FIX master must be after session_start but dol_getprefix must be before

and after filefunc.inc.php.

htdocs/comm/mailing/card.php

@@ -800,8 +800,7 @@ if ($action == 'create')
 					setEventMessages($langs->trans("MailSendSetupIs2", $linktoadminemailbefore, $linktoadminemailend, $langs->transnoentitiesnoconv("MAIN_MAIL_SENDMODE"), $listofmethods['smtps']), null, 'warnings');
 					if (!empty($conf->global->MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS)) setEventMessages($langs->trans("MailSendSetupIs3", $conf->global->MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS), null, 'warnings');
 					$_GET["action"] = '';
-				} elseif ($conf->global->MAILING_LIMIT_SENDBYWEB < 0)
-				{
+				} elseif ($conf->global->MAILING_LIMIT_SENDBYWEB < 0) {
 					if (!empty($conf->global->MAILING_LIMIT_WARNING_PHPMAIL) && $sendingmode == 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings');
 					if (!empty($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL) && $sendingmode != 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL), null, 'warnings');
 
@@ -818,7 +817,7 @@ if ($action == 'create')
 					if (!empty($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL) && $sendingmode != 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL), null, 'warnings');
 
 					$text = '';
-					if ($conf->global->MAILING_LIMIT_SENDBYCLI >= 0)
+					if (!isset($conf->global->MAILING_LIMIT_SENDBYCLI) || $conf->global->MAILING_LIMIT_SENDBYCLI >= 0)
 					{
 						$text .= $langs->trans("MailingNeedCommand");
 						$text .= '<br><textarea cols="60" rows="'.ROWS_2.'" wrap="soft">php ./scripts/emailings/mailing-send.php '.$object->id.' '.$user->login.'</textarea>';
@@ -826,7 +825,7 @@ if ($action == 'create')
 					}
 					$text .= $langs->trans('ConfirmSendingEmailing').'<br>';
 					$text .= $langs->trans('LimitSendingEmailing', $conf->global->MAILING_LIMIT_SENDBYWEB);
-					print $form->formconfirm($_SERVER['PHP_SELF'].'?id='.$object->id, $langs->trans('SendMailing'), $text, 'sendallconfirmed', $formquestion, '', 1, 330, 600);
+					print $form->formconfirm($_SERVER['PHP_SELF'].'?id='.$object->id, $langs->trans('SendMailing'), $text, 'sendallconfirmed', '', '', 1, 330, 600);
 				}
 			}
 

htdocs/core/lib/functions.lib.php

@@ -711,11 +711,11 @@ if (!function_exists('dol_getprefix'))
 	 */
 	function dol_getprefix($mode = '')
 	{
-		global $conf;
-
-		// If prefix is for email
+		// If prefix is for email (we need to have $conf alreayd loaded for this case)
 		if ($mode == 'email')
 		{
+			global $conf;
+
 			if (!empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID))	// If MAIL_PREFIX_FOR_EMAIL_ID is set (a value initialized with a random value is recommended)
 			{
 				if ($conf->global->MAIL_PREFIX_FOR_EMAIL_ID != 'SERVER_NAME') return $conf->global->MAIL_PREFIX_FOR_EMAIL_ID;
@@ -729,12 +729,17 @@ if (!function_exists('dol_getprefix'))
 			return dol_hash(DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3');
 		}
 
+		// If prefix is for session (no need to have $conf loaded)
+		global $dolibarr_main_instance_unique_id, $dolibarr_main_cookie_cryptkey;	// This is loaded by filefunc.inc.php
+		$tmp_instance_unique_id = empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id; // Unique id of instance
+
 		// The recommended value (may be not defined for old versions)
-		if (!empty($conf->file->instance_unique_id)) return $conf->file->instance_unique_id;
+		if (!empty($tmp_instance_unique_id)) {
+			return $tmp_instance_unique_id;
+		}
 
 		// For backward compatibility
-		if (isset($_SERVER["SERVER_NAME"]) && isset($_SERVER["DOCUMENT_ROOT"]))
-		{
+		if (isset($_SERVER["SERVER_NAME"]) && isset($_SERVER["DOCUMENT_ROOT"])) {
 			return dol_hash($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT.DOL_URL_ROOT, '3');
 		}
 

htdocs/core/lib/phpsessionindb.lib.php

@@ -19,7 +19,7 @@
 /**
  *  \file		htdocs/core/lib/phpsessionindb.lib.php
  *  \ingroup    core
- *  \brief		Set function handlers for PHP session management in DB
+ *  \brief		Set function handlers for PHP session management in DB.
  */
 
 // The session handler file must be included just after the call of the master.inc.php into main.inc.php

htdocs/main.inc.php

@@ -228,18 +228,15 @@ if (!empty($_POST["DOL_AUTOSET_COOKIE"]))
 }
 
 
-// Init the 5 global objects, this include will make the 'new Xxx()' and set properties for: $conf, $db, $langs, $user, $mysoc
-require_once 'master.inc.php';
-
 // Set the handler of session
 if (ini_get('session.save_handler') == 'user') {
 	require_once 'core/lib/phpsessionindb.lib.php';
 }
 
 // Init session. Name of session is specific to Dolibarr instance.
-// Must be done after the include of master.inc.php so $conf file is loaded and vars like $dolibarr_main_force_https are set.
-// Note: the function dol_getprefix may have been redefined to return a different key to manage another area to protect.
-$prefix = dol_getprefix(''); // This uses the $conf file
+// Must be done after the include of filefunc.inc.php so global variables of conf file are defined (like $dolibarr_main_instance_unique_id or $dolibarr_main_force_https).
+// Note: the function dol_getprefix is defined into functions.lib.php but may have been defined to return a different key to manage another area to protect.
+$prefix = dol_getprefix('');
 $sessionname = 'DOLSESSID_'.$prefix;
 $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix;
 if (!empty($_COOKIE[$sessiontimeout])) ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]);
@@ -250,24 +247,13 @@ if (!defined('NOSESSION'))
 	session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
 	session_name($sessionname);
 	session_start();
-
-	// By default conf->entity is 1, but we change this if we ask another value.
-	if (session_id() && !empty($_SESSION["dol_entity"])) {
-		// Entity inside an opened session
-		$conf->entity = $_SESSION["dol_entity"];
-	} elseif (!empty($_ENV["dol_entity"])) {
-		// Entity inside a CLI script
-		$conf->entity = $_ENV["dol_entity"];
-	} elseif (GETPOSTISSET("loginfunction") && GETPOST("entity", 'int')) {
-		// Just after a login page
-		$conf->entity = GETPOST("entity", 'int');
-	} elseif (defined('DOLENTITY') && is_numeric(constant('DOLENTITY'))) {
-		// For public page with MultiCompany module
-		$conf->entity = constant('DOLENTITY');
-	}
 }
 
 
+// Init the 5 global objects, this include will make the 'new Xxx()' and set properties for: $conf, $db, $langs, $user, $mysoc
+require_once 'master.inc.php';
+
+
 // If software has been locked. Only login $conf->global->MAIN_ONLY_LOGIN_ALLOWED is allowed.
 if (!empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED))
 {

htdocs/master.inc.php

@@ -169,9 +169,9 @@ if (session_id() && !empty($_SESSION["dol_entity"])) {
 } elseif (GETPOSTISSET("loginfunction") && GETPOST("entity", 'int')) {
 	// Just after a login page
 	$conf->entity = GETPOST("entity", 'int');
-} elseif (defined('DOLENTITY') && is_numeric(DOLENTITY)) {
+} elseif (defined('DOLENTITY') && is_numeric(constant('DOLENTITY'))) {
 	// For public page with MultiCompany module
-	$conf->entity = DOLENTITY;
+	$conf->entity = constant('DOLENTITY');
 }
 
 // Sanitize entity
@@ -186,22 +186,15 @@ if (!defined('NOREQUIREDB'))
 }
 
 // Overwrite database value
-if (!empty($conf->file->mailing_limit_sendbyweb))
-{
+if (!empty($conf->file->mailing_limit_sendbyweb)) {
 	$conf->global->MAILING_LIMIT_SENDBYWEB = $conf->file->mailing_limit_sendbyweb;
 }
-if (empty($conf->global->MAILING_LIMIT_SENDBYWEB))
-{
+if (empty($conf->global->MAILING_LIMIT_SENDBYWEB)) {
 	$conf->global->MAILING_LIMIT_SENDBYWEB = 25;
 }
-if (!empty($conf->file->mailing_limit_sendbycli))
-{
+if (!empty($conf->file->mailing_limit_sendbycli)) {
 	$conf->global->MAILING_LIMIT_SENDBYCLI = $conf->file->mailing_limit_sendbycli;
 }
-if (empty($conf->global->MAILING_LIMIT_SENDBYCLI))
-{
-	$conf->global->MAILING_LIMIT_SENDBYCLI = 0;
-}
 
 // Create object $mysoc (A thirdparty object that contains properties of companies managed by Dolibarr.
 if (!defined('NOREQUIREDB') && !defined('NOREQUIRESOC'))

scripts/emailings/mailing-send.php

@@ -61,6 +61,12 @@ require_once DOL_DOCUMENT_ROOT."/comm/mailing/class/mailing.class.php";
 $version = DOL_VERSION;
 $error = 0;
 
+if (empty($conf->global->MAILING_LIMIT_SENDBYCLI))
+{
+	$conf->global->MAILING_LIMIT_SENDBYCLI = 0;
+}
+
+
 /*
  * Main
  */