799. print '<!-- Includes for Dolibarr, modules or specific pages-->'."\n";
  800. // Output style sheets (optioncss='print' or '')
  801. $themepath=dol_buildpath((empty($conf->global->MAIN_FORCETHEMEDIR)?'':$conf->global->MAIN_FORCETHEMEDIR).$conf->css,1);
  802. $themeparam='?lang='.$langs->defaultlang.'&amp;theme='.$conf->theme.(GETPOST('optioncss')?'&amp;optioncss='.GETPOST('optioncss','alpha',1):'');
  803. if (! empty($_SESSION['dol_resetcache'])) $themeparam.='&amp;dol_resetcache='.$_SESSION['dol_resetcache'];
  804. //print 'themepath='.$themepath.' themeparam='.$themeparam;exit;
  805. print '<link rel="stylesheet" type="text/css" title="default" href="'.$themepath.$themeparam.'">'."\n";
  806. // CSS forced by modules (relative url starting with /)
  807. if (isset($conf->modules_parts['css']))
  808. {
  809. $dircss=(array) $conf->modules_parts['css'];
  810. foreach($dircss as $key => $cssfile)
  811. {
  812. // cssfile is a relative path
  813. print '<link rel="stylesheet" type="text/css" title="default" href="'.dol_buildpath($cssfile,1);
  814. // We add params only if page is not static, because some web server setup does not return content type text/css if url has parameters, so browser cache is not used.
  815. if (!preg_match('/\.css$/i',$cssfile)) print $themeparam;
  816. print '"><!-- Added by module '.$key. '-->'."\n";
  817. }
  818. }
  819. // CSS forced by page in top_htmlhead call (relative url starting with /)
  820. if (is_array($arrayofcss))
  821. {
  822. foreach($arrayofcss as $cssfile)
  823. {
  824. print '<link rel="stylesheet" type="text/css" title="default" href="'.dol_buildpath($cssfile,1);
  825. // We add params only if page is not static, because some web server setup does not return content type text/css if url has parameters and browser cache is not used.
  826. if (!preg_match('/\.css$/i',$cssfile)) print $themeparam;
  827. print '"><!-- Added by page -->'."\n";
  828. }
  829. }
  830. if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) print '<link rel="top" title="'.$langs->trans("Home").'" href="'.(DOL_URL_ROOT?DOL_URL_ROOT:'/').'">'."\n";
  831. if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) print '<link rel="copyright" title="GNU General Public License" href="http://www.gnu.org/copyleft/gpl.html#SEC1">'."\n";
  832. if (empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) print '<link rel="author" title="Dolibarr Development Team" href="http://www.dolibarr.org">'."\n";
  833. // Output standard javascript links
  834. if (! $disablejs && $conf->use_javascript_ajax)
  835. {
  836. $ext='.js';
  837. if (isset($conf->global->MAIN_OPTIMIZE_SPEED) && ($conf->global->MAIN_OPTIMIZE_SPEED & 0x01)) {
  838. $ext='.jgz';
  839. } // mini='_mini', ext='.gz'
  840. // JQuery. Must be before other includes
  841. print '<!-- Includes JS for JQuery -->'."\n";
  842. if (constant('JS_JQUERY')) print '<script type="text/javascript" src="'.JS_JQUERY.'jquery.min.js"></script>'."\n";
  843. else print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/js/jquery-latest.min'.$ext.'"></script>'."\n";
  844. if (constant('JS_JQUERY_UI')) print '<script type="text/javascript" src="'.JS_JQUERY_UI.'jquery-ui.min.js"></script>'."\n";
  845. else print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/js/jquery-ui-latest.custom.min'.$ext.'"></script>'."\n";
  846. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/tablednd/jquery.tablednd_0_5'.$ext.'"></script>'."\n";
  847. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/tiptip/jquery.tipTip.min'.$ext.'"></script>'."\n";
  848. //print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/lightbox/js/jquery.lightbox-0.5.min'.$ext.'"></script>'."\n";
  849. // jQuery Layout
  850. if (! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT) || defined('REQUIRE_JQUERY_LAYOUT'))
  851. {
  852. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/layout/jquery.layout-latest'.$ext.'"></script>'."\n";
  853. }
  854. // jQuery jnotify
  855. if (empty($conf->global->MAIN_DISABLE_JQUERY_JNOTIFY))
  856. {
  857. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/jnotify/jquery.jnotify.min.js"></script>'."\n";
  858. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/core/js/jnotify.js"></script>'."\n";
  859. }
  860. // Flot
  861. if (empty($conf->global->MAIN_DISABLE_JQUERY_FLOT))
  862. {
  863. if (constant('JS_JQUERY_FLOT'))
  864. {
  865. print '<!--[if lte IE 8]><script language="javascript" type="text/javascript" src="/javascript/excanvas/excanvas.min.js"></script><![endif]-->'."\n";
  866. print '<script type="text/javascript" src="'.JS_JQUERY_FLOT.'jquery.flot.js"></script>'."\n";
  867. print '<script type="text/javascript" src="'.JS_JQUERY_FLOT.'jquery.flot.pie.js"></script>'."\n";
  868. print '<script type="text/javascript" src="'.JS_JQUERY_FLOT.'jquery.flot.stack.js"></script>'."\n";
  869. }
  870. else
  871. {
  872. print '<!--[if lte IE 8]><script language="javascript" type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/flot/excanvas.min.js"></script><![endif]-->'."\n";
  873. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/flot/jquery.flot.min.js"></script>'."\n";
  874. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/flot/jquery.flot.pie.min.js"></script>'."\n";
  875. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/flot/jquery.flot.stack.min.js"></script>'."\n";
  876. }
  877. }
  878. // jQuery jeditable
  879. if (! empty($conf->global->MAIN_USE_JQUERY_JEDITABLE))
  880. {
  881. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/jeditable/jquery.jeditable.min'.$ext.'"></script>'."\n";
  882. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/jeditable/jquery.jeditable.ui-datepicker.js"></script>'."\n";
  883. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/jeditable/jquery.jeditable.ui-autocomplete.js"></script>'."\n";
  884. print '<script type="text/javascript">'."\n";
  885. print 'var urlSaveInPlace = \''.DOL_URL_ROOT.'/core/ajax/saveinplace.php\';'."\n";
  886. print 'var urlLoadInPlace = \''.DOL_URL_ROOT.'/core/ajax/loadinplace.php\';'."\n";
  887. print 'var tooltipInPlace = \''.$langs->transnoentities('ClickToEdit').'\';'."\n";
  888. print 'var placeholderInPlace = \''.$langs->trans('ClickToEdit').'\';'."\n";
  889. print 'var cancelInPlace = \''.$langs->trans('Cancel').'\';'."\n";
  890. print 'var submitInPlace = \''.$langs->trans('Ok').'\';'."\n";
  891. print 'var indicatorInPlace = \'<img src="'.DOL_URL_ROOT."/theme/".$conf->theme."/img/working.gif".'">\';'."\n";
  892. print '</script>'."\n";
  893. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/core/js/editinplace.js"></script>'."\n";
  894. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/jeditable/jquery.jeditable.ckeditor.js"></script>'."\n";
  895. }
  896. // jQuery File Upload
  897. if (! empty($conf->global->MAIN_USE_JQUERY_FILEUPLOAD))
  898. {
  899. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/template/tmpl.min.js"></script>'."\n";
  900. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/js/jquery.iframe-transport.js"></script>'."\n";
  901. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/js/jquery.fileupload.js"></script>'."\n";
  902. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/js/jquery.fileupload-fp.js"></script>'."\n";
  903. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/js/jquery.fileupload-ui.js"></script>'."\n";
  904. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/js/jquery.fileupload-jui.js"></script>'."\n";
  905. print '<!-- The XDomainRequest Transport is included for cross-domain file deletion for IE8+ -->'."\n";
  906. '<!--[if gte IE 8]><script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/fileupload/js/cors/jquery.xdr-transport.js"></script><![endif]-->'."\n";
  907. }
  908. // jQuery DataTables
  909. if (! empty($conf->global->MAIN_USE_JQUERY_DATATABLES))
  910. {
  911. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/js/jquery.dataTables.min'.$ext.'"></script>'."\n";
  912. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/ColReorder/js/ColReorder.min'.$ext.'"></script>'."\n";
  913. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/ColVis/js/ColVis.min'.$ext.'"></script>'."\n";
  914. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/datatables/extras/TableTools/js/TableTools.min'.$ext.'"></script>'."\n";
  915. }
  916. // jQuery Multiselect
  917. if (! empty($conf->global->MAIN_USE_JQUERY_MULTISELECT))
  918. {
  919. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/includes/jquery/plugins/multiselect/js/ui.multiselect.js"></script>'."\n";
  920. }
  921. // CKEditor
  922. if (! empty($conf->fckeditor->enabled) && (empty($conf->global->FCKEDITOR_EDITORNAME) || $conf->global->FCKEDITOR_EDITORNAME == 'ckeditor'))
  923. {
  924. print '<!-- Includes JS for CKEditor -->'."\n";
  925. $pathckeditor=DOL_URL_ROOT.'/includes/ckeditor/';
  926. if (constant('JS_CKEDITOR')) $pathckeditor=JS_CKEDITOR; // To use external ckeditor js lib
  927. print '<script type="text/javascript">';
  928. print 'var CKEDITOR_BASEPATH = \''.$pathckeditor.'\';'."\n";
  929. print 'var ckeditorConfig = \''.dol_buildpath('/theme/'.$conf->theme.'/ckeditor/config.js',1).'\';'."\n";
  930. print 'var ckeditorFilebrowserBrowseUrl = \''.DOL_URL_ROOT.'/core/filemanagerdol/browser/default/browser.php?Connector='.DOL_URL_ROOT.'/core/filemanagerdol/connectors/php/connector.php\';'."\n";
  931. print 'var ckeditorFilebrowserImageBrowseUrl = \''.DOL_URL_ROOT.'/core/filemanagerdol/browser/default/browser.php?Type=Image&Connector='.DOL_URL_ROOT.'/core/filemanagerdol/connectors/php/connector.php\';'."\n";
  932. print '</script>'."\n";
  933. print '<script type="text/javascript" src="'.$pathckeditor.'ckeditor_basic.js"></script>'."\n";
  934. }
  935. // Global js function
  936. print '<!-- Includes JS of Dolibarr -->'."\n";
  937. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/core/js/lib_head.js"></script>'."\n";
  938. // Add datepicker default options
  939. print '<script type="text/javascript" src="'.DOL_URL_ROOT.'/core/js/datepicker.js.php?lang='.$langs->defaultlang.'"></script>'."\n";
  940. // JS forced by modules (relative url starting with /)
  941. $dirjs=(array) $conf->modules_parts['js'];
  942. foreach($dirjs as $key => $jsfile)
  943. {
  944. // jsfile is a relative path
  945. print '<script type="text/javascript" src="'.dol_buildpath($jsfile,1).'"></script><!-- Added by module '.$key. '-->'."\n";
  946. }
  947. // JS forced by page in top_htmlhead (relative url starting with /)
  948. if (is_array($arrayofjs))
  949. {
  950. print '<!-- Includes JS specific to page -->'."\n";
  951. foreach($arrayofjs as $jsfile)
  952. {
  953. if (preg_match('/^http/i',$jsfile))
  954. {
  955. print '<script type="text/javascript" src="'.$jsfile.'"></script>'."\n";
  956. }
  957. else
  958. {
  959. if (! preg_match('/^\//',$jsfile)) $jsfile='/'.$jsfile; // For backward compatibility
  960. print '<script type="text/javascript" src="'.dol_buildpath($jsfile,1).'"></script>'."\n";
  961. }
  962. }
  963. }
  964. }
  965. if (! empty($head)) print $head."\n";
  966. if (! empty($conf->global->MAIN_HTML_HEADER)) print $conf->global->MAIN_HTML_HEADER."\n";
  967. print "</head>\n\n";
  968. }
  969. $conf->headerdone=1; // To tell header was output
  970. }
  971. /**
  972. * Show an HTML header + a BODY + The top menu bar
  973. *
  974. * @param string $head Lines in the HEAD
  975. * @param string $title Title of web page
  976. * @param string $target Target to use in menu links
  977. * @param int $disablejs Do not output links to js (Ex: qd fonction utilisee par sous formulaire Ajax)
  978. * @param int $disablehead Do not output head section
  979. * @param array $arrayofjs Array of js files to add in header
  980. * @param array $arrayofcss Array of css files to add in header
  981. * @param string $morequerystring Query string to add to the link "print" to get same parameters (use only if autodetect fails)
  982. * @return void
  983. */
  984. function top_menu($head, $title='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='')
  985. {
  986. global $user, $conf, $langs, $db;
  987. global $dolibarr_main_authentication;
  988. global $hookmanager;
  989. // Instantiate hooks of thirdparty module only if not already define
  990. if (! is_object($hookmanager))
  991. {
  992. include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');
  993. $hookmanager=new HookManager($db);
  994. }
  995. $hookmanager->initHooks(array('toprightmenu'));
  996. $toprightmenu='';
  997. if (! $conf->top_menu) $conf->top_menu ='eldy_backoffice.php';
  998. // For backward compatibility with old modules
  999. if (empty($conf->headerdone)) top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss);
  1000. print '<body id="mainbody">';
  1001. if ($conf->use_javascript_ajax)
  1002. {
  1003. if (! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT))
  1004. {
  1005. print '<script type="text/javascript">
  1006. jQuery(document).ready(function () {
  1007. jQuery("body").layout(layoutSettings);
  1008. });
  1009. var layoutSettings = {
  1010. name: "mainlayout",
  1011. defaults: {
  1012. useStateCookie: true,
  1013. size: "auto",
  1014. resizable: false,
  1015. //paneClass: "none",
  1016. //resizerClass: "resizer",
  1017. //togglerClass: "toggler",
  1018. //buttonClass: "button",
  1019. //contentSelector: ".content",
  1020. //contentIgnoreSelector: "span",
  1021. togglerTip_open: "Close This Pane",
  1022. togglerTip_closed: "Open This Pane",
  1023. resizerTip: "Resize This Pane",
  1024. fxSpeed: "fast"
  1025. },
  1026. west: {
  1027. paneClass: "leftContent",
  1028. //spacing_closed: 14,
  1029. //togglerLength_closed: 14,
  1030. //togglerAlign_closed: "auto",
  1031. //togglerLength_open: 0,
  1032. // effect defaults - overridden on some panes
  1033. //slideTrigger_open: "mouseover",
  1034. initClosed: '.(empty($conf->browser->phone)?'false':'true').',
  1035. fxName: "drop",
  1036. fxSpeed: "fast",
  1037. fxSettings: { easing: "" }
  1038. },
  1039. north: {
  1040. paneClass: "none",
  1041. resizerClass: "none",
  1042. togglerClass: "none",
  1043. spacing_open: 0,
  1044. togglerLength_open: 0,
  1045. togglerLength_closed: -1,
  1046. slidable: false,
  1047. fxName: "none",
  1048. fxSpeed: "fast"
  1049. },
  1050. center: {
  1051. paneSelector: "#mainContent"
  1052. }
  1053. }
  1054. </script>';
  1055. }
  1056. if (! empty($conf->global->MAIN_MENU_USE_JQUERY_ACCORDION))
  1057. {
  1058. print "\n".'<script type="text/javascript">
  1059. jQuery(document).ready(function () {
  1060. jQuery( ".vmenu" ).accordion({
  1061. autoHeight: false,
  1062. event: "mouseover",
  1063. //collapsible: true,
  1064. //active: 2,
  1065. header: "> .blockvmenupair > .menu_titre"
  1066. });
  1067. });
  1068. </script>';
  1069. }
  1070. // Wrapper to show tooltips
  1071. print "\n".'<script type="text/javascript">
  1072. jQuery(document).ready(function () {
  1073. jQuery(function() {
  1074. jQuery(".classfortooltip").tipTip({maxWidth: "'.dol_size(600,'width').'px", edgeOffset: 10, delay: 50, fadeIn: 50, fadeOut: 50});
  1075. });
  1076. });
  1077. </script>';
  1078. }
  1079. /*
  1080. * Top menu
  1081. */
  1082. $top_menu=empty($conf->browser->phone)?$conf->top_menu:$conf->smart_menu;
  1083. if (GETPOST('menu')) $top_menu=GETPOST('menu'); // menu=eldy_backoffice.php
  1084. // Load the top menu manager (only if not already done)
  1085. if (! class_exists('MenuTop'))
  1086. {
  1087. $menufound=0;
  1088. $dirmenus=array_merge(array("/core/menus/"),(array) $conf->modules_parts['menus']);
  1089. foreach($dirmenus as $dirmenu)
  1090. {
  1091. $menufound=dol_include_once($dirmenu."standard/".$top_menu);
  1092. if ($menufound) break;
  1093. }
  1094. if (! $menufound) // If failed to include, we try with standard
  1095. {
  1096. $top_menu='eldy_backoffice.php';
  1097. include_once(DOL_DOCUMENT_ROOT."/core/menus/standard/".$top_menu);
  1098. }
  1099. }
  1100. print "\n".'<!-- Start top horizontal menu '.$top_menu.' -->'."\n";
  1101. if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT)) print '<div class="ui-layout-north"> <!-- Begin top layout -->'."\n";
  1102. print '<div id="tmenu_tooltip" class="tmenu">'."\n";
  1103. // Show menu
  1104. $menutop = new MenuTop($db);
  1105. $menutop->atarget=$target;
  1106. $menutop->showmenu(); // This contains a \n
  1107. print "</div>\n";
  1108. // Link to login card
  1109. $loginhtmltext=''; $logintext='';
  1110. if ($user->societe_id)
  1111. {
  1112. $thirdpartystatic=new Societe($db);
  1113. $thirdpartystatic->fetch($user->societe_id);
  1114. $companylink=' ('.$thirdpartystatic->getNomUrl('','').')';
  1115. $company=' ('.$langs->trans("Company").': '.$thirdpartystatic->name.')';
  1116. }
  1117. $logintext='<div class="login"><a href="'.DOL_URL_ROOT.'/user/fiche.php?id='.$user->id.'"';
  1118. $logintext.=$menutop->atarget?(' target="'.$menutop->atarget.'"'):'';
  1119. $logintext.='>'.$user->login.'</a>';
  1120. if ($user->societe_id) $logintext.=$companylink;
  1121. $logintext.='</div>';
  1122. $loginhtmltext.='<u>'.$langs->trans("User").'</u>';
  1123. $loginhtmltext.='<br><b>'.$langs->trans("Name").'</b>: '.$user->getFullName($langs);
  1124. $loginhtmltext.='<br><b>'.$langs->trans("Login").'</b>: '.$user->login;
  1125. $loginhtmltext.='<br><b>'.$langs->trans("Administrator").'</b>: '.yn($user->admin);
  1126. $type=($user->societe_id?$langs->trans("External").$company:$langs->trans("Internal"));
  1127. $loginhtmltext.='<br><b>'.$langs->trans("Type").'</b>: '.$type;
  1128. $loginhtmltext.='<br><b>'.$langs->trans("IPAddress").'</b>: '.$_SERVER["REMOTE_ADDR"];
  1129. $loginhtmltext.='<br>';
  1130. $loginhtmltext.='<br><u>'.$langs->trans("Connection").'</u>';
  1131. if (! empty($conf->global->MAIN_MODULE_MULTICOMPANY)) $loginhtmltext.='<br><b>'.$langs->trans("ConnectedOnMultiCompany").'</b>: '.$conf->entity.' (user entity '.$user->entity.')';
  1132. $loginhtmltext.='<br><b>'.$langs->trans("ConnectedSince").'</b>: '.dol_print_date($user->datelastlogin,"dayhour");
  1133. $loginhtmltext.='<br><b>'.$langs->trans("PreviousConnexion").'</b>: '.dol_print_date($user->datepreviouslogin,"dayhour");
  1134. $loginhtmltext.='<br><b>'.$langs->trans("AuthenticationMode").'</b>: '.$_SESSION["dol_authmode"];
  1135. $loginhtmltext.='<br><b>'.$langs->trans("CurrentTheme").'</b>: '.$conf->theme;
  1136. $s=picto_from_langcode($langs->getDefaultLang());
  1137. $loginhtmltext.='<br><b>'.$langs->trans("CurrentUserLanguage").'</b>: '.($s?$s.' ':'').$langs->getDefaultLang();
  1138. $loginhtmltext.='<br><b>'.$langs->trans("Browser").'</b>: '.$conf->browser->name.($conf->browser->version?' '.$conf->browser->version:'').' ('.$_SERVER['HTTP_USER_AGENT'].')';
  1139. if (! empty($conf->browser->phone)) $loginhtmltext.='<br><b>'.$langs->trans("Phone").'</b>: '.$conf->browser->phone;
  1140. if (! empty($_SESSION["disablemodules"])) $loginhtmltext.='<br><b>'.$langs->trans("DisabledModules").'</b>: <br>'.join(', ',explode(',',$_SESSION["disablemodules"]));
  1141. $appli='Dolibarr';
  1142. if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE;
  1143. // Link info
  1144. $logouttext='';
  1145. $logouthtmltext=$appli.' '.DOL_VERSION.'<br>';
  1146. $logouthtmltext.=$langs->trans("Logout").'<br>';
  1147. //$logouthtmltext.="<br>";
  1148. if ($_SESSION["dol_authmode"] != 'forceuser'
  1149. && $_SESSION["dol_authmode"] != 'http')
  1150. {
  1151. $logouttext.='<a href="'.DOL_URL_ROOT.'/user/logout.php"';
  1152. $logouttext.=$menutop->atarget?(' target="'.$menutop->atarget.'"'):'';
  1153. $logouttext.='>';
  1154. $logouttext.='<img class="login" border="0" width="14" height="14" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/logout.png"';
  1155. $logouttext.=' alt="'.dol_escape_htmltag($langs->trans("Logout")).'" title=""';
  1156. $logouttext.='>';
  1157. $logouttext.='</a>';
  1158. }
  1159. else
  1160. {
  1161. $logouttext.='<img class="login" border="0" width="14" height="14" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/logout.png"';
  1162. $logouttext.=' alt="'.dol_escape_htmltag($langs->trans("Logout")).'" title=""';
  1163. $logouttext.='>';
  1164. }
  1165. print '<div class="login_block">'."\n";
  1166. print '<table class="nobordernopadding" summary=""><tr>';
  1167. $form=new Form($db);
  1168. $toprightmenu.=$form->textwithtooltip('',$loginhtmltext,2,1,$logintext,'',1);
  1169. // Execute hook printTopRightMenu (hooks should output string like '<td><div class="login"><a href="">mylink</a></div></td>')
  1170. $parameters=array();
  1171. $toprightmenu.=$hookmanager->executeHooks('printTopRightMenu',$parameters); // Note that $action and $object may have been modified by some hooks
  1172. // Logout link
  1173. $toprightmenu.=$form->textwithtooltip('',$logouthtmltext,2,1,$logouttext,'',1);
  1174. // Link to print main content area
  1175. if (empty($conf->global->MAIN_PRINT_DISABLELINK) && empty($conf->browser->phone))
  1176. {
  1177. $qs=$_SERVER["QUERY_STRING"].($_SERVER["QUERY_STRING"]?'&':'').$morequerystring;
  1178. $text ='<a href="'.$_SERVER["PHP_SELF"].'?'.$qs.($qs?'&':'').'optioncss=print" target="_blank">';
  1179. $text.='<img class="printer" border="0" width="14" height="14" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/printer.png"';
  1180. $text.=' title="" alt="">';
  1181. $text.='</a>';
  1182. $toprightmenu.=$form->textwithtooltip('',$langs->trans("PrintContentArea"),2,1,$text,'',1);
  1183. }
  1184. print $toprightmenu;
  1185. print '</tr></table>'."\n";
  1186. print "</div>\n";
  1187. if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT)) print "</div><!-- End top layout -->\n";
  1188. print "<!-- End top horizontal menu -->\n";
  1189. if (empty($conf->use_javascript_ajax) || empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT)) print '<table width="100%" class="notopnoleftnoright" summary="leftmenutable" id="undertopmenu"><tr>';
  1190. }
  1191. /**
  1192. * Show left menu bar
  1193. *
  1194. * @param array $menu_array_before Table of menu entries to show before entries of menu handler
  1195. * @param string $helppagename Name of wiki page for help ('' by default).
  1196. * Syntax is: For a wiki page: EN:EnglishPage|FR:FrenchPage|ES:SpanishPage
  1197. * For other external page: http://server/url
  1198. * @param string $moresearchform Search Form Permanent Supplemental
  1199. * @param array $menu_array_after Table of menu entries to show after entries of menu handler
  1200. * @param int $leftmenuwithoutmainarea Must be set to 1. 0 by default for backward compatibility with old modules.
  1201. * @param string $title Title of web page
  1202. * @return void
  1203. */
  1204. function left_menu($menu_array_before, $helppagename='', $moresearchform='', $menu_array_after='', $leftmenuwithoutmainarea=0, $title='')
  1205. {
  1206. global $user, $conf, $langs, $db;
  1207. global $hookmanager;
  1208. $searchform='';
  1209. $bookmarks='';
  1210. // Instantiate hooks of thirdparty module
  1211. if (! is_object($hookmanager))
  1212. {
  1213. include_once(DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php');
  1214. $hookmanager=new HookManager($db);
  1215. }
  1216. $hookmanager->initHooks(array('searchform','leftblock'));
  1217. if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT)) print "\n".'<div class="ui-layout-west"> <!-- Begin left layout -->'."\n";
  1218. else print '<td class="vmenu" valign="top">';
  1219. print "\n";
  1220. // Define $searchform
  1221. if (! empty($conf->societe->enabled) && ! empty($conf->global->MAIN_SEARCHFORM_SOCIETE) && $user->rights->societe->lire)
  1222. {
  1223. $langs->load("companies");
  1224. $searchform.=printSearchForm(DOL_URL_ROOT.'/societe/societe.php', DOL_URL_ROOT.'/societe/societe.php', img_object('','company').' '.$langs->trans("ThirdParties"), 'soc', 'socname');
  1225. }
  1226. if (! empty($conf->societe->enabled) && ! empty($conf->global->MAIN_SEARCHFORM_CONTACT) && $user->rights->societe->lire)
  1227. {
  1228. $langs->load("companies");
  1229. $searchform.=printSearchForm(DOL_URL_ROOT.'/contact/list.php', DOL_URL_ROOT.'/contact/list.php', img_object('','contact').' '.$langs->trans("Contacts"), 'contact', 'contactname');
  1230. }
  1231. if (((! empty($conf->product->enabled) && $user->rights->produit->lire) || (! empty($conf->service->enabled) && $user->rights->service->lire))
  1232. && ! empty($conf->global->MAIN_SEARCHFORM_PRODUITSERVICE))
  1233. {
  1234. $langs->load("products");
  1235. $searchform.=printSearchForm(DOL_URL_ROOT.'/product/liste.php', DOL_URL_ROOT.'/product/liste.php', img_object('','product').' '.$langs->trans("Products")."/".$langs->trans("Services"), 'products', 'sall');
  1236. }
  1237. if (! empty($conf->adherent->enabled) && ! empty($conf->global->MAIN_SEARCHFORM_ADHERENT) && $user->rights->adherent->lire)
  1238. {
  1239. $langs->load("members");
  1240. $searchform.=printSearchForm(DOL_URL_ROOT.'/adherents/liste.php', DOL_URL_ROOT.'/adherents/liste.php', img_object('','user').' '.$langs->trans("Members"), 'member', 'sall');
  1241. }
  1242. // Execute hook printSearchForm
  1243. $parameters=array();
  1244. $searchform.=$hookmanager->executeHooks('printSearchForm',$parameters); // Note that $action and $object may have been modified by some hooks
  1245. // Define $bookmarks
  1246. if ($conf->bookmark->enabled && $user->rights->bookmark->lire)
  1247. {
  1248. include_once (DOL_DOCUMENT_ROOT.'/bookmarks/bookmarks.lib.php');
  1249. $langs->load("bookmarks");
  1250. $bookmarks=printBookmarksList($db, $langs);
  1251. }
  1252. $left_menu=empty($conf->browser->phone)?$conf->top_menu:$conf->smart_menu;
  1253. if (GETPOST('menu')) $left_menu=GETPOST('menu'); // menu=eldy_backoffice.php
  1254. // Load the top menu manager (only if not already done)
  1255. if (! class_exists('MenuLeft'))
  1256. {
  1257. $menufound=0;
  1258. $dirmenus=array_merge(array("/core/menus/"),(array) $conf->modules_parts['menus']);
  1259. foreach($dirmenus as $dirmenu)
  1260. {
  1261. $menufound=dol_include_once($dirmenu."standard/".$left_menu);
  1262. if ($menufound) break;
  1263. }
  1264. if (! $menufound) // If failed to include, we try with standard
  1265. {
  1266. $top_menu='eldy_backoffice.php';
  1267. include_once(DOL_DOCUMENT_ROOT."/core/menus/standard/".$top_menu);
  1268. }
  1269. }
  1270. // Left column
  1271. print '<!-- Begin left area - menu '.$left_menu.' -->'."\n";
  1272. print '<div class="vmenu">'."\n";
  1273. $menuleft=new MenuLeft($db,$menu_array_before,$menu_array_after);
  1274. $menuleft->showmenu(); // output menu_array and menu found in database
  1275. // Show other forms
  1276. if ($searchform)
  1277. {
  1278. print "\n";
  1279. print "<!-- Begin SearchForm -->\n";
  1280. print '<div id="blockvmenusearch" class="blockvmenusearch">'."\n";
  1281. print $searchform;
  1282. print '</div>'."\n";
  1283. print "<!-- End SearchForm -->\n";
  1284. }
  1285. // More search form
  1286. if ($moresearchform)
  1287. {
  1288. print $moresearchform;
  1289. }
  1290. // Bookmarks
  1291. if ($bookmarks)
  1292. {
  1293. print "\n";
  1294. print "<!-- Begin Bookmarks -->\n";
  1295. print '<div id="blockvmenubookmarks" class="blockvmenubookmarks">'."\n";
  1296. print $bookmarks;
  1297. print '</div>'."\n";
  1298. print "<!-- End Bookmarks -->\n";
  1299. }
  1300. // Link to Dolibarr wiki pages
  1301. if ($helppagename && empty($conf->global->MAIN_HELP_DISABLELINK))
  1302. {
  1303. $langs->load("help");
  1304. $helpbaseurl='';
  1305. $helppage='';
  1306. $mode='';
  1307. // Get helpbaseurl, helppage and mode from helppagename and langs
  1308. $arrayres=getHelpParamFor($helppagename,$langs);
  1309. $helpbaseurl=$arrayres['helpbaseurl'];
  1310. $helppage=$arrayres['helppage'];
  1311. $mode=$arrayres['mode'];
  1312. // Link to help pages
  1313. if ($helpbaseurl && $helppage)
  1314. {
  1315. print '<div id="blockvmenuhelp" class="blockvmenuhelp">';
  1316. print '<a class="help" target="_blank" title="'.$langs->trans($mode == 'wiki' ? 'GoToWikiHelpPage': 'GoToHelpPage');
  1317. if ($mode == 'wiki') print ' - '.$langs->trans("PageWiki").' &quot;'.dol_escape_htmltag(strtr($helppage,'_',' ')).'&quot;';
  1318. print '" href="';
  1319. print sprintf($helpbaseurl,urlencode(html_entity_decode($helppage)));
  1320. print '">';
  1321. print img_picto('', 'helpdoc').' ';
  1322. print $langs->trans($mode == 'wiki' ? 'OnlineHelp': 'Help');
  1323. //if ($mode == 'wiki') print ' ('.dol_trunc(strtr($helppage,'_',' '),8).')';
  1324. print '</a>';
  1325. print '</div>';
  1326. }
  1327. }
  1328. // Link to bugtrack
  1329. if (! empty($conf->global->MAIN_SHOW_BUGTRACK_LINK))
  1330. {
  1331. $bugbaseurl='http://savannah.nongnu.org/bugs/?';
  1332. $bugbaseurl.='func=additem&group=dolibarr&privacy=1&';
  1333. $bugbaseurl.="&details=";
  1334. $bugbaseurl.=urlencode("\n\n\n\n\n-------------\n");
  1335. $bugbaseurl.=urlencode($langs->trans("Version").": ".DOL_VERSION."\n");
  1336. $bugbaseurl.=urlencode($langs->trans("Server").": ".$_SERVER["SERVER_SOFTWARE"]."\n");
  1337. $bugbaseurl.=urlencode($langs->trans("Url").": ".$_SERVER["REQUEST_URI"]."\n");
  1338. print '<div class="help"><a class="help" target="_blank" href="'.$bugbaseurl.'">'.$langs->trans("FindBug").'</a></div>';
  1339. }
  1340. print "\n";
  1341. print "</div>\n";
  1342. print "<!-- End left vertical menu -->\n";
  1343. print "\n";
  1344. // Execute hook printLeftBlock
  1345. $parameters=array();
  1346. $leftblock=$hookmanager->executeHooks('printLeftBlock',$parameters); // Note that $action and $object may have been modified by some hooks
  1347. print $leftblock;
  1348. if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT)) print '</div> <!-- End left layout -->'."\n";
  1349. else print '</td>';
  1350. print "\n";
  1351. print '<!-- End of left area -->'."\n";
  1352. print "\n";
  1353. print '<!-- Begin right area -->'."\n";
  1354. if (empty($leftmenuwithoutmainarea)) main_area($title);
  1355. }
  1356. /**
  1357. * Begin main area
  1358. *
  1359. * @param string $title Title
  1360. * @return void
  1361. */
  1362. function main_area($title='')
  1363. {
  1364. global $conf, $langs;
  1365. if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT))
  1366. {
  1367. print '<div id="mainContent"><div class="ui-layout-center"> <!-- begin main layout -->'."\n";
  1368. print '<table width="100%" class="notopnoleftnoright" summary="centermenutable" id="undertopmenu"><tr>';
  1369. }
  1370. print '<td valign="top">'."\n";
  1371. print "\n";
  1372. print '<div class="fiche"> <!-- begin div class="fiche" -->'."\n";
  1373. if (preg_match('/^smartphone/',$conf->smart_menu) && ! empty($conf->browser->phone))
  1374. {
  1375. print '<div data-role="page"> <!-- begin div data-role="page" -->';
  1376. print '<div data-role="header" data-nobackbtn="false" data-theme="b">';
  1377. print '<div id="dol-homeheader">'."\n";
  1378. $appli='Dolibarr';
  1379. if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE;
  1380. print $appli;
  1381. print '</div>'."\n";
  1382. print '</div>'."\n";
  1383. print "\n";
  1384. print '<div data-role="content"> <!-- begin div data-role="content" -->'."\n";
  1385. }
  1386. if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED)) print info_admin($langs->trans("WarningYouAreInMaintenanceMode",$conf->global->MAIN_ONLY_LOGIN_ALLOWED));
  1387. }
  1388. /**
  1389. * Return helpbaseurl, helppage and mode
  1390. *
  1391. * @param string $helppagename Page name (EN:xxx,ES:eee,FR:fff...)
  1392. * @param Translate $langs Language
  1393. * @return array Array of help urls
  1394. */
  1395. function getHelpParamFor($helppagename,$langs)
  1396. {
  1397. $helpbaseurl='';
  1398. $helppage='';
  1399. $mode='';
  1400. if (preg_match('/^http/i',$helppagename))
  1401. {
  1402. // If complete URL
  1403. $helpbaseurl='%s';
  1404. $helppage=$helppagename;
  1405. $mode='local';
  1406. }
  1407. else
  1408. {
  1409. // If WIKI URL
  1410. if (preg_match('/^es/i',$langs->defaultlang))
  1411. {
  1412. $helpbaseurl='http://wiki.dolibarr.org/index.php/%s';
  1413. if (preg_match('/ES:([^|]+)/i',$helppagename,$reg)) $helppage=$reg[1];
  1414. }
  1415. if (preg_match('/^fr/i',$langs->defaultlang))
  1416. {
  1417. $helpbaseurl='http://wiki.dolibarr.org/index.php/%s';
  1418. if (preg_match('/FR:([^|]+)/i',$helppagename,$reg)) $helppage=$reg[1];
  1419. }
  1420. if (empty($helppage)) // If help page not already found
  1421. {
  1422. $helpbaseurl='http://wiki.dolibarr.org/index.php/%s';
  1423. if (preg_match('/EN:([^|]+)/i',$helppagename,$reg)) $helppage=$reg[1];
  1424. }
  1425. $mode='wiki';
  1426. }
  1427. return array('helpbaseurl'=>$helpbaseurl,'helppage'=>$helppage,'mode'=>$mode);
  1428. }
  1429. /**
  1430. * Show a search area
  1431. *
  1432. * @param string $urlaction Url post
  1433. * @param string $urlobject Url of the link under the search box
  1434. * @param string $title Title search area
  1435. * @param string $htmlmodesearch Value to set into parameter "mode_search" ('soc','contact','products','member',...)
  1436. * @param string $htmlinputname Field Name input form
  1437. * @return void
  1438. */
  1439. function printSearchForm($urlaction,$urlobject,$title,$htmlmodesearch,$htmlinputname)
  1440. {
  1441. global $conf,$langs;
  1442. $ret='';
  1443. $ret.='<div class="menu_titre">';
  1444. $ret.='<a class="vsmenu" href="'.$urlobject.'">';
  1445. $ret.=$title.'</a><br>';
  1446. $ret.='</div>';
  1447. $ret.='<form action="'.$urlaction.'" method="post">';
  1448. $ret.='<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
  1449. $ret.='<input type="hidden" name="mode" value="search">';
  1450. $ret.='<input type="hidden" name="mode_search" value="'.$htmlmodesearch.'">';
  1451. $ret.='<input type="text" class="flat" ';
  1452. if (! empty($conf->global->MAIN_HTML5_PLACEHOLDER)) $ret.=' placeholder="'.$langs->trans("SearchOf").''.strip_tags($title).'"';
  1453. else $ret.=' title="'.$langs->trans("SearchOf").''.strip_tags($title).'"';
  1454. $ret.=' name="'.$htmlinputname.'" size="10" />&nbsp;';
  1455. $ret.='<input type="submit" class="button" value="'.$langs->trans("Go").'">';
  1456. $ret.="</form>\n";
  1457. return $ret;
  1458. }
  1459. if (! function_exists("llxFooter"))
  1460. {
  1461. /**
  1462. * Show HTML footer
  1463. * Close div /DIV data-role=page + /DIV class=fiche + /DIV /DIV main layout + /BODY + /HTML.
  1464. *
  1465. * @param string $foot A text to add in HTML generated page
  1466. * @return void
  1467. */
  1468. function llxFooter($foot='')
  1469. {
  1470. global $conf, $langs, $dolibarr_auto_user, $micro_start_time;
  1471. // Global html output events ($mesgs, $errors, $warnings)
  1472. dol_htmloutput_events();
  1473. // Core error message
  1474. if (defined("MAIN_CORE_ERROR") && constant("MAIN_CORE_ERROR") == 1)
  1475. {
  1476. // Ajax version
  1477. if ($conf->use_javascript_ajax)
  1478. {
  1479. $title = img_warning().' '.$langs->trans('CoreErrorTitle');
  1480. print ajax_dialog($title, $langs->trans('CoreErrorMessage'));
  1481. }
  1482. // html version
  1483. else
  1484. {
  1485. $msg = img_warning().' '.$langs->trans('CoreErrorMessage');
  1486. print '<div class="error">'.$msg.'</div>';
  1487. }
  1488. define("MAIN_CORE_ERROR",0);
  1489. }
  1490. print "\n\n";
  1491. if (preg_match('/^smartphone/',$conf->smart_menu) && ! empty($conf->browser->phone))
  1492. {
  1493. print '</div> <!-- end div data-role="content" -->'."\n";
  1494. print '</div> <!-- end div data-role="page" -->'."\n";
  1495. }
  1496. print '</div> <!-- end div class="fiche" -->'."\n";
  1497. print "\n".'</td></tr></table> <!-- end right area -->'."\n";
  1498. if ($conf->use_javascript_ajax && ! empty($conf->global->MAIN_MENU_USE_JQUERY_LAYOUT)) print '</div></div> <!-- end main layout -->'."\n";
  1499. print "\n";
  1500. if ($foot) print '<!-- '.$foot.' -->'."\n";
  1501. printCommonFooter();
  1502. print "</body>\n";
  1503. print "</html>\n";
  1504. }
  1505. }
  1506. ?>