Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-24 10:21:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ae3cfce7cc4decbcc88c8aa3669df2d832329b7b
dolibarr/htdocs/admin/security_other.php
Regis Houssin a21da1d536 Fix: obsolete
2010-01-08 10:46:00 +00:00

316 lines
9.8 KiB
PHP
Raw Blame History

<?php
/* Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/**
* \file htdocs/admin/security_other.php
* \ingroup core
* \brief Security options setup
* \version $Id$
*/
require("./pre.inc.php");
require_once(DOL_DOCUMENT_ROOT."/lib/admin.lib.php");
require_once(DOL_DOCUMENT_ROOT."/html.formfile.class.php");
$langs->load("users");
$langs->load("admin");
$langs->load("other");
if (!$user->admin) accessforbidden();
$upload_dir=$conf->admin->dir_temp;
/*
* Actions
*/
if ($_POST["sendit"] && ! empty($conf->global->MAIN_UPLOAD_DOC))
{
$result=create_exdir($upload_dir); // Create dir if not exists
if ($result >= 0)
{
$resupload=dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir . "/" . $_FILES['userfile']['name'],1);
if (is_numeric($resupload) && $resupload > 0)
{
$mesg = '<div class="ok">'.$langs->trans("FileTransferComplete").'</div>';
//print_r($_FILES);
}
else if (is_numeric($resupload) && $resupload == -99)
{
// File infected by a virus
$langs->load("errors");
$mesg = '<div class="error">'.$langs->trans("ErrorFileIsInfectedWithAVirus").'</div>';
}
else
{
// Echec transfert (fichier depassant la limite ?)
$mesg = '<div class="error">'.$langs->trans("ErrorFileNotUploaded");
if (is_array($resupload)) $mesg.= '<br>'.dol_nl2br(join("\n",$resupload));
$mesg.= '</div>';
// print_r($_FILES);
}
}
}
if ($_GET["action"] == 'set_main_upload_doc')
{
if (! dolibarr_set_const($db, 'MAIN_UPLOAD_DOC',$_POST["MAIN_UPLOAD_DOC"],'chaine',0,'',$conf->entity))
{
dol_print_error($db);
}
else
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
}
if ($_GET["action"] == 'activate_captcha')
{
dolibarr_set_const($db, "MAIN_SECURITY_ENABLECAPTCHA", '1','chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
else if ($_GET["action"] == 'disable_captcha')
{
dolibarr_del_const($db, "MAIN_SECURITY_ENABLECAPTCHA",$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'MAIN_SESSION_TIMEOUT')
{
dolibarr_set_const($db, "MAIN_SESSION_TIMEOUT", $_POST["MAIN_SESSION_TIMEOUT"],'chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'MAIN_UMASK')
{
dolibarr_set_const($db, "MAIN_UMASK", $_POST["MAIN_UMASK"],'chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'MAIN_ANTIVIRUS_COMMAND')
{
dolibarr_set_const($db, "MAIN_ANTIVIRUS_COMMAND", $_POST["MAIN_ANTIVIRUS_COMMAND"],'chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
if ($_GET["action"] == 'MAIN_ANTIVIRUS_PARAM')
{
dolibarr_set_const($db, "MAIN_ANTIVIRUS_PARAM", $_POST["MAIN_ANTIVIRUS_PARAM"],'chaine',0,'',$conf->entity);
Header("Location: security_other.php");
exit;
}
/*
* View
*/
$form = new Form($db);
llxHeader('',$langs->trans("Miscellanous"));
print_fiche_titre($langs->trans("SecuritySetup"),'','setup');
print $langs->trans("MiscellanousDesc")."<br>\n";
print "<br>\n";
$head=security_prepare_head();
dol_fiche_head($head, 'misc', $langs->trans("Security"));
// Timeout
$var=true;
print '<table width="100%" class="noborder">';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("Parameters").'</td>';
print '<td>'.$langs->trans("Value").'</td>';
print '<td>&nbsp;</td>';
print "</tr>\n";
$var=!$var;
if (empty($conf->global->MAIN_SESSION_TIMEOUT)) $conf->global->MAIN_SESSION_TIMEOUT=ini_get("session.gc_maxlifetime");
print '<form action="'.$_SERVER["PHP_SELF"].'?action=MAIN_SESSION_TIMEOUT" method="POST">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<tr '.$bc[$var].'>';
print '<td>'.$langs->trans("SessionTimeOut").'</td><td align="right">';
print $form->textwithpicto('',$langs->trans("SessionExplanation",ini_get("session.gc_probability"),ini_get("session.gc_divisor")));
print '</td>';
print '<td nowrap="1">';
print '<input class="flat" name="MAIN_SESSION_TIMEOUT" type="text" size="6" value="'.htmlentities($conf->global->MAIN_SESSION_TIMEOUT).'"> '.$langs->trans("seconds");
print '</td>';
print '<td align="right">';
print '<input type="submit" class="button" name="button" value="'.$langs->trans("Modify").'">';
print '</td>';
print '</tr></form>';
print '</table>';
print '<br>';
// Other Options
$var=true;
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td colspan="3">'.$langs->trans("Parameters").'</td>';
print '<td align="center" width="80">'.$langs->trans("Activated").'</td>';
print '<td align="center" width="80">'.$langs->trans("Action").'</td>';
print '</tr>';
// Enable Captcha code
$var=!$var;
print "<tr ".$bc[$var].">";
print '<td colspan="3">'.$langs->trans("UseCaptchaCode").'</td>';
print '<td align="center" width="60">';
if($conf->global->MAIN_SECURITY_ENABLECAPTCHA == 1)
{
print img_tick();
}
print '</td>';
print '<td align="center" width="100">';
if (function_exists("imagecreatefrompng"))
{
if ($conf->global->MAIN_SECURITY_ENABLECAPTCHA == 0)
{
print '<a href="security_other.php?action=activate_captcha">'.$langs->trans("Activate").'</a>';
}
if($conf->global->MAIN_SECURITY_ENABLECAPTCHA == 1)
{
print '<a href="security_other.php?action=disable_captcha">'.$langs->trans("Disable").'</a>';
}
}
else
{
$html = new Form($db);
$desc = $html->textwithpicto('',$langs->transnoentities("EnableGDLibraryDesc"),1,'warning');
print $desc;
}
print "</td>";
print "</td>";
print '</tr>';
print '</table>';
print '<br>';
// Upload options
$var=false;
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("Parameters").'</td>';
print '<td colspan="2">'.$langs->trans("Value").'</td>';
print '</tr>';
print '<form action="'.$_SERVER["PHP_SELF"].'?action=set_main_upload_doc" method="POST">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<tr '.$bc[$var].'>';
print '<td colspan="2">'.$langs->trans("MaxSizeForUploadedFiles").'.';
$max=@ini_get('upload_max_filesize');
if ($max) print ' '.$langs->trans("MustBeLowerThanPHPLimit",$max*1024,$langs->trans("Kb")).'.';
else print ' '.$langs->trans("NoMaxSizeByPHPLimit").'.';
print '</td>';
print '<td nowrap="1">';
print '<input class="flat" name="MAIN_UPLOAD_DOC" type="text" size="6" value="'.htmlentities($conf->global->MAIN_UPLOAD_DOC).'"> '.$langs->trans("Kb");
print '</td>';
print '<td align="center">';
print '<input type="submit" class="button" name="button" value="'.$langs->trans("Modify").'">';
print '</td>';
print '</tr></form>';
$var=!$var;
print '<form action="'.$_SERVER["PHP_SELF"].'?action=MAIN_UMASK" method="POST">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<tr '.$bc[$var].'>';
print '<td>'.$langs->trans("UMask").'</td><td align="right">';
print $form->textwithpicto('',$langs->trans("UMaskExplanation"));
print '</td>';
print '<td nowrap="1">';
print '<input class="flat" name="MAIN_UMASK" type="text" size="6" value="'.htmlentities($conf->global->MAIN_UMASK).'">';
print '</td>';
print '<td align="center">';
print '<input type="submit" class="button" name="button" value="'.$langs->trans("Modify").'">';
print '</td>';
print '</tr></form>';
// Use anti virus
$var=!$var;
print '<form action="'.$_SERVER["PHP_SELF"].'?action=MAIN_ANTIVIRUS_COMMAND" method="POST">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print "<tr ".$bc[$var].">";
print '<td colspan="2">'.$langs->trans("AntiVirusCommand").'<br>';
print $langs->trans("AntiVirusCommandExample");
print '</td>';
print '<td align="center" width="100">';
print '<input type="text" name="MAIN_ANTIVIRUS_COMMAND" size=80 value="'.htmlentities($conf->global->MAIN_ANTIVIRUS_COMMAND).'">';
print "</td>";
print '<td align="right">';
print '<input type="submit" class="button" name="button" value="'.$langs->trans("Modify").'">';
print '</td>';
print '</tr>';
print '</form>';
// Use anti virus
$var=!$var;
print '<form action="'.$_SERVER["PHP_SELF"].'?action=MAIN_ANTIVIRUS_PARAM" method="POST">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print "<tr ".$bc[$var].">";
print '<td colspan="2">'.$langs->trans("AntiVirusParam").'<br>';
print $langs->trans("AntiVirusParamExample");
print '</td>';
print '<td align="center" width="100">';
print '<input type="text" name="MAIN_ANTIVIRUS_PARAM" size=80 value="'.htmlentities($conf->global->MAIN_ANTIVIRUS_PARAM).'">';
print "</td>";
print '<td align="right">';
print '<input type="submit" class="button" name="button" value="'.$langs->trans("Modify").'">';
print '</td>';
print '</tr>';
print '</form>';
print '</table>';
print '</div>';
// Form to test upload
if ($mesg) print $mesg;
// Affiche formulaire upload
print '<br>';
$formfile=new FormFile($db);
$formfile->form_attach_new_file(DOL_URL_ROOT.'/admin/security_other.php',$langs->trans("FormToTestFileUploadForm"),0,0,1);
$db->close();
llxFooter('$Date$ - $Revision$');
?>
Reference in New Issue View Git Blame Copy Permalink