* Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ /** * \file htdocs/admin/security_other.php * \ingroup core * \brief Security options setup */ require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; $langs->load("users"); $langs->load("admin"); $langs->load("other"); if (! $user->admin) accessforbidden(); $action=GETPOST('action','alpha'); $upload_dir=$conf->admin->dir_temp; /* * Actions */ if (GETPOST('sendit') && ! empty($conf->global->MAIN_UPLOAD_DOC)) { require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; dol_add_file_process($upload_dir, 0, 0, 'userfile'); } if (preg_match('/set_(.*)/',$action,$reg)) { $code=$reg[1]; $value=(GETPOST($code) ? GETPOST($code) : 1); if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0) { Header("Location: ".$_SERVER["PHP_SELF"]); exit; } else { dol_print_error($db); } } else if (preg_match('/del_(.*)/',$action,$reg)) { $code=$reg[1]; if (dolibarr_del_const($db, $code, $conf->entity) > 0) { Header("Location: ".$_SERVER["PHP_SELF"]); exit; } else { dol_print_error($db); } } else if ($action == 'MAIN_SESSION_TIMEOUT') { if (! dolibarr_set_const($db, "MAIN_SESSION_TIMEOUT", $_POST["MAIN_SESSION_TIMEOUT"],'chaine',0,'',$conf->entity)) dol_print_error($db); else $mesg=$langs->trans("RecordModifiedSuccessfully"); } else if ($action == 'MAIN_UPLOAD_DOC') { if (! dolibarr_set_const($db, 'MAIN_UPLOAD_DOC',$_POST["MAIN_UPLOAD_DOC"],'chaine',0,'',$conf->entity)) dol_print_error($db); else $mesg=$langs->trans("RecordModifiedSuccessfully"); } else if ($action == 'MAIN_UMASK') { if (! dolibarr_set_const($db, "MAIN_UMASK", $_POST["MAIN_UMASK"],'chaine',0,'',$conf->entity)) dol_print_error($db); else $mesg=$langs->trans("RecordModifiedSuccessfully"); } else if ($action == 'MAIN_ANTIVIRUS_COMMAND') { if (! dolibarr_set_const($db, "MAIN_ANTIVIRUS_COMMAND", $_POST["MAIN_ANTIVIRUS_COMMAND"],'chaine',0,'',$conf->entity)) dol_print_error($db); else $mesg=$langs->trans("RecordModifiedSuccessfully"); } else if ($action == 'MAIN_ANTIVIRUS_PARAM') { if (! dolibarr_set_const($db, "MAIN_ANTIVIRUS_PARAM", $_POST["MAIN_ANTIVIRUS_PARAM"],'chaine',0,'',$conf->entity)) dol_print_error($db); else $mesg=$langs->trans("RecordModifiedSuccessfully"); } // Delete file else if ($action == 'delete') { $langs->load("other"); $file = $conf->admin->dir_temp . '/' . GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). $ret=dol_delete_file($file); if ($ret) setEventMessage($langs->trans("FileWasRemoved", GETPOST('urlfile'))); else setEventMessage($langs->trans("ErrorFailToDeleteFile", GETPOST('urlfile')), 'errors'); Header('Location: '.$_SERVER["PHP_SELF"]); exit; } /* * View */ $form = new Form($db); llxHeader('',$langs->trans("Miscellaneous")); print_fiche_titre($langs->trans("SecuritySetup"),'','setup'); print $langs->trans("MiscellaneousDesc")."
\n"; print "
\n"; $head=security_prepare_head(); dol_fiche_head($head, 'misc', $langs->trans("Security")); // Timeout $var=true; print ''; print ''; print ''; print ''; print ''; print "\n"; $var=!$var; $sessiontimeout=ini_get("session.gc_maxlifetime"); if (empty($conf->global->MAIN_SESSION_TIMEOUT)) $conf->global->MAIN_SESSION_TIMEOUT=$sessiontimeout; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print '

'.$langs->trans("Parameters").'		'.$langs->trans("Value").'
'.$langs->trans("SessionTimeOut").'	'; print $form->textwithpicto('',$langs->trans("SessionExplanation",ini_get("session.gc_probability"),ini_get("session.gc_divisor"))); print '	'; print ' '.strtolower($langs->trans("Seconds")); print '	'; print ''; print '

'; print '
'; // Other Options $var=true; print ''; print ''; print ''; print ''; print ''; // Enable Captcha code $var=!$var; print ""; print ''; print ''; // Enable advanced perms $var=!$var; print ""; print ''; print '"; print '

'.$langs->trans("Parameters").'			'.$langs->trans("Status").'
'.$langs->trans("UseCaptchaCode").'			'; if (function_exists("imagecreatefrompng")) { if (! empty($conf->use_javascript_ajax)) { print ajax_constantonoff('MAIN_SECURITY_ENABLECAPTCHA'); } else { if (empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { print ''.img_picto($langs->trans("Disabled"),'off').''; } else { print ''.img_picto($langs->trans("Enabled"),'on').''; } } } else { $desc = $form->textwithpicto('',$langs->transnoentities("EnableGDLibraryDesc"),1,'warning'); print $desc; } print '
'.$langs->trans("UseAdvancedPerms").'			'; if (! empty($conf->use_javascript_ajax)) { print ajax_constantonoff('MAIN_USE_ADVANCED_PERMS'); } else { if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { print ''.img_picto($langs->trans("Disabled"),'off').''; } else { print ''.img_picto($langs->trans("Enabled"),'on').''; } } print "

'; print '
'; // Upload options $var=false; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; print ''; $var=!$var; print ''; print ''; print ''; print ''; print ''; print ''; print ''; // Use anti virus $var=!$var; print ''; print ''; print ""; print ''; print '"; print ''; print ''; print ''; // Use anti virus $var=!$var; print ''; print ''; print ""; print ''; print '"; print ''; print ''; print ''; print '

'.$langs->trans("Parameters").'		'.$langs->trans("Value").'
'.$langs->trans("MaxSizeForUploadedFiles").'.'; $max=@ini_get('upload_max_filesize'); if ($max) print ' '.$langs->trans("MustBeLowerThanPHPLimit",$max*1024,$langs->trans("Kb")).'.'; else print ' '.$langs->trans("NoMaxSizeByPHPLimit").'.'; print '		'; print ' '.$langs->trans("Kb"); print '	'; print ''; print '
'.$langs->trans("UMask").'	'; print $form->textwithpicto('',$langs->trans("UMaskExplanation")); print '	'; print ''; print '	'; print ''; print '
'.$langs->trans("AntiVirusCommand").' '; print $langs->trans("AntiVirusCommandExample"); // Check command in inside safe_mode print '		'; if (ini_get('safe_mode') && ! empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) { $langs->load("errors"); $basedir=preg_replace('/"/','',dirname($conf->global->MAIN_ANTIVIRUS_COMMAND)); $listdir=explode(';',ini_get('safe_mode_exec_dir')); if (! in_array($basedir,$listdir)) { print img_warning($langs->trans('WarningSafeModeOnCheckExecDir')); dol_syslog("safe_mode is on, basedir is ".$basedir.", safe_mode_exec_dir is ".ini_get('safe_mode_exec_dir'), LOG_WARNING); } } print ''; print "	'; print ''; print '
'.$langs->trans("AntiVirusParam").' '; print $langs->trans("AntiVirusParamExample"); print '		'; print ''; print "	'; print ''; print '

'; dol_fiche_end(); // Form to test upload print '
'; $formfile=new FormFile($db); $formfile->form_attach_new_file($_SERVER['PHP_SELF'], $langs->trans("FormToTestFileUploadForm"), 0, 0, 1); // List of document $filearray=dol_dir_list($upload_dir, "files", 0, '', '', 'name', SORT_ASC, 1); $formfile->list_of_documents($filearray, '', 'admin_temp', ''); llxFooter(); $db->close(); ?>