Sfoglia il codice sorgente

Merge branch '18.0' of git@github.com:Dolibarr/dolibarr.git into develop

Laurent Destailleur 1 anno fa
parent
commit
329473c3cb

+ 5 - 0
ChangeLog

@@ -220,6 +220,11 @@ WARNING:
 
 Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
 * Minimal PHP version is now PHP 7.1 instead of PHP 7.0
+* Sensitive datas like keys in setup pages, that need encyption (for example the API keys of users, the CRON security key, the keys into the Stripe module, or 
+external modules setup pages that store sensitive keys or password), are using the $dolibarr_main_instance_unique_id as part of the key for encryption. So,
+if you restore or duplicate the data from another instance dump, you must also update this parameter in ther conf.php file to allow decryption in the new instance, or 
+better, you must reenter the sensitive data into the setup pages of the new instance to resave them correctly.
+Note that to find all the parameters that are encrypted into the setup database, you can do a "SELECT * FROM llx_const WHERE value LIKE '%dolcrypt%';"  
 * The deprecated method "escapeunderscore()" of database handlers has been removed. You must use "escapeforlike()" instead.
 * The method "nb_expedition()" has been renamed into "countNbOfShipments()" 
 * Revert default type of hooks. Default is now 'addreplace' hooks (and exception become 'output' hooks, that become deprecated).

+ 2 - 2
build/debian/patches/use-etc-dolibarr-conf.patch

@@ -33,5 +33,5 @@ This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 +$conffile = "/etc/dolibarr/conf.php";
 +$conffiletoshow = "/etc/dolibarr/conf.php";
  
- 
- // Load conf file if it is already defined
+ $short_options = "c:h";
+ $long_options = array(

+ 2 - 2
build/rpm/dolibarr-forrpm.patch

@@ -24,5 +24,5 @@ diff -up htdocs/install/inc.php.patch htdocs/install/inc.php
 +$conffile = "/etc/dolibarr/conf.php";
 +$conffiletoshow = "/etc/dolibarr/conf.php";
  
- 
- // Load conf file if it is already defined
+ $short_options = "c:h";
+ $long_options = array(

+ 22 - 6
dev/setup/fail2ban/jail.local

@@ -2,17 +2,20 @@
 # Examle of rule you can add to fail2ban to restrict bruteforce attacks.
 #
 
-[web-dol-passforgotten]
 
-; rule against call of passwordforgottenpage
+[web-accesslog-limit403]
+
+; rule against call of 403 forbidden access
+; note: you must change the path of log file to the one of the web server for the virtual host of the Dolibarr
 enabled = true
 port    = http,https
-filter  = web-dolibarr-rulespassforgotten
-logpath = /mypath/documents/documents/dolibarr.log
+filter  = web-accesslog-limit403
+logpath = /var/log/apache2/access.log
+;logpath = /var/log/apache2/other_vhosts_access.log
 action  = %(action_mw)s
 bantime  = 4320000   ; 50 days
 findtime = 86400     ; 1 day
-maxretry = 10
+maxretry = 100
 
 
 [web-dol-bruteforce]
@@ -28,10 +31,23 @@ findtime = 14400     ; 4 hours
 maxretry = 20
 
 
+[web-dol-passforgotten]
+
+; rule against call of passwordforgottenpage
+enabled = true
+port    = http,https
+filter  = web-dolibarr-rulespassforgotten
+logpath = /mypath/documents/documents/dolibarr.log
+action  = %(action_mw)s
+bantime  = 4320000   ; 50 days
+findtime = 86400     ; 1 day
+maxretry = 10
+
+
 [web-dol-limitpublic]
 
 ; rule to add rate limit on some public pages
-; note you must keep enough for public access like agenda export, emailing trackers, stripe ipn access, ...
+; note: you must keep enough for public access like agenda export, emailing trackers, stripe ipn access, ...
 enabled = true
 port    = http,https
 filter  = web-dolibarr-limitpublic

+ 2 - 3
htdocs/comm/action/class/actioncomm.class.php

@@ -1729,7 +1729,7 @@ class ActionComm extends CommonObject
 		}
 		if (!empty($this->note_private)) {
 			$tooltip .= '<br><br><b>'.$langs->trans('Description').':</b><br>';
-			$texttoshow = dolGetFirstLineOfText($this->note_private, 10);	// Try to limit length of content
+			$texttoshow = dolGetFirstLineOfText($this->note_private, 8);	// Try to limit length of content
 			$tooltip .= '<div class="tenlinesmax">';						// Restrict height of content into the tooltip
 			$tooltip .= (dol_textishtml($texttoshow) ? str_replace(array("\r", "\n"), "", $texttoshow) : str_replace(array("\r", "\n"), '<br>', $texttoshow));
 			$tooltip .= '</div>';
@@ -1750,13 +1750,12 @@ class ActionComm extends CommonObject
 		}
 		//if (!empty($conf->global->AGENDA_USE_EVENT_TYPE) && $this->type_color)
 		//	$linkclose = ' style="background-color:#'.$this->type_color.'"';
-
 		if (empty($notooltip)) {
 			if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) {
 				$label = $langs->trans("ShowAction");
 				$linkclose .= ' alt="'.dol_escape_htmltag($tooltip, 1).'"';
 			}
-			$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' :  ' title="tocomplete"');
+			$linkclose .= ($tooltip ? ' title="'.dol_escape_htmltag($tooltip, 1).'"' :  ' title="tocomplete"');
 			$linkclose .= $dataparams.' class="'.$classname.' '.$classfortooltip.'"';
 		} else {
 			$linkclose .= ' class="'.$classname.'"';

+ 1 - 1
htdocs/compta/paiement/list.php

@@ -416,7 +416,7 @@ if (!empty($arrayfields['s.nom']['checked'])) {
 // Filter: Payment type
 if (!empty($arrayfields['c.libelle']['checked'])) {
 	print '<td class="liste_titre">';
-	print $form->select_types_paiements($search_paymenttype, 'search_paymenttype', '', 2, 1, 1, 1, 1, '', 1);
+	print $form->select_types_paiements($search_paymenttype, 'search_paymenttype', '', 2, 1, 1, 0, 1, 'maxwidth100', 1);
 	print '</td>';
 }
 

+ 1 - 1
htdocs/core/class/conf.class.php

@@ -305,7 +305,7 @@ class Conf
 							$value = $_ENV['DOLIBARR_'.$key];
 						}
 
-						$this->global->$key = dolDecrypt($value);
+						$this->global->$key = dolDecrypt($value);	// decrypt data excrypted with dolibarr_set_const($db, $name, $value)
 
 						if ($value && strpos($key, 'MAIN_MODULE_') === 0) {
 							$reg = array();

+ 13 - 13
htdocs/core/class/html.form.class.php

@@ -4357,20 +4357,20 @@ class Form
 	// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
 
 	/**
-	 *      Return list of payment methods
-	 *      Constant MAIN_DEFAULT_PAYMENT_TYPE_ID can used to set default value but scope is all application, probably not what you want.
+	 * Return list of payment methods
+	 * Constant MAIN_DEFAULT_PAYMENT_TYPE_ID can used to set default value but scope is all application, probably not what you want.
 	 *
-	 * @param string $selected Id or code or preselected payment mode
-	 * @param string $htmlname Name of select field
-	 * @param string $filtertype To filter on field type in llx_c_paiement ('CRDT' or 'DBIT' or array('code'=>xx,'label'=>zz))
-	 * @param int $format 0=id+label, 1=code+code, 2=code+label, 3=id+code
-	 * @param int $empty 1=can be empty, 0 otherwise
-	 * @param int $noadmininfo 0=Add admin info, 1=Disable admin info
-	 * @param int $maxlength Max length of label
-	 * @param int $active Active or not, -1 = all
-	 * @param string $morecss Add more CSS on select tag
-	 * @param int $nooutput 1=Return string, do not send to output
-	 * @return    string|void                String for the HTML select component
+	 * @param 	string 	$selected 		Id or code or preselected payment mode
+	 * @param 	string 	$htmlname 		Name of select field
+	 * @param 	string 	$filtertype 	To filter on field type in llx_c_paiement ('CRDT' or 'DBIT' or array('code'=>xx,'label'=>zz))
+	 * @param 	int 	$format 		0=id+label, 1=code+code, 2=code+label, 3=id+code
+	 * @param 	int 	$empty 			1=can be empty, 0 otherwise
+	 * @param 	int 	$noadmininfo 	0=Add admin info, 1=Disable admin info
+	 * @param 	int 	$maxlength 		Max length of label
+	 * @param 	int 	$active 		Active or not, -1 = all
+	 * @param 	string 	$morecss 		Add more CSS on select tag
+	 * @param 	int 	$nooutput 		1=Return string, do not send to output
+	 * @return  string|void             String for the HTML select component
 	 */
 	public function select_types_paiements($selected = '', $htmlname = 'paiementtype', $filtertype = '', $format = 0, $empty = 1, $noadmininfo = 0, $maxlength = 0, $active = 1, $morecss = '', $nooutput = 0)
 	{

+ 1 - 1
htdocs/core/lib/admin.lib.php

@@ -662,7 +662,7 @@ function dolibarr_set_const($db, $name, $value, $type = 'chaine', $visible = 0,
 	$resql = $db->query($sql);
 
 	if (strcmp($value, '')) {	// true if different. Must work for $value='0' or $value=0
-		if (!preg_match('/^MAIN_LOGEVENTS/', $name) && (preg_match('/(_KEY|_EXPORTKEY|_SECUREKEY|_SERVERKEY|_PASS|_PASSWORD|_PW|_PW_TICKET|_PW_EMAILING|_SECRET|_SECURITY_TOKEN|_WEB_TOKEN)$/', $name))) {
+		if (!preg_match('/^(MAIN_LOGEVENTS|MAIN_AGENDA_ACTIONAUTO)/', $name) && (preg_match('/(_KEY|_EXPORTKEY|_SECUREKEY|_SERVERKEY|_PASS|_PASSWORD|_PW|_PW_TICKET|_PW_EMAILING|_SECRET|_SECURITY_TOKEN|_WEB_TOKEN)$/', $name))) {
 			// This seems a sensitive constant, we encrypt its value
 			// To list all sensitive constant, you can make a
 			// WHERE name like '%\_KEY' or name like '%\_EXPORTKEY' or name like '%\_SECUREKEY' or name like '%\_SERVERKEY' or name like '%\_PASS' or name like '%\_PASSWORD' or name like '%\_SECRET'

+ 0 - 27
htdocs/includes/phpoffice/phpspreadsheet/.scrutinizer.yml

@@ -1,27 +0,0 @@
-checks:
-    php: true
-
-coding_style:
-    php:
-        spaces:
-            before_parentheses:
-                closure_definition: true
-            around_operators:
-                concatenation: true
-
-build:
-    nodes:
-        analysis:
-            tests:
-                override:
-                    - php-scrutinizer-run
-
-tools:
-    external_code_coverage:
-        timeout: 3600
-
-build_failure_conditions:
-    - 'elements.rating(<= C).new.exists'                        # No new classes/methods with a rating of C or worse allowed
-    - 'issues.severity(>= MAJOR).new.exists'                    # New issues of major or higher severity
-    - 'project.metric_change("scrutinizer.test_coverage", < 0)' # Code Coverage decreased from previous inspection
-    - 'patches.label("Unused Use Statements").new.exists'       # No new unused imports patches allowed

+ 1 - 1
htdocs/langs/en_US/stripe.lang

@@ -76,4 +76,4 @@ STRIPE_CARD_PRESENT=Card Present for Stripe Terminals
 TERMINAL_LOCATION=Location (address) for Stripe Terminals
 RequestDirectDebitWithStripe=Request Direct Debit with Stripe
 STRIPE_SEPA_DIRECT_DEBIT=Enable the Direct Debit payments through Stripe
- 
+StripeConnect_Mode=Stripe Connect mode

+ 11 - 21
htdocs/resource/class/dolresource.class.php

@@ -494,18 +494,16 @@ class Dolresource extends CommonObject
 	/**
 	 *	Load resource objects into $this->lines
 	 *
-	 *  @param	string		$sortorder    sort order
-	 *  @param	string		$sortfield    sort field
-	 *  @param	int			$limit		  limit page
-	 *  @param	int			$offset    	  page
-	 *  @param	array		$filter    	  filter output
-	 *  @return int          	<0 if KO, >0 if OK
+	 *  @param	string		$sortorder    	sort order
+	 *  @param	string		$sortfield    	sort field
+	 *  @param	int			$limit		  	limit page
+	 *  @param	int			$offset    	  	page
+	 *  @param	array		$filter    	  	filter output
+	 *  @return int          				<0 if KO, Number of lines loaded if OK
 	 */
 	public function fetchAll($sortorder, $sortfield, $limit, $offset, $filter = '')
 	{
 		// phpcs:enable
-		global $conf;
-
 		require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
 		$extrafields = new ExtraFields($this->db);
 
@@ -541,14 +539,10 @@ class Dolresource extends CommonObject
 			}
 		}
 		$sql .= $this->db->order($sortfield, $sortorder);
-		$this->num_all = 0;
-		if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) {
-			$result = $this->db->query($sql);
-			$this->num_all = $this->db->num_rows($result);
-		}
 		if ($limit) {
 			$sql .= $this->db->plimit($limit, $offset);
 		}
+
 		dol_syslog(get_class($this)."::fetchAll", LOG_DEBUG);
 
 		$this->lines = array();
@@ -773,7 +767,7 @@ class Dolresource extends CommonObject
 	 */
 	public function getTooltipContentArray($params)
 	{
-		global $conf, $langs;
+		global $langs;
 
 		$langs->load('resource');
 
@@ -782,8 +776,8 @@ class Dolresource extends CommonObject
 		$datas['picto'] = img_picto('', $this->picto).' <u>'.$langs->trans("Resource").'</u>';
 		$datas['ref'] = '<br><b>'.$langs->trans('Ref').':</b> '.$this->ref;
 		/*if (isset($this->status)) {
-			$datas['status'] = '<br><b>' . $langs->trans("Status").":</b> ".$this->getLibStatut(5);
-		}*/
+		 $datas['status'] = '<br><b>' . $langs->trans("Status").":</b> ".$this->getLibStatut(5);
+		 }*/
 		if (isset($this->type_label)) {
 			$datas['label'] = '<br><b>'.$langs->trans("ResourceType").":</b> ".$this->type_label;
 		}
@@ -850,7 +844,7 @@ class Dolresource extends CommonObject
 		$linkstart .= $linkclose.'>';
 		$linkend = '</a>';
 		/*$linkstart = '<a href="'.DOL_URL_ROOT.'/resource/card.php?id='.$this->id.$get_params.'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
-		$linkend = '</a>';*/
+		 $linkend = '</a>';*/
 
 		$result .= $linkstart;
 		if ($withpicto) {
@@ -896,8 +890,6 @@ class Dolresource extends CommonObject
 	public static function LibStatut($status, $mode = 0)
 	{
 		// phpcs:enable
-		global $langs;
-
 		return '';
 	}
 
@@ -910,8 +902,6 @@ class Dolresource extends CommonObject
 	public function load_state_board()
 	{
 		// phpcs:enable
-		global $conf;
-
 		$this->nb = array();
 
 		$sql = "SELECT count(r.rowid) as nb";

+ 59 - 50
htdocs/stripe/admin/stripe.php

@@ -227,7 +227,7 @@ if (empty($conf->stripeconnect->enabled)) {
 
 	print '<tr class="oddeven"><td>';
 	print '<span class="titlefield">'.$langs->trans("STRIPE_TEST_WEBHOOK_KEY").'</span></td><td>';
-	if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
+	if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
 		print '<input class="minwidth300" type="text" name="STRIPE_TEST_WEBHOOK_ID" value="'.getDolGlobalString('STRIPE_TEST_WEBHOOK_ID').'" placeholder="'.$langs->trans("Example").': we_xxxxxxxxxxxxxxxxxxxxxxxx">';
 		print '<br>';
 	}
@@ -241,28 +241,36 @@ if (empty($conf->stripeconnect->enabled)) {
 	$out .= ajax_autoselect("onlinetestwebhookurl", 0);
 	print '<br>'.$out;
 	print '</td><td>';
-	if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
+	if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
 		if (!empty($conf->global->STRIPE_TEST_WEBHOOK_KEY) && !empty($conf->global->STRIPE_TEST_SECRET_KEY) && !empty($conf->global->STRIPE_TEST_WEBHOOK_ID)) {
-			\Stripe\Stripe::setApiKey($conf->global->STRIPE_TEST_SECRET_KEY);
-			$endpoint = \Stripe\WebhookEndpoint::retrieve($conf->global->STRIPE_TEST_WEBHOOK_ID);
-			$endpoint->enabled_events = $stripearrayofwebhookevents;
-			if (GETPOST('webhook', 'alpha') == $conf->global->STRIPE_TEST_WEBHOOK_ID) {
-				if (!GETPOST('status', 'alpha')) {
-					$endpoint->disabled = true;
-				} else {
-					$endpoint->disabled = false;
+			if (utf8_check($conf->global->STRIPE_TEST_SECRET_KEY)) {
+				try {
+					\Stripe\Stripe::setApiKey($conf->global->STRIPE_TEST_SECRET_KEY);
+					$endpoint = \Stripe\WebhookEndpoint::retrieve($conf->global->STRIPE_TEST_WEBHOOK_ID);
+					$endpoint->enabled_events = $stripearrayofwebhookevents;
+					if (GETPOST('webhook', 'alpha') == $conf->global->STRIPE_TEST_WEBHOOK_ID) {
+						if (!GETPOST('status', 'alpha')) {
+							$endpoint->disabled = true;
+						} else {
+							$endpoint->disabled = false;
+						}
+					}
+					$endpoint->url = $url;
+					$endpoint->save();
+
+					if ($endpoint->status == 'enabled') {
+						print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=0">';
+						print img_picto($langs->trans("Activated"), 'switch_on');
+					} else {
+						print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=1">';
+						print img_picto($langs->trans("Disabled"), 'switch_off');
+					}
+				} catch (Exception $e) {
+					print $e->getMessage();
 				}
-			}
-			$endpoint->url = $url;
-			$endpoint->save();
-			if ($endpoint->status == 'enabled') {
-				print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=0">';
-				print img_picto($langs->trans("Activated"), 'switch_on');
 			} else {
-				print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=1">';
-				print img_picto($langs->trans("Disabled"), 'switch_off');
+				print 'Bad value for the secret key. Reenter and save it again to fix this.';
 			}
-			//print $endpoint;
 		} else {
 			print img_picto($langs->trans("Inactive"), 'statut5');
 		}
@@ -292,7 +300,7 @@ if (empty($conf->stripeconnect->enabled)) {
 
 	print '<tr class="oddeven"><td>';
 	print '<span class="titlefield">'.$langs->trans("STRIPE_LIVE_WEBHOOK_KEY").'</span></td><td>';
-	if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
+	if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
 		print '<input class="minwidth300" type="text" name="STRIPE_LIVE_WEBHOOK_ID" value="'.getDolGlobalString('STRIPE_LIVE_WEBHOOK_ID').'" placeholder="'.$langs->trans("Example").': we_xxxxxxxxxxxxxxxxxxxxxxxx">';
 		print '<br>';
 	}
@@ -305,39 +313,40 @@ if (empty($conf->stripeconnect->enabled)) {
 	$out .= ajax_autoselect("onlinelivewebhookurl", 0);
 	print '<br>'.$out;
 	print '</td><td>';
-	if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
+	if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {
 		if (!empty($conf->global->STRIPE_LIVE_WEBHOOK_KEY) && !empty($conf->global->STRIPE_LIVE_SECRET_KEY) && !empty($conf->global->STRIPE_LIVE_WEBHOOK_ID)) {
-			\Stripe\Stripe::setApiKey($conf->global->STRIPE_LIVE_SECRET_KEY);
-			$endpoint = \Stripe\WebhookEndpoint::retrieve($conf->global->STRIPE_LIVE_WEBHOOK_ID);
-			$endpoint->enabled_events = $stripearrayofwebhookevents;
-			if (GETPOST('webhook', 'alpha') == $conf->global->STRIPE_LIVE_WEBHOOK_ID) {
-				if (empty(GETPOST('status', 'alpha'))) {
-					$endpoint->disabled = true;
-				} else {
-					$endpoint->disabled = false;
+			if (utf8_check($conf->global->STRIPE_TEST_SECRET_KEY)) {
+				try {
+					\Stripe\Stripe::setApiKey($conf->global->STRIPE_LIVE_SECRET_KEY);
+					$endpoint = \Stripe\WebhookEndpoint::retrieve($conf->global->STRIPE_LIVE_WEBHOOK_ID);
+					$endpoint->enabled_events = $stripearrayofwebhookevents;
+					if (GETPOST('webhook', 'alpha') == $conf->global->STRIPE_LIVE_WEBHOOK_ID) {
+						if (empty(GETPOST('status', 'alpha'))) {
+							$endpoint->disabled = true;
+						} else {
+							$endpoint->disabled = false;
+						}
+					}
+					$endpoint->url = $url;
+					$endpoint->save();
+					if ($endpoint->status == 'enabled') {
+						print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=0">';
+						print img_picto($langs->trans("Activated"), 'switch_on');
+					} else {
+						print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=1">';
+						print img_picto($langs->trans("Disabled"), 'switch_off');
+					}
+				} catch (Exception $e) {
+					print $e->getMessage();
 				}
 			}
-			$endpoint->url = $url;
-			$endpoint->save();
-			if ($endpoint->status == 'enabled') {
-				print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=0">';
-				print img_picto($langs->trans("Activated"), 'switch_on');
-			} else {
-				print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=ipn&webhook='.$endpoint->id.'&status=1">';
-				print img_picto($langs->trans("Disabled"), 'switch_off');
-			}
-			//print $endpoint;
 		} else {
 			print img_picto($langs->trans("Inactive"), 'statut5');
 		}
 	}
 	print '</td></tr>';
-} else {
-	print '<tr class="oddeven"><td>'.$langs->trans("StripeConnect").'</td>';
-	print '<td>'.$langs->trans("StripeConnect_Mode").'</td><td></td></tr>';
 }
 
-
 print '</table>';
 print '</div>';
 
@@ -377,7 +386,7 @@ if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// What is this for ?
 }
 
 // Card Present for Stripe Terminal
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("STRIPE_CARD_PRESENT").'</td><td>';
 	if ($conf->use_javascript_ajax) {
@@ -390,7 +399,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
 }
 
 // Locations for Stripe Terminal
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("TERMINAL_LOCATION").'</td><td>';
 	$service = 'StripeTest';
@@ -453,7 +462,7 @@ print '</td></tr>';
 
 
 // Activate Klarna
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("STRIPE_KLARNA").'</td><td>';
 	if ($conf->use_javascript_ajax) {
@@ -467,7 +476,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
 }
 
 // Activate Bancontact
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("STRIPE_BANCONTACT").'</td><td>';
 	if ($conf->use_javascript_ajax) {
@@ -481,7 +490,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
 }
 
 // Activate iDEAL
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("STRIPE_IDEAL").'</td><td>';
 	if ($conf->use_javascript_ajax) {
@@ -495,7 +504,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
 }
 
 // Activate Giropay
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("STRIPE_GIROPAY").'</td><td>';
 	if ($conf->use_javascript_ajax) {
@@ -509,7 +518,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
 }
 
 // Activate Sofort
-if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {	// TODO Not used by current code
+if (getDolGlobalInt('MAIN_FEATURES_LEVEL') >= 2) {	// TODO Not used by current code
 	print '<tr class="oddeven"><td>';
 	print $langs->trans("STRIPE_SOFORT").'</td><td>';
 	if ($conf->use_javascript_ajax) {

+ 2 - 2
htdocs/takepos/receipt.php

@@ -111,7 +111,7 @@ if (!empty($hookmanager->resPrint)) {
 <br>
 <p class="left">
 <?php
-$constFreeText = 'TAKEPOS_HEADER'.$_SESSION['takeposterminal'];
+$constFreeText = 'TAKEPOS_HEADER'.($_SESSION['takeposterminal'] ?? '0');
 if (!empty($conf->global->TAKEPOS_HEADER) || getDolGlobalString($constFreeText)) {
 	$newfreetext = '';
 	$substitutionarray = getCommonSubstitutionArray($langs);
@@ -352,7 +352,7 @@ if (getDolGlobalString('TAKEPOS_PRINT_PAYMENT_METHOD')) {
 <br>
 <br>
 <?php
-$constFreeText = 'TAKEPOS_FOOTER'.$_SESSION['takeposterminal'];
+$constFreeText = 'TAKEPOS_FOOTER'.($_SESSION['takeposterminal'] ?? '0');
 if (!empty($conf->global->TAKEPOS_FOOTER) || getDolGlobalString($constFreeText)) {
 	$newfreetext = '';
 	$substitutionarray = getCommonSubstitutionArray($langs);