Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-07 01:58:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Debug v21

Browse Source
This commit is contained in:
Laurent Destailleur
2024-10-19 23:42:26 +02:00
parent 560829cacf
commit 37880a7964
4 changed files with 102 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
htdocs/admin/modules.php
View File

@@ -229,13 +229,68 @@ if ($action == 'install' && $allowonlineinstall) {
}
}
if (!$error) {
// TODO Make more test
}
dol_syslog("Uncompress of module file is a success.");
// We check if this is a metapackage
// Load module into $objMod
/*
$modulesdir = array($modulenamedir.'/core/modules/');
foreach ($modulesdir as $dir) {
// Load modules attributes in arrays (name, numero, orders) from dir directory
//print $dir."\n<br>";
dol_syslog("Scan directory ".$dir." for module descriptor files (modXXX.class.php)");
$handle = @opendir($dir);
if (is_resource($handle)) {
while (($file = readdir($handle)) !== false) {
print $dir." ".$file."\n<br>";
if (is_readable($dir.$file) && substr($file, 0, 3) == 'mod' && substr($file, dol_strlen($file) - 10) == '.class.php') {
$modName = substr($file, 0, dol_strlen($file) - 10);
if ($modName) {
try {
$res = include_once $dir.$file; // A class already exists in a different file will send a non catchable fatal error.
$modName = substr($file, 0, dol_strlen($file) - 10);
if ($modName) {
if (class_exists($modName)) {
$objMod = new $modName($db);
'@phan-var-force DolibarrModules $objMod';
//var_dump($objMod);
}
}
} catch(Exception $e) {
// Nothing done
}
}
}
}
}
}
*/
// Check if module is in the remote malware list
if (!$error) {
if (GETPOST('checkforcompliance') == 'on') {
try {
$res = include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php';
$dolibarrmodule = new DolibarrModules($db);
$checkRes = $dolibarrmodule->checkForcompliance($modulename);
if (!is_numeric($checkRes) && $checkRes != '') {
$langs->load("errors");
setEventMessages($modulename.' : '.$langs->trans($checkRes), null, 'errors');
}
$error++;
} catch (Exception $e) {
// Nothing done
}
}
}
if (!$error) {
// TODO Make more test ???
}
// We check if this is a metapackage (and wecomplete with child packages)
$modulenamearrays = array();
if (dol_is_file($modulenamedir.'/metapackage.conf')) {
// This is a meta package
@@ -245,32 +300,34 @@ if ($action == 'install' && $allowonlineinstall) {
$modulenamearrays[$modulename] = $modulename;
//var_dump($modulenamearrays);exit;
// Lop on each package of the metapackage
foreach ($modulenamearrays as $modulenameval) {
if (strpos($modulenameval, '#') === 0) {
continue; // Discard comments
}
if (strpos($modulenameval, '//') === 0) {
continue; // Discard comments
}
if (!trim($modulenameval)) {
continue;
}
// Now we install the module
if (!$error) {
@dol_delete_dir_recursive($dirins.'/'.$modulenameval); // delete the target directory
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/'.$modulenameval;
if (!dol_is_dir($submodulenamedir)) {
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/htdocs/'.$modulenameval;
// Lop on each packages (can have several if package is a metapackage)
if (! $error) {
foreach ($modulenamearrays as $modulenameval) {
if (strpos($modulenameval, '#') === 0) {
continue; // Discard comments
}
dol_syslog("We copy now directory ".$submodulenamedir." into target dir ".$dirins.'/'.$modulenameval);
$result = dolCopyDir($submodulenamedir, $dirins.'/'.$modulenameval, '0444', 1);
if ($result <= 0) {
dol_syslog('Failed to call dolCopyDir result='.$result." with param ".$submodulenamedir." and ".$dirins.'/'.$modulenameval, LOG_WARNING);
$langs->load("errors");
setEventMessages($langs->trans("ErrorFailToCopyDir", $submodulenamedir, $dirins.'/'.$modulenameval), null, 'errors');
$error++;
if (strpos($modulenameval, '//') === 0) {
continue; // Discard comments
}
if (!trim($modulenameval)) {
continue;
}
// Now we install the module
if (!$error) {
@dol_delete_dir_recursive($dirins.'/'.$modulenameval); // delete the target directory
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/'.$modulenameval;
if (!dol_is_dir($submodulenamedir)) {
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/htdocs/'.$modulenameval;
}
dol_syslog("We copy now directory ".$submodulenamedir." into target dir ".$dirins.'/'.$modulenameval);
$result = dolCopyDir($submodulenamedir, $dirins.'/'.$modulenameval, '0444', 1);
if ($result <= 0) {
dol_syslog('Failed to call dolCopyDir result='.$result." with param ".$submodulenamedir." and ".$dirins.'/'.$modulenameval, LOG_WARNING);
$langs->load("errors");
setEventMessages($langs->trans("ErrorFailToCopyDir", $submodulenamedir, $dirins.'/'.$modulenameval), null, 'errors');
$error++;
}
}
}
}
@@ -281,30 +338,6 @@ if ($action == 'install' && $allowonlineinstall) {
}
}
/*
if (!$error) {
if (GETPOST('checkforcompliance')) {
$dir = $dirins;
$file = $modulenameval;
// $installedmodule
try {
$res = include_once $dir.$file; // A class already exists in a different file will send a non catchable fatal error.
$modName = substr($file, 0, dol_strlen($file) - 10);
if ($modName) {
if (class_exists($modName)) {
$objMod = new $modName($db);
'@phan-var-force DolibarrModules $objMod';
//var_dump($objMod);
}
}
} catch(Exception $e) {
// Nothing done
}
}
}
*/
if (!$error) {
$searchParams = array(
'search_keyword' => $modulenameval,
@@ -318,8 +351,6 @@ if ($action == 'install' && $allowonlineinstall) {
$message = $langs->trans("SetupIsReadyForUse", $redirectUrl, $langs->transnoentitiesnoconv("Home").' - '.$langs->transnoentitiesnoconv("Setup").' - '.$langs->transnoentitiesnoconv("Modules"));
setEventMessages($message, null, 'warnings');
header('Location: ' . $redirectUrl);
exit;
}
} elseif ($action == 'install' && !$allowonlineinstall) {
httponly_accessforbidden("You try to bypass the protection to disallow deployment of an external module. Hack attempt ?");
@@ -1303,13 +1334,13 @@ if ($mode == 'deploy') {
print '<br>';
}
print '<br>';
// $allowfromweb = -1 if installation or setup not correct, 0 if not allowed, 1 if allowed
if ($allowfromweb >= 0) {
if ($allowfromweb == 1) {
//print $langs->trans("ThisIsProcessToFollow").'<br>';
} else {
print '<br>';
print $langs->trans("ThisIsAlternativeProcessToFollow").'<br>';
print '<b>'.$langs->trans("StepNb", 1).'</b>: ';
print str_replace('{s1}', $fullurl, $langs->trans("FindPackageFromWebSite", '{s1}')).'<br>';
@@ -1324,10 +1355,10 @@ if ($mode == 'deploy') {
print '<input type="hidden" name="action" value="install">';
print '<input type="hidden" name="mode" value="deploy">';
print $langs->trans("YouCanSubmitFile").'<br><br>';
print $langs->trans("YouCanSubmitFile").'<br><br><br>';
print '<span class="opacitymedium"><input class="paddingright" type="checkbox" name="checkforcompliance" id="checkforcompliance"'.(getDolGlobalString('DISABLE_CHECK_ON_MALWARE_MODULES') ? ' disabled="disabled"' : 'checked="checked"').'>';
print '<label for="checkforcompliance">'.$langs->trans("CheckIfModuleIsNotBlackListed").'</label>';
print '<label for="checkforcompliance">'.$form->textwithpicto($langs->trans("CheckIfModuleIsNotBlackListed"), $langs->trans("CheckIfModuleIsNotBlackListedHelp")).'</label>';
print '</span><br><br>';
$max = getDolGlobalString('MAIN_UPLOAD_DOC'); // In Kb

11
htdocs/core/modules/DolibarrModules.class.php
View File

@@ -2710,12 +2710,17 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it
* Check for module compliance with Dolibarr rules and law
* If a module is reported by this function,it is surely a malware. Delete it as soon as possible.
*
* @return int|string Return integer <0 if Error, 0 == not compliant, 'string' with message if module not compliant
* @param string $nametocheck Name to check
* @return int|string Return integer <0 if Error, 0 == not compliant, 'string' with message if module not compliant
*/
public function checkForCompliance()
public function checkForCompliance($nametocheck)
{
global $conf, $langs;
if (empty($nametocheck)) {
$nametocheck = $this->name;
}
// Get list of illegal modules name or ID
if (empty($conf->cache['noncompliantmodules'])) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php';
@@ -2749,7 +2754,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it
}
if (!empty($conf->cache['noncompliantmodules'])) {
$modulekey = strtolower($this->name);
$modulekey = strtolower($nametocheck);
if (in_array($modulekey, array_keys($conf->cache['noncompliantmodules']))) {
$answer = trim($conf->cache['noncompliantmodules'][$modulekey]['message']);
if (!empty($conf->cache['noncompliantmodules'][$modulekey]['message2'])) {

3
htdocs/langs/en_US/admin.lang
View File

@@ -2574,4 +2574,5 @@ SALES_ORDER_SHOW_SHIPPING_ADDRESSMore=Compulsory indication in some countries (F
MaxNbOfRecordOnListIsOk=You have a max size for lists is set to <b>%s</b> lines. This is a good value.
YouHaveALargeAmountOfRecordOnLists=You have a default max size for lists set to <b>%s</b> lines. This is a large value that need scrolling to see all answers. It is better to have a value lower than <b>%s</b> and use pagination to see record over this number. Change this in menu Home - Setup - Display.
RoundBorders=Round borders
CheckIfModuleIsNotBlackListed=Some modules may be provided by some companies that do not respect the project's rules of goodwill (non-compliance with GDPR, violation of the rules tof use the Dolibarr brand name, etc.). By checking this box, a request will be made to the project server to see if a report was received about this module, and will protect you by blocking the deployment if module is flagged as this.
CheckIfModuleIsNotBlackListed=Block install for modules found into the <b>Remote blacklist</b>
CheckIfModuleIsNotBlackListedHelp=Some modules may be provided by some companies that do not respect the project's rules of goodwill (non-compliance with GDPR, violation of the rules tof use the Dolibarr brand name, etc.). By checking this box, a request will be made to the project server to see if a report was received about this module, and will protect you by blocking the deployment of flagged modules

2
htdocs/langs/en_US/errors.lang
View File

@@ -391,7 +391,7 @@ WarningReadBankAlsoAllowedIfUserHasPermission=Warning, reading bank account is a
WarningNoDataTransferedInAccountancyYet=Please note, there is no data in the accounting table. Please transfer your data recorded in the application to the accounting section or change the calculation mode to analyze the data recorded outside of accounting.
WarningChangingThisMayBreakStopTaskScheduler=Warning, changing this value may disable the scheduler
WarningAmountOfFileDiffersFromSumOfLines=Warning, amount of file (%s) differs from the sum of lines (%s)
WarningModuleAffiliatedToAReportedCompany=Warning, this module has been reported to the Dolibarr foundation as being published by a company using illegal practices (non-compliance with the rules for using the Dolibarr brand, collecting your data without your consent or deploying malware). Use it at your own risk!
WarningModuleAffiliatedToAReportedCompany=Warning, this module has been reported to the Dolibarr foundation as being published by a company using illegal practices (non-compliance with the rules for using the Dolibarr brand, collecting your data without your consent or deploying malware).
WarningModuleAffiliatedToAPiratPlatform=Be careful when getting a module (paid or free) from a suspicious non official platform like %s
SwissQrOnlyVIR = SwissQR invoice can only be added on invoices set to be paid with credit transfer payments.