Passed
Push — master ( 49af33...3cffbe )
by Alxarafe
21:21
created
Base/AlixarController.php 1 patch
Spacing   +89 added lines, -89 removed lines patch added patch discarded remove patch
@@ -52,13 +52,13 @@  discard block
 block discarded – undo
52 52
         // Note: the function dol_getprefix may have been redefined to return a different key to manage another area to protect.
53 53
         $prefix = DolUtils::dol_getprefix('');
54 54
 
55
-        $this->sessionname = 'DOLSESSID_' . $prefix;
56
-        $sessiontimeout = 'DOLSESSTIMEOUT_' . $prefix;
55
+        $this->sessionname = 'DOLSESSID_'.$prefix;
56
+        $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix;
57 57
         if (!empty($_COOKIE[$sessiontimeout])) {
58 58
             ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]);
59 59
         }
60 60
         session_name($this->sessionname);
61
-        session_set_cookie_params(0, '/', null, false, true);   // Add tag httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
61
+        session_set_cookie_params(0, '/', null, false, true); // Add tag httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
62 62
         // This create lock, released when session_write_close() or end of page.
63 63
         // We need this lock as long as we read/write $_SESSION ['vars']. We can remove lock when finished.
64 64
         if (!defined('NOSESSION')) {
@@ -81,7 +81,7 @@  discard block
 block discarded – undo
81 81
             Globals::$conf->browser->name = $tmp['browsername'];
82 82
             Globals::$conf->browser->os = $tmp['browseros'];
83 83
             Globals::$conf->browser->version = $tmp['browserversion'];
84
-            Globals::$conf->browser->layout = $tmp['layout'];     // 'classic', 'phone', 'tablet'
84
+            Globals::$conf->browser->layout = $tmp['layout']; // 'classic', 'phone', 'tablet'
85 85
             //var_dump(Globals::$conf->browser);
86 86
 
87 87
             if (Globals::$conf->browser->layout == 'phone') {
@@ -102,18 +102,18 @@  discard block
 block discarded – undo
102 102
                         $newurl = preg_replace('/^http:/i', 'https:', $_SERVER["SCRIPT_URI"]);
103 103
                     }
104 104
                 } else { // Check HTTPS environment variable (Apache/mod_ssl only)
105
-                    $newurl = preg_replace('/^http:/i', 'https:', DOL_MAIN_URL_ROOT) . $_SERVER["REQUEST_URI"];
105
+                    $newurl = preg_replace('/^http:/i', 'https:', DOL_MAIN_URL_ROOT).$_SERVER["REQUEST_URI"];
106 106
                 }
107 107
             } else {
108 108
                 // Check HTTPS environment variable (Apache/mod_ssl only)
109
-                $newurl = Globals::$conf->file->main_force_https . $_SERVER["REQUEST_URI"];
109
+                $newurl = Globals::$conf->file->main_force_https.$_SERVER["REQUEST_URI"];
110 110
             }
111 111
             // Start redirect
112 112
             if ($newurl) {
113
-                DolUtils::dol_syslog("main.inc: dolibarr_main_force_https is on, we make a redirect to " . $newurl);
113
+                DolUtils::dol_syslog("main.inc: dolibarr_main_force_https is on, we make a redirect to ".$newurl);
114 114
                 echo $newurl;
115 115
                 throw Exception('x');
116
-                header("Location: " . $newurl);
116
+                header("Location: ".$newurl);
117 117
                 exit;
118 118
             } else {
119 119
                 DolUtils::dol_syslog("main.inc: dolibarr_main_force_https is on but we failed to forge new https url so no redirect is done", LOG_WARNING);
@@ -138,29 +138,29 @@  discard block
 block discarded – undo
138 138
 
139 139
         // Loading of additional presentation includes
140 140
         if (!defined('NOREQUIREHTML')) {
141
-            require_once DOL_BASE_PATH . '/core/class/html.form.class.php';     // Need 660ko memory (800ko in 2.2)
141
+            require_once DOL_BASE_PATH.'/core/class/html.form.class.php'; // Need 660ko memory (800ko in 2.2)
142 142
         }
143 143
         if (!defined('NOREQUIREAJAX') && Globals::$conf->use_javascript_ajax) {
144
-            require_once DOL_BASE_PATH . '/core/lib/ajax.lib.php'; // Need 22ko memory
144
+            require_once DOL_BASE_PATH.'/core/lib/ajax.lib.php'; // Need 22ko memory
145 145
         }
146 146
         // If install or upgrade process not done or not completely finished, we call the install page.
147 147
         if (!empty(Globals::$conf->global->MAIN_NOT_INSTALLED) || !empty(Globals::$conf->global->MAIN_NOT_UPGRADED)) {
148 148
             DolUtils::dol_syslog("main.inc: A previous install or upgrade was not complete. Redirect to install page.", LOG_WARNING);
149 149
             throw Exception('x');
150
-            header("Location: " . DOL_BASE_URI . "/install/index.php");
150
+            header("Location: ".DOL_BASE_URI."/install/index.php");
151 151
             exit;
152 152
         }
153 153
         // If an upgrade process is required, we call the install page.
154 154
         if ((!empty(Globals::$conf->global->MAIN_VERSION_LAST_UPGRADE) && (Globals::$conf->global->MAIN_VERSION_LAST_UPGRADE != DOL_VERSION)) || (empty(Globals::$conf->global->MAIN_VERSION_LAST_UPGRADE) && !empty(Globals::$conf->global->MAIN_VERSION_LAST_INSTALL) && (Globals::$conf->global->MAIN_VERSION_LAST_INSTALL != DOL_VERSION))) {
155 155
             $versiontocompare = empty(Globals::$conf->global->MAIN_VERSION_LAST_UPGRADE) ? Globals::$conf->global->MAIN_VERSION_LAST_INSTALL : Globals::$conf->global->MAIN_VERSION_LAST_UPGRADE;
156
-            require_once DOL_BASE_PATH . '/core/lib/admin.lib.php';
156
+            require_once DOL_BASE_PATH.'/core/lib/admin.lib.php';
157 157
             $dolibarrversionlastupgrade = preg_split('/[.-]/', $versiontocompare);
158 158
             $dolibarrversionprogram = preg_split('/[.-]/', DOL_VERSION);
159 159
             $rescomp = versioncompare($dolibarrversionprogram, $dolibarrversionlastupgrade);
160 160
             if ($rescomp > 0) {   // Programs have a version higher than database. We did not add "&& $rescomp < 3" because we want upgrade process for build upgrades
161
-                DolUtils::dol_syslog("main.inc: database version " . $versiontocompare . " is lower than programs version " . DOL_VERSION . ". Redirect to install page.", LOG_WARNING);
161
+                DolUtils::dol_syslog("main.inc: database version ".$versiontocompare." is lower than programs version ".DOL_VERSION.". Redirect to install page.", LOG_WARNING);
162 162
                 throw Exception('x');
163
-                header("Location: " . DOL_BASE_URI . "/install/index.php");
163
+                header("Location: ".DOL_BASE_URI."/install/index.php");
164 164
                 exit;
165 165
             }
166 166
         }
@@ -184,7 +184,7 @@  discard block
 block discarded – undo
184 184
             }
185 185
             if ($_SERVER['REQUEST_METHOD'] === 'POST') {  // This test must be after loading $_SESSION['token'].
186 186
                 if (DolUtils::GETPOST('token', 'alpha') != $_SESSION['token']) {
187
-                    DolUtils::dol_syslog("Invalid token in " . $_SERVER['HTTP_REFERER'] . ", action=" . DolUtils::GETPOST('action', 'aZ09') . ", _POST['token']=" . DolUtils::GETPOST('token', 'alpha') . ", _SESSION['token']=" . $_SESSION['token'], LOG_WARNING);
187
+                    DolUtils::dol_syslog("Invalid token in ".$_SERVER['HTTP_REFERER'].", action=".DolUtils::GETPOST('action', 'aZ09').", _POST['token']=".DolUtils::GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING);
188 188
                     //print 'Unset POST by CSRF protection in main.inc.php.';	// Do not output anything because this create problems when using the BACK button on browsers.
189 189
                     unset($_POST);
190 190
                 }
@@ -217,7 +217,7 @@  discard block
 block discarded – undo
217 217
         if (DolUtils::GETPOST('theme', 'alpha')) {
218 218
             Globals::$conf->theme = DolUtils::GETPOST('theme', 'alpha', 1);
219 219
             // Globals::$conf->css = "/theme/" . Globals::$conf->theme . "/style.css.php";
220
-            Globals::$conf->css = '?controller=theme/' . Globals::$conf->theme . '&method=style.css';
220
+            Globals::$conf->css = '?controller=theme/'.Globals::$conf->theme.'&method=style.css';
221 221
         }
222 222
 
223 223
 
@@ -267,7 +267,7 @@  discard block
 block discarded – undo
267 267
         if (!empty(Globals::$conf->dol_use_jmobile) && in_array(Globals::$conf->theme, array('bureau2crea', 'cameleo', 'amarok'))) {
268 268
             Globals::$conf->theme = 'eldy';
269 269
             // Globals::$conf->css = "/theme/" . Globals::$conf->theme . "/style.css.php";
270
-            Globals::$conf->css = '?controller=theme/' . Globals::$conf->theme . '&method=style.css';
270
+            Globals::$conf->css = '?controller=theme/'.Globals::$conf->theme.'&method=style.css';
271 271
         }
272 272
 
273 273
         if (!defined('NOREQUIRETRAN')) {
@@ -304,7 +304,7 @@  discard block
 block discarded – undo
304 304
         }
305 305
 
306 306
 
307
-        DolUtils::dol_syslog("--- Access to " . $_SERVER["PHP_SELF"] . ' - action=' . DolUtils::GETPOST('action', 'az09') . ', massaction=' . DolUtils::GETPOST('massaction', 'az09'));
307
+        DolUtils::dol_syslog("--- Access to ".$_SERVER["PHP_SELF"].' - action='.DolUtils::GETPOST('action', 'az09').', massaction='.DolUtils::GETPOST('massaction', 'az09'));
308 308
         //Another call for easy debugg
309 309
         //dol_syslog("Access to ".$_SERVER["PHP_SELF"].' GET='.join(',',array_keys($_GET)).'->'.join(',',$_GET).' POST:'.join(',',array_keys($_POST)).'->'.join(',',$_POST));
310 310
         // Load main languages files
@@ -316,7 +316,7 @@  discard block
 block discarded – undo
316 316
         // Define some constants used for style of arrays
317 317
         $bc = array(0 => 'class="impair"', 1 => 'class="pair"');
318 318
         $bcdd = array(0 => 'class="drag drop oddeven"', 1 => 'class="drag drop oddeven"');
319
-        $bcnd = array(0 => 'class="nodrag nodrop nohover"', 1 => 'class="nodrag nodrop nohoverpair"');  // Used for tr to add new lines
319
+        $bcnd = array(0 => 'class="nodrag nodrop nohover"', 1 => 'class="nodrag nodrop nohoverpair"'); // Used for tr to add new lines
320 320
         $bctag = array(0 => 'class="impair tagtr"', 1 => 'class="pair tagtr"');
321 321
 
322 322
         // Define messages variables
@@ -364,7 +364,7 @@  discard block
 block discarded – undo
364 364
 // Load the menu manager (only if not already done)
365 365
             $file_menu = Globals::$conf->standard_menu;
366 366
             if (DolUtils::GETPOST('menu', 'alpha')) {
367
-                $file_menu = DolUtils::GETPOST('menu', 'alpha');     // example: menu=eldy_menu.php
367
+                $file_menu = DolUtils::GETPOST('menu', 'alpha'); // example: menu=eldy_menu.php
368 368
             }
369 369
             if (!class_exists('MenuManager')) {
370 370
                 $menufound = 0;
@@ -376,7 +376,7 @@  discard block
 block discarded – undo
376 376
                     }
377 377
                 }
378 378
                 if (!class_exists('MenuManager')) { // If failed to include, we try with standard eldy_menu.php
379
-                    DolUtils::dol_syslog("You define a menu manager '" . $file_menu . "' that can not be loaded.", LOG_WARNING);
379
+                    DolUtils::dol_syslog("You define a menu manager '".$file_menu."' that can not be loaded.", LOG_WARNING);
380 380
                     $file_menu = 'eldy_menu.php';
381 381
                     // include_once DOL_DOCUMENT_ROOT . "/core/menus/standard/" . $file_menu;
382 382
                 }
@@ -420,7 +420,7 @@  discard block
 block discarded – undo
420 420
 
421 421
         // This is to make Dolibarr working with Plesk
422 422
         if (!empty($_SERVER['DOCUMENT_ROOT']) && substr($_SERVER['DOCUMENT_ROOT'], -6) !== 'htdocs') {
423
-            set_include_path($_SERVER['DOCUMENT_ROOT'] . '/htdocs');
423
+            set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');
424 424
         }
425 425
 
426 426
         // If there is a POST parameter to tell to save automatically some POST parameters into cookies, we do it.
@@ -431,7 +431,7 @@  discard block
 block discarded – undo
431 431
             $tmplist = explode(',', $tmpautoset[1]);
432 432
             $cookiearrayvalue = array();
433 433
             foreach ($tmplist as $tmpkey) {
434
-                $postkey = $tmpautoset[0] . '_' . $tmpkey;
434
+                $postkey = $tmpautoset[0].'_'.$tmpkey;
435 435
 //var_dump('tmpkey='.$tmpkey.' postkey='.$postkey.' value='.$_POST[$postkey]);
436 436
                 if (!empty($_POST[$postkey])) {
437 437
                     $cookiearrayvalue[$tmpkey] = $_POST[$postkey];
@@ -492,8 +492,8 @@  discard block
 block discarded – undo
492 492
             $inj += preg_match('/insert\s+into/i', $val);
493 493
             $inj += preg_match('/select\s+from/i', $val);
494 494
             $inj += preg_match('/into\s+(outfile|dumpfile)/i', $val);
495
-            $inj += preg_match('/user\s*\(/i', $val);      // avoid to use function user() that return current database login
496
-            $inj += preg_match('/information_schema/i', $val);    // avoid to use request that read information_schema database
495
+            $inj += preg_match('/user\s*\(/i', $val); // avoid to use function user() that return current database login
496
+            $inj += preg_match('/information_schema/i', $val); // avoid to use request that read information_schema database
497 497
         }
498 498
         if ($type == 3) {
499 499
             $inj += preg_match('/select|update|delete|replace|group\s+by|concat|count|from/i', $val);
@@ -517,15 +517,15 @@  discard block
 block discarded – undo
517 517
             $inj += preg_match('/<style/i', $val);
518 518
         }
519 519
         $inj += preg_match('/base[\s]+href/si', $val);
520
-        $inj += preg_match('/<.*onmouse/si', $val);       // onmousexxx can be set on img or any html tag like <img title='...' onmouseover=alert(1)>
521
-        $inj += preg_match('/onerror\s*=/i', $val);       // onerror can be set on img or any html tag like <img title='...' onerror = alert(1)>
522
-        $inj += preg_match('/onfocus\s*=/i', $val);       // onfocus can be set on input text html tag like <input type='text' value='...' onfocus = alert(1)>
523
-        $inj += preg_match('/onload\s*=/i', $val);        // onload can be set on svg tag <svg/onload=alert(1)> or other tag like body <body onload=alert(1)>
524
-        $inj += preg_match('/onloadstart\s*=/i', $val);   // onload can be set on audio tag <audio onloadstart=alert(1)>
525
-        $inj += preg_match('/onclick\s*=/i', $val);       // onclick can be set on img text html tag like <img onclick = alert(1)>
526
-        $inj += preg_match('/onscroll\s*=/i', $val);      // onscroll can be on textarea
520
+        $inj += preg_match('/<.*onmouse/si', $val); // onmousexxx can be set on img or any html tag like <img title='...' onmouseover=alert(1)>
521
+        $inj += preg_match('/onerror\s*=/i', $val); // onerror can be set on img or any html tag like <img title='...' onerror = alert(1)>
522
+        $inj += preg_match('/onfocus\s*=/i', $val); // onfocus can be set on input text html tag like <input type='text' value='...' onfocus = alert(1)>
523
+        $inj += preg_match('/onload\s*=/i', $val); // onload can be set on svg tag <svg/onload=alert(1)> or other tag like body <body onload=alert(1)>
524
+        $inj += preg_match('/onloadstart\s*=/i', $val); // onload can be set on audio tag <audio onloadstart=alert(1)>
525
+        $inj += preg_match('/onclick\s*=/i', $val); // onclick can be set on img text html tag like <img onclick = alert(1)>
526
+        $inj += preg_match('/onscroll\s*=/i', $val); // onscroll can be on textarea
527 527
 //$inj += preg_match('/on[A-Z][a-z]+\*=/', $val);   // To lock event handlers onAbort(), ...
528
-        $inj += preg_match('/&#58;|&#0000058|&#x3A/i', $val);  // refused string ':' encoded (no reason to have it encoded) to lock 'javascript:...'
528
+        $inj += preg_match('/&#58;|&#0000058|&#x3A/i', $val); // refused string ':' encoded (no reason to have it encoded) to lock 'javascript:...'
529 529
 //if ($type == 1)
530 530
 //{
531 531
         $inj += preg_match('/javascript:/i', $val);
@@ -533,10 +533,10 @@  discard block
 block discarded – undo
533 533
 //}
534 534
 // For XSS Injection done by adding javascript closing html tags like with onmousemove, etc... (closing a src or href tag with not cleaned param)
535 535
         if ($type == 1) {
536
-            $inj += preg_match('/"/i', $val);  // We refused " in GET parameters value
536
+            $inj += preg_match('/"/i', $val); // We refused " in GET parameters value
537 537
         }
538 538
         if ($type == 2) {
539
-            $inj += preg_match('/[;"]/', $val);  // PHP_SELF is a file system path. It can contains spaces.
539
+            $inj += preg_match('/[;"]/', $val); // PHP_SELF is a file system path. It can contains spaces.
540 540
         }
541 541
         return $inj;
542 542
     }
@@ -555,7 +555,7 @@  discard block
 block discarded – undo
555 555
                 if ($this->analyseVarsForSqlAndScriptsInjection($key, $type) && $this->analyseVarsForSqlAndScriptsInjection($value, $type)) {
556 556
 //$var[$key] = $value;	// This is useless
557 557
                 } else {
558
-                    print 'Access refused by SQL/Script injection protection in main.inc.php (type=' . htmlentities($type) . ' key=' . htmlentities($key) . ' value=' . htmlentities($value) . ' page=' . htmlentities($_SERVER["REQUEST_URI"]) . ')';
558
+                    print 'Access refused by SQL/Script injection protection in main.inc.php (type='.htmlentities($type).' key='.htmlentities($key).' value='.htmlentities($value).' page='.htmlentities($_SERVER["REQUEST_URI"]).')';
559 559
                     exit;
560 560
                 }
561 561
             }
@@ -626,20 +626,20 @@  discard block
 block discarded – undo
626 626
 
627 627
             // dol_syslog("POST key=".join(array_keys($_POST),',').' value='.join($_POST,','));
628 628
             // If in demo mode, we check we go to home page through the public/demo/index.php page
629
-            if (!empty($dolibarr_main_demo) && $_SERVER['PHP_SELF'] == DOL_BASE_URI . '/index.php') {
629
+            if (!empty($dolibarr_main_demo) && $_SERVER['PHP_SELF'] == DOL_BASE_URI.'/index.php') {
630 630
                 // We ask index page
631 631
                 if (empty($_SERVER['HTTP_REFERER']) || !preg_match('/public/', $_SERVER['HTTP_REFERER'])) {
632
-                    DolUtils::dol_syslog("Call index page from another url than demo page (call is done from page " . $_SERVER['HTTP_REFERER'] . ")");
632
+                    DolUtils::dol_syslog("Call index page from another url than demo page (call is done from page ".$_SERVER['HTTP_REFERER'].")");
633 633
                     $url = '';
634
-                    $url .= ($url ? '&' : '') . ($dol_hide_topmenu ? 'dol_hide_topmenu=' . $dol_hide_topmenu : '');
635
-                    $url .= ($url ? '&' : '') . ($dol_hide_leftmenu ? 'dol_hide_leftmenu=' . $dol_hide_leftmenu : '');
636
-                    $url .= ($url ? '&' : '') . ($dol_optimize_smallscreen ? 'dol_optimize_smallscreen=' . $dol_optimize_smallscreen : '');
637
-                    $url .= ($url ? '&' : '') . ($dol_no_mouse_hover ? 'dol_no_mouse_hover=' . $dol_no_mouse_hover : '');
638
-                    $url .= ($url ? '&' : '') . ($dol_use_jmobile ? 'dol_use_jmobile=' . $dol_use_jmobile : '');
639
-                    $url = DOL_BASE_URI . '/public/demo/index.php' . ($url ? '?' . $url : '');
634
+                    $url .= ($url ? '&' : '').($dol_hide_topmenu ? 'dol_hide_topmenu='.$dol_hide_topmenu : '');
635
+                    $url .= ($url ? '&' : '').($dol_hide_leftmenu ? 'dol_hide_leftmenu='.$dol_hide_leftmenu : '');
636
+                    $url .= ($url ? '&' : '').($dol_optimize_smallscreen ? 'dol_optimize_smallscreen='.$dol_optimize_smallscreen : '');
637
+                    $url .= ($url ? '&' : '').($dol_no_mouse_hover ? 'dol_no_mouse_hover='.$dol_no_mouse_hover : '');
638
+                    $url .= ($url ? '&' : '').($dol_use_jmobile ? 'dol_use_jmobile='.$dol_use_jmobile : '');
639
+                    $url = DOL_BASE_URI.'/public/demo/index.php'.($url ? '?'.$url : '');
640 640
                     echo $url;
641 641
                     throw Exception('x');
642
-                    header("Location: " . $url);
642
+                    header("Location: ".$url);
643 643
                     exit;
644 644
                 }
645 645
             }
@@ -660,7 +660,7 @@  discard block
 block discarded – undo
660 660
                     $test = false;
661 661
 
662 662
                     // Call trigger for the "security events" log
663
-                    Globals::$user->trigger_mesg = 'ErrorBadValueForCode - login=' . DolUtils::GETPOST("username", "alpha", 2);
663
+                    Globals::$user->trigger_mesg = 'ErrorBadValueForCode - login='.DolUtils::GETPOST("username", "alpha", 2);
664 664
 
665 665
                     // Call of triggers
666 666
                     //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php';
@@ -675,7 +675,7 @@  discard block
 block discarded – undo
675 675
                     $action = '';
676 676
                     Globals::$hookManager->initHooks(array('login'));
677 677
                     $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]);
678
-                    $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action);    // Note that $action and $object may have been modified by some hooks
678
+                    $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks
679 679
                     if ($reshook < 0) {
680 680
                         $error++;
681 681
                     }
@@ -760,7 +760,7 @@  discard block
 block discarded – undo
760 760
                     }
761 761
 
762 762
                     // Call trigger for the "security events" log
763
-                    Globals::$user->trigger_mesg = Globals::$langs->trans("ErrorBadLoginPassword") . ' - login=' . DolUtils::GETPOST("username", "alpha", 2);
763
+                    Globals::$user->trigger_mesg = Globals::$langs->trans("ErrorBadLoginPassword").' - login='.DolUtils::GETPOST("username", "alpha", 2);
764 764
 
765 765
                     // Call of triggers
766 766
                     //include_once DOL_BASE_PATH . '/core/class/interfaces.class.php';
@@ -774,7 +774,7 @@  discard block
 block discarded – undo
774 774
                     $action = '';
775 775
                     Globals::$hookManager->initHooks(array('login'));
776 776
                     $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]);
777
-                    $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action);    // Note that $action and $object may have been modified by some hooks
777
+                    $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks
778 778
                     if ($reshook < 0) {
779 779
                         $error++;
780 780
                     }
@@ -786,7 +786,7 @@  discard block
 block discarded – undo
786 786
             // End test login / passwords
787 787
             if (!$login || (in_array('ldap', $this->authmode) && empty($passwordtotest))) { // With LDAP we refused empty password because some LDAP are "opened" for anonymous access so connexion is a success.
788 788
                 // No data to test login, so we show the login page
789
-                DolUtils::dol_syslog("--- Access to " . $_SERVER["PHP_SELF"] . " showing the login form and exit");
789
+                DolUtils::dol_syslog("--- Access to ".$_SERVER["PHP_SELF"]." showing the login form and exit");
790 790
                 if (defined('NOREDIRECTBYMAINTOLOGIN')) {
791 791
                     return 'ERROR_NOT_LOGGED';
792 792
                 } else {
@@ -800,8 +800,8 @@  discard block
 block discarded – undo
800 800
                 DolUtils::dol_syslog('User not found, connexion refused');
801 801
                 session_destroy();
802 802
                 session_name($this->sessionname);
803
-                session_set_cookie_params(0, '/', null, false, true);   // Add tag httponly on session cookie
804
-                session_start();    // Fixing the bug of register_globals here is useless since session is empty
803
+                session_set_cookie_params(0, '/', null, false, true); // Add tag httponly on session cookie
804
+                session_start(); // Fixing the bug of register_globals here is useless since session is empty
805 805
 
806 806
                 if ($resultFetchUser == 0) {
807 807
                 // Load translation files required by page
@@ -809,7 +809,7 @@  discard block
 block discarded – undo
809 809
 
810 810
                     $_SESSION["dol_loginmesg"] = Globals::$langs->trans("ErrorCantLoadUserFromDolibarrDatabase", $login);
811 811
 
812
-                    Globals::$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login=' . $login;
812
+                    Globals::$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
813 813
                 }
814 814
                 if ($resultFetchUser < 0) {
815 815
                     $_SESSION["dol_loginmesg"] = Globals::$user->error;
@@ -829,24 +829,24 @@  discard block
 block discarded – undo
829 829
                 $action = '';
830 830
                 Globals::$hookManager->initHooks(array('login'));
831 831
                 $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]);
832
-                $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action);    // Note that $action and $object may have been modified by some hooks
832
+                $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks
833 833
                 if ($reshook < 0) {
834 834
                     $error++;
835 835
                 }
836 836
 
837 837
                 $paramsurl = array();
838 838
                 if (DolUtils::GETPOST('textbrowser', 'int')) {
839
-                    $paramsurl[] = 'textbrowser=' . DolUtils::GETPOST('textbrowser', 'int');
839
+                    $paramsurl[] = 'textbrowser='.DolUtils::GETPOST('textbrowser', 'int');
840 840
                 }
841 841
                 if (DolUtils::GETPOST('nojs', 'int')) {
842
-                    $paramsurl[] = 'nojs=' . DolUtils::GETPOST('nojs', 'int');
842
+                    $paramsurl[] = 'nojs='.DolUtils::GETPOST('nojs', 'int');
843 843
                 }
844 844
                 if (DolUtils::GETPOST('lang', 'aZ09')) {
845
-                    $paramsurl[] = 'lang=' . DolUtils::GETPOST('lang', 'aZ09');
845
+                    $paramsurl[] = 'lang='.DolUtils::GETPOST('lang', 'aZ09');
846 846
                 }
847
-                echo 'Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : '');
847
+                echo 'Location: '.DOL_BASE_URI.'/index.php'.(count($paramsurl) ? '?'.implode('&', $paramsurl) : '');
848 848
                 throw Exception('x');
849
-                header('Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : ''));
849
+                header('Location: '.DOL_BASE_URI.'/index.php'.(count($paramsurl) ? '?'.implode('&', $paramsurl) : ''));
850 850
                 exit;
851 851
             }
852 852
         }
@@ -855,16 +855,16 @@  discard block
 block discarded – undo
855 855
             // We are already into an authenticated session
856 856
             $login = $_SESSION["dol_login"];
857 857
             $entity = $_SESSION["dol_entity"];
858
-            DolUtils::dol_syslog("- This is an already logged session. _SESSION['dol_login']=" . $login . " _SESSION['dol_entity']=" . $entity, LOG_DEBUG);
858
+            DolUtils::dol_syslog("- This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG);
859 859
 
860 860
             $resultFetchUser = Globals::$user->fetch('', $login, '', 1, ($entity > 0 ? $entity : -1));
861 861
             if ($resultFetchUser <= 0) {
862 862
                 // Account has been removed after login
863
-                DolUtils::dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=" . $login, LOG_WARNING);
863
+                DolUtils::dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING);
864 864
                 session_destroy();
865 865
                 session_name($this->sessionname);
866
-                session_set_cookie_params(0, '/', null, false, true);   // Add tag httponly on session cookie
867
-                session_start();    // Fixing the bug of register_globals here is useless since session is empty
866
+                session_set_cookie_params(0, '/', null, false, true); // Add tag httponly on session cookie
867
+                session_start(); // Fixing the bug of register_globals here is useless since session is empty
868 868
 
869 869
                 if ($resultFetchUser == 0) {
870 870
                     // Load translation files required by page
@@ -872,7 +872,7 @@  discard block
 block discarded – undo
872 872
 
873 873
                     $_SESSION["dol_loginmesg"] = Globals::$langs->trans("ErrorCantLoadUserFromDolibarrDatabase", $login);
874 874
 
875
-                    Globals::$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login=' . $login;
875
+                    Globals::$user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login='.$login;
876 876
                 }
877 877
                 if ($resultFetchUser < 0) {
878 878
                     $_SESSION["dol_loginmesg"] = Globals::$user->error;
@@ -892,24 +892,24 @@  discard block
 block discarded – undo
892 892
                 $action = '';
893 893
                 Globals::$hookManager->initHooks(array('login'));
894 894
                 $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginmesg' => $_SESSION["dol_loginmesg"]);
895
-                $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action);    // Note that $action and $object may have been modified by some hooks
895
+                $reshook = Globals::$hookManager->executeHooks('afterLoginFailed', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks
896 896
                 if ($reshook < 0) {
897 897
                     $error++;
898 898
                 }
899 899
 
900 900
                 $paramsurl = array();
901 901
                 if (DolUtils::GETPOST('textbrowser', 'int')) {
902
-                    $paramsurl[] = 'textbrowser=' . DolUtils::GETPOST('textbrowser', 'int');
902
+                    $paramsurl[] = 'textbrowser='.DolUtils::GETPOST('textbrowser', 'int');
903 903
                 }
904 904
                 if (DolUtils::GETPOST('nojs', 'int')) {
905
-                    $paramsurl[] = 'nojs=' . DolUtils::GETPOST('nojs', 'int');
905
+                    $paramsurl[] = 'nojs='.DolUtils::GETPOST('nojs', 'int');
906 906
                 }
907 907
                 if (DolUtils::GETPOST('lang', 'aZ09')) {
908
-                    $paramsurl[] = 'lang=' . DolUtils::GETPOST('lang', 'aZ09');
908
+                    $paramsurl[] = 'lang='.DolUtils::GETPOST('lang', 'aZ09');
909 909
                 }
910
-                echo 'Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : '');
910
+                echo 'Location: '.DOL_BASE_URI.'/index.php'.(count($paramsurl) ? '?'.implode('&', $paramsurl) : '');
911 911
                 throw Exception('x');
912
-                header('Location: ' . DOL_BASE_URI . '/index.php' . (count($paramsurl) ? '?' . implode('&', $paramsurl) : ''));
912
+                header('Location: '.DOL_BASE_URI.'/index.php'.(count($paramsurl) ? '?'.implode('&', $paramsurl) : ''));
913 913
                 exit;
914 914
             } else {
915 915
 // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
@@ -918,30 +918,30 @@  discard block
 block discarded – undo
918 918
 // Code for search criteria persistence.
919 919
                 if (!empty($_GET['save_lastsearch_values'])) {    // We must use $_GET here
920 920
                     $relativepathstring = preg_replace('/\?.*$/', '', $_SERVER["HTTP_REFERER"]);
921
-                    $relativepathstring = preg_replace('/^https?:\/\/[^\/]*/', '', $relativepathstring);     // Get full path except host server
921
+                    $relativepathstring = preg_replace('/^https?:\/\/[^\/]*/', '', $relativepathstring); // Get full path except host server
922 922
 // Clean $relativepathstring
923 923
                     if (constant('DOL_BASE_URI')) {
924
-                        $relativepathstring = preg_replace('/^' . preg_quote(constant('DOL_BASE_URI'), '/') . '/', '', $relativepathstring);
924
+                        $relativepathstring = preg_replace('/^'.preg_quote(constant('DOL_BASE_URI'), '/').'/', '', $relativepathstring);
925 925
                     }
926 926
                     $relativepathstring = preg_replace('/^\//', '', $relativepathstring);
927 927
                     $relativepathstring = preg_replace('/^custom\//', '', $relativepathstring);
928 928
 //var_dump($relativepathstring);
929 929
 // We click on a link that leave a page we have to save search criteria, contextpage, limit and page. We save them from tmp to no tmp
930
-                    if (!empty($_SESSION['lastsearch_values_tmp_' . $relativepathstring])) {
931
-                        $_SESSION['lastsearch_values_' . $relativepathstring] = $_SESSION['lastsearch_values_tmp_' . $relativepathstring];
932
-                        unset($_SESSION['lastsearch_values_tmp_' . $relativepathstring]);
930
+                    if (!empty($_SESSION['lastsearch_values_tmp_'.$relativepathstring])) {
931
+                        $_SESSION['lastsearch_values_'.$relativepathstring] = $_SESSION['lastsearch_values_tmp_'.$relativepathstring];
932
+                        unset($_SESSION['lastsearch_values_tmp_'.$relativepathstring]);
933 933
                     }
934
-                    if (!empty($_SESSION['lastsearch_contextpage_tmp_' . $relativepathstring])) {
935
-                        $_SESSION['lastsearch_contextpage_' . $relativepathstring] = $_SESSION['lastsearch_contextpage_tmp_' . $relativepathstring];
936
-                        unset($_SESSION['lastsearch_contextpage_tmp_' . $relativepathstring]);
934
+                    if (!empty($_SESSION['lastsearch_contextpage_tmp_'.$relativepathstring])) {
935
+                        $_SESSION['lastsearch_contextpage_'.$relativepathstring] = $_SESSION['lastsearch_contextpage_tmp_'.$relativepathstring];
936
+                        unset($_SESSION['lastsearch_contextpage_tmp_'.$relativepathstring]);
937 937
                     }
938
-                    if (!empty($_SESSION['lastsearch_page_tmp_' . $relativepathstring]) && $_SESSION['lastsearch_page_tmp_' . $relativepathstring] > 1) {
939
-                        $_SESSION['lastsearch_page_' . $relativepathstring] = $_SESSION['lastsearch_page_tmp_' . $relativepathstring];
940
-                        unset($_SESSION['lastsearch_page_tmp_' . $relativepathstring]);
938
+                    if (!empty($_SESSION['lastsearch_page_tmp_'.$relativepathstring]) && $_SESSION['lastsearch_page_tmp_'.$relativepathstring] > 1) {
939
+                        $_SESSION['lastsearch_page_'.$relativepathstring] = $_SESSION['lastsearch_page_tmp_'.$relativepathstring];
940
+                        unset($_SESSION['lastsearch_page_tmp_'.$relativepathstring]);
941 941
                     }
942
-                    if (!empty($_SESSION['lastsearch_limit_tmp_' . $relativepathstring]) && $_SESSION['lastsearch_limit_tmp_' . $relativepathstring] != Globals::$conf->liste_limit) {
943
-                        $_SESSION['lastsearch_limit_' . $relativepathstring] = $_SESSION['lastsearch_limit_tmp_' . $relativepathstring];
944
-                        unset($_SESSION['lastsearch_limit_tmp_' . $relativepathstring]);
942
+                    if (!empty($_SESSION['lastsearch_limit_tmp_'.$relativepathstring]) && $_SESSION['lastsearch_limit_tmp_'.$relativepathstring] != Globals::$conf->liste_limit) {
943
+                        $_SESSION['lastsearch_limit_'.$relativepathstring] = $_SESSION['lastsearch_limit_tmp_'.$relativepathstring];
944
+                        unset($_SESSION['lastsearch_limit_tmp_'.$relativepathstring]);
945 945
                     }
946 946
                 }
947 947
 
@@ -990,14 +990,14 @@  discard block
 block discarded – undo
990 990
                 $_SESSION['dol_use_jmobile'] = $dol_use_jmobile;
991 991
             }
992 992
 
993
-            DolUtils::dol_syslog("This is a new started user session. _SESSION['dol_login']=" . $_SESSION["dol_login"] . " Session id=" . session_id());
993
+            DolUtils::dol_syslog("This is a new started user session. _SESSION['dol_login']=".$_SESSION["dol_login"]." Session id=".session_id());
994 994
 
995 995
             // Config::$dbEngine->begin();
996 996
             Config::$dbEngine->beginTransaction();
997 997
 
998 998
             Globals::$user->update_last_login_date();
999 999
 
1000
-            $loginfo = 'TZ=' . $_SESSION["dol_tz"] . ';TZString=' . $_SESSION["dol_tz_string"] . ';Screen=' . $_SESSION["dol_screenwidth"] . 'x' . $_SESSION["dol_screenheight"];
1000
+            $loginfo = 'TZ='.$_SESSION["dol_tz"].';TZString='.$_SESSION["dol_tz_string"].';Screen='.$_SESSION["dol_screenwidth"].'x'.$_SESSION["dol_screenheight"];
1001 1001
 
1002 1002
             // Call triggers for the "security events" log
1003 1003
             Globals::$user->trigger_mesg = $loginfo;
@@ -1013,7 +1013,7 @@  discard block
 block discarded – undo
1013 1013
             $action = '';
1014 1014
             Globals::$hookManager->initHooks(array('login'));
1015 1015
             $parameters = array('dol_authmode' => $this->dol_authmode, 'dol_loginfo' => $loginfo);
1016
-            $reshook = Globals::$hookManager->executeHooks('afterLogin', $parameters, Globals::$user, $action);    // Note that $action and $object may have been modified by some hooks
1016
+            $reshook = Globals::$hookManager->executeHooks('afterLogin', $parameters, Globals::$user, $action); // Note that $action and $object may have been modified by some hooks
1017 1017
             if ($reshook < 0) {
1018 1018
                 $error++;
1019 1019
             }
@@ -1034,7 +1034,7 @@  discard block
 block discarded – undo
1034 1034
                 if ($_SERVER["PHP_SELF"] != $newpath) {   // not already on landing page (avoid infinite loop)
1035 1035
                     echo $newpath;
1036 1036
                     throw Exception('x');
1037
-                    header('Location: ' . $newpath);
1037
+                    header('Location: '.$newpath);
1038 1038
                     exit;
1039 1039
                 }
1040 1040
             }
@@ -1065,7 +1065,7 @@  discard block
 block discarded – undo
1065 1065
         if (empty(Globals::$conf->global->MAIN_FORCETHEME) && !empty(Globals::$user->conf->MAIN_THEME)) {
1066 1066
             Globals::$conf->theme = Globals::$user->conf->MAIN_THEME;
1067 1067
 // Globals::$conf->css = "/theme/" . Globals::$conf->theme . "/style.css.php";
1068
-            Globals::$conf->css = '?controller=theme/' . Globals::$conf->theme . '&method=style.css';
1068
+            Globals::$conf->css = '?controller=theme/'.Globals::$conf->theme.'&method=style.css';
1069 1069
         }
1070 1070
     }
1071 1071
 }
Please login to merge, or discard this patch.
Base/User.php 1 patch
Spacing   +336 added lines, -336 removed lines patch added patch discarded remove patch
@@ -55,7 +55,7 @@  discard block
 block discarded – undo
55 55
     public $skype;
56 56
     public $twitter;
57 57
     public $facebook;
58
-    public $job;   // job position
58
+    public $job; // job position
59 59
     public $signature;
60 60
 
61 61
     /**
@@ -64,7 +64,7 @@  discard block
 block discarded – undo
64 64
     public $address;
65 65
     public $zip;
66 66
     public $town;
67
-    public $state_id;  // The state/department
67
+    public $state_id; // The state/department
68 68
     public $state_code;
69 69
     public $state;
70 70
     public $office_phone;
@@ -118,26 +118,26 @@  discard block
 block discarded – undo
118 118
     public $datepreviouslogin;
119 119
     public $photo;
120 120
     public $lang;
121
-    public $rights;                        // Array of permissions user->rights->permx
122
-    public $all_permissions_are_loaded;    // All permission are loaded
123
-    public $nb_rights;              // Number of rights granted to the user
124
-    private $_tab_loaded = array();     // Cache array of already loaded permissions
125
-    public $conf;             // To store personal config
126
-    public $default_values;         // To store default values for user
127
-    public $lastsearch_values_tmp;  // To store current search criterias for user
128
-    public $lastsearch_values;      // To store last saved search criterias for user
129
-    public $users = array();  // To store all tree of users hierarchy
130
-    public $parentof;    // To store an array of all parents for all ids.
121
+    public $rights; // Array of permissions user->rights->permx
122
+    public $all_permissions_are_loaded; // All permission are loaded
123
+    public $nb_rights; // Number of rights granted to the user
124
+    private $_tab_loaded = array(); // Cache array of already loaded permissions
125
+    public $conf; // To store personal config
126
+    public $default_values; // To store default values for user
127
+    public $lastsearch_values_tmp; // To store current search criterias for user
128
+    public $lastsearch_values; // To store last saved search criterias for user
129
+    public $users = array(); // To store all tree of users hierarchy
130
+    public $parentof; // To store an array of all parents for all ids.
131 131
     private $cache_childids;
132
-    public $accountancy_code;   // Accountancy code in prevision of the complete accountancy module
133
-    public $thm;     // Average cost of employee - Used for valuation of time spent
134
-    public $tjm;     // Average cost of employee
135
-    public $salary;     // Monthly salary       - Denormalized value from llx_user_employment
136
-    public $salaryextra;    // Monthly salary extra - Denormalized value from llx_user_employment
137
-    public $weeklyhours;    // Weekly hours         - Denormalized value from llx_user_employment
138
-    public $color;      // Define background color for user in agenda
139
-    public $dateemployment;   // Define date of employment by company
140
-    public $dateemploymentend;  // Define date of employment end by company
132
+    public $accountancy_code; // Accountancy code in prevision of the complete accountancy module
133
+    public $thm; // Average cost of employee - Used for valuation of time spent
134
+    public $tjm; // Average cost of employee
135
+    public $salary; // Monthly salary       - Denormalized value from llx_user_employment
136
+    public $salaryextra; // Monthly salary extra - Denormalized value from llx_user_employment
137
+    public $weeklyhours; // Weekly hours         - Denormalized value from llx_user_employment
138
+    public $color; // Define background color for user in agenda
139
+    public $dateemployment; // Define date of employment by company
140
+    public $dateemploymentend; // Define date of employment end by company
141 141
     public $default_c_exp_tax_cat;
142 142
     public $default_range;
143 143
     public $fields = array(
@@ -212,37 +212,37 @@  discard block
 block discarded – undo
212 212
         $sql .= " u.color,";
213 213
         $sql .= " u.dateemployment, u.dateemploymentend,";
214 214
         $sql .= " u.ref_int, u.ref_ext,";
215
-        $sql .= " u.default_range, u.default_c_exp_tax_cat,";   // Expense report default mode
215
+        $sql .= " u.default_range, u.default_c_exp_tax_cat,"; // Expense report default mode
216 216
         $sql .= " c.code as country_code, c.label as country,";
217 217
         $sql .= " d.code_departement as state_code, d.nom as state";
218
-        $sql .= " FROM " . MAIN_DB_PREFIX . "user as u";
219
-        $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "c_country as c ON u.fk_country = c.rowid";
220
-        $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "c_departements as d ON u.fk_state = d.rowid";
218
+        $sql .= " FROM ".MAIN_DB_PREFIX."user as u";
219
+        $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c ON u.fk_country = c.rowid";
220
+        $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as d ON u.fk_state = d.rowid";
221 221
 
222 222
         if ($entity < 0) {
223 223
             if ((empty(Globals::$conf->multicompany->enabled) || empty(Globals::$conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (!empty(Globals::$user->entity))) {
224
-                $sql .= " WHERE u.entity IN (0," . Globals::$conf->entity . ")";
224
+                $sql .= " WHERE u.entity IN (0,".Globals::$conf->entity.")";
225 225
             } else {
226
-                $sql .= " WHERE u.entity IS NOT NULL";    // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
226
+                $sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
227 227
             }
228 228
         } else {  // The fetch was forced on an entity
229 229
             if (!empty(Globals::$conf->multicompany->enabled) && !empty(Globals::$conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
230
-                $sql .= " WHERE u.entity IS NOT NULL";    // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
230
+                $sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
231 231
             } else {
232
-                $sql .= " WHERE u.entity IN (0, " . (($entity != '' && $entity >= 0) ? $entity : Globals::$conf->entity) . ")";   // search in entity provided in parameter
232
+                $sql .= " WHERE u.entity IN (0, ".(($entity != '' && $entity >= 0) ? $entity : Globals::$conf->entity).")"; // search in entity provided in parameter
233 233
             }
234 234
         }
235 235
 
236 236
         if ($sid) {    // permet une recherche du user par son SID ActiveDirectory ou Samba
237 237
 //$sql .= " AND (u.ldap_sid = '" . Config::$dbEngine->escape($sid) . "' OR u.login = '" . Config::$dbEngine->escape($login) . "') LIMIT 1";
238
-            $sql .= " AND (u.ldap_sid = '" . $sid . "' OR u.login = '" . Config::$dbEngine->escape($login) . "') LIMIT 1";
238
+            $sql .= " AND (u.ldap_sid = '".$sid."' OR u.login = '".Config::$dbEngine->escape($login)."') LIMIT 1";
239 239
         } else if ($login) {
240 240
 // $sql .= " AND u.login = '" . Config::$dbEngine->escape($login) . "'";
241
-            $sql .= " AND u.login = '" . $login . "'";
241
+            $sql .= " AND u.login = '".$login."'";
242 242
         } else {
243
-            $sql .= " AND u.rowid = " . $id;
243
+            $sql .= " AND u.rowid = ".$id;
244 244
         }
245
-        $sql .= " ORDER BY u.entity ASC";    // Avoid random result when there is 2 login in 2 different entities
245
+        $sql .= " ORDER BY u.entity ASC"; // Avoid random result when there is 2 login in 2 different entities
246 246
 
247 247
         $result = Config::$dbEngine->select($sql);
248 248
 // echo "<p>SQL in 2477 of User: '$sql'</p>";
@@ -328,7 +328,7 @@  discard block
 block discarded – undo
328 328
                 $this->datelastlogin = $obj->datel;
329 329
                 $this->datepreviouslogin = $obj->datep;
330 330
 
331
-                $this->societe_id = $obj->fk_soc;  // deprecated
331
+                $this->societe_id = $obj->fk_soc; // deprecated
332 332
                 $this->contact_id = $obj->fk_socpeople; // deprecated
333 333
                 $this->socid = $obj->fk_soc;
334 334
                 $this->contactid = $obj->fk_socpeople;
@@ -349,7 +349,7 @@  discard block
 block discarded – undo
349 349
                 $this->fetch_optionals();
350 350
             } else {
351 351
                 $this->error = "USERNOTFOUND";
352
-                DolUtils::dol_syslog(get_class($this) . "::fetch user not found", LOG_DEBUG);
352
+                DolUtils::dol_syslog(get_class($this)."::fetch user not found", LOG_DEBUG);
353 353
                 return 0;
354 354
             }
355 355
         } else {
@@ -360,9 +360,9 @@  discard block
 block discarded – undo
360 360
 // To get back the global configuration unique to the user
361 361
         if ($loadpersonalconf) {
362 362
 // Load user->conf for user
363
-            $sql = "SELECT param, value FROM " . MAIN_DB_PREFIX . "user_param";
364
-            $sql .= " WHERE fk_user = " . $this->id;
365
-            $sql .= " AND entity = " . Globals::$conf->entity;
363
+            $sql = "SELECT param, value FROM ".MAIN_DB_PREFIX."user_param";
364
+            $sql .= " WHERE fk_user = ".$this->id;
365
+            $sql .= " AND entity = ".Globals::$conf->entity;
366 366
 //DolUtils::dol_syslog(get_class($this).'::fetch load personalized conf', LOG_DEBUG);
367 367
             $resql = Config::$dbEngine->select($sql);
368 368
             if (is_array($resql)) {
@@ -400,9 +400,9 @@  discard block
 block discarded – undo
400 400
 // global $conf;
401 401
 // Load user->default_values for user. TODO Save this in memcached ?
402 402
         $sql = "SELECT rowid, entity, type, page, param, value";
403
-        $sql .= " FROM " . MAIN_DB_PREFIX . "default_values";
404
-        $sql .= " WHERE entity IN (" . ($this->entity > 0 ? $this->entity . ", " : "") . Globals::$conf->entity . ")"; // Entity of user (if defined) + current entity
405
-        $sql .= " AND user_id IN (0" . ($this->id > 0 ? ", " . $this->id : "") . ")";       // User 0 (all) + me (if defined)
403
+        $sql .= " FROM ".MAIN_DB_PREFIX."default_values";
404
+        $sql .= " WHERE entity IN (".($this->entity > 0 ? $this->entity.", " : "").Globals::$conf->entity.")"; // Entity of user (if defined) + current entity
405
+        $sql .= " AND user_id IN (0".($this->id > 0 ? ", ".$this->id : "").")"; // User 0 (all) + me (if defined)
406 406
         $resql = Config::$dbEngine->select($sql);
407 407
         if (is_array($resql)) {
408 408
             foreach ($resql as $array) {
@@ -450,7 +450,7 @@  discard block
 block discarded – undo
450 450
 
451 451
         $entity = (!empty($entity) ? $entity : Globals::$conf->entity);
452 452
 
453
-        DolUtils::dol_syslog(get_class($this) . "::addrights $rid, $allmodule, $allperms, $entity");
453
+        DolUtils::dol_syslog(get_class($this)."::addrights $rid, $allmodule, $allperms, $entity");
454 454
         $error = 0;
455 455
         $whereforadd = '';
456 456
 
@@ -460,9 +460,9 @@  discard block
 block discarded – undo
460 460
 // Si on a demande ajout d'un droit en particulier, on recupere
461 461
 // les caracteristiques (module, perms et subperms) de ce droit.
462 462
             $sql = "SELECT module, perms, subperms";
463
-            $sql .= " FROM " . MAIN_DB_PREFIX . "rights_def";
464
-            $sql .= " WHERE id = '" . Config::$dbEngine->escape($rid) . "'";
465
-            $sql .= " AND entity = " . $entity;
463
+            $sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
464
+            $sql .= " WHERE id = '".Config::$dbEngine->escape($rid)."'";
465
+            $sql .= " AND entity = ".$entity;
466 466
 
467 467
             $result = Config::$dbEngine->query($sql);
468 468
             if ($result) {
@@ -476,7 +476,7 @@  discard block
 block discarded – undo
476 476
             }
477 477
 
478 478
 // Where pour la liste des droits a ajouter
479
-            $whereforadd = "id=" . Config::$dbEngine->escape($rid);
479
+            $whereforadd = "id=".Config::$dbEngine->escape($rid);
480 480
 // Ajout des droits induits
481 481
             if (!empty($subperms)) {
482 482
                 $whereforadd .= " OR (module='$module' AND perms='$perms' AND (subperms='lire' OR subperms='read'))";
@@ -493,9 +493,9 @@  discard block
 block discarded – undo
493 493
                 if ($allmodule == 'allmodules') {
494 494
                     $whereforadd = 'allmodules';
495 495
                 } else {
496
-                    $whereforadd = "module='" . Config::$dbEngine->escape($allmodule) . "'";
496
+                    $whereforadd = "module='".Config::$dbEngine->escape($allmodule)."'";
497 497
                     if (!empty($allperms)) {
498
-                        $whereforadd .= " AND perms='" . Config::$dbEngine->escape($allperms) . "'";
498
+                        $whereforadd .= " AND perms='".Config::$dbEngine->escape($allperms)."'";
499 499
                     }
500 500
                 }
501 501
             }
@@ -505,10 +505,10 @@  discard block
 block discarded – undo
505 505
         if (!empty($whereforadd)) {
506 506
 //print "$module-$perms-$subperms";
507 507
             $sql = "SELECT id";
508
-            $sql .= " FROM " . MAIN_DB_PREFIX . "rights_def";
509
-            $sql .= " WHERE entity = " . $entity;
508
+            $sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
509
+            $sql .= " WHERE entity = ".$entity;
510 510
             if (!empty($whereforadd) && $whereforadd != 'allmodules') {
511
-                $sql .= " AND " . $whereforadd;
511
+                $sql .= " AND ".$whereforadd;
512 512
             }
513 513
 
514 514
             $result = Config::$dbEngine->query($sql);
@@ -519,10 +519,10 @@  discard block
 block discarded – undo
519 519
                     $obj = Config::$dbEngine->fetch_object($result);
520 520
                     $nid = $obj->id;
521 521
 
522
-                    $sql = "DELETE FROM " . MAIN_DB_PREFIX . "user_rights WHERE fk_user = " . $this->id . " AND fk_id=" . $nid . " AND entity = " . $entity;
522
+                    $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".$this->id." AND fk_id=".$nid." AND entity = ".$entity;
523 523
                     if (!Config::$dbEngine->query($sql))
524 524
                         $error++;
525
-                    $sql = "INSERT INTO " . MAIN_DB_PREFIX . "user_rights (entity, fk_user, fk_id) VALUES (" . $entity . ", " . $this->id . ", " . $nid . ")";
525
+                    $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (entity, fk_user, fk_id) VALUES (".$entity.", ".$this->id.", ".$nid.")";
526 526
                     if (!Config::$dbEngine->query($sql))
527 527
                         $error++;
528 528
 
@@ -537,7 +537,7 @@  discard block
 block discarded – undo
537 537
 
538 538
         if (!$error && !$notrigger) {
539 539
             Globals::$langs->load("other");
540
-            $this->context = array('audit' => Globals::$langs->trans("PermissionsAdd") . ($rid ? ' (id=' . $rid . ')' : ''));
540
+            $this->context = array('audit' => Globals::$langs->trans("PermissionsAdd").($rid ? ' (id='.$rid.')' : ''));
541 541
 
542 542
 // Call trigger
543 543
             $result = $this->call_trigger('USER_MODIFY', Globals::$user);
@@ -581,9 +581,9 @@  discard block
 block discarded – undo
581 581
 // Si on a demande supression d'un droit en particulier, on recupere
582 582
 // les caracteristiques module, perms et subperms de ce droit.
583 583
             $sql = "SELECT module, perms, subperms";
584
-            $sql .= " FROM " . MAIN_DB_PREFIX . "rights_def";
585
-            $sql .= " WHERE id = '" . Config::$dbEngine->escape($rid) . "'";
586
-            $sql .= " AND entity = " . $entity;
584
+            $sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
585
+            $sql .= " WHERE id = '".Config::$dbEngine->escape($rid)."'";
586
+            $sql .= " AND entity = ".$entity;
587 587
 
588 588
             $result = Config::$dbEngine->query($sql);
589 589
             if ($result) {
@@ -597,7 +597,7 @@  discard block
 block discarded – undo
597 597
             }
598 598
 
599 599
 // Where pour la liste des droits a supprimer
600
-            $wherefordel = "id=" . Config::$dbEngine->escape($rid);
600
+            $wherefordel = "id=".Config::$dbEngine->escape($rid);
601 601
 // Suppression des droits induits
602 602
             if ($subperms == 'lire' || $subperms == 'read') {
603 603
                 $wherefordel .= " OR (module='$module' AND perms='$perms' AND subperms IS NOT NULL)";
@@ -612,9 +612,9 @@  discard block
 block discarded – undo
612 612
                 if ($allmodule == 'allmodules') {
613 613
                     $wherefordel = 'allmodules';
614 614
                 } else {
615
-                    $wherefordel = "module='" . Config::$dbEngine->escape($allmodule) . "'";
615
+                    $wherefordel = "module='".Config::$dbEngine->escape($allmodule)."'";
616 616
                     if (!empty($allperms)) {
617
-                        $whereforadd .= " AND perms='" . Config::$dbEngine->escape($allperms) . "'";
617
+                        $whereforadd .= " AND perms='".Config::$dbEngine->escape($allperms)."'";
618 618
                     }
619 619
                 }
620 620
             }
@@ -624,10 +624,10 @@  discard block
 block discarded – undo
624 624
         if (!empty($wherefordel)) {
625 625
 //print "$module-$perms-$subperms";
626 626
             $sql = "SELECT id";
627
-            $sql .= " FROM " . MAIN_DB_PREFIX . "rights_def";
628
-            $sql .= " WHERE entity = " . $entity;
627
+            $sql .= " FROM ".MAIN_DB_PREFIX."rights_def";
628
+            $sql .= " WHERE entity = ".$entity;
629 629
             if (!empty($wherefordel) && $wherefordel != 'allmodules') {
630
-                $sql .= " AND " . $wherefordel;
630
+                $sql .= " AND ".$wherefordel;
631 631
             }
632 632
 
633 633
             $result = Config::$dbEngine->query($sql);
@@ -638,9 +638,9 @@  discard block
 block discarded – undo
638 638
                     $obj = Config::$dbEngine->fetch_object($result);
639 639
                     $nid = $obj->id;
640 640
 
641
-                    $sql = "DELETE FROM " . MAIN_DB_PREFIX . "user_rights";
642
-                    $sql .= " WHERE fk_user = " . $this->id . " AND fk_id=" . $nid;
643
-                    $sql .= " AND entity = " . $entity;
641
+                    $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights";
642
+                    $sql .= " WHERE fk_user = ".$this->id." AND fk_id=".$nid;
643
+                    $sql .= " AND entity = ".$entity;
644 644
                     if (!Config::$dbEngine->query($sql)) {
645 645
                         $error++;
646 646
                     }
@@ -655,7 +655,7 @@  discard block
 block discarded – undo
655 655
 
656 656
         if (!$error && !$notrigger) {
657 657
             Globals::$langs->load("other");
658
-            $this->context = array('audit' => Globals::$langs->trans("PermissionsDelete") . ($rid ? ' (id=' . $rid . ')' : ''));
658
+            $this->context = array('audit' => Globals::$langs->trans("PermissionsDelete").($rid ? ' (id='.$rid.')' : ''));
659