Factorize code into a function dolJSToSetRandomPassword()

htdocs/admin/agenda_xcal.php

@@ -207,21 +207,11 @@ $message .= $langs->trans("AgendaUrlOptionsIncludeHolidays", '1', '1').'<br>';
 
 print info_admin($message);
 
-if (!empty($conf->use_javascript_ajax)) {
-	print "\n".'<script type="text/javascript">';
-	print '$(document).ready(function () {
-            $("#generate_token").click(function() {
-            	$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-            		action: \'getrandompassword\',
-            		generic: true
-				},
-				function(token) {
-					$("#MAIN_AGENDA_XCAL_EXPORTKEY").val(token);
-				});
-            });
-    });';
-	print '</script>';
-}
+$constname = 'MAIN_AGENDA_XCAL_EXPORTKEY';
+
+// Add button to autosuggest a key
+include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+print dolJSToSetRandomPassword($constname);
 
 // End of page
 llxFooter();

htdocs/admin/clicktodial.php

@@ -188,22 +188,10 @@ if (!empty($conf->global->CLICKTODIAL_URL)) {
 	}
 }
 
-if (!empty($conf->use_javascript_ajax)) {
-	print "\n".'<script type="text/javascript">';
-	print '$(document).ready(function () {
-			$("#generate_token").click(function() {
-				console.log("Click done");
-				$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-					action: \'getrandompassword\',
-					generic: true
-				},
-					function(token) {
-						$("#CLICKTODIAL_KEY_FOR_CIDLOOKUP").val(token);
-					});
-				});
-			});';
-	print '</script>';
-}
+// Add button to autosuggest a key
+include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+print dolJSToSetRandomPassword('CLICKTODIAL_KEY_FOR_CIDLOOKUP');
+
 
 // End of page
 llxFooter();

htdocs/admin/eventorganization.php

@@ -273,21 +273,10 @@ if ($action == 'edit') {
 				if (!empty($conf->use_javascript_ajax)) {
 					print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
 				}
-				if (!empty($conf->use_javascript_ajax)) {
-					print "\n".'<script type="text/javascript">';
-					print '$(document).ready(function () {
-                        $("#generate_token'.$constname.'").click(function() {
-                	        $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-                		      action: \'getrandompassword\',
-                		      generic: true
-    				        },
-    				        function(token) {
-    					       $("#'.$constname.'").val(token);
-            				});
-                         });
-                    });';
-					print '</script>';
-				}
+
+				// Add button to autosuggest a key
+				include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+				print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
 			} elseif ($val['type'] == 'product') {
 				if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
 					$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

htdocs/admin/hrm.php

@@ -540,21 +540,10 @@ if ($action == 'edit') {
 				if (!empty($conf->use_javascript_ajax)) {
 					print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
 				}
-				if (!empty($conf->use_javascript_ajax)) {
-					print "\n".'<script type="text/javascript">';
-					print '$(document).ready(function () {
-                        $("#generate_token'.$constname.'").click(function() {
-                	        $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-                		      action: \'getrandompassword\',
-                		      generic: true
-    				        },
-    				        function(token) {
-    					       $("#'.$constname.'").val(token);
-            				});
-                         });
-                    });';
-					print '</script>';
-				}
+
+				// Add button to autosuggest a key
+				include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+				print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
 			} elseif ($val['type'] == 'product') {
 				if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
 					$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

htdocs/admin/mailing.php

@@ -107,21 +107,11 @@ llxHeader('', $langs->trans("MailingSetup"));
 $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
 print load_fiche_titre($langs->trans("MailingSetup"), $linkback, 'title_setup');
 
-if (!empty($conf->use_javascript_ajax)) {
-	print "\n".'<script type="text/javascript">';
-	print '$(document).ready(function () {
-            $("#generate_token").click(function() {
-            	$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-            		action: \'getrandompassword\',
-            		generic: true
-				},
-				function(token) {
-					$("#MAILING_EMAIL_UNSUBSCRIBE_KEY").val(token);
-				});
-            });
-    });';
-	print '</script>';
-}
+$constname = 'MAILING_EMAIL_UNSUBSCRIBE_KEY';
+
+// Add button to autosuggest a key
+include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+print dolJSToSetRandomPassword($constname);
 
 print '<br>';
 print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';

htdocs/admin/webhook.php

@@ -338,21 +338,10 @@ if ($action == 'edit') {
 					if (!empty($conf->use_javascript_ajax)) {
 						print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
 					}
-					if (!empty($conf->use_javascript_ajax)) {
-						print "\n".'<script type="text/javascript">';
-						print '$(document).ready(function () {
-                        $("#generate_token'.$constname.'").click(function() {
-                	        $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-                		      action: \'getrandompassword\',
-                		      generic: true
-    				        },
-    				        function(token) {
-    					       $("#'.$constname.'").val(token);
-            				});
-                         });
-                    });';
-						print '</script>';
-					}
+
+					// Add button to autosuggest a key
+					include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+					print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
 				} elseif ($val['type'] == 'product') {
 					if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
 						$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

htdocs/asset/admin/setup.php

@@ -519,21 +519,10 @@ if ($action == 'edit') {
 				if (!empty($conf->use_javascript_ajax)) {
 					print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token'.$constname.'" class="linkobject"');
 				}
-				if (!empty($conf->use_javascript_ajax)) {
-					print "\n".'<script type="text/javascript">';
-					print '$(document).ready(function () {
-                        $("#generate_token'.$constname.'").click(function() {
-                	        $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-                		      action: \'getrandompassword\',
-                		      generic: true
-    				        },
-    				        function(token) {
-    					       $("#'.$constname.'").val(token);
-            				});
-                         });
-                    });';
-					print '</script>';
-				}
+
+				// Add button to autosuggest a key
+				include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+				print dolJSToSetRandomPassword($constname, 'generate_token'.$constname);
 			} elseif ($val['type'] == 'product') {
 				if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
 					$selected = (empty($conf->global->$constname) ? '' : $conf->global->$constname);

htdocs/core/ajax/security.php

@@ -42,6 +42,9 @@ if (!defined('NOREQUIRETRAN')) {
 
 require '../../main.inc.php';
 
+$action = GETPOST('action');
+
+
 /*
  * View
  */
@@ -52,10 +55,10 @@ top_httphead();
 //print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
 
 // Registering the location of boxes
-if (isset($_GET['action']) && !empty($_GET['action'])) {
-	if ($_GET['action'] == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) {
+if ($action) {
+	if ($action == 'getrandompassword' && ($user->admin || $user->rights->api->apikey->generate)) {
 		require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
-		$generic = $_GET['generic'] ? true : false;
+		$generic = GETPOST('generic') ? true : false;
 		echo getRandomPassword($generic);
 	}
 }

htdocs/core/class/html.formsetup.class.php

@@ -952,21 +952,11 @@ class FormSetupItem
 		if (!empty($conf->use_javascript_ajax)) {
 			$out.= ' '.img_picto($this->langs->trans('Generate'), 'refresh', 'id="generate_token'.$this->confKey.'" class="linkobject"');
 		}
-		if (!empty($conf->use_javascript_ajax)) {
-			$out .= "\n" . '<script type="text/javascript">';
-			$out .= '$(document).ready(function () {
-                        $("#generate_token' . $this->confKey . '").click(function() {
-                	        $.get( "' . DOL_URL_ROOT . '/core/ajax/security.php", {
-                		      action: \'getrandompassword\',
-                		      generic: true
-    				        },
-    				        function(token) {
-    					       $("#' . $this->confKey . '").val(token);
-            				});
-                         });
-                    });';
-			$out .= '</script>';
-		}
+
+		// Add button to autosuggest a key
+		include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+		$out .= dolJSToSetRandomPassword($this->confKey, 'generate_token'.$this->confKey);
+
 		return $out;
 	}
 

htdocs/core/lib/security2.lib.php

@@ -449,7 +449,7 @@ function encodedecode_dbpassconf($level = 0)
  * @param		array		$replaceambiguouschars	Discard ambigous characters. For example array('I').
  * @param       int         $length                 Length of random string (Used only if $generic is true)
  * @return		string		    					New value for password
- * @see dol_hash()
+ * @see dol_hash(), dolJSToSetRandomPassword()
  */
 function getRandomPassword($generic = false, $replaceambiguouschars = null, $length = 32)
 {
@@ -527,3 +527,34 @@ function getRandomPassword($generic = false, $replaceambiguouschars = null, $len
 
 	return $generated_password;
 }
+
+/**
+ * Ouput javacript to autoset a generated password using default module into a HTML element.
+ *
+ * @param		string 		$htmlname			HTML name of element to insert key into
+ * @param		string		$htmlnameofbutton	HTML name of button
+ * @return		string		    				HTML javascript code to set a password
+ * @see getRandomPassword()
+ */
+function dolJSToSetRandomPassword($htmlname, $htmlnameofbutton = 'generate_token')
+{
+	global $conf;
+
+	if (!empty($conf->use_javascript_ajax)) {
+		print "\n".'<!-- Js code to suggest a security key --><script type="text/javascript">';
+		print '$(document).ready(function () {
+            $("#'.dol_escape_js($htmlnameofbutton).'").click(function() {
+				console.log("We click on the button to suggest a key");
+            	$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
+            		action: \'getrandompassword\',
+            		generic: true,
+					token: \''.dol_escape_js(newToken()).'\'
+				},
+				function(result) {
+					$("#'.dol_escape_js($htmlname).'").val(result);
+				});
+            });
+		});'."\n";
+		print '</script>';
+	}
+}

htdocs/core/tpl/onlinepaymentlinks.tpl.php

@@ -141,21 +141,11 @@ if (!empty($conf->don->enabled)) {
 	print '<br>';
 }
 
-if (!empty($conf->use_javascript_ajax)) {
-	print "\n".'<script>';
-	print '$(document).ready(function () {
-		$("#generate_token").click(function() {
-            	$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-            		action: \'getrandompassword\',
-            		generic: true
-				},
-				function(token) {
-					$("#PAYMENT_SECURITY_TOKEN").val(token);
-				});
-            });
-    	});';
-	print '</script>';
-}
+$constname = 'PAYMENT_SECURITY_TOKEN';
+
+// Add button to autosuggest a key
+include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+print dolJSToSetRandomPassword($constname);
 
 print info_admin($langs->trans("YouCanAddTagOnUrl"));
 

htdocs/cron/admin/cron.php

@@ -129,22 +129,11 @@ dol_print_cron_urls();
 
 print '<br>';
 
-if (!empty($conf->use_javascript_ajax)) {
-	print "\n".'<script type="text/javascript">';
-	print '$(document).ready(function () {
-		$("#generate_token").click(function() {
-			console.log("Click done");
-			$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-				action: \'getrandompassword\',
-				generic: true
-			},
-				function(token) {
-					$("#CRON_KEY").val(token);
-				});
-			});
-		});';
-	print '</script>';
-}
+$constname = 'CRON_KEY';
+
+// Add button to autosuggest a key
+include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+print dolJSToSetRandomPassword($constname);
 
 llxFooter();
 $db->close();

htdocs/install/mysql/migration/16.0.0-17.0.0.sql

@@ -41,12 +41,14 @@ ALTER TABLE llx_c_email_templates ADD COLUMN email_from varchar(255);
 ALTER TABLE llx_c_email_templates ADD COLUMN email_to varchar(255);
 ALTER TABLE llx_c_email_templates ADD COLUMN email_tocc varchar(255);
 ALTER TABLE llx_c_email_templates ADD COLUMN email_tobcc varchar(255);
+ALTER TABLE llx_c_email_templates ADD COLUMN content_lines text;
 
 ALTER TABLE llx_expedition ADD COLUMN billed smallint    DEFAULT 0;
 
 ALTER TABLE llx_accounting_system MODIFY COLUMN pcg_version varchar(32) NOT NULL;
 
 
+
 -- v17
 
 ALTER TABLE llx_facture ADD COLUMN close_missing_amount double(24, 8) after close_code;

htdocs/install/upgrade2.php

@@ -4116,6 +4116,7 @@ function migrate_delete_old_files($db, $langs, $conf)
 		'/core/boxes/box_members.php',
 
 		'/api/class/api_generic.class.php',
+		'/asterisk/cidlookup.php',
 		'/categories/class/api_category.class.php',
 		'/categories/class/api_deprecated_category.class.php',
 		'/compta/facture/class/api_invoice.class.php',

htdocs/user/card.php

@@ -2834,20 +2834,12 @@ if ($action == 'create' || $action == 'adduserldap') {
 	}
 }
 
-if (!empty($conf->api->enabled) && !empty($conf->use_javascript_ajax)) {
-	print "\n".'<script type="text/javascript">';
-	print '$(document).ready(function () {
-            $("#generate_api_key").click(function() {
-                $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-                    action: \'getrandompassword\',
-                    generic: true
-                },
-                function(token) {
-                    $("#api_key").val(token);
-                });
-            });
-    });';
-	print '</script>';
+if (!empty($conf->api->enabled)) {
+	$constname = 'api_key';
+
+	// Add button to autosuggest a key
+	include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+	print dolJSToSetRandomPassword($constname, 'generate_api_key');
 }
 
 // End of page

htdocs/webservices/admin/index.php

@@ -140,21 +140,10 @@ print '<br>';
 print '<br>';
 print $langs->trans("OnlyActiveElementsAreShown", DOL_URL_ROOT.'/admin/modules.php');
 
-if (!empty($conf->use_javascript_ajax)) {
-	print "\n".'<script type="text/javascript">';
-	print '$(document).ready(function () {
-            $("#generate_token").click(function() {
-            	$.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
-            		action: \'getrandompassword\',
-            		generic: true
-				},
-				function(token) {
-					$("#WEBSERVICES_KEY").val(token);
-				});
-            });
-    });';
-	print '</script>';
-}
+$constname = 'WEBSERVICES_KEY';
+
+print dolJSToSetRandomPassword($constname);
+
 
 // End of page
 llxFooter();