Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-05 09:08:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

WIP LNE

Browse Source
This commit is contained in:
Laurent Destailleur
2025-12-03 18:19:06 +01:00
parent 7847408006
commit caf65afa7e
2 changed files with 18 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
htdocs/blockedlog/admin/blockedlog_archives.php
View File

@@ -54,7 +54,7 @@ $contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : get
$backtopage = GETPOST('backtopage', 'alpha'); // Go back to a dedicated page
$optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' except when 'print')
$hmacexportkey = GETPOST('hmacexportkey', 'password');
//$hmacexportkey = GETPOST('hmacexportkey', 'password');
$search_showonlyerrors = GETPOSTINT('search_showonlyerrors');
if ($search_showonlyerrors < 0) {
@@ -179,10 +179,12 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Year")), null, "errors");
$error++;
}
/*
if (empty($hmacexportkey)) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Password")), null, "errors");
$error++;
}
*/
$dates = dol_get_first_day(GETPOSTINT('yeartoexport'), GETPOSTINT('monthtoexport') ? GETPOSTINT('monthtoexport') : 1);
$datee = dol_get_last_day(GETPOSTINT('yeartoexport'), GETPOSTINT('monthtoexport') ? GETPOSTINT('monthtoexport') : 12);
@@ -256,14 +258,17 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
$sql .= " FROM ".MAIN_DB_PREFIX."blockedlog";
$sql .= " WHERE entity = ".((int) $conf->entity);
if (GETPOSTINT('monthtoexport') > 0 || GETPOSTINT('yeartoexport') > 0) {
$dates = dol_get_first_day(GETPOSTINT('yeartoexport'), GETPOSTINT('monthtoexport') ? GETPOSTINT('monthtoexport') : 1);
$datee = dol_get_last_day(GETPOSTINT('yeartoexport'), GETPOSTINT('monthtoexport') ? GETPOSTINT('monthtoexport') : 12);
$dates = dol_get_first_day(GETPOSTINT('yeartoexport'), GETPOSTINT('monthtoexport') > 0 ? GETPOSTINT('monthtoexport') : 1);
$datee = dol_get_last_day(GETPOSTINT('yeartoexport'), GETPOSTINT('monthtoexport') > 0 ? GETPOSTINT('monthtoexport') : 12);
$sql .= " AND date_creation BETWEEN '".$db->idate($dates)."' AND '".$db->idate($datee)."'";
}
$sql .= " ORDER BY rowid ASC"; // Required so later we can use the parameter $previoushash of checkSignature()
$resql = $db->query($sql);
if ($resql) {
$registrationnumber = getHashUniqueIdOfRegistration();
$secretkey = $registrationnumber;
$yearmonthtoexport = GETPOSTINT('yeartoexport').(GETPOSTINT('monthtoexport') > 0 ? sprintf("%02d", GETPOSTINT('monthtoexport')) : '');
$yearmonthdateofexport = dol_print_date(dol_now(), 'dayhourlog', 'gmt');
@@ -275,7 +280,7 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
$fh = fopen($tmpfile, 'w');
// Print line with title
fwrite($fh, "BEGIN - date=".$yearmonthdateofexport
fwrite($fh, "BEGIN - date=".$yearmonthdateofexport." - period=".$yearmonthtoexport
.';'.$langs->transnoentities('Id')
.';'.$langs->transnoentities('DateCreation')
.';'.$langs->transnoentities('Action')
@@ -290,6 +295,7 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
.';'.$langs->transnoentities('Fingerprint')
.';'.$langs->transnoentities('Status')
.';'.$langs->transnoentities('FingerprintExport')
//.';'.$langs->transnoentities('FingerprintExportHMAC')
."\n");
$loweridinerror = 0;
@@ -355,6 +361,7 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
}
$signatureexport = 'TODO';
$signatureexporthmac = 'TODO';
fwrite($fh,
';'.$block_static->id
@@ -370,7 +377,8 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
.';"'.str_replace('"', '""', $block_static->object_version).'";"'
.str_replace('"', '""', $block_static->signature).'";"'
.str_replace('"', '""', $statusofrecord).'";"'
.str_replace('"', '""', $signatureexport).'"'
.str_replace('"', '""', $signatureexport).'";'
//.str_replace('"', '""', $signatureexporthmac).'"'
//.';'.$statusofrecordnote
."\n");
@@ -384,11 +392,11 @@ if (GETPOST('action') == 'export' && $user->hasRight('blockedlog', 'read')) { /
// Calculate the md5 of the file (the last line has a return line)
$algo = 'sha256';
$secretkey = 'TODOASKBEFOREEXPORT';
$sha256 = hash_file($algo, $tmpfile);
$hmacsha256 = hash_hmac_file($algo, $tmpfile, $secretkey);
// Now add a signature to check integrity at end of file
file_put_contents($tmpfile, 'END - hmac_sha256='.$hmacsha256, FILE_APPEND);
file_put_contents($tmpfile, 'END - sha256='.$sha256.' - hmac_sha256='.$hmacsha256, FILE_APPEND);
setEventMessages($langs->trans("FileGenerated"), null);
} else {
@@ -540,7 +548,8 @@ print '<input type="text" name="yeartoexport" class="valignmiddle maxwidth75imp"
print ' ';
print '<input type="text" name="hmacexportkey" class="valignmiddle minwidth150imp maxwidth300imp" required value="'.GETPOST('hmacexportkey').'" placeholder="'.$langs->trans("Password").'">';
// Disabled, we will use the getHashUniqueIdOfRegistration() as secret HMAC
//print '<input type="text" name="hmacexportkey" class="valignmiddle minwidth150imp maxwidth300imp" required value="'.GETPOST('hmacexportkey').'" placeholder="'.$langs->trans("Password").'">';
print ' ';

2
htdocs/blockedlog/admin/blockedlog_list.php
View File

@@ -426,7 +426,7 @@ $htmltext = '';
$htmltext .= $langs->trans("UnalterableLogTool2", $langs->transnoentitiesnoconv("Archives"))."<br>";
$htmltext .= $langs->trans("UnalterableLogTool3")."<br>";
print info_admin($htmltext);
print info_admin($htmltext, 0, 0, 'warning');
print '<br>';