Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix #huntrd875d1a2-7205-4b2b-93cf-439fa4c4f961

Browse Source
This commit is contained in:
Laurent Destailleur
2023-02-20 13:09:27 +01:00
parent 08e78f77bd
commit 4ebb39febe
4 changed files with 75 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/admin/external_rss.php
View File

@@ -296,9 +296,13 @@ if ($resql) {
$imageurl = $rssparser->getImageUrl(); $imageurl = $rssparser->getImageUrl();
$linkrss = $rssparser->getLink(); $linkrss = $rssparser->getLink();
if (!preg_match('/^http/', $imageurl)) { if (!preg_match('/^http/', $imageurl)) {
$imageurl = $linkrss.$imageurl; include_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php';
if (image_format_supported($imageurl) >= 0) {
// If we are sure imageurl is a path to an image file, and if it does not start with http, we append root url to it.
$imageurl = $linkrss.$imageurl;
}
} }
if ($imageurl) { if ($imageurl && preg_match('/^http', $imageurl)) {
print '<img height="32" src="'.$imageurl.'">'; print '<img height="32" src="'.$imageurl.'">';
} else { } else {
print $langs->trans("None"); print $langs->trans("None");

11
htdocs/core/boxes/box_external_rss.php
View File

@@ -134,6 +134,9 @@ class box_external_rss extends ModeleBoxes
if (!$date && isset($item['pubdate'])) { if (!$date && isset($item['pubdate'])) {
$date = $item['pubdate']; $date = $item['pubdate'];
} }
if (!$date && isset($item['pubDate'])) {
$date = $item['pubDate'];
}
if (!$date && isset($item['dc']['date'])) { if (!$date && isset($item['dc']['date'])) {
$date = $item['dc']['date']; $date = $item['dc']['date'];
} }
@@ -183,22 +186,22 @@ class box_external_rss extends ModeleBoxes
'td' => 'class="left" width="16"', 'td' => 'class="left" width="16"',
'text' => img_picto('', 'rss'), 'text' => img_picto('', 'rss'),
'url' => $href, 'url' => $href,
'tooltip' => $tooltip, 'tooltip' => dol_escape_htmltag($tooltip),
'target' => 'newrss', 'target' => 'newrss',
); );
$this->info_box_contents[$line][1] = array( $this->info_box_contents[$line][1] = array(
'td' => 'class="tdoverflowmax300"', 'td' => 'class="tdoverflowmax300"',
'text' => $title, 'text' => dol_escape_htmltag($title),
'url' => $href, 'url' => $href,
'tooltip' => $tooltip, 'tooltip' => dol_escape_htmltag($tooltip),
'maxlength' => 0, 'maxlength' => 0,
'target' => 'newrss', 'target' => 'newrss',
); );
$this->info_box_contents[$line][2] = array( $this->info_box_contents[$line][2] = array(
'td' => 'class="right nowrap"', 'td' => 'class="right nowrap"',
'text' => $date, 'text' => dol_escape_htmltag($date),
); );
} }
} }

96
htdocs/core/class/rssparser.class.php
View File

@@ -319,54 +319,54 @@ class RssParser
//var_dump($rss); //var_dump($rss);
if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) {
if (!empty($rss->channel->language)) { if (!empty($rss->channel->language)) {
$this->_language = (string) $rss->channel->language; $this->_language = sanitizeVal((string) $rss->channel->language);
} }
if (!empty($rss->channel->generator)) { if (!empty($rss->channel->generator)) {
$this->_generator = (string) $rss->channel->generator; $this->_generator = sanitizeVal((string) $rss->channel->generator);
} }
if (!empty($rss->channel->copyright)) { if (!empty($rss->channel->copyright)) {
$this->_copyright = (string) $rss->channel->copyright; $this->_copyright = sanitizeVal((string) $rss->channel->copyright);
} }
if (!empty($rss->channel->lastbuilddate)) { if (!empty($rss->channel->lastbuilddate)) {
$this->_lastbuilddate = (string) $rss->channel->lastbuilddate; $this->_lastbuilddate = sanitizeVal((string) $rss->channel->lastbuilddate);
} }
if (!empty($rss->channel->image->url[0])) { if (!empty($rss->channel->image->url[0])) {
$this->_imageurl = (string) $rss->channel->image->url[0]; $this->_imageurl = sanitizeVal((string) $rss->channel->image->url[0]);
} }
if (!empty($rss->channel->link)) { if (!empty($rss->channel->link)) {
$this->_link = (string) $rss->channel->link; $this->_link = sanitizeVal((string) $rss->channel->link);
} }
if (!empty($rss->channel->title)) { if (!empty($rss->channel->title)) {
$this->_title = (string) $rss->channel->title; $this->_title = sanitizeVal((string) $rss->channel->title);
} }
if (!empty($rss->channel->description)) { if (!empty($rss->channel->description)) {
$this->_description = (string) $rss->channel->description; $this->_description = sanitizeVal((string) $rss->channel->description);
} }
} else { } else {
//var_dump($rss->channel); //var_dump($rss->channel);
if (!empty($rss->channel['language'])) { if (!empty($rss->channel['language'])) {
$this->_language = (string) $rss->channel['language']; $this->_language = sanitizeVal((string) $rss->channel['language']);
} }
if (!empty($rss->channel['generator'])) { if (!empty($rss->channel['generator'])) {
$this->_generator = (string) $rss->channel['generator']; $this->_generator = sanitizeVal((string) $rss->channel['generator']);
} }
if (!empty($rss->channel['copyright'])) { if (!empty($rss->channel['copyright'])) {
$this->_copyright = (string) $rss->channel['copyright']; $this->_copyright = sanitizeVal((string) $rss->channel['copyright']);
} }
if (!empty($rss->channel['lastbuilddate'])) { if (!empty($rss->channel['lastbuilddate'])) {
$this->_lastbuilddate = (string) $rss->channel['lastbuilddate']; $this->_lastbuilddate = sanitizeVal((string) $rss->channel['lastbuilddate']);
} }
if (!empty($rss->image['url'])) { if (!empty($rss->image['url'])) {
$this->_imageurl = (string) $rss->image['url']; $this->_imageurl = sanitizeVal((string) $rss->image['url']);
} }
if (!empty($rss->channel['link'])) { if (!empty($rss->channel['link'])) {
$this->_link = (string) $rss->channel['link']; $this->_link = sanitizeVal((string) $rss->channel['link']);
} }
if (!empty($rss->channel['title'])) { if (!empty($rss->channel['title'])) {
$this->_title = (string) $rss->channel['title']; $this->_title = sanitizeVal((string) $rss->channel['title']);
} }
if (!empty($rss->channel['description'])) { if (!empty($rss->channel['description'])) {
$this->_description = (string) $rss->channel['description']; $this->_description = sanitizeVal((string) $rss->channel['description']);
} }
} }
@@ -380,40 +380,40 @@ class RssParser
//var_dump($rss); //var_dump($rss);
if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) {
if (!empty($rss->generator)) { if (!empty($rss->generator)) {
$this->_generator = (string) $rss->generator; $this->_generator = sanitizeVal((string) $rss->generator);
} }
if (!empty($rss->lastbuilddate)) { if (!empty($rss->lastbuilddate)) {
$this->_lastbuilddate = (string) $rss->modified; $this->_lastbuilddate = sanitizeVal((string) $rss->modified);
} }
if (!empty($rss->link->href)) { if (!empty($rss->link->href)) {
$this->_link = (string) $rss->link->href; $this->_link = sanitizeVal((string) $rss->link->href);
} }
if (!empty($rss->title)) { if (!empty($rss->title)) {
$this->_title = (string) $rss->title; $this->_title = sanitizeVal((string) $rss->title);
} }
if (!empty($rss->description)) { if (!empty($rss->description)) {
$this->_description = (string) $rss->description; $this->_description = sanitizeVal((string) $rss->description);
} }
} else { } else {
//if (!empty($rss->channel['rss_language'])) $this->_language = (string) $rss->channel['rss_language']; //if (!empty($rss->channel['rss_language'])) $this->_language = (string) $rss->channel['rss_language'];
if (!empty($rss->channel['generator'])) { if (!empty($rss->channel['generator'])) {
$this->_generator = (string) $rss->channel['generator']; $this->_generator = sanitizeVal((string) $rss->channel['generator']);
} }
//if (!empty($rss->channel['rss_copyright'])) $this->_copyright = (string) $rss->channel['rss_copyright']; //if (!empty($rss->channel['rss_copyright'])) $this->_copyright = (string) $rss->channel['rss_copyright'];
if (!empty($rss->channel['modified'])) { if (!empty($rss->channel['modified'])) {
$this->_lastbuilddate = (string) $rss->channel['modified']; $this->_lastbuilddate = sanitizeVal((string) $rss->channel['modified']);
} }
//if (!empty($rss->image['rss_url'])) $this->_imageurl = (string) $rss->image['rss_url']; //if (!empty($rss->image['rss_url'])) $this->_imageurl = (string) $rss->image['rss_url'];
if (!empty($rss->channel['link'])) { if (!empty($rss->channel['link'])) {
$this->_link = (string) $rss->channel['link']; $this->_link = sanitizeVal((string) $rss->channel['link']);
} }
if (!empty($rss->channel['title'])) { if (!empty($rss->channel['title'])) {
$this->_title = (string) $rss->channel['title']; $this->_title = sanitizeVal((string) $rss->channel['title']);
} }
//if (!empty($rss->channel['rss_description'])) $this->_description = (string) $rss->channel['rss_description']; //if (!empty($rss->channel['rss_description'])) $this->_description = (string) $rss->channel['rss_description'];
if (!empty($rss->channel)) { if (!empty($rss->channel)) {
$this->_imageurl = $this->getAtomImageUrl($rss->channel); $this->_imageurl = sanitizeVal($this->getAtomImageUrl($rss->channel));
} }
} }
if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) {
@@ -434,19 +434,19 @@ class RssParser
//var_dump($item);exit; //var_dump($item);exit;
if ($rss->_format == 'rss') { if ($rss->_format == 'rss') {
if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) {
$itemLink = (string) $item->link; $itemLink = sanitizeVal((string) $item->link);
$itemTitle = (string) $item->title; $itemTitle = sanitizeVal((string) $item->title);
$itemDescription = (string) $item->description; $itemDescription = sanitizeVal((string) $item->description);
$itemPubDate = (string) $item->pubDate; $itemPubDate = sanitizeVal((string) $item->pubDate);
$itemId = ''; $itemId = '';
$itemAuthor = ''; $itemAuthor = '';
} else { } else {
$itemLink = (string) $item['link']; $itemLink = sanitizeVal((string) $item['link']);
$itemTitle = (string) $item['title']; $itemTitle = sanitizeVal((string) $item['title']);
$itemDescription = (string) $item['description']; $itemDescription = sanitizeVal((string) $item['description']);
$itemPubDate = (string) $item['pubdate']; $itemPubDate = sanitizeVal((string) $item['pubdate']);
$itemId = (string) $item['guid']; $itemId = sanitizeVal((string) $item['guid']);
$itemAuthor = (string) $item['author']; $itemAuthor = sanitizeVal((string) $item['author']);
} }
// Loop on each category // Loop on each category
@@ -458,19 +458,19 @@ class RssParser
} }
} elseif ($rss->_format == 'atom') { } elseif ($rss->_format == 'atom') {
if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) {
$itemLink = (isset($item['link']) ? (string) $item['link'] : ''); $itemLink = (isset($item['link']) ? sanitizeVal((string) $item['link']) : '');
$itemTitle = (string) $item['title']; $itemTitle = sanitizeVal((string) $item['title']);
$itemDescription = $this->getAtomItemDescription($item); $itemDescription = sanitizeVal($this->getAtomItemDescription($item));
$itemPubDate = (string) $item['created']; $itemPubDate = sanitizeVal((string) $item['created']);
$itemId = (string) $item['id']; $itemId = sanitizeVal((string) $item['id']);
$itemAuthor = (string) ($item['author'] ? $item['author'] : $item['author_name']); $itemAuthor = sanitizeVal((string) ($item['author'] ? $item['author'] : $item['author_name']));
} else { } else {
$itemLink = (isset($item['link']) ? (string) $item['link'] : ''); $itemLink = (isset($item['link']) ? sanitizeVal((string) $item['link']) : '');
$itemTitle = (string) $item['title']; $itemTitle = sanitizeVal((string) $item['title']);
$itemDescription = $this->getAtomItemDescription($item); $itemDescription = sanitizeVal($this->getAtomItemDescription($item));
$itemPubDate = (string) $item['created']; $itemPubDate = sanitizeVal((string) $item['created']);
$itemId = (string) $item['id']; $itemId = sanitizeVal((string) $item['id']);
$itemAuthor = (string) ($item['author'] ? $item['author'] : $item['author_name']); $itemAuthor = sanitizeVal((string) ($item['author'] ? $item['author'] : $item['author_name']));
} }
$itemCategory = array(); $itemCategory = array();
} else { } else {

30
htdocs/core/lib/xcal.lib.php
View File

@@ -307,7 +307,7 @@ function build_calfile($format, $title, $desc, $events_array, $outputfile)
*/ */
function build_rssfile($format, $title, $desc, $events_array, $outputfile, $filter = '', $url = '', $langcode = '') function build_rssfile($format, $title, $desc, $events_array, $outputfile, $filter = '', $url = '', $langcode = '')
{ {
global $user, $conf, $langs; global $user, $conf, $langs, $mysoc;
global $dolibarr_main_url_root; global $dolibarr_main_url_root;
dol_syslog("xcal.lib.php::build_rssfile Build rss file ".$outputfile." to format ".$format); dol_syslog("xcal.lib.php::build_rssfile Build rss file ".$outputfile." to format ".$format);
@@ -320,8 +320,6 @@ function build_rssfile($format, $title, $desc, $events_array, $outputfile, $filt
$fichier = fopen($outputfile, "w"); $fichier = fopen($outputfile, "w");
if ($fichier) { if ($fichier) {
$date = date("r");
// Print header // Print header
fwrite($fichier, '<?xml version="1.0" encoding="'.$langs->charset_output.'"?>'); fwrite($fichier, '<?xml version="1.0" encoding="'.$langs->charset_output.'"?>');
fwrite($fichier, "\n"); fwrite($fichier, "\n");
@@ -335,25 +333,25 @@ function build_rssfile($format, $title, $desc, $events_array, $outputfile, $filt
fwrite($fichier, "<language>".$langcode."</language>\n"); fwrite($fichier, "<language>".$langcode."</language>\n");
} }
/* // Define $urlwithroot
fwrite($fichier, "<description><![CDATA[".$desc.".]]></description>"."\n". $urlwithouturlroot = preg_replace("/".preg_quote(DOL_URL_ROOT, "/")."$/i", "", trim($dolibarr_main_url_root));
// "<language>fr</language>"."\n". $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
"<copyright>Dolibarr</copyright>"."\n". //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
"<lastBuildDate>".$date."</lastBuildDate>"."\n".
"<generator>Dolibarr</generator>"."\n");
*/
// Url
if (empty($url)) { if (empty($url)) {
// Define $urlwithroot
$urlwithouturlroot = preg_replace("/".preg_quote(DOL_URL_ROOT, "/")."$/i", "", trim($dolibarr_main_url_root));
$urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
//$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
$url = $urlwithroot."/public/agenda/agendaexport.php?format=rss&exportkey=".urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY); $url = $urlwithroot."/public/agenda/agendaexport.php?format=rss&exportkey=".urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY);
} }
fwrite($fichier, "<link><![CDATA[".$url."]]></link>\n"); fwrite($fichier, "<link><![CDATA[".$url."]]></link>\n");
// Image
if (!empty($mysoc->logo_squarred_small)) {
$urlimage = $urlwithroot.'/viewimage.php?cache=1&amp;modulepart=mycompany&amp;file='.urlencode($mysoc->logo_squarred_small);
if ($urlimage) {
fwrite($fichier, "<image><url><![CDATA[".$urlimage."]]></url><title>'.$title.</title></image>\n");
}
}
foreach ($events_array as $key => $event) { foreach ($events_array as $key => $event) {
$eventqualified = true; $eventqualified = true;