Browse Source

NEW Support of js into the Dolibarr server preview

Laurent Destailleur 1 year ago
parent
commit
82e7f829b0

+ 6 - 3
htdocs/core/lib/website.lib.php

@@ -163,12 +163,13 @@ function dolWebsiteReplacementOfLinks($website, $content, $removephppart = 0, $c
 		if (preg_last_error() == PREG_JIT_STACKLIMIT_ERROR) $content = 'preg_replace error (when removing php tags) PREG_JIT_STACKLIMIT_ERROR';
 	}*/
 	$content = dolStripPhpCode($content, $replacewith);
-	//var_dump($content);
 
 	// Protect the link styles.css.php to any replacement that we make after.
 	$content = str_replace('href="styles.css.php', 'href="!~!~!~styles.css.php', $content);
+	$content = str_replace('src="javascript.js.php', 'src="!~!~!~javascript.js.php', $content);
 	$content = str_replace('href="http', 'href="!~!~!~http', $content);
 	$content = str_replace('href="//', 'href="!~!~!~//', $content);
+	$content = str_replace('src="//', 'src="!~!~!~//', $content);
 	$content = str_replace('src="viewimage.php', 'src="!~!~!~/viewimage.php', $content);
 	$content = str_replace('src="/viewimage.php', 'src="!~!~!~/viewimage.php', $content);
 	$content = str_replace('src="'.DOL_URL_ROOT.'/viewimage.php', 'src="!~!~!~'.DOL_URL_ROOT.'/viewimage.php', $content);
@@ -301,11 +302,14 @@ function dolWebsiteOutput($content, $contenttype = 'html', $containerid = '')
 		}
 	} elseif (defined('USEDOLIBARRSERVER')) {	// REPLACEMENT OF LINKS When page called from Dolibarr server
 		$content = str_replace('<link rel="stylesheet" href="/styles.css', '<link rel="stylesheet" href="styles.css', $content);
+		$content = str_replace(' async src="/javascript.js', ' async src="javascript.js', $content);
 
 		// Protect the link styles.css.php to any replacement that we make after.
 		$content = str_replace('href="styles.css.php', 'href="!~!~!~styles.css.php', $content);
+		$content = str_replace('src="javascript.css.php', 'src="!~!~!~javascript.css.php', $content);
 		$content = str_replace('href="http', 'href="!~!~!~http', $content);
 		$content = str_replace('href="//', 'href="!~!~!~//', $content);
+		$content = str_replace('src="//', 'src="!~!~!~//', $content);
 		$content = str_replace(array('src="viewimage.php', 'src="/viewimage.php'), 'src="!~!~!~/viewimage.php', $content);
 		$content = str_replace('src="'.DOL_URL_ROOT.'/viewimage.php', 'src="!~!~!~'.DOL_URL_ROOT.'/viewimage.php', $content);
 		$content = str_replace(array('href="document.php', 'href="/document.php'), 'href="!~!~!~/document.php', $content);
@@ -354,8 +358,7 @@ function dolWebsiteOutput($content, $contenttype = 'html', $containerid = '')
 		if (empty($includehtmlcontentopened)) {
 			$content = str_replace('!~!~!~', '', $content);
 		}
-	} else // REPLACEMENT OF LINKS When page called from virtual host web server
-	{
+	} else { // REPLACEMENT OF LINKS When page called from virtual host web server
 		$symlinktomediaexists = 1;
 		if ($website->virtualhost) {
 			$content = preg_replace('/^(<link[^>]*rel="canonical" href=")\//m', '\1'.$website->virtualhost.'/', $content, -1, $nbrep);

+ 1 - 1
htdocs/core/lib/website2.lib.php

@@ -248,7 +248,7 @@ function dolSavePageContent($filetpl, Website $object, WebsitePage $objectpage,
 	// Add js
 	$tplcontent .= '<link rel="stylesheet" href="/styles.css.php?website=<?php echo $websitekey; ?>" type="text/css" />'."\n";
 	$tplcontent .= '<!-- Include link to JS file -->'."\n";
-	$tplcontent .= '<script nonce="'.getNonce().'" async src="/javascript.js.php"></script>'."\n";
+	$tplcontent .= '<script nonce="'.getNonce().'" async src="/javascript.js.php?website=<?php echo $websitekey; ?>"></script>'."\n";
 	// Add headers
 	$tplcontent .= '<!-- Include HTML header from common file -->'."\n";
 	$tplcontent .= '<?php if (file_exists(DOL_DATA_ROOT."/website/".$websitekey."/htmlheader.html")) include DOL_DATA_ROOT."/website/".$websitekey."/htmlheader.html"; ?>'."\n";

+ 171 - 0
htdocs/public/website/javascript.js.php

@@ -0,0 +1,171 @@
+<?php
+/* Copyright (C) 2016-2023 Laurent Destailleur  <eldy@users.sourceforge.net>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+/**
+ *     	\file       htdocs/public/website/javascript.js.php
+ *		\ingroup    website
+ *		\brief      Page to output style page. Called with <script async src="/javascript.js.php?websiteid=123"></script>
+ */
+
+if (!defined('NOTOKENRENEWAL')) {
+	define('NOTOKENRENEWAL', 1); // Disables token renewal
+}
+if (!defined('NOLOGIN')) {
+	define("NOLOGIN", 1);
+}
+if (!defined('NOCSRFCHECK')) {
+	define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
+}
+if (!defined('NOREQUIREMENU')) {
+	define('NOREQUIREMENU', '1');
+}
+if (!defined('NOREQUIREHTML')) {
+	define('NOREQUIREHTML', '1');
+}
+if (!defined('NOREQUIREAJAX')) {
+	define('NOREQUIREAJAX', '1');
+}
+if (!defined('NOIPCHECK')) {
+	define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
+}
+if (!defined('NOBROWSERNOTIF')) {
+	define('NOBROWSERNOTIF', '1');
+}
+
+/**
+ * Header empty
+ *
+ * @return	void
+ */
+function llxHeader()
+{
+}
+/**
+ * Footer empty
+ *
+ * @return	void
+ */
+function llxFooter()
+{
+}
+
+require '../../master.inc.php';
+require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
+
+
+$error = 0;
+$website = GETPOST('website', 'alpha');
+$websiteid = GETPOST('websiteid', 'int');
+$pageid = GETPOST('page', 'alpha') ?GETPOST('page', 'alpha') : GETPOST('pageid', 'alpha');
+
+$accessallowed = 1;
+$type = '';
+
+
+/*
+ * View
+ */
+
+$appli = constant('DOL_APPLICATION_TITLE');
+if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
+	$appli = $conf->global->MAIN_APPLICATION_TITLE;
+}
+
+//print 'Directory with '.$appli.' websites.<br>';
+
+if (empty($pageid)) {
+	require_once DOL_DOCUMENT_ROOT.'/website/class/website.class.php';
+	require_once DOL_DOCUMENT_ROOT.'/website/class/websitepage.class.php';
+
+	$object = new Website($db);
+	if ($websiteid) {
+		$object->fetch($websiteid);
+		$website = $object->ref;
+	} else {
+		$object->fetch(0, $website);
+	}
+
+	$objectpage = new WebsitePage($db);
+	/* Not required for CSS file
+	$array=$objectpage->fetchAll($object->id);
+
+	if (is_array($array) && count($array) > 0)
+	{
+		$firstrep=reset($array);
+		$pageid=$firstrep->id;
+	}
+	*/
+}
+/* Not required for CSS file
+if (empty($pageid))
+{
+	$langs->load("website");
+	print $langs->trans("PreviewOfSiteNotYetAvailable");
+	exit;
+}
+*/
+
+// Security: Delete string ../ into $original_file
+global $dolibarr_main_data_root;
+
+$original_file = $dolibarr_main_data_root.($conf->entity > 1 ? '/'.$conf->entity : '').'/website/'.$website.'/javascript.js.php';
+
+// Find the subdirectory name as the reference
+$refname = basename(dirname($original_file)."/");
+
+// Security:
+// Limite acces si droits non corrects
+if (!$accessallowed) {
+	accessforbidden();
+}
+
+// Security:
+// On interdit les remontees de repertoire ainsi que les pipe dans
+// les noms de fichiers.
+if (preg_match('/\.\./', $original_file) || preg_match('/[<>|]/', $original_file)) {
+	dol_syslog("Refused to deliver file ".$original_file);
+	$file = basename($original_file); // Do no show plain path of original_file in shown error message
+	dol_print_error(0, $langs->trans("ErrorFileNameInvalid", $file));
+	exit;
+}
+
+clearstatcache();
+
+$filename = basename($original_file);
+
+// Output file on browser
+dol_syslog("javascript.js.css.php include $original_file $filename content-type=$type");
+$original_file_osencoded = dol_osencode($original_file); // New file name encoded in OS encoding charset
+
+// This test if file exists should be useless. We keep it to find bug more easily
+if (!file_exists($original_file_osencoded)) {
+	$langs->load("website");
+	print $langs->trans("RequestedPageHasNoContentYet", $pageid);
+	//dol_print_error(0,$langs->trans("ErrorFileDoesNotExists",$original_file));
+	exit;
+}
+
+
+// Output page content
+define('USEDOLIBARRSERVER', 1);
+print '/* Page content '.$original_file.' : JS content that was saved into tpl dir */'."\n";
+require_once $original_file_osencoded;
+
+
+if (is_object($db)) {
+	$db->close();
+}