diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php
index d27c4dac376..0fd313e4cd1 100644
--- a/htdocs/core/lib/website.lib.php
+++ b/htdocs/core/lib/website.lib.php
@@ -163,12 +163,13 @@ function dolWebsiteReplacementOfLinks($website, $content, $removephppart = 0, $c
if (preg_last_error() == PREG_JIT_STACKLIMIT_ERROR) $content = 'preg_replace error (when removing php tags) PREG_JIT_STACKLIMIT_ERROR';
}*/
$content = dolStripPhpCode($content, $replacewith);
- //var_dump($content);
// Protect the link styles.css.php to any replacement that we make after.
$content = str_replace('href="styles.css.php', 'href="!~!~!~styles.css.php', $content);
+ $content = str_replace('src="javascript.js.php', 'src="!~!~!~javascript.js.php', $content);
$content = str_replace('href="http', 'href="!~!~!~http', $content);
$content = str_replace('href="//', 'href="!~!~!~//', $content);
+ $content = str_replace('src="//', 'src="!~!~!~//', $content);
$content = str_replace('src="viewimage.php', 'src="!~!~!~/viewimage.php', $content);
$content = str_replace('src="/viewimage.php', 'src="!~!~!~/viewimage.php', $content);
$content = str_replace('src="'.DOL_URL_ROOT.'/viewimage.php', 'src="!~!~!~'.DOL_URL_ROOT.'/viewimage.php', $content);
@@ -301,11 +302,14 @@ function dolWebsiteOutput($content, $contenttype = 'html', $containerid = '')
}
} elseif (defined('USEDOLIBARRSERVER')) { // REPLACEMENT OF LINKS When page called from Dolibarr server
$content = str_replace('virtualhost) {
$content = preg_replace('/^(]*rel="canonical" href=")\//m', '\1'.$website->virtualhost.'/', $content, -1, $nbrep);
diff --git a/htdocs/core/lib/website2.lib.php b/htdocs/core/lib/website2.lib.php
index 87a964c9419..1668d640f02 100644
--- a/htdocs/core/lib/website2.lib.php
+++ b/htdocs/core/lib/website2.lib.php
@@ -248,7 +248,7 @@ function dolSavePageContent($filetpl, Website $object, WebsitePage $objectpage,
// Add js
$tplcontent .= ''."\n";
$tplcontent .= ''."\n";
- $tplcontent .= ''."\n";
+ $tplcontent .= ''."\n";
// Add headers
$tplcontent .= ''."\n";
$tplcontent .= ''."\n";
diff --git a/htdocs/public/website/javascript.js.php b/htdocs/public/website/javascript.js.php
new file mode 100644
index 00000000000..51cecf8c699
--- /dev/null
+++ b/htdocs/public/website/javascript.js.php
@@ -0,0 +1,171 @@
+
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+/**
+ * \file htdocs/public/website/javascript.js.php
+ * \ingroup website
+ * \brief Page to output style page. Called with
+ */
+
+if (!defined('NOTOKENRENEWAL')) {
+ define('NOTOKENRENEWAL', 1); // Disables token renewal
+}
+if (!defined('NOLOGIN')) {
+ define("NOLOGIN", 1);
+}
+if (!defined('NOCSRFCHECK')) {
+ define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
+}
+if (!defined('NOREQUIREMENU')) {
+ define('NOREQUIREMENU', '1');
+}
+if (!defined('NOREQUIREHTML')) {
+ define('NOREQUIREHTML', '1');
+}
+if (!defined('NOREQUIREAJAX')) {
+ define('NOREQUIREAJAX', '1');
+}
+if (!defined('NOIPCHECK')) {
+ define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
+}
+if (!defined('NOBROWSERNOTIF')) {
+ define('NOBROWSERNOTIF', '1');
+}
+
+/**
+ * Header empty
+ *
+ * @return void
+ */
+function llxHeader()
+{
+}
+/**
+ * Footer empty
+ *
+ * @return void
+ */
+function llxFooter()
+{
+}
+
+require '../../master.inc.php';
+require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
+
+
+$error = 0;
+$website = GETPOST('website', 'alpha');
+$websiteid = GETPOST('websiteid', 'int');
+$pageid = GETPOST('page', 'alpha') ?GETPOST('page', 'alpha') : GETPOST('pageid', 'alpha');
+
+$accessallowed = 1;
+$type = '';
+
+
+/*
+ * View
+ */
+
+$appli = constant('DOL_APPLICATION_TITLE');
+if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
+ $appli = $conf->global->MAIN_APPLICATION_TITLE;
+}
+
+//print 'Directory with '.$appli.' websites.
';
+
+if (empty($pageid)) {
+ require_once DOL_DOCUMENT_ROOT.'/website/class/website.class.php';
+ require_once DOL_DOCUMENT_ROOT.'/website/class/websitepage.class.php';
+
+ $object = new Website($db);
+ if ($websiteid) {
+ $object->fetch($websiteid);
+ $website = $object->ref;
+ } else {
+ $object->fetch(0, $website);
+ }
+
+ $objectpage = new WebsitePage($db);
+ /* Not required for CSS file
+ $array=$objectpage->fetchAll($object->id);
+
+ if (is_array($array) && count($array) > 0)
+ {
+ $firstrep=reset($array);
+ $pageid=$firstrep->id;
+ }
+ */
+}
+/* Not required for CSS file
+if (empty($pageid))
+{
+ $langs->load("website");
+ print $langs->trans("PreviewOfSiteNotYetAvailable");
+ exit;
+}
+*/
+
+// Security: Delete string ../ into $original_file
+global $dolibarr_main_data_root;
+
+$original_file = $dolibarr_main_data_root.($conf->entity > 1 ? '/'.$conf->entity : '').'/website/'.$website.'/javascript.js.php';
+
+// Find the subdirectory name as the reference
+$refname = basename(dirname($original_file)."/");
+
+// Security:
+// Limite acces si droits non corrects
+if (!$accessallowed) {
+ accessforbidden();
+}
+
+// Security:
+// On interdit les remontees de repertoire ainsi que les pipe dans
+// les noms de fichiers.
+if (preg_match('/\.\./', $original_file) || preg_match('/[<>|]/', $original_file)) {
+ dol_syslog("Refused to deliver file ".$original_file);
+ $file = basename($original_file); // Do no show plain path of original_file in shown error message
+ dol_print_error(0, $langs->trans("ErrorFileNameInvalid", $file));
+ exit;
+}
+
+clearstatcache();
+
+$filename = basename($original_file);
+
+// Output file on browser
+dol_syslog("javascript.js.css.php include $original_file $filename content-type=$type");
+$original_file_osencoded = dol_osencode($original_file); // New file name encoded in OS encoding charset
+
+// This test if file exists should be useless. We keep it to find bug more easily
+if (!file_exists($original_file_osencoded)) {
+ $langs->load("website");
+ print $langs->trans("RequestedPageHasNoContentYet", $pageid);
+ //dol_print_error(0,$langs->trans("ErrorFileDoesNotExists",$original_file));
+ exit;
+}
+
+
+// Output page content
+define('USEDOLIBARRSERVER', 1);
+print '/* Page content '.$original_file.' : JS content that was saved into tpl dir */'."\n";
+require_once $original_file_osencoded;
+
+
+if (is_object($db)) {
+ $db->close();
+}