@@ -87,10 +87,10 @@ discard block |
||
87 | 87 | function dolGetRandomBytes($length) |
88 | 88 | { |
89 | 89 | if (function_exists('random_bytes')) { // Available with PHP 7 only. |
90 | - return bin2hex(random_bytes((int)floor($length / 2))); // the bin2hex will double the number of bytes so we take length / 2 |
|
90 | + return bin2hex(random_bytes((int) floor($length / 2))); // the bin2hex will double the number of bytes so we take length / 2 |
|
91 | 91 | } |
92 | 92 | |
93 | - return bin2hex(openssl_random_pseudo_bytes((int)floor($length / 2))); // the bin2hex will double the number of bytes so we take length / 2. May be very slow on Windows. |
|
93 | + return bin2hex(openssl_random_pseudo_bytes((int) floor($length / 2))); // the bin2hex will double the number of bytes so we take length / 2. May be very slow on Windows. |
|
94 | 94 | } |
95 | 95 | |
96 | 96 | /** |
@@ -201,7 +201,7 @@ discard block |
||
201 | 201 | if (!empty($tmpexplode[1]) && is_string($tmpexplode[0])) { |
202 | 202 | $newchain = openssl_decrypt($tmpexplode[1], $ciphering, $key, 0, $tmpexplode[0]); |
203 | 203 | } else { |
204 | - $newchain = openssl_decrypt((string)$tmpexplode[0], $ciphering, $key, 0, ''); |
|
204 | + $newchain = openssl_decrypt((string) $tmpexplode[0], $ciphering, $key, 0, ''); |
|
205 | 205 | } |
206 | 206 | } else { |
207 | 207 | dol_syslog("Error dolDecrypt openssl_decrypt is not available", LOG_ERR); |
@@ -308,7 +308,7 @@ discard block |
||
308 | 308 | $type = 'md5'; |
309 | 309 | } |
310 | 310 | |
311 | - $salt = substr(sha1((string)time()), 0, 8); |
|
311 | + $salt = substr(sha1((string) time()), 0, 8); |
|
312 | 312 | |
313 | 313 | if ($type === 'md5') { |
314 | 314 | return '{MD5}' . base64_encode(hash("md5", $password, true)); //For OpenLdap with md5 (based on an unencrypted password in base) |
@@ -335,7 +335,7 @@ discard block |
||
335 | 335 | } elseif ($type === 'crypt') { |
336 | 336 | return '{CRYPT}' . crypt($password, $salt); |
337 | 337 | } elseif ($type === 'clear') { |
338 | - return '{CLEAR}' . $password; // Just for test, plain text password is not secured ! |
|
338 | + return '{CLEAR}' . $password; // Just for test, plain text password is not secured ! |
|
339 | 339 | } |
340 | 340 | return ""; |
341 | 341 | } |
@@ -380,13 +380,13 @@ discard block |
||
380 | 380 | if (is_object($object)) { |
381 | 381 | $objectid = $object->id; |
382 | 382 | } else { |
383 | - $objectid = $object; // $objectid can be X or 'X,Y,Z' |
|
383 | + $objectid = $object; // $objectid can be X or 'X,Y,Z' |
|
384 | 384 | } |
385 | 385 | if ($objectid == "-1") { |
386 | 386 | $objectid = 0; |
387 | 387 | } |
388 | 388 | if ($objectid) { |
389 | - $objectid = preg_replace('/[^0-9\.\,]/', '', (string)$objectid); // For the case value is coming from a non sanitized user input |
|
389 | + $objectid = preg_replace('/[^0-9\.\,]/', '', (string) $objectid); // For the case value is coming from a non sanitized user input |
|
390 | 390 | } |
391 | 391 | |
392 | 392 | //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft"); |
@@ -874,9 +874,9 @@ discard block |
||
874 | 874 | if (is_object($object)) { |
875 | 875 | $objectid = $object->id; |
876 | 876 | } else { |
877 | - $objectid = $object; // $objectid can be X or 'X,Y,Z' |
|
877 | + $objectid = $object; // $objectid can be X or 'X,Y,Z' |
|
878 | 878 | } |
879 | - $objectid = preg_replace('/[^0-9\.\,]/', '', $objectid); // For the case value is coming from a non sanitized user input |
|
879 | + $objectid = preg_replace('/[^0-9\.\,]/', '', $objectid); // For the case value is coming from a non sanitized user input |
|
880 | 880 | |
881 | 881 | //dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename, $feature2, $dbt_socfield, $dbt_select, $isdraft"); |
882 | 882 | //print "user_id=".$user->id.", features=".join(',', $featuresarray).", objectid=".$objectid; |
@@ -926,8 +926,8 @@ discard block |
||
926 | 926 | $checkparentsoc = ['agenda', 'contact', 'contrat']; // Test on entity + link to third party on field $dbt_keyfield. Allowed if link is empty (Ex: contacts...). |
927 | 927 | $checkproject = ['projet', 'project']; // Test for project object |
928 | 928 | $checktask = ['projet_task']; // Test for task object |
929 | - $checkhierarchy = ['expensereport', 'holiday']; // check permission among the hierarchy of user |
|
930 | - $checkuser = ['bookmark']; // check permission among the fk_user (must be myself or null) |
|
929 | + $checkhierarchy = ['expensereport', 'holiday']; // check permission among the hierarchy of user |
|
930 | + $checkuser = ['bookmark']; // check permission among the fk_user (must be myself or null) |
|
931 | 931 | $nocheck = ['barcode', 'stock']; // No test |
932 | 932 | |
933 | 933 | //$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...). |
@@ -940,7 +940,7 @@ discard block |
||
940 | 940 | |
941 | 941 | // To avoid an access forbidden with a numeric ref |
942 | 942 | if ($dbt_select != 'rowid' && $dbt_select != 'id') { |
943 | - $objectid = "'" . $objectid . "'"; // Note: $objectid was already cast into int at begin of this method. |
|
943 | + $objectid = "'" . $objectid . "'"; // Note: $objectid was already cast into int at begin of this method. |
|
944 | 944 | } |
945 | 945 | // Check permission for objectid on entity only |
946 | 946 | if (in_array($feature, $check) && $objectid > 0) { // For $objectid = 0, no check |
@@ -987,7 +987,7 @@ discard block |
||
987 | 987 | $sql .= " FROM (" . MAIN_DB_PREFIX . "societe_commerciaux as sc"; |
988 | 988 | $sql .= ", " . MAIN_DB_PREFIX . "societe as s)"; |
989 | 989 | $sql .= " WHERE sc.fk_soc IN (" . $db->sanitize($objectid, 1) . ")"; |
990 | - $sql .= " AND (sc.fk_user = " . ((int)$user->id); |
|
990 | + $sql .= " AND (sc.fk_user = " . ((int) $user->id); |
|
991 | 991 | if (getDolGlobalInt('MAIN_SEE_SUBORDINATES')) { |
992 | 992 | $userschilds = $user->getAllChildIds(); |
993 | 993 | $sql .= " OR sc.fk_user IN (" . $db->sanitize(implode(',', $userschilds)) . ")"; |
@@ -1011,12 +1011,12 @@ discard block |
||
1011 | 1011 | $sql = "SELECT COUNT(dbt." . $dbt_select . ") as nb"; |
1012 | 1012 | $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt"; |
1013 | 1013 | $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")"; |
1014 | - $sql .= " AND dbt.fk_soc = " . ((int)$user->socid); |
|
1014 | + $sql .= " AND dbt.fk_soc = " . ((int) $user->socid); |
|
1015 | 1015 | } elseif (isModEnabled("societe") && ($user->hasRight('societe', 'lire') && !$user->hasRight('societe', 'client', 'voir'))) { |
1016 | 1016 | // If internal user: Check permission for internal users that are restricted on their objects |
1017 | 1017 | $sql = "SELECT COUNT(dbt." . $dbt_select . ") as nb"; |
1018 | 1018 | $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt"; |
1019 | - $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = " . ((int)$user->id); |
|
1019 | + $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON dbt.fk_soc = sc.fk_soc AND sc.fk_user = " . ((int) $user->id); |
|
1020 | 1020 | $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")"; |
1021 | 1021 | $sql .= " AND (dbt.fk_soc IS NULL OR sc.fk_soc IS NOT NULL)"; // Contact not linked to a company or to a company of user |
1022 | 1022 | $sql .= " AND dbt.entity IN (" . getEntity($sharedelement, 1) . ")"; |
@@ -1084,7 +1084,7 @@ discard block |
||
1084 | 1084 | $sql = "SELECT COUNT(dbt." . $dbt_keyfield . ") as nb"; |
1085 | 1085 | $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt"; |
1086 | 1086 | $sql .= " WHERE dbt.rowid IN (" . $db->sanitize($objectid, 1) . ")"; |
1087 | - $sql .= " AND dbt." . $dbt_keyfield . " = " . ((int)$user->socid); |
|
1087 | + $sql .= " AND dbt." . $dbt_keyfield . " = " . ((int) $user->socid); |
|
1088 | 1088 | } elseif (isModEnabled("societe") && !$user->hasRight('societe', 'client', 'voir')) { |
1089 | 1089 | // If internal user without permission to see all thirdparties: Check permission for internal users that are restricted on their objects |
1090 | 1090 | if ($feature != 'ticket') { |
@@ -1097,11 +1097,11 @@ discard block |
||
1097 | 1097 | $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")"; |
1098 | 1098 | $sql .= " AND dbt.entity IN (" . getEntity($sharedelement, 1) . ")"; |
1099 | 1099 | $sql .= " AND sc.fk_soc = dbt." . $dbt_keyfield; |
1100 | - $sql .= " AND (sc.fk_user = " . ((int)$user->id); |
|
1100 | + $sql .= " AND (sc.fk_user = " . ((int) $user->id); |
|
1101 | 1101 | if (getDolGlobalInt('MAIN_SEE_SUBORDINATES')) { |
1102 | 1102 | $userschilds = $user->getAllChildIds(); |
1103 | 1103 | foreach ($userschilds as $key => $value) { |
1104 | - $sql .= ' OR sc.fk_user = ' . ((int)$value); |
|
1104 | + $sql .= ' OR sc.fk_user = ' . ((int) $value); |
|
1105 | 1105 | } |
1106 | 1106 | } |
1107 | 1107 | $sql .= ')'; |
@@ -1109,10 +1109,10 @@ discard block |
||
1109 | 1109 | // On ticket, the thirdparty is not mandatory, so we need a special test to accept record with no thirdparties. |
1110 | 1110 | $sql = "SELECT COUNT(dbt." . $dbt_select . ") as nb"; |
1111 | 1111 | $sql .= " FROM " . MAIN_DB_PREFIX . $dbtablename . " as dbt"; |
1112 | - $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON sc.fk_soc = dbt." . $dbt_keyfield . " AND sc.fk_user = " . ((int)$user->id); |
|
1112 | + $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON sc.fk_soc = dbt." . $dbt_keyfield . " AND sc.fk_user = " . ((int) $user->id); |
|
1113 | 1113 | $sql .= " WHERE dbt." . $dbt_select . " IN (" . $db->sanitize($objectid, 1) . ")"; |
1114 | 1114 | $sql .= " AND dbt.entity IN (" . getEntity($sharedelement, 1) . ")"; |
1115 | - $sql .= " AND (sc.fk_user = " . ((int)$user->id) . " OR sc.fk_user IS NULL)"; |
|
1115 | + $sql .= " AND (sc.fk_user = " . ((int) $user->id) . " OR sc.fk_user IS NULL)"; |
|
1116 | 1116 | } |
1117 | 1117 | } elseif (isModEnabled('multicompany')) { |
1118 | 1118 | // If multicompany, and user is an internal user with all permissions, check that object is in correct entity |
@@ -86,9 +86,15 @@ |
||
86 | 86 | */ |
87 | 87 | |
88 | 88 | $nbmodulesnotautoenabled = count($conf->modules); |
89 | - if (in_array('fckeditor', $conf->modules)) $nbmodulesnotautoenabled--; |
|
90 | - if (in_array('export', $conf->modules)) $nbmodulesnotautoenabled--; |
|
91 | - if (in_array('import', $conf->modules)) $nbmodulesnotautoenabled--; |
|
89 | + if (in_array('fckeditor', $conf->modules)) { |
|
90 | + $nbmodulesnotautoenabled--; |
|
91 | + } |
|
92 | + if (in_array('export', $conf->modules)) { |
|
93 | + $nbmodulesnotautoenabled--; |
|
94 | + } |
|
95 | + if (in_array('import', $conf->modules)) { |
|
96 | + $nbmodulesnotautoenabled--; |
|
97 | + } |
|
92 | 98 | |
93 | 99 | // Check if company name is defined (first install) |
94 | 100 | if (!isset($conf->global->MAIN_INFO_SOCIETE_NOM) || !getDolGlobalString('MAIN_INFO_SOCIETE_NOM')) { |
@@ -269,8 +269,8 @@ discard block |
||
269 | 269 | $conf->file->main_force_https = empty($dolibarr_main_force_https) ? '' : $dolibarr_main_force_https; // Force https |
270 | 270 | $conf->file->strict_mode = empty($dolibarr_strict_mode) ? '' : $dolibarr_strict_mode; // Force php strict mode (for debug) |
271 | 271 | $conf->file->instance_unique_id = empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id; // Unique id of instance |
272 | - $conf->file->main_path = empty($dolibarr_main_document_root ?? '') ? BASE_PATH : $dolibarr_main_document_root; // Define htdocs path inside the config file |
|
273 | - $conf->file->main_url = empty($dolibarr_main_url_root ?? '') ? BASE_URL : $dolibarr_main_url_root; // Define url inside the config file |
|
272 | + $conf->file->main_path = empty($dolibarr_main_document_root ?? '') ? BASE_PATH : $dolibarr_main_document_root; // Define htdocs path inside the config file |
|
273 | + $conf->file->main_url = empty($dolibarr_main_url_root ?? '') ? BASE_URL : $dolibarr_main_url_root; // Define url inside the config file |
|
274 | 274 | $conf->file->main_doc = empty($dolibarr_main_data_root ?? '') ? static::getDataDir($conf->file->main_path) : $dolibarr_main_data_root; |
275 | 275 | $conf->file->path = ['main' => $conf->file->main_path]; |
276 | 276 | $conf->file->url = ['main' => '/']; |
@@ -285,7 +285,7 @@ discard block |
||
285 | 285 | |
286 | 286 | $i = 0; |
287 | 287 | foreach ($path as $value) { |
288 | - $conf->file->path['alt' . ($i++)] = (string)$value; |
|
288 | + $conf->file->path['alt' . ($i++)] = (string) $value; |
|
289 | 289 | } |
290 | 290 | $values = preg_split('/[;,]/', $dolibarr_main_url_root_alt); |
291 | 291 | $i = 0; |
@@ -305,7 +305,7 @@ discard block |
||
305 | 305 | print "\"/custom\"<br>\n"; |
306 | 306 | exit; |
307 | 307 | } |
308 | - $conf->file->url['alt' . ($i++)] = (string)$value; |
|
308 | + $conf->file->url['alt' . ($i++)] = (string) $value; |
|
309 | 309 | } |
310 | 310 | } |
311 | 311 | |
@@ -433,7 +433,7 @@ discard block |
||
433 | 433 | public static function getDb($db): ?DoliDB |
434 | 434 | { |
435 | 435 | if (!isset(self::$db)) { |
436 | - self::$db = getDoliDBInstance($db->type, $db->host, $db->user, $db->pass, $db->name, (int)$db->port); |
|
436 | + self::$db = getDoliDBInstance($db->type, $db->host, $db->user, $db->pass, $db->name, (int) $db->port); |
|
437 | 437 | } |
438 | 438 | return self::$db; |
439 | 439 | } |
@@ -560,7 +560,7 @@ discard block |
||
560 | 560 | } |
561 | 561 | if (!class_exists('MenuManager')) { |
562 | 562 | $menufound = 0; |
563 | - $dirmenus = array_merge(["/core/menus/"], (array)$conf->modules_parts['menus']); |
|
563 | + $dirmenus = array_merge(["/core/menus/"], (array) $conf->modules_parts['menus']); |
|
564 | 564 | foreach ($dirmenus as $dirmenu) { |
565 | 565 | $menufound = dol_include_once($dirmenu . "standard/" . $file_menu); |
566 | 566 | if (class_exists('MenuManager')) { |
@@ -632,7 +632,7 @@ discard block |
||
632 | 632 | private static function loadDb() |
633 | 633 | { |
634 | 634 | $conf = static::$dolibarrConfig; |
635 | - static::$db = getDoliDBInstance($conf->db->type, $conf->db->host, $conf->db->user, $conf->db->pass, $conf->db->name, (int)$conf->db->port); |
|
635 | + static::$db = getDoliDBInstance($conf->db->type, $conf->db->host, $conf->db->user, $conf->db->pass, $conf->db->name, (int) $conf->db->port); |
|
636 | 636 | static::$dolibarrConfig->setValues(static::$db); |
637 | 637 | |
638 | 638 | return static::$db; |
@@ -88,7 +88,7 @@ discard block |
||
88 | 88 | $micro_start_time = 0; |
89 | 89 | if (isset($config) && isset($config->server) && $config->server->detailed_info) { |
90 | 90 | [$usec, $sec] = explode(" ", microtime()); |
91 | - $micro_start_time = ((float)$usec + (float)$sec); |
|
91 | + $micro_start_time = ((float) $usec + (float) $sec); |
|
92 | 92 | // Add Xdebug code coverage |
93 | 93 | //define('XDEBUGCOVERAGE',1); |
94 | 94 | if (defined('XDEBUGCOVERAGE')) { |
@@ -117,7 +117,7 @@ discard block |
||
117 | 117 | |
118 | 118 | // The numeric value we don't want as entities because they encode ascii char, and why using html entities on ascii except for haking ? |
119 | 119 | if (($newstringnumentity >= 65 && $newstringnumentity <= 90) || ($newstringnumentity >= 97 && $newstringnumentity <= 122)) { |
120 | - return chr((int)$newstringnumentity); |
|
120 | + return chr((int) $newstringnumentity); |
|
121 | 121 | } |
122 | 122 | |
123 | 123 | return '&#' . $matches[1]; // Value will be unchanged because regex was /&#( )/ |
@@ -147,7 +147,7 @@ discard block |
||
147 | 147 | //print "before decoding $val\n"; |
148 | 148 | do { |
149 | 149 | $oldval = $val; |
150 | - $val = html_entity_decode($val, ENT_QUOTES | ENT_HTML5); // Decode ':', ''', '	', '&NewLine', ... |
|
150 | + $val = html_entity_decode($val, ENT_QUOTES | ENT_HTML5); // Decode ':', ''', '	', '&NewLine', ... |
|
151 | 151 | // Sometimes we have entities without the ; at end so html_entity_decode does not work but entities is still interpreted by browser. |
152 | 152 | $val = preg_replace_callback( |
153 | 153 | '/&#(x?[0-9][0-9a-f]+;?)/i', |
@@ -156,7 +156,7 @@ discard block |
||
156 | 156 | * |
157 | 157 | * @return string |
158 | 158 | */ |
159 | - static function ($m) { |
|
159 | + static function($m) { |
|
160 | 160 | // Decode 'n', ... |
161 | 161 | return realCharForNumericEntities($m); |
162 | 162 | }, |
@@ -197,7 +197,7 @@ discard block |
||
197 | 197 | $inj += preg_match('/user\s*\(/i', $val); // avoid to use function user() or mysql_user() that return current database login |
198 | 198 | $inj += preg_match('/information_schema/i', $val); // avoid to use request that read information_schema database |
199 | 199 | $inj += preg_match('/<svg/i', $val); // <svg can be allowed in POST |
200 | - $inj += preg_match('/update[^&=\w].*set.+=/i', $val); // the [^&=\w] test is to avoid error when request is like action=update&...set... or &updatemodule=...set... |
|
200 | + $inj += preg_match('/update[^&=\w].*set.+=/i', $val); // the [^&=\w] test is to avoid error when request is like action=update&...set... or &updatemodule=...set... |
|
201 | 201 | $inj += preg_match('/union.+select/i', $val); |
202 | 202 | } |
203 | 203 | if ($type == 3) { |
@@ -442,7 +442,7 @@ discard block |
||
442 | 442 | ]; |
443 | 443 | session_set_cookie_params($sessioncookieparams); |
444 | 444 | session_name($sessionname); |
445 | - session_start(); // This call the open and read of session handler |
|
445 | + session_start(); // This call the open and read of session handler |
|
446 | 446 | //exit; // this exist generates a call to write and close |
447 | 447 | } |
448 | 448 | |
@@ -722,16 +722,16 @@ discard block |
||
722 | 722 | } |
723 | 723 | $savid = null; |
724 | 724 | if (isset($_POST['id'])) { |
725 | - $savid = ((int)$_POST['id']); |
|
725 | + $savid = ((int) $_POST['id']); |
|
726 | 726 | } |
727 | 727 | unset($_POST); |
728 | 728 | unset($_GET['confirm']); |
729 | 729 | unset($_GET['action']); |
730 | 730 | unset($_GET['confirmmassaction']); |
731 | 731 | unset($_GET['massaction']); |
732 | - unset($_GET['token']); // TODO Make a redirect if we have a token in url to remove it ? |
|
732 | + unset($_GET['token']); // TODO Make a redirect if we have a token in url to remove it ? |
|
733 | 733 | if (isset($savid)) { |
734 | - $_POST['id'] = ((int)$savid); |
|
734 | + $_POST['id'] = ((int) $savid); |
|
735 | 735 | } |
736 | 736 | // So rest of code can know something was wrong here |
737 | 737 | $_GET['errorcode'] = 'InvalidToken'; |
@@ -949,7 +949,7 @@ discard block |
||
949 | 949 | } |
950 | 950 | if (!class_exists('MenuManager')) { |
951 | 951 | $menufound = 0; |
952 | - $dirmenus = array_merge(["/core/menus/"], (array)$conf->modules_parts['menus']); |
|
952 | + $dirmenus = array_merge(["/core/menus/"], (array) $conf->modules_parts['menus']); |
|
953 | 953 | foreach ($dirmenus as $dirmenu) { |
954 | 954 | $menufound = dol_include_once($dirmenu . "standard/" . $file_menu); |
955 | 955 | if (class_exists('MenuManager')) { |
@@ -23,7 +23,7 @@ |
||
23 | 23 | |
24 | 24 | trait DbTrait |
25 | 25 | { |
26 | - public static function connectDb(\stdClass|null $db = null): bool |
|
26 | + public static function connectDb(\stdClass | null $db = null): bool |
|
27 | 27 | { |
28 | 28 | if ($db === null) { |
29 | 29 | return false; |
@@ -13,7 +13,7 @@ |
||
13 | 13 | |
14 | 14 | public static function createTable() |
15 | 15 | { |
16 | - DB::schema()->create((new static())->table, function (Blueprint $table) { |
|
16 | + DB::schema()->create((new static())->table, function(Blueprint $table) { |
|
17 | 17 | $table->increments('id'); |
18 | 18 | $table->string('name'); |
19 | 19 | $table->string('email')->unique(); |