Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 09:38:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Factorize code into a function dolJSToSetRandomPassword()

Browse Source
This commit is contained in:
Laurent Destailleur
2022-07-27 13:42:32 +02:00
parent a04bef1909
commit fc9b3e3d70
16 changed files with 96 additions and 185 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
htdocs/admin/agenda_xcal.php
View File

@@ -207,21 +207,11 @@ $message .= $langs->trans("AgendaUrlOptionsIncludeHolidays", '1', '1').'<br>';
print info_admin($message); print info_admin($message);
if (!empty($conf->use_javascript_ajax)) { $constname = 'MAIN_AGENDA_XCAL_EXPORTKEY';
print "\n".'<script type="text/javascript">';
print '$(document).ready(function () { // Add button to autosuggest a key
$("#generate_token").click(function() { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", { print dolJSToSetRandomPassword($constname);
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#MAIN_AGENDA_XCAL_EXPORTKEY").val(token);
});
});
});';
print '</script>';
}
// End of page // End of page
llxFooter(); llxFooter();

20
htdocs/admin/clicktodial.php
View File

@@ -188,22 +188,10 @@ if (!empty($conf->global->CLICKTODIAL_URL)) {
} }
} }
if (!empty($conf->use_javascript_ajax)) { // Add button to autosuggest a key
print "\n".'<script type="text/javascript">'; include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
print '$(document).ready(function () { print dolJSToSetRandomPassword('CLICKTODIAL_KEY_FOR_CIDLOOKUP');
$("#generate_token").click(function() {
console.log("Click done");
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#CLICKTODIAL_KEY_FOR_CIDLOOKUP").val(token);
});
});
});';
print '</script>';
}
// End of page // End of page
llxFooter(); llxFooter();

19
htdocs/admin/eventorganization.php
View File

@@ -273,21 +273,10 @@ if ($action == 'edit') {
if (!empty($conf->use_javascript_ajax)) { if (!empty($conf->use_javascript_ajax)) {
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
} }
if (!empty($conf->use_javascript_ajax)) {
print "\n".'<script type="text/javascript">'; // Add button to autosuggest a key
print '$(document).ready(function () { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$("#generate_token'.$constname.'").click(function() { print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#'.$constname.'").val(token);
});
});
});';
print '</script>';
}
} elseif ($val['type'] == 'product') { } elseif ($val['type'] == 'product') {
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

19
htdocs/admin/hrm.php
View File

@@ -540,21 +540,10 @@ if ($action == 'edit') {
if (!empty($conf->use_javascript_ajax)) { if (!empty($conf->use_javascript_ajax)) {
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
} }
if (!empty($conf->use_javascript_ajax)) {
print "\n".'<script type="text/javascript">'; // Add button to autosuggest a key
print '$(document).ready(function () { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$("#generate_token'.$constname.'").click(function() { print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#'.$constname.'").val(token);
});
});
});';
print '</script>';
}
} elseif ($val['type'] == 'product') { } elseif ($val['type'] == 'product') {
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

20
htdocs/admin/mailing.php
View File

@@ -107,21 +107,11 @@ llxHeader('', $langs->trans("MailingSetup"));
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>'; $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
print load_fiche_titre($langs->trans("MailingSetup"), $linkback, 'title_setup'); print load_fiche_titre($langs->trans("MailingSetup"), $linkback, 'title_setup');
if (!empty($conf->use_javascript_ajax)) { $constname = 'MAILING_EMAIL_UNSUBSCRIBE_KEY';
print "\n".'<script type="text/javascript">';
print '$(document).ready(function () { // Add button to autosuggest a key
$("#generate_token").click(function() { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", { print dolJSToSetRandomPassword($constname);
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#MAILING_EMAIL_UNSUBSCRIBE_KEY").val(token);
});
});
});';
print '</script>';
}
print '<br>'; print '<br>';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">'; print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';

19
htdocs/admin/webhook.php
View File

@@ -338,21 +338,10 @@ if ($action == 'edit') {
if (!empty($conf->use_javascript_ajax)) { if (!empty($conf->use_javascript_ajax)) {
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
} }
if (!empty($conf->use_javascript_ajax)) {
print "\n".'<script type="text/javascript">'; // Add button to autosuggest a key
print '$(document).ready(function () { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$("#generate_token'.$constname.'").click(function() { print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#'.$constname.'").val(token);
});
});
});';
print '</script>';
}
} elseif ($val['type'] == 'product') { } elseif ($val['type'] == 'product') {
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

19
htdocs/asset/admin/setup.php
View File

@@ -519,21 +519,10 @@ if ($action == 'edit') {
if (!empty($conf->use_javascript_ajax)) { if (!empty($conf->use_javascript_ajax)) {
print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"'); print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
} }
if (!empty($conf->use_javascript_ajax)) {
print "\n".'<script type="text/javascript">'; // Add button to autosuggest a key
print '$(document).ready(function () { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$("#generate_token'.$constname.'").click(function() { print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#'.$constname.'").val(token);
});
});
});';
print '</script>';
}
} elseif ($val['type'] == 'product') { } elseif ($val['type'] == 'product') {
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) { if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname); $selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

9
htdocs/core/ajax/security.php
View File

@@ -42,6 +42,9 @@ if (!defined('NOREQUIRETRAN')) {
require '../../main.inc.php'; require '../../main.inc.php';
$action = GETPOST('action');
/* /*
* View * View
*/ */
@@ -52,10 +55,10 @@ top_httphead();
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n"; //print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
// Registering the location of boxes // Registering the location of boxes
if (isset($_GET['action']) && !empty($_GET['action'])) { if ($action) {
if ($_GET['action'] == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) { if ($action == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$generic = $_GET['generic'] ? true : false; $generic = GETPOST('generic') ? true : false;
echo getRandomPassword($generic); echo getRandomPassword($generic);
} }
} }

20
htdocs/core/class/html.formsetup.class.php
View File

@@ -952,21 +952,11 @@ class FormSetupItem
if (!empty($conf->use_javascript_ajax)) { if (!empty($conf->use_javascript_ajax)) {
$out.= '&nbsp;'.img_picto($this->langs->trans('Generate'), 'refresh', 'id="generate_token'.$this->confKey.'" class="linkobject"'); $out.= '&nbsp;'.img_picto($this->langs->trans('Generate'), 'refresh', 'id="generate_token'.$this->confKey.'" class="linkobject"');
} }
if (!empty($conf->use_javascript_ajax)) {
$out .= "\n" . '<script type="text/javascript">'; // Add button to autosuggest a key
$out .= '$(document).ready(function () { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$("#generate_token' . $this->confKey . '").click(function() { $out .= dolJSToSetRandomPassword($this->confKey, 'generate_token'.$this->confKey);
$.get( "' . DOL_URL_ROOT . '/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#' . $this->confKey . '").val(token);
});
});
});';
$out .= '</script>';
}
return $out; return $out;
} }

33
htdocs/core/lib/security2.lib.php
View File

@@ -449,7 +449,7 @@ function encodedecode_dbpassconf($level = 0)
* @param array $replaceambiguouschars Discard ambigous characters. For example array('I'). * @param array $replaceambiguouschars Discard ambigous characters. For example array('I').
* @param int $length Length of random string (Used only if $generic is true) * @param int $length Length of random string (Used only if $generic is true)
* @return string New value for password * @return string New value for password
* @see dol_hash() * @see dol_hash(), dolJSToSetRandomPassword()
*/ */
function getRandomPassword($generic = false, $replaceambiguouschars = null, $length = 32) function getRandomPassword($generic = false, $replaceambiguouschars = null, $length = 32)
{ {
@@ -527,3 +527,34 @@ function getRandomPassword($generic = false, $replaceambiguouschars = null, $len
return $generated_password; return $generated_password;
} }
/**
* Ouput javacript to autoset a generated password using default module into a HTML element.
*
* @param string $htmlname HTML name of element to insert key into
* @param string $htmlnameofbutton HTML name of button
* @return string HTML javascript code to set a password
* @see getRandomPassword()
*/
function dolJSToSetRandomPassword($htmlname, $htmlnameofbutton = 'generate_token')
{
global $conf;
if (!empty($conf->use_javascript_ajax)) {
print "\n".'<!-- Js code to suggest a security key --><script type="text/javascript">';
print '$(document).ready(function () {
$("#'.dol_escape_js($htmlnameofbutton).'").click(function() {
console.log("We click on the button to suggest a key");
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true,
token: \''.dol_escape_js(newToken()).'\'
},
function(result) {
$("#'.dol_escape_js($htmlname).'").val(result);
});
});
});'."\n";
print '</script>';
}
}

20
htdocs/core/tpl/onlinepaymentlinks.tpl.php
View File

@@ -141,21 +141,11 @@ if (!empty($conf->don->enabled)) {
print '<br>'; print '<br>';
} }
if (!empty($conf->use_javascript_ajax)) { $constname = 'PAYMENT_SECURITY_TOKEN';
print "\n".'<script>';
print '$(document).ready(function () { // Add button to autosuggest a key
$("#generate_token").click(function() { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", { print dolJSToSetRandomPassword($constname);
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#PAYMENT_SECURITY_TOKEN").val(token);
});
});
});';
print '</script>';
}
print info_admin($langs->trans("YouCanAddTagOnUrl")); print info_admin($langs->trans("YouCanAddTagOnUrl"));

21
htdocs/cron/admin/cron.php
View File

@@ -129,22 +129,11 @@ dol_print_cron_urls();
print '<br>'; print '<br>';
if (!empty($conf->use_javascript_ajax)) { $constname = 'CRON_KEY';
print "\n".'<script type="text/javascript">';
print '$(document).ready(function () { // Add button to autosuggest a key
$("#generate_token").click(function() { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
console.log("Click done"); print dolJSToSetRandomPassword($constname);
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#CRON_KEY").val(token);
});
});
});';
print '</script>';
}
llxFooter(); llxFooter();
$db->close(); $db->close();

2
htdocs/install/mysql/migration/16.0.0-17.0.0.sql
View File

@@ -41,12 +41,14 @@ ALTER TABLE llx_c_email_templates ADD COLUMN email_from varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN email_to varchar(255); ALTER TABLE llx_c_email_templates ADD COLUMN email_to varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN email_tocc varchar(255); ALTER TABLE llx_c_email_templates ADD COLUMN email_tocc varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN email_tobcc varchar(255); ALTER TABLE llx_c_email_templates ADD COLUMN email_tobcc varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN content_lines text;
ALTER TABLE llx_expedition ADD COLUMN billed smallint DEFAULT 0; ALTER TABLE llx_expedition ADD COLUMN billed smallint DEFAULT 0;
ALTER TABLE llx_accounting_system MODIFY COLUMN pcg_version varchar(32) NOT NULL; ALTER TABLE llx_accounting_system MODIFY COLUMN pcg_version varchar(32) NOT NULL;
-- v17 -- v17
ALTER TABLE llx_facture ADD COLUMN close_missing_amount double(24, 8) after close_code; ALTER TABLE llx_facture ADD COLUMN close_missing_amount double(24, 8) after close_code;

1
htdocs/install/upgrade2.php
View File

@@ -4116,6 +4116,7 @@ function migrate_delete_old_files($db, $langs, $conf)
'/core/boxes/box_members.php', '/core/boxes/box_members.php',
'/api/class/api_generic.class.php', '/api/class/api_generic.class.php',
'/asterisk/cidlookup.php',
'/categories/class/api_category.class.php', '/categories/class/api_category.class.php',
'/categories/class/api_deprecated_category.class.php', '/categories/class/api_deprecated_category.class.php',
'/compta/facture/class/api_invoice.class.php', '/compta/facture/class/api_invoice.class.php',

20
htdocs/user/card.php
View File

@@ -2834,20 +2834,12 @@ if ($action == 'create' || $action == 'adduserldap') {
} }
} }
if (!empty($conf->api->enabled) && !empty($conf->use_javascript_ajax)) { if (!empty($conf->api->enabled)) {
print "\n".'<script type="text/javascript">'; $constname = 'api_key';
print '$(document).ready(function () {
$("#generate_api_key").click(function() { // Add button to autosuggest a key
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", { include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
action: \'getrandompassword\', print dolJSToSetRandomPassword($constname, 'generate_api_key');
generic: true
},
function(token) {
$("#api_key").val(token);
});
});
});';
print '</script>';
} }
// End of page // End of page

19
htdocs/webservices/admin/index.php
View File

@@ -140,21 +140,10 @@ print '<br>';
print '<br>'; print '<br>';
print $langs->trans("OnlyActiveElementsAreShown", DOL_URL_ROOT.'/admin/modules.php'); print $langs->trans("OnlyActiveElementsAreShown", DOL_URL_ROOT.'/admin/modules.php');
if (!empty($conf->use_javascript_ajax)) { $constname = 'WEBSERVICES_KEY';
print "\n".'<script type="text/javascript">';
print '$(document).ready(function () { print dolJSToSetRandomPassword($constname);
$("#generate_token").click(function() {
$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
action: \'getrandompassword\',
generic: true
},
function(token) {
$("#WEBSERVICES_KEY").val(token);
});
});
});';
print '</script>';
}
// End of page // End of page
llxFooter(); llxFooter();