Debug v19. dolibarr_main_stream_enabled must be changed into

dolibarr_main_stream_to_disable

htdocs/admin/system/security.php

@@ -174,13 +174,6 @@ if (in_array($functiontokeep, $arrayoffunctionsdisabled)) {
 print '<span class="opacitymedium">'.$functiontokeep.'</span>';
 print '<br>';
 
-$arrayofstreams = stream_get_wrappers();
-if (!empty($arrayofstreams)) {
-	sort($arrayofstreams);
-	print "<strong>PHP streams</strong> = ".(join(',', $arrayofstreams)).' &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", 'file,http,https,php').')</span>'."<br>\n";
-}
-
-print '<br>';
 
 // XDebug
 print '<strong>'.$langs->trans("XDebug").'</strong>: ';
@@ -305,21 +298,21 @@ print load_fiche_titre($langs->trans("ConfigurationFile").' ('.$conffile.')', ''
 
 print '<strong>$dolibarr_main_prod</strong>: '.($dolibarr_main_prod ? $dolibarr_main_prod : '0');
 if (empty($dolibarr_main_prod)) {
-	print ' &nbsp; '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 1);
+	print ' &nbsp; &nbsp; '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 1);
 }
 print '<br>';
 
 print '<strong>$dolibarr_nocsrfcheck</strong>: '.(empty($dolibarr_nocsrfcheck) ? '0' : $dolibarr_nocsrfcheck);
 if (!empty($dolibarr_nocsrfcheck)) {
-	print ' &nbsp; '.img_picto('', 'error').' '.$langs->trans("IfYouAreOnAProductionSetThis", 0);
+	print ' &nbsp; &nbsp;'.img_picto('', 'error').' '.$langs->trans("IfYouAreOnAProductionSetThis", 0);
 } else {
-	print ' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span>';
+	print ' &nbsp; &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span>';
 }
 print '<br>';
 
 print '<strong>$dolibarr_main_restrict_ip</strong>: ';
 if (empty($dolibarr_main_restrict_ip)) {
-	print $langs->trans("None");
+	print '<span class="opacitymedium">'.$langs->trans("None").'</span>';
 	//print ' <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')</span>';
 } else {
 	print $dolibarr_main_restrict_ip;
@@ -332,13 +325,13 @@ if (empty($dolibarr_main_restrict_os_commands)) {
 } else {
 	print $dolibarr_main_restrict_os_commands;
 }
-print ' <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", 'mysqldump, mysql, pg_dump, pgrestore, mariadb, mariadb-dump, clamdscan').')</span>';
+print ' &nbsp; &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", 'mysqldump, mysql, pg_dump, pgrestore, mariadb, mariadb-dump, clamdscan').')</span>';
 print '<br>';
 
 if (!getDolGlobalString('SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF')) {
 	print '<strong>$dolibarr_main_db_pass</strong>: ';
 	if (!empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) {
-		print img_picto('', 'warning').' '.$langs->trans("DatabasePasswordNotObfuscated").' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("SetOptionTo", $langs->transnoentitiesnoconv("MainDbPasswordFileConfEncrypted"), yn(1)).')</span>';
+		print img_picto('', 'warning').' '.$langs->trans("DatabasePasswordNotObfuscated").' &nbsp; &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("SetOptionTo", $langs->transnoentitiesnoconv("MainDbPasswordFileConfEncrypted"), yn(1)).')</span>';
 		//print ' <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')</span>';
 	} else {
 		print img_picto('', 'tick').' '.$langs->trans("DatabasePasswordObfuscated");
@@ -347,7 +340,39 @@ if (!getDolGlobalString('SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF')) {
 	print '<br>';
 }
 
+print '<strong>$dolibarr_main_stream_to_disable</strong>: ';
+if (empty($dolibarr_main_stream_to_disable)) {
+	print '<span class="opacitymedium">'.$langs->trans("Undefined").' = '.join(', ', $arrayofstreamtodisable).'</span>';
+} else {
+	print join(', ', $dolibarr_main_stream_to_disable);
+}
+print '<span class="bold"> -> PHP streams allowed = </span>';
+$arrayofstreams = stream_get_wrappers();
+if (!empty($arrayofstreams)) {
+	sort($arrayofstreams);
+	print (join(',', $arrayofstreams)).' &nbsp; &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("TryToKeepOnly", 'file,http,https,php').')</span>'."\n";
+}
+
+print '<br>';
 
+/*
+if (!empty($dolibarr_main_stream_do_not_disable)) {
+	print '<strong>$dolibarr_main_stream_do_not_disable</strong>: ';
+	if (empty($dolibarr_main_stream_do_not_disable)) {
+		print '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>';
+	} else {
+		print join(', ', $dolibarr_main_stream_do_not_disable);
+	}
+	print ' -> PHP stream allowed = ';
+	$arrayofstreams = stream_get_wrappers();
+	if (!empty($arrayofstreams)) {
+		sort($arrayofstreams);
+		print (join(',', $arrayofstreams)).' &nbsp; &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", 'Undefined').')</span>'."\n";
+	}
+
+	print '<br>';
+}
+*/
 
 // Menu Home - Setup - Security
 

htdocs/conf/conf.php.example

@@ -349,6 +349,14 @@ $dolibarr_cron_allow_cli='0';
 //
 // $dolibarr_mailing_limit_sendbycli='0';
 
+// dolibarr_main_stream_to_disable
+// ================================
+// Can set a list of PHP stream to disable.
+// Default value: array('compress.zlib', 'compress.bzip2', 'ftp', 'ftps', 'glob', 'data', 'expect', 'ogg', 'rar', 'zip', 'zlib')
+// Examples: array('ftp', 'ftps')
+//
+// $dolibarr_main_stream_to_disable = array('compress.zlib', 'compress.bzip2', 'ftp', 'ftps', 'glob', 'data', 'expect', 'ogg', 'rar', 'zip', 'zlib');
+
 // MAIN_ANTIVIRUS_COMMAND (as a constant)
 // ======================
 // Force a value for the antivirus command line tool so setup for admin user interface has no effect.
@@ -378,8 +386,8 @@ $dolibarr_cron_allow_cli='0';
 // =========================
 // If this value is set to a value, it forces the creation of a file install.lock once an upgrade process into a new version end.
 // The value is the octal value of permission to set on created file.
-// The file install.lock prevents the use of the migration process another time. You will have to delete it manually for
-// next upgrade.
+// The file install.lock prevents the use of the install and upgrade process another time. You will have to delete it manually for
+// next install process or create a upgrade.unlock for next upgrade.
 // Default value: '0'
 // Example: '444';
 // $force_install_lockinstall='440';

htdocs/filefunc.inc.php

@@ -80,13 +80,16 @@ $result = @include_once $conffile; // Keep @ because with some error reporting t
 
 // Disable some not used PHP stream
 $listofwrappers = stream_get_wrappers();
-// We need '.phar' for geoip2. TODO Replace phar in geoip with exploded files so we can disable phar.
-$arrayofstreamtodisable = array('compress.zlib', 'compress.bzip2', 'ftps', 'glob', 'data', 'expect', 'ftp', 'ogg', 'rar', 'zip', 'zlib');
+// We need '.phar' for geoip2. TODO Replace phar in geoip with exploded files so we can disable phar by default.
+$arrayofstreamtodisable = array('compress.zlib', 'compress.bzip2', 'ftp', 'ftps', 'glob', 'data', 'expect', 'ogg', 'rar', 'zip', 'zlib');
+if (!empty($dolibarr_main_stream_to_disable) && is_array($dolibarr_main_stream_to_disable)) {
+	$arrayofstreamtodisable = $dolibarr_main_stream_to_disable;
+}
 foreach ($arrayofstreamtodisable as $streamtodisable) {
 	if (!empty($listofwrappers) && in_array($streamtodisable, $listofwrappers)) {
-		if (!empty($dolibarr_main_stream_enabled) && is_array($dolibarr_main_stream_enabled) && in_array($streamtodisable, $dolibarr_main_stream_enabled)) {
+		/*if (!empty($dolibarr_main_stream_do_not_disable) && is_array($dolibarr_main_stream_do_not_disable) && in_array($streamtodisable, $dolibarr_main_stream_do_not_disable)) {
 			continue;	// We do not disable this stream
-		}
+		}*/
 		stream_wrapper_unregister($streamtodisable);
 	}
 }

htdocs/langs/en_US/admin.lang

@@ -2433,3 +2433,4 @@ ConfirmDeleteExtrafield=Do you confirm deletion of the field %s ? All data saved
 ExtraFieldsSupplierInvoicesRec=Complementary attributes (templates invoices)
 ExtraFieldsSupplierInvoicesLinesRec=Complementary attributes (invoice lines)
 ParametersForTestEnvironment=Parameters for test environment
+TryToKeepOnly=Try to keep only %s