Update community licence 2.7.7 (script from git bash, not php execution)

Use a special double quote characters so it is correctly handled in HTML

.editorconfig

@@ -285,7 +285,7 @@ indent_style = tab
 ij_continuation_indent_size = 4
 ij_smart_tabs = true
 ij_wrap_on_typing = false
-ij_php_align_assignments = true
+ij_php_align_assignments = false
 ij_php_align_class_constants = false
 ij_php_align_group_field_declarations = false
 ij_php_align_inline_comments = false

.gitignore

@@ -6,12 +6,6 @@
 # maintenance mode (N°2240)
 /.maintenance
 
-# listing prevention in conf directory
-/conf/**
-!/conf/.htaccess
-!/conf/index.php
-!/conf/web.config
-
 # composer reserver directory, from sources, populate/update using "composer install"
 vendor/*
 test/vendor/*
@@ -19,6 +13,7 @@ test/vendor/*
 # all conf but listing prevention
 /conf/**
 !/conf/.htaccess
+!/conf/index.php
 !/conf/web.config
 
 # all datas but listing prevention
@@ -37,6 +32,9 @@ test/vendor/*
 !/log/index.php
 !/log/web.config
 
+# PHPUnit cache file
+/test/.phpunit.result.cache
+
 
 # Jetbrains
 /.idea/**

.make/composer/rmDeniedTestDir.php

@@ -36,22 +36,38 @@ clearstatcache();
 $oiTopComposer = new iTopComposer();
 $aDeniedButStillPresent = $oiTopComposer->ListDeniedButStillPresent();
 
+echo "\n";
 foreach ($aDeniedButStillPresent as $sDir)
 {
-	if (! preg_match('#[tT]ests?/?$#', $sDir))
+	if (false === iTopComposer::IsTestDir($sDir))
 	{
-		echo "\nfound INVALID denied test dir: '$sDir'\n";
+		echo "ERROR found INVALID denied test dir: '$sDir'\n";
 		throw new \Exception("$sDir must end with /Test/ or /test/");
 	}
 
-	try
-	{
-		SetupUtils::rrmdir($sDir);
-		echo "Remove denied test dir: '$sDir'\n";
-	}
-	catch (\Exception $e)
-	{
-		echo "\nFAILED to remove denied test dir: '$sDir'\n";
+	if (false === file_exists($sDir)) {
+		echo "INFO $sDir is in denied list, but not existing on disk => skipping !\n";
+		continue;
 	}
 
+	try {
+		SetupUtils::rrmdir($sDir);
+		echo "OK Remove denied test dir: '$sDir'\n";
+	}
+	catch (\Exception $e) {
+		echo "\nFAILED to remove denied test dir: '$sDir'\n";
+	}
+}
+
+
+$aAllowedAndDeniedDirs = array_merge(
+	$oiTopComposer->ListAllowedTestDir(),
+	$oiTopComposer->ListDeniedTestDir()
+);
+$aExistingDirs = $oiTopComposer->ListAllTestDir();
+$aMissing = array_diff($aExistingDirs, $aAllowedAndDeniedDirs);
+if (false === empty($aMissing)) {
+	echo "Some new tests dirs exists !\n"
+		.'  They must be declared either in the allowed or denied list in '.iTopComposer::class." (see N°2651).\n"
+		.'  List of dirs:'."\n".var_export($aMissing, true);
 }

.make/release/update-versions.php

@@ -27,6 +27,7 @@ $aFilesUpdaters = array(
 	new iTopVersionFileUpdater(),
 	new CssVariablesFileUpdater(),
 	new DatamodelsModulesFiles(),
+	new ConstantFileUpdater('ITOP_CORE_VERSION', 'approot.inc.php'),
 );
 
 if (count($argv) === 1)

.make/release/update.classes.inc.php

@@ -69,6 +69,40 @@ abstract class AbstractSingleFileVersionUpdater extends FileVersionUpdater
 	}
 }
 
+/**
+ * @since 2.7.7 3.0.1 3.1.0 N°4714
+ */
+class ConstantFileUpdater extends AbstractSingleFileVersionUpdater {
+	/** @var string */
+	private $sConstantName;
+
+	/**
+	 * @param $sConstantName constant to search, for example `ITOP_CORE_VERSION`
+	 * @param $sFileToUpdate file containing constant definition
+	 */
+	public function __construct($sConstantName, $sFileToUpdate)
+	{
+		$this->sConstantName = $sConstantName;
+		parent::__construct($sFileToUpdate);
+	}
+
+	/**
+	 * @inheritDoc
+	 */
+	public function UpdateFileContent($sVersionLabel, $sFileContent, $sFileFullPath)
+	{
+		$sConstantSearchPattern = <<<REGEXP
+/define\('{$this->sConstantName}', ?'[^']+'\);/
+REGEXP;
+
+		return preg_replace(
+			$sConstantSearchPattern,
+			"define('{$this->sConstantName}', '{$sVersionLabel}');",
+			$sFileContent
+		);
+	}
+}
+
 class iTopVersionFileUpdater extends AbstractSingleFileVersionUpdater
 {
 	public function __construct()

CONTRIBUTING.md

@@ -111,9 +111,9 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 * Use the present tense ("Add feature" not "Added feature")
 * Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
 * Limit the first line to 72 characters or less
-* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.carloscuesta.me/)).  
- Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
- Emoji examples :
+* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.dev/)).  
+  Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
+  Emoji examples :
     * 🌐 `:globe_with_meridians:` for translations
     * 🎨 `:art:` when improving the format/structure of the code
     * ⚡️ `:zap:` when improving performance

README.md

@@ -21,6 +21,19 @@ iTop also offers mass import tools and web services to integrate with your IT
 - [Data synchronization][18] (for data federation)
 
 
+## Latest release
+
+- [Changes since the previous version][62]
+- [New features][63]
+- [Installation notes][64]
+- [Download][65]
+
+[62]: https://www.itophub.io/wiki/page?id=latest:release:change_log
+[63]: https://www.itophub.io/wiki/page?id=latest:release:start
+[64]: https://www.itophub.io/wiki/page?id=latest:install:start
+[65]: https://sourceforge.net/projects/itop/files/latest/download
+
+
 ## Resources
 
  - [iTop Forums][1]: community support
@@ -49,47 +62,6 @@ iTop also offers mass import tools and web services to integrate with your IT
 
 
 
-## Last releases
-
-### Versions 2.7.*
- - 2.7.1 published on April 8, 2020
- - [Changes since the previous version][62]
- - [New features][63]
- - [Migration notes][64]
- - [Download iTop 2.7.0-2][65]
-
-[62]: https://www.itophub.io/wiki/page?id=2_7_0:release:change_log
-[63]: https://www.itophub.io/wiki/page?id=2_7_0:release:2_7_whats_new
-[64]: https://www.itophub.io/wiki/page?id=2_7_0:install:260_to_270_migration_notes
-[65]: https://sourceforge.net/projects/itop/files/itop/2.7.0-2
-
-
-### Versions 2.6.*
- - 2.6.0 published on January 9, 2019
- - [Changes since the previous version][58]
- - [New features][59]
- - [Migration notes][60]
- - [Download iTop 2.6.3][61]
-
-[58]: https://www.itophub.io/wiki/page?id=2_6_0:release:change_log
-[59]: https://www.itophub.io/wiki/page?id=2_6_0:release:2_6_whats_new
-[60]: https://www.itophub.io/wiki/page?id=2_6_0:install:250_to_260_migration_notes
-[61]: https://sourceforge.net/projects/itop/files/itop/2.6.3
-
-
-### Versions 2.5.*
- - 2.5.0 published on July 11, 2018
- - [Changes since the previous version][54]
- - [New features][55]
- - [Migration notes][56]
- - [Download iTop 2.5.1][57]
-
-[54]: https://www.itophub.io/wiki/page?id=2_5_0:release:change_log
-[55]: https://www.itophub.io/wiki/page?id=2_5_0:release:2_5_whats_new
-[56]: https://www.itophub.io/wiki/page?id=2_5_0:install:240_to_250_migration_notes
-[57]: https://sourceforge.net/projects/itop/files/itop/2.5.1
-
-
 ## About Us
 
 iTop development is sponsored, led and supported by [Combodo][0].

addons/userrights/userrightsprofile.class.inc.php

@@ -23,7 +23,7 @@ define('PORTAL_PROFILE_NAME', 'Portal user');
 class UserRightsBaseClassGUI extends cmdbAbstractObject
 {
 	// Whenever something changes, reload the privileges
-	
+
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -73,7 +73,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	}
 
 	protected static $m_aCacheProfiles = null;
-	
+
 	public static function DoCreateProfile($sName, $sDescription)
 	{
 		if (is_null(self::$m_aCacheProfiles))
@@ -85,7 +85,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheProfiles[$oProfile->Get('name')] = $oProfile->GetKey();
 			}
-		}	
+		}
 
 		$sCacheKey = $sName;
 		if (isset(self::$m_aCacheProfiles[$sCacheKey]))
@@ -96,10 +96,10 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('name', $sName);
 		$oNewObj->Set('description', $sDescription);
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheProfiles[$sCacheKey] = $iId;	
+		self::$m_aCacheProfiles[$sCacheKey] = $iId;
 		return $iId;
 	}
-	
+
 	function GetGrantAsHtml($oUserRights, $sClass, $sAction)
 	{
 		$bGrant = $oUserRights->GetProfileActionGrant($this->GetKey(), $sClass, $sAction);
@@ -116,7 +116,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			return '<span style="background-color: #ffdddd;">'.Dict::S('UI:UserManagement:ActionAllowed:No').'</span>';
 		}
 	}
-	
+
 	function DoShowGrantSumary($oPage)
 	{
 		if ($this->GetRawName() == "Administrator")
@@ -128,7 +128,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 
 		// Note: for sure, we assume that the instance is derived from UserRightsProfile
 		$oUserRights = UserRights::GetModuleInstance();
-	
+
 		$aDisplayData = array();
 		foreach (MetaModel::GetClasses('bizmodel,grant_by_profile') as $sClass)
 		{
@@ -137,12 +137,12 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				$bGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if ($bGrant === true)
-				{ 
+				{
 					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
-			
+
 			$aDisplayData[] = array(
 				'class' => MetaModel::GetName($sClass),
 				'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'r'),
@@ -154,7 +154,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				'stimuli' => $sStimuli,
 			);
 		}
-	
+
 		$aDisplayConfig = array();
 		$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
 		$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
@@ -214,7 +214,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	 * @param $aReasons array To store the reasons why the attribute is read-only (info about the synchro replicas)
 	 * @param $sTargetState string The target state in which to evalutate the flags, if empty the current state will be used
 	 * @return integer Flags: the binary combination of the flags applicable to this attribute
-	 */	 	  	 	
+	 */
 	public function GetAttributeFlags($sAttCode, &$aReasons = array(), $sTargetState = '')
 	{
 		$iFlags = parent::GetAttributeFlags($sAttCode, $aReasons, $sTargetState);
@@ -397,7 +397,7 @@ class URP_UserOrg extends UserRightsBaseClassGUI
 	{
 		if (!UserRights::IsLoggedIn() || UserRights::IsAdministrator()) { return; }
 
-		$oUser = UserRights::GetUserObject();		
+		$oUser = UserRights::GetUserObject();
 		$oAddon = UserRights::GetModuleInstance();
 		$aOrgs = $oAddon->GetUserOrgs($oUser, '');
 		if (count($aOrgs) > 0)
@@ -521,7 +521,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 				$oSearch->AllowAllData();
 				$oCondition = new BinaryExpression(new FieldExpression('userid'), '=', new VariableExpression('userid'));
 				$oSearch->AddConditionExpression($oCondition);
-				
+
 				$oUserOrgSet = new DBObjectSet($oSearch, array(), array('userid' => $iUser));
 				while ($oUserOrg = $oUserOrgSet->Fetch())
 				{
@@ -646,8 +646,10 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		// load and cache permissions for the current user on the given class
 		//
 		$iUser = $oUser->GetKey();
-		$aTest = @$this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
-		if (is_array($aTest)) return $aTest;
+		if (isset($this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode])){
+			$aTest = $this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
+			if (is_array($aTest)) return $aTest;
+		}
 
 		$sAction = self::$m_aActionCodes[$iActionCode];
 
@@ -813,8 +815,8 @@ class UserRightsProfile extends UserRightsAddOnAPI
 
 	/**
 	 * Find out which attribute is corresponding the the dimension 'owner org'
-	 * returns null if no such attribute has been found (no filtering should occur)	 
-	 */	 	
+	 * returns null if no such attribute has been found (no filtering should occur)
+	 */
 	public static function GetOwnerOrganizationAttCode($sClass)
 	{
 		$sAttCode = null;

application/applicationextension.inc.php

@@ -1083,11 +1083,11 @@ abstract class AbstractPageUIExtension implements iPageUIExtension
 /**
  * Implement this interface to add content to any enhanced portal page
  *
- * IMPORTANT! Experimental API, may be removed at anytime, we don't recommend to use it just now!
- *
  * @api
  * @package     Extensibility
- * @since 2.4.0
+ *
+ * @since 2.4.0 interface creation
+ * @since 2.7.0 change method signatures due to Silex to Symfony migration
  */
 interface iPortalUIExtension
 {
@@ -1160,7 +1160,11 @@ interface iPortalUIExtension
 }
 
 /**
- * IMPORTANT! Experimental API, may be removed at anytime, we don't recommend to use it just now!
+ * Extend this class instead of iPortalUIExtension if you don't need to overload all methods
+ *
+ * @api
+ * @package     Extensibility
+ * @since       2.4.0
  */
 abstract class AbstractPortalUIExtension implements iPortalUIExtension
 {

application/cmdbabstract.class.inc.php

@@ -541,7 +541,7 @@ EOF
 				{
 					continue;
 				}
-				$oPage->AddAjaxTab($oAttDef->GetLabel(), utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=dashboard&class='.get_class($this).'&id='.$this->GetKey().'&attcode='.$oAttDef->GetCode(), true, 'Class:'.$sClass.'/Attribute:'.$sAttCode);
+				$oPage->AddAjaxTab( 'Class:'.$sClass.'/Attribute:'.$sAttCode, utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=dashboard&class='.get_class($this).'&id='.$this->GetKey().'&attcode='.$oAttDef->GetCode(), true, $oAttDef->GetLabel());
 				continue;
 			}
 
@@ -1557,6 +1557,9 @@ HTML
 	 * @param array $aParams
 	 *
 	 * @throws \Exception
+	 *  only used in old and deprecated export.php
+	 *
+	 * @internal Only to be used by `/webservices/export.php` : this is a legacy method that produces wrong HTML (no TR on table body rows)
 	 */
 	public static function DisplaySetAsHTMLSpreadsheet(WebPage $oPage, CMDBObjectSet $oSet, $aParams = array())
 	{
@@ -1577,6 +1580,8 @@ HTML
 	 * @throws \MySQLException
 	 * @throws \MySQLHasGoneAwayException
 	 * @throws \Exception
+	 * 
+	 * @internal Only to be used by `/webservices/export.php` : this is a legacy method that produces wrong HTML (no TR on table body rows)
 	 */
 	public static function GetSetAsHTMLSpreadsheet(DBObjectSet $oSet, $aParams = array())
 	{

application/dashboard.class.inc.php

@@ -852,28 +852,29 @@ class RuntimeDashboard extends Dashboard
 	{
 		$bCustomized = false;
 
-		if (!appUserPreferences::GetPref('display_original_dashboard_'.$sDashBoardId, false))
-		{
+		$sDashboardFileSanitized = utils::RealPath($sDashboardFile, APPROOT);
+		if (false === $sDashboardFileSanitized) {
+			throw new SecurityException('Invalid dashboard file !');
+		}
+
+		if (!appUserPreferences::GetPref('display_original_dashboard_'.$sDashBoardId, false)) {
 			// Search for an eventual user defined dashboard
 			$oUDSearch = new DBObjectSearch('UserDashboard');
 			$oUDSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
 			$oUDSearch->AddCondition('menu_code', $sDashBoardId, '=');
 			$oUDSet = new DBObjectSet($oUDSearch);
-			if ($oUDSet->Count() > 0)
-			{
+			if ($oUDSet->Count() > 0) {
 				// Assuming there is at most one couple {user, menu}!
 				$oUserDashboard = $oUDSet->Fetch();
 				$sDashboardDefinition = $oUserDashboard->Get('contents');
 				$bCustomized = true;
-			}
-			else
-			{
-				$sDashboardDefinition = @file_get_contents($sDashboardFile);
+			} else {
+				$sDashboardDefinition = @file_get_contents($sDashboardFileSanitized);
 			}
 		}
 		else
 		{
-			$sDashboardDefinition = @file_get_contents($sDashboardFile);
+			$sDashboardDefinition = @file_get_contents($sDashboardFileSanitized);
 		}
 
 		if ($sDashboardDefinition !== false)
@@ -881,7 +882,7 @@ class RuntimeDashboard extends Dashboard
 			$oDashboard = new RuntimeDashboard($sDashBoardId);
 			$oDashboard->FromXml($sDashboardDefinition);
 			$oDashboard->SetCustomFlag($bCustomized);
-			$oDashboard->SetDefinitionFile($sDashboardFile);
+			$oDashboard->SetDefinitionFile($sDashboardFileSanitized);
 		}
 		else
 		{

application/dashlet.class.inc.php

@@ -255,7 +255,7 @@ abstract class Dashlet
 		catch(OqlException $e)
 		{
 			$oPage->add('<div class="dashlet-content">');
-			$oPage->p($e->GetUserFriendlyDescription());
+			$oPage->p(utils::HtmlEntities($e->GetUserFriendlyDescription()));
 			$oPage->add('</div>');
 		}
 		catch(Exception $e)

application/displayblock.class.inc.php

@@ -324,8 +324,10 @@ class DisplayBlock
 	 * @throws DictExceptionMissingString
 	 * @throws MySQLException
 	 * @throws Exception
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 add type hinting to $aExtraParams
 	 */
-	public function GetRenderContent(WebPage $oPage, $aExtraParams, $sId)
+	public function GetRenderContent(WebPage $oPage, array $aExtraParams, $sId)
 	{
 		$sHtml = '';
 		// Add the extra params into the filter if they make sense for such a filter
@@ -851,7 +853,7 @@ class DisplayBlock
 				foreach($aStates as $sStateValue)
 				{
 					$sHtmlValue=$aGroupBy['group1']->MakeValueLabel($this->m_oFilter, $sStateValue, $sStateValue);
-					$aStateLabels[$sStateValue] = html_entity_decode(strip_tags($sHtmlValue), ENT_QUOTES, 'UTF-8');
+					$aStateLabels[$sStateValue] = strip_tags($sHtmlValue);
 
 					$aCounts[$sStateValue] = (array_key_exists($sStateValue, $aCountsQueryResults))
 						? $aCountsQueryResults[$sStateValue]
@@ -1418,8 +1420,25 @@ class HistoryBlock extends DisplayBlock
 		$this->iLimitStart = $iStart;
 		$this->iLimitCount = $iCount;
 	}
-	
-	public function GetRenderContent(WebPage $oPage, $aExtraParams = array(), $sId)
+
+	/**
+	 * @param \WebPage $oPage
+	 * @param array $aExtraParams
+	 * @param string $sId
+	 *
+	 * @return string
+	 * @throws \ArchivedObjectException
+	 * @throws \CoreException
+	 * @throws \CoreUnexpectedValue
+	 * @throws \DictExceptionMissingString
+	 * @throws \MissingQueryArgument
+	 * @throws \MySQLException
+	 * @throws \MySQLHasGoneAwayException
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aExtraParams and add type hinting for PHP 8.0 compatibility
+	 *      (var is unused, and all calls were already made using a default value)
+	 */
+	public function GetRenderContent(WebPage $oPage, array $aExtraParams, $sId)
 	{
 		$sHtml = '';
 		$bTruncated = false;
@@ -1558,8 +1577,10 @@ class MenuBlock extends DisplayBlock
 	 * @throws \Exception
 	 * @throws \MissingQueryArgument
 	 * @throws \MySQLException
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value and add type hinting on $aExtraParams for PHP 8.0 compatibility
 	 */
-	public function GetRenderContent(WebPage $oPage, $aExtraParams = array(), $sId)
+	public function GetRenderContent(WebPage $oPage, array $aExtraParams, $sId)
 	{
 		if ($this->m_sStyle == 'popup') // popup is a synonym of 'list' for backward compatibility
 		{

application/forms.class.inc.php

@@ -1223,7 +1223,7 @@ class DesignerComboField extends DesignerFormField
 		$sChecked = $this->defaultValue ? 'checked' : '';
 		$sMandatory = $this->bMandatory ? 'true' :  'false';
 		$sReadOnly = $this->IsReadOnly() ? 'disabled="disabled"' :  '';
-		if ($this->IsSorted())
+		if ($this->IsSorted() )
 		{
 			asort($this->aAllowedValues);
 		}
@@ -1271,18 +1271,14 @@ class DesignerComboField extends DesignerFormField
 					$sHtml .= "<option value=\"\">".$this->sNullLabel."</option>";
 				}
 			}
-			foreach($this->aAllowedValues as $sKey => $sDisplayValue)
-			{
-				if ($this->bMultipleSelection)
-				{
+			foreach ($this->aAllowedValues as $sKey => $sDisplayValue) {
+				if ($this->bMultipleSelection) {
 					$sSelected = in_array($sKey, $this->defaultValue) ? 'selected' : '';
-				}
-				else
-				{
+				} else {
 					$sSelected = ($sKey == $this->defaultValue) ? 'selected' : '';
 				}
 				// Quick and dirty: display the menu parents as a tree
-				$sHtmlValue = str_replace(' ', '&nbsp;', htmlentities($sDisplayValue, ENT_QUOTES, 'UTF-8'));
+				$sHtmlValue = str_replace(' ', '&nbsp;', $sDisplayValue);
 				$sHtml .= "<option value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\" $sSelected>$sHtmlValue</option>";
 			}
 			$sHtml .= "</select>";

application/itopwebpage.class.inc.php

@@ -624,7 +624,7 @@ JS
 	ShowDebug();
 	$('#logOffBtn>ul').popupmenu();
 	
-	$('.caselog_header').click( function () { $(this).toggleClass('open').next('.caselog_entry,.caselog_entry_html').toggle(); });
+	$('body').on('click', '.caselog_header', function () { $(this).toggleClass('open').next('.caselog_entry,.caselog_entry_html').toggle(); });
 	
 	$(document).ajaxSend(function(event, jqxhr, options) {
 		jqxhr.setRequestHeader('X-Combodo-Ajax', 'true');

application/startup.inc.php

@@ -35,29 +35,25 @@ register_shutdown_function(function()
 	$sReservedMemory = null;
 	if (!is_null($err = error_get_last()) && ($err['type'] == E_ERROR))
 	{
-		// Remove stack trace from MySQLException
+		// Remove stack trace from MySQLException (since 2.7.2 see N°3174)
 		$sMessage = $err['message'];
-		if (strpos($sMessage, 'MySQLException') !== false)
-		{
+		if (strpos($sMessage, 'MySQLException') !== false) {
 			$iStackTracePos = strpos($sMessage, 'Stack trace:');
-			if ($iStackTracePos !== false)
-			{
+			if ($iStackTracePos !== false) {
 				$sMessage = substr($sMessage, 0, $iStackTracePos);
 			}
 		}
-		IssueLog::error($sMessage, null, $err);
-		if (strpos($err['message'], 'Allowed memory size of') !== false)
-		{
+		// Log additional info but message from $err (since 2.7.6 N°4174)
+		$aErrToLog = $err;
+		unset($aErrToLog['message']);
+		IssueLog::error($sMessage, null, $aErrToLog);
+		if (strpos($err['message'], 'Allowed memory size of') !== false) {
 			$sLimit = ini_get('memory_limit');
 			echo "<p>iTop: Allowed memory size of $sLimit exhausted, contact your administrator to increase 'memory_limit' in php.ini</p>\n";
-		}
-		elseif (strpos($err['message'], 'Maximum execution time') !== false)
-		{
+		} elseif (strpos($err['message'], 'Maximum execution time') !== false) {
 			$sLimit = ini_get('max_execution_time');
 			echo "<p>iTop: Maximum execution time of $sLimit exceeded, contact your administrator to increase 'max_execution_time' in php.ini</p>\n";
-		}
-		else
-		{
+		} else {
 			echo "<p>iTop: An error occurred, check server error log for more information.</p>\n";
 		}
 	}

application/transaction.class.inc.php

@@ -26,8 +26,6 @@
  * @copyright   Copyright (C) 2010-2012 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
-
-
 class privUITransaction
 {
 	/**
@@ -99,9 +97,10 @@ class privUITransaction
 }
 
 /**
- * The original (and by default) mechanism for storing transaction information
- * as an array in the $_SESSION variable
+ * The original mechanism for storing transaction information as an array in the $_SESSION variable
  *
+ * Warning, since 2.6.0 the session is regenerated on each login (see PR #20) !
+ * Also, we saw some problems when using memcached as the PHP session implementation (see N°1835)
  */
 class privUITransactionSession
 {
@@ -194,9 +193,35 @@ class privUITransactionSession
  */
 class privUITransactionFile
 {
+	/** @var int Value to use when no user logged */
+	const UNAUTHENTICATED_USER_ID = -666;
+
 	/**
+	 * @return int current user id, or {@see self::UNAUTHENTICATED_USER_ID} if no user logged
+	 *
+	 * @since 2.6.5 2.7.6 3.0.0 N°4289 method creation
+	 */
+	private static function GetCurrentUserId()
+	{
+		$iCurrentUserId = UserRights::GetConnectedUserId();
+		if ('' === $iCurrentUserId) {
+			$iCurrentUserId = static::UNAUTHENTICATED_USER_ID;
+		}
+
+		return $iCurrentUserId;
+	}
+
+	/**
+	 * Create a new transaction id, store it in the session and return its id
+	 *
+	 * @param void
+	 *
 	 * @return int The new transaction identifier
+	 *
+	 * @throws \SecurityException
 	 * @throws \Exception
+	 *
+	 * @since 2.6.5 2.7.6 3.0.0 security hardening + throws SecurityException if no user logged
 	 */
 	public static function GetNewTransactionId()
 	{
@@ -213,24 +238,36 @@ class privUITransactionFile
 				throw new Exception('Failed to create the directory "'.APPROOT.'data/transactions". Ajust the rights on the parent directory or let an administrator create the transactions directory and give the web sever enough rights to write into it.');
 			}
 		}
+
 		if (!is_writable(APPROOT.'data/transactions'))
 		{
 			throw new Exception('The directory "'.APPROOT.'data/transactions" must be writable to the application.');
 		}
-		self::CleanupOldTransactions();
-		$id = basename(tempnam(APPROOT.'data/transactions', static::GetUserPrefix()));
-		self::Info('GetNewTransactionId: Created transaction: '.$id);
 
-		return (string)$id;
+		$iCurrentUserId = static::GetCurrentUserId();
+
+		self::CleanupOldTransactions();
+
+		$sTransactionIdFullPath = tempnam(APPROOT.'data/transactions', static::GetUserPrefix());
+		file_put_contents($sTransactionIdFullPath, $iCurrentUserId, LOCK_EX);
+
+		$sTransactionIdFileName = basename($sTransactionIdFullPath);
+		self::Info('GetNewTransactionId: Created transaction: '.$sTransactionIdFileName);
+
+		return $sTransactionIdFileName;
 	}
 
 	/**
 	 * Check whether a transaction is valid or not and (optionally) remove the valid transaction from
 	 * the session so that another call to IsTransactionValid for the same transaction id
 	 * will return false
+	 *
 	 * @param int $id Identifier of the transaction, as returned by GetNewTransactionId
 	 * @param bool $bRemoveTransaction True if the transaction must be removed
+	 *
 	 * @return bool True if the transaction is valid, false otherwise
+	 *
+	 * @since 2.6.5 2.7.6 3.0.0 N°4289 security hardening
 	 */
 	public static function IsTransactionValid($id, $bRemoveTransaction = true)
 	{
@@ -244,53 +281,53 @@ class privUITransactionFile
 
 		clearstatcache(true, $sFilepath);
 		$bResult = file_exists($sFilepath);
-		if ($bResult)
+
+		if (false === $bResult) {
+			self::Info("IsTransactionValid: Transaction '$id' not found. Pending transactions:\n".implode("\n", self::GetPendingTransactions()));
+			return false;
+		}
+
+		$iCurrentUserId = static::GetCurrentUserId();
+		$sTransactionIdUserId = file_get_contents($sFilepath);
+		if ($iCurrentUserId != $sTransactionIdUserId) {
+			self::Info("IsTransactionValid: Transaction '$id' not existing for current user. Pending transactions:\n".implode("\n", self::GetPendingTransactions()));
+			return false;
+		}
+
+		if ($bRemoveTransaction)
 		{
-			if ($bRemoveTransaction)
+			$bResult = @unlink($sFilepath);
+			if (!$bResult)
 			{
-				$bResult = @unlink($sFilepath);
-				if (!$bResult)
-				{
-					self::Error('IsTransactionValid: FAILED to remove transaction '.$id);
-				}
-				else
-				{
-					self::Info('IsTransactionValid: OK. Removed transaction: '.$id);
-				}
+				self::Error('IsTransactionValid: FAILED to remove transaction '.$id);
+			}
+			else
+			{
+				self::Info('IsTransactionValid: OK. Removed transaction: '.$id);
 			}
 		}
-		else
-		{
-			self::Info("IsTransactionValid: Transaction '$id' not found. Pending transactions for this user:\n".implode("\n", self::GetPendingTransactions()));
-		}
+
 		return $bResult;
 	}
 
 	/**
 	 * Removes the transaction specified by its id
 	 * @param int $id The Identifier (as returned by GetNewTransactionId) of the transaction to be removed.
-	 * @return void
+	 * @return bool true if the token can be removed
+	 *
+	 * @since 2.6.5 2.7.6 3.0.0 N°4289 security hardening
 	 */
 	public static function RemoveTransaction($id)
 	{
-		$bSuccess = true;
-		$sFilepath = APPROOT.'data/transactions/'.$id;
-		clearstatcache(true, $sFilepath);
-		if(!file_exists($sFilepath))
-		{
-			$bSuccess = false;
-			self::Error("RemoveTransaction: Transaction '$id' not found. Pending transactions for this user:\n".implode("\n", self::GetPendingTransactions()));
+		/** @noinspection PhpRedundantOptionalArgumentInspection */
+		$bResult = static::IsTransactionValid($id, true);
+		if (false === $bResult) {
+			self::Error("RemoveTransaction: Transaction '$id' is invalid. Pending transactions:\n"
+				.implode("\n", self::GetPendingTransactions()));
+			return false;
 		}
-		$bSuccess = @unlink($sFilepath);
-		if (!$bSuccess)
-		{
-			self::Error('RemoveTransaction: FAILED to remove transaction '.$id);
-		}
-		else
-		{
-			self::Info('RemoveTransaction: OK '.$id);
-		}
-		return $bSuccess;
+
+		return true;
 	}
 
 	/**
@@ -363,22 +400,35 @@ class privUITransactionFile
 	{
 		self::Write('Error | '.$sText);
 	}
-	
+
+	protected static function IsLogEnabled() {
+		$oConfig = MetaModel::GetConfig();
+		if (is_null($oConfig)) {
+			return false;
+		}
+
+		$bLogTransactions = $oConfig->Get('log_transactions');
+		if (true === $bLogTransactions) {
+			return true;
+		}
+
+		return false;
+	}
+
 	protected static function Write($sText)
 	{
-		$bLogEnabled = MetaModel::GetConfig()->Get('log_transactions');
-		if ($bLogEnabled)
-		{
+		if (false === static::IsLogEnabled()) {
+			return;
+		}
+
 		$hLogFile = @fopen(APPROOT.'log/transactions.log', 'a');
-		if ($hLogFile !== false)
-		{
+		if ($hLogFile !== false) {
 			flock($hLogFile, LOCK_EX);
 			$sDate = date('Y-m-d H:i:s');
 			fwrite($hLogFile, "$sDate | $sText\n");
 			fflush($hLogFile);
 			flock($hLogFile, LOCK_UN);
 			fclose($hLogFile);
-			}
 		}
 	}
 }

application/ui.extkeywidget.class.inc.php

@@ -71,7 +71,11 @@ class UIExtKeyWidget
 	protected $bSearchMode;
 
 	//public function __construct($sAttCode, $sClass, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sNameSuffix = '', $sFieldPrefix = '', $sFormPrefix = '')
-	static public function DisplayFromAttCode($oPage, $sAttCode, $sClass, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sFieldName = '', $sFormPrefix = '', $aArgs, $bSearchMode = false)
+
+	/**
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Add default value for $aArgs for PHP 8.0 compat
+	 */
+	public static function DisplayFromAttCode($oPage, $sAttCode, $sClass, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sFieldName = '', $sFormPrefix = '', $aArgs = [], $bSearchMode = false)
 	{
 		$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
 		$sTargetClass = $oAttDef->GetTargetClass();
@@ -372,10 +376,10 @@ EOF
 		$sHTML .= "</form>\n";
 		$sHTML .= '</div></div>';
 
-		$sDialogTitle = addslashes($sTitle);
+		$sDialogTitleSanitized = addslashes(utils::HtmlToText($sTitle));
 		$oPage->add_ready_script(
 <<<EOF
-		$('#ac_dlg_{$this->iId}').dialog({ width: $(window).width()*0.8, height: $(window).height()*0.8, autoOpen: false, modal: true, title: '$sDialogTitle', resizeStop: oACWidget_{$this->iId}.UpdateSizes, close: oACWidget_{$this->iId}.OnClose });
+		$('#ac_dlg_{$this->iId}').dialog({ width: $(window).width()*0.8, height: $(window).height()*0.8, autoOpen: false, modal: true, title: '$sDialogTitleSanitized', resizeStop: oACWidget_{$this->iId}.UpdateSizes, close: oACWidget_{$this->iId}.OnClose });
 		$('#fs_{$this->iId}').bind('submit.uiAutocomplete', oACWidget_{$this->iId}.DoSearchObjects);
 		$('#dc_{$this->iId}').resize(oACWidget_{$this->iId}.UpdateSizes);
 EOF
@@ -426,8 +430,10 @@ EOF
      *
      * @throws CoreException
      * @throws OQLException
+     *
+     * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $oObj for PHP 8.0 compatibility
      */
-	public function AutoComplete(WebPage $oP, $sFilter, $oObj = null, $sContains, $sOutputFormat = self::ENUM_OUTPUT_FORMAT_CSV, $sOperation = null)
+	public function AutoComplete(WebPage $oP, $sFilter, $oObj, $sContains, $sOutputFormat = self::ENUM_OUTPUT_FORMAT_CSV, $sOperation = null)
 	{
 		if (is_null($sFilter))
 		{

application/ui.linksdirectwidget.class.inc.php

@@ -85,9 +85,15 @@ class UILinksWidgetDirect
 	 * @param array $aArgs
 	 * @param string $sFormPrefix
 	 * @param DBObject $oCurrentObj
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aArgs for PHP 8.0 compatibility (handling wrong values at method start)
 	 */
-	public function Display(WebPage $oPage, $oValue, $aArgs = array(), $sFormPrefix, $oCurrentObj)
+	public function Display(WebPage $oPage, $oValue, $aArgs, $sFormPrefix, $oCurrentObj)
 	{
+		if (empty($aArgs)) {
+			$aArgs = [];
+		}
+
 		$oLinksetDef = MetaModel::GetAttributeDef($this->sClass, $this->sAttCode);
 		switch($oLinksetDef->GetEditMode())
 		{
@@ -137,8 +143,10 @@ class UILinksWidgetDirect
 	 * @param string $sFormPrefix
 	 * @param DBObject $oCurrentObj
 	 * @param bool $bDisplayMenu
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aArgs for PHP 8.0 compatibility (protected method, always called with default value)
 	 */
-	protected function DisplayAsBlock(WebPage $oPage, $oValue, $aArgs = array(), $sFormPrefix, $oCurrentObj, $bDisplayMenu)
+	protected function DisplayAsBlock(WebPage $oPage, $oValue, $aArgs, $sFormPrefix, $oCurrentObj, $bDisplayMenu)
 	{
 		$oLinksetDef = MetaModel::GetAttributeDef($this->sClass, $this->sAttCode);
 		$sTargetClass = $oLinksetDef->GetLinkedClass();
@@ -239,8 +247,10 @@ class UILinksWidgetDirect
 	 * @param string $sFormPrefix
 	 * @param DBObject $oCurrentObj
 	 * @param array $aButtons
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aArgs for PHP 8.0 compatibility (protected method, caller already handles it)
 	 */
-	protected function DisplayEditInPlace(WebPage $oPage, $oValue, $aArgs = array(), $sFormPrefix, $oCurrentObj, $aButtons = array('create', 'delete'))
+	protected function DisplayEditInPlace(WebPage $oPage, $oValue, $aArgs, $sFormPrefix, $oCurrentObj, $aButtons = array('create', 'delete'))
 	{
 		$aAttribs = $this->GetTableConfig();
 

application/utils.inc.php

@@ -283,6 +283,7 @@ class utils
 	 *
 	 * @since 2.5.2 2.6.0 new 'transaction_id' filter
 	 * @since 2.7.0 new 'element_identifier' filter
+	 * @since 2.7.7, 3.0.2, 3.1.0 N°4899 - new 'url' filter
 	 */
 	protected static function Sanitize_Internal($value, $sSanitizationFilter)
 	{
@@ -358,6 +359,11 @@ class utils
 				$retValue = preg_replace('/[^a-zA-Z0-9_]/', '', $value);
 				break;
 
+			// For URL
+			case 'url':
+				$retValue = filter_var($value, FILTER_SANITIZE_URL);
+				break;
+
 			default:
 			case 'raw_data':
 				$retValue = $value;
@@ -1960,11 +1966,15 @@ class utils
 	}
 	
 	/**
-	 * Returns the relative (to MODULESROOT) path of the root directory of the module containing the file where the call to
-	 * this function is made
-	 * or an empty string if no such module is found (or not called within a module file)
-	 * @param number $iCallDepth The depth of the module in the callstack. Zero when called directly from within the module
-	 * @return string
+	 * **Warning** : returned result can be invalid as we're using backtrace to find the module dir name
+	 *
+	 * @param int $iCallDepth The depth of the module in the callstack. Zero when called directly from within the module
+	 *
+	 * @return string the relative (to MODULESROOT) path of the root directory of the module containing the file where the call to
+	 *     this function is made
+	 *     or an empty string if no such module is found (or not called within a module file)
+	 *
+	 * @uses \debug_backtrace()
 	 */
 	public static function GetCurrentModuleDir($iCallDepth)
 	{
@@ -1989,9 +1999,14 @@ class utils
 	}
 
 	/**
+	 * **Warning** : as this method uses {@see GetCurrentModuleDir} it produces hazardous results.
+	 * You should better uses directly {@see GetAbsoluteUrlModulesRoot} and add the module dir name yourself ! See N°4573
+	 *
 	 * @return string the base URL for all files in the current module from which this method is called
 	 * or an empty string if no such module is found (or not called within a module file)
 	 * @throws \Exception
+	 *
+	 * @uses GetCurrentModuleDir
 	 */
 	public static function GetCurrentModuleUrl()
 	{
@@ -2246,38 +2261,19 @@ class utils
 	}
 
 	/**
-	 * @return string eg : '2_7_0' ITOP_VERSION is '2.7.1-dev'
+	 * @return string eg : '2_7_0' if iTop core version is '2.7.5-2'
+	 * @throws \ApplicationException if constant value is invalid
+	 * @uses ITOP_CORE_VERSION
 	 */
-	public static function GetItopVersionWikiSyntax()
+	public static function GetItopVersionWikiSyntax($sItopVersion = ITOP_CORE_VERSION)
 	{
-		$sMinorVersion = self::GetItopMinorVersion();
-		return str_replace('.', '_', $sMinorVersion).'_0';
-	}
+		$aExplodedVersion = explode('.', $sItopVersion);
 
-	/**
-	 * @return string eg 2.7 if ITOP_VERSION is '2.7.0-dev'
-	 * @throws \Exception
-	 */
-	public static function GetItopMinorVersion()
-	{
-		$sPatchVersion = self::GetItopPatchVersion();
-		$aExplodedVersion = explode('.', $sPatchVersion);
-
-		if (empty($aExplodedVersion[0]) || empty($aExplodedVersion[1]))
-		{
-			throw new Exception('iTop version is wrongfully configured!');
+		if ((false === isset($aExplodedVersion[0])) || (false === isset($aExplodedVersion[1]))) {
+			throw new ApplicationException('iTop version is wrongfully configured!');
 		}
 
-		return sprintf('%d.%d', $aExplodedVersion[0], $aExplodedVersion[1]);
-	}
-
-	/**
-	 * @return string eg '2.7.0' if ITOP_VERSION is '2.7.0-dev'
-	 */
-	public static function GetItopPatchVersion()
-	{
-		$aExplodedVersion = explode('-', ITOP_VERSION);
-		return $aExplodedVersion[0];
+		return "{$aExplodedVersion[0]}_{$aExplodedVersion[1]}_0";
 	}
 
 	/**

approot.inc.php

@@ -3,4 +3,18 @@
 define('APPROOT', dirname(__FILE__).'/');
 define('APPCONF', APPROOT.'conf/');
 
+
+/**
+ * Constant containing the iTop core version, whatever application was built
+ *
+ * Note that in iTop 3.0.0 we used {@see ITOP_DESIGN_LATEST_VERSION} to get core version.
+ * When releasing, both constants should be updated : see `.make/release/update-versions.php` for that !
+ *
+ * @since 2.7.7 3.0.1 3.1.0 N°4714 constant creation
+ * @used-by utils::GetItopVersionWikiSyntax()
+ * @used-by iTopModulesPhpVersionIntegrationTest
+ */
+define('ITOP_CORE_VERSION', '2.7.7');
+
+
 require_once APPROOT.'bootstrap.inc.php';

composer.json

@@ -1,8 +1,10 @@
 {
+  "name": "combodo/itop",
+  "description": "IT Operations Portal",
   "type": "project",
-  "license": "AGPLv3",
+  "license": "AGPL-3.0-or-later",
   "require": {
-    "php": ">=5.6.0",
+    "php": ">=7.0.8",
     "ext-ctype": "*",
     "ext-dom": "*",
     "ext-gd": "*",
@@ -10,22 +12,27 @@
     "ext-json": "*",
     "ext-mysqli": "*",
     "ext-soap": "*",
-    "combodo/tcpdf": "6.3.5",
-    "nikic/php-parser": "^3.1",
-    "pear/archive_tar": "1.4.13",
-    "pelago/emogrifier": "2.1.0",
+    "combodo/tcpdf": "~6.4.4",
+    "guzzlehttp/guzzle": "^6.5.8",
+    "laminas/laminas-mail": "^2.11",
+    "laminas/laminas-servicemanager": "^3.5",
+    "league/oauth2-google": "^3.0",
+    "nikic/php-parser": "~4.13.2",
+    "pear/archive_tar": "~1.4.14",
+    "pelago/emogrifier": "~3.1.0",
     "scssphp/scssphp": "1.0.6",
-    "swiftmailer/swiftmailer": "5.4.12",
-    "symfony/console": "3.4.*",
-    "symfony/dotenv": "3.4.*",
-    "symfony/framework-bundle": "3.4.*",
-    "symfony/polyfill-php70": "1.*",
-    "symfony/twig-bundle": "3.4.*",
-    "symfony/yaml": "3.4.*"
+    "swiftmailer/swiftmailer": "~6.3.0",
+    "symfony/console": "~3.4.47",
+    "symfony/dotenv": "~3.4.47",
+    "symfony/framework-bundle": "~3.4.47",
+    "symfony/twig-bundle": "~3.4.47",
+    "symfony/yaml": "~3.4.47",
+    "thenetworg/oauth2-azure": "^2.0",
+    "twig/twig": "~1.42.5"
   },
   "require-dev": {
-    "symfony/stopwatch": "3.4.*",
-    "symfony/web-profiler-bundle": "3.4.*"
+    "symfony/stopwatch": "~3.4.47",
+    "symfony/web-profiler-bundle": "~3.4.47"
   },
   "suggest": {
     "ext-libsodium": "Required to use the AttributeEncryptedString.",
@@ -37,7 +44,7 @@
   },
   "config": {
     "platform": {
-      "php": "5.6.0"
+      "php": "7.0.8"
     },
     "vendor-dir": "lib",
     "preferred-install": {
@@ -52,7 +59,8 @@
       "application",
       "sources/application",
       "sources/Composer",
-      "sources/Controller"
+      "sources/Controller",
+      "sources/Core"
     ],
     "exclude-from-classmap": [
       "core/dbobjectsearch.class.php",

core/action.class.inc.php

@@ -179,7 +179,7 @@ class ActionEmail extends ActionNotification
 	protected function FindRecipients($sRecipAttCode, $aArgs)
 	{
 		$sOQL = $this->Get($sRecipAttCode);
-		if (strlen($sOQL) == '') return '';
+		if (strlen($sOQL) === 0) return '';
 
 		try
 		{
@@ -314,42 +314,54 @@ class ActionEmail extends ActionNotification
 		{
 			$this->m_iRecipients = 0;
 			$this->m_aMailErrors = array();
-			$bRes = false; // until we do succeed in sending the email
-	
+
 			// Determine recicipients
 			//
 			$sTo = $this->FindRecipients('to', $aContextArgs);
 			$sCC = $this->FindRecipients('cc', $aContextArgs);
 			$sBCC = $this->FindRecipients('bcc', $aContextArgs);
-	
+
 			$sFrom = MetaModel::ApplyParams($this->Get('from'), $aContextArgs);
 			$sReplyTo = MetaModel::ApplyParams($this->Get('reply_to'), $aContextArgs);
-	
+
 			$sSubject = MetaModel::ApplyParams($this->Get('subject'), $aContextArgs);
 			$sBody = MetaModel::ApplyParams($this->Get('body'), $aContextArgs);
-			
+
 			$oObj = $aContextArgs['this->object()'];
-			$sMessageId = sprintf('iTop_%s_%d_%f@%s.openitop.org', get_class($oObj), $oObj->GetKey(), microtime(true /* get as float*/), MetaModel::GetEnvironmentId());
+			$sMessageId = sprintf('iTop_%s_%d_%f@%s.openitop.org', get_class($oObj), $oObj->GetKey(), microtime(true /* get as float*/),
+				MetaModel::GetEnvironmentId());
 			$sReference = '<'.$sMessageId.'>';
 		}
-		catch(Exception $e)
-		{
-  			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
-  			throw $e;
-  		}
-		ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
-		
-		if (!is_null($oLog))
-		{
+		catch (Exception $e) {
+			/** @noinspection PhpUnhandledExceptionInspection */
+			throw $e;
+		}
+		finally {
+			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
+		}
+
+		if (!is_null($oLog)) {
 			// Note: we have to secure this because those values are calculated
 			// inside the try statement, and we would like to keep track of as
 			// many data as we could while some variables may still be undefined
-			if (isset($sTo))       $oLog->Set('to', $sTo);
-			if (isset($sCC))       $oLog->Set('cc', $sCC);
-			if (isset($sBCC))      $oLog->Set('bcc', $sBCC);
-			if (isset($sFrom))     $oLog->Set('from', $sFrom);
-			if (isset($sSubject))  $oLog->Set('subject', $sSubject);
-			if (isset($sBody))     $oLog->Set('body', $sBody);
+			if (isset($sTo)) {
+				$oLog->Set('to', $sTo);
+			}
+			if (isset($sCC)) {
+				$oLog->Set('cc', $sCC);
+			}
+			if (isset($sBCC)) {
+				$oLog->Set('bcc', $sBCC);
+			}
+			if (isset($sFrom)) {
+				$oLog->Set('from', $sFrom);
+			}
+			if (isset($sSubject)) {
+				$oLog->Set('subject', $sSubject);
+			}
+			if (isset($sBody)) {
+				$oLog->Set('body', $sBody);
+			}
 		}
 		$sStyles = file_get_contents(APPROOT.'css/email.css');
 		$sStyles .= MetaModel::GetConfig()->Get('email_css');
@@ -439,4 +451,3 @@ class ActionEmail extends ActionNotification
 		}
 	}
 }
-?>

core/apc-service.class.inc.php

@@ -0,0 +1,42 @@
+<?php
+
+/**
+ * Class ApcService
+ * @since 2.7.6 N°4125
+ */
+class ApcService {
+	public function __construct() {
+	}
+
+	/**
+	 * @param string $function_name
+	 * @return bool
+	 * @see function_exists()
+	 */
+	public function function_exists($function_name) {
+		return function_exists($function_name);
+	}
+
+	/**
+	 * @param string|array $key
+	 * @return mixed
+	 * @see apc_fetch()
+	 */
+	function apc_fetch($key)
+	{
+		return apc_fetch($key);
+	}
+
+	/**
+	 * @param array|string $key
+	 * @param $var
+	 * @param int $ttl
+	 * @return array|bool
+	 * @see apc_store()
+	 */
+	function apc_store($key, $var = NULL, $ttl = 0)
+	{
+		return apc_store($key, $var, $ttl);
+	}
+}
+?>

core/asynctask.class.inc.php

@@ -230,7 +230,7 @@ abstract class AsyncTask extends DBObject
 			$this->Set('remaining_retries', $this->GetMaxRetries($iErrorCode));
 		}
 
-		$this->Set('last_error', $sErrorMessage);
+		$this->SetTrim('last_error', $sErrorMessage);
 		$this->Set('last_error_code', $iErrorCode); // Note: can be ZERO !!!
 		$this->Set('last_attempt', time());
 

core/attributedef.class.inc.php

@@ -7978,6 +7978,13 @@ class AttributeImage extends AttributeBlob
 	{
 		$oDoc = parent::MakeRealValue($proposedValue, $oHostObj);
 
+		if (($oDoc instanceof ormDocument)
+			&& (false === $oDoc->IsEmpty())
+			&& ($oDoc->GetMimeType() === 'image/svg+xml')) {
+			$sCleanSvg = HTMLSanitizer::Sanitize($oDoc->GetData(), 'svg_sanitizer');
+			$oDoc = new ormDocument($sCleanSvg, $oDoc->GetMimeType(), $oDoc->GetFileName());
+		}
+
 		// The validation of the MIME Type is done by CheckFormat below
 		return $oDoc;
 	}

core/cmdbchangeop.class.inc.php

@@ -63,22 +63,30 @@ class CMDBChangeOp extends DBObject
 
 	/**
 	 * Describe (as a text string) the modifications corresponding to this change
-	 */	 
+	 */
 	public function GetDescription()
 	{
 		return '';
 	}
 
 	/**
-	 * Safety net: in case the change is not given, let's guarantee that it will
-	 * be set to the current ongoing change (or create a new one)	
-	 */	
+	 * Safety net:
+	 * * if change isn't persisted yet, use the current change and persist it if needed
+	 * * in case the change is not given, let's guarantee that it will be set to the current ongoing change (or create a new one)
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°3717 do persist the current change if needed
+	 */
 	protected function OnInsert()
 	{
-		if ($this->Get('change') <= 0)
-		{
-			$this->Set('change', CMDBObject::GetCurrentChange());
+		$iChange = $this->Get('change');
+		if (($iChange <= 0) || (is_null($iChange))) {
+			$oChange = CMDBObject::GetCurrentChange();
+			if ($oChange->IsNew()) {
+				$oChange->DBWrite();
+			}
+			$this->Set('change', $oChange);
 		}
+
 		parent::OnInsert();
 	}
 }

core/cmdbobject.class.inc.php

@@ -114,6 +114,26 @@ abstract class CMDBObject extends DBObject
 		self::$m_oCurrChange = $oChange;
 	}
 
+	/**
+	 * @param string $sUserInfo
+	 * @param string $sOrigin
+	 * @param \DateTime $oDate
+	 *
+	 * @throws \CoreException
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°3717 new method to reset current change
+	 */
+	public static function SetCurrentChangeFromParams($sUserInfo, $sOrigin = null, $oDate = null)
+	{
+		static::SetTrackInfo($sUserInfo);
+		static::SetTrackOrigin($sOrigin);
+		static::CreateChange();
+
+		if (!is_null($oDate)) {
+			static::$m_oCurrChange->Set("date", $oDate);
+		}
+	}
+
 	//
 	// Todo: simplify the APIs and do not pass the current change as an argument anymore
 	//       SetTrackInfo to be invoked in very few cases (UI.php, CSV import, Data synchro)
@@ -145,6 +165,8 @@ abstract class CMDBObject extends DBObject
 	 *    $oMyChange->Set("userinfo", 'this is done by ... for ...');
 	 *    $iChangeId = $oMyChange->DBInsert();
 	 *
+	 * **warning** : this will do nothing if current change already exists !
+	 *
 	 * @see SetCurrentChange to specify a CMDBObject instance instead
 	 *
 	 * @param string $sInfo
@@ -157,6 +179,8 @@ abstract class CMDBObject extends DBObject
 	/**
 	 * Provides information about the origin of the change
 	 *
+	 * **warning** : this will do nothing if current change already exists !
+	 *
 	 * @see SetTrackInfo
 	 * @see SetCurrentChange to specify a CMDBObject instance instead
 	 *
@@ -167,18 +191,15 @@ abstract class CMDBObject extends DBObject
 	{
 		self::$m_sOrigin = $sOrigin;
 	}
-	
+
 	/**
 	 * Get the additional information (defaulting to user name)
-	 */	 	
-	protected static function GetTrackInfo()
+	 */
+	public static function GetTrackInfo()
 	{
-		if (is_null(self::$m_sInfo))
-		{
+		if (is_null(self::$m_sInfo)) {
 			return CMDBChange::GetCurrentUserName();
-		}
-		else
-		{
+		} else {
 			return self::$m_sInfo;
 		}
 	}
@@ -201,7 +222,8 @@ abstract class CMDBObject extends DBObject
 	/**
 	 * Set to {@link $m_oCurrChange} a standard change record (done here 99% of the time, and nearly once per page)
 	 *
-	 * The CMDBChange is persisted so that it has a key > 0, and any new CMDBChangeOp can link to it
+	 * @since 2.7.7 3.0.2 3.1.0 N°3717 {@see CMDBChange} **will be persisted later** in {@see \CMDBChangeOp::OnInsert} (was done previously directly here)
+	 *     This will avoid creating in DB CMDBChange lines without any corresponding CMDBChangeOp
 	 */
 	protected static function CreateChange()
 	{
@@ -209,7 +231,6 @@ abstract class CMDBObject extends DBObject
 		self::$m_oCurrChange->Set("date", time());
 		self::$m_oCurrChange->Set("userinfo", self::GetTrackInfo());
 		self::$m_oCurrChange->Set("origin", self::GetTrackOrigin());
-		self::$m_oCurrChange->DBInsert();
 	}
 
 	/**

core/cmdbsource.class.inc.php

@@ -154,6 +154,16 @@ class CMDBSource
 
 	/** @var mysqli $m_oMysqli */
 	protected static $m_oMysqli;
+	/**
+	 * The mysqli object is really hard to mock ! This attribute is used only in certain methods, so that we can mock only a very little subset of the mysqli object.
+	 * We are setting it in {@see Init}, by default it is a copy of {@see $m_oMysqli}
+	 * The mock can be injected using the setter {@see SetMySQLiForQuery}
+	 *
+	 * @var mysqli $oMySQLiForQuery
+	 * @see GetMySQLiForQuery
+	 * @see SetMySQLiForQuery
+	 * @since 2.7.5 N°3513 new var to allow mock in tests ({@see \Combodo\iTop\Test\UnitTest\Core\TransactionsTest})
+	 */
 	protected static $oMySQLiForQuery;
 
 	/**
@@ -235,6 +245,8 @@ class CMDBSource
 	 *
 	 * @return \mysqli
 	 * @throws \MySQLException
+	 *
+	 * @uses IsOpenedDbConnectionUsingTls when asking for a TLS connection, to check if it was really opened using TLS
 	 */
 	public static function GetMysqliInstance(
 		$sDbHost, $sUser, $sPwd, $sSource = '', $bTlsEnabled = false, $sTlsCa = null, $bCheckTlsAfterConnection = false
@@ -337,41 +349,41 @@ class CMDBSource
 	 * parameters were used.<br>
 	 * This method can be called to ensure that the DB connection really uses TLS.
 	 *
-	 * <p>We're using this object connection : {@link self::$m_oMysqli}
+	 * <p>We're using our own mysqli instance to do the check as this check is done when creating the mysqli instance : the consumer
+	 * might want a dedicated object, and if so we don't want to overwrite the one saved in CMDBSource !<br>
+	 * This is the case for example with {@see \iTopMutex} !
 	 *
 	 * @param \mysqli $oMysqli
 	 *
-	 * @return boolean true if the connection was really established using TLS
+	 * @return boolean true if the connection was really established using TLS, false otherwise
 	 * @throws \MySQLException
 	 *
+	 * @used-by GetMysqliInstance
 	 * @uses IsMySqlVarNonEmpty
+	 * @uses 'ssl_version' MySQL var
+	 * @uses 'ssl_cipher' MySQL var
 	 */
 	private static function IsOpenedDbConnectionUsingTls($oMysqli)
 	{
-		if (self::$m_oMysqli == null)
-		{
-			self::$m_oMysqli = $oMysqli;
-		}
-
-		$bNonEmptySslVersionVar = self::IsMySqlVarNonEmpty('ssl_version');
-		$bNonEmptySslCipherVar = self::IsMySqlVarNonEmpty('ssl_cipher');
+		$bNonEmptySslVersionVar = self::IsMySqlVarNonEmpty('ssl_version', $oMysqli);
+		$bNonEmptySslCipherVar = self::IsMySqlVarNonEmpty('ssl_cipher', $oMysqli);
 
 		return ($bNonEmptySslVersionVar && $bNonEmptySslCipherVar);
 	}
 
 	/**
 	 * @param string $sVarName
+	 * @param mysqli $oMysqli connection to use for the query
 	 *
 	 * @return bool
 	 * @throws \MySQLException
-	 *
-	 * @uses SHOW STATUS queries
+	 * @uses 'SHOW SESSION STATUS' queries
 	 */
-	private static function IsMySqlVarNonEmpty($sVarName)
+	private static function IsMySqlVarNonEmpty($sVarName, $oMysqli)
 	{
 		try
 		{
-			$sResult = self::QueryToScalar("SHOW SESSION STATUS LIKE '$sVarName'", 1);
+			$sResult = self::QueryToScalar("SHOW SESSION STATUS LIKE '$sVarName'", 1, $oMysqli);
 		}
 		catch (MySQLQueryHasNoResultException $e)
 		{
@@ -435,6 +447,12 @@ class CMDBSource
 
 	}
 
+	/**
+	 * @return string
+	 * @throws \MySQLException
+	 *
+	 * @uses \CMDBSource::QueryToCol() so needs a connection opened !
+	 */
 	public static function GetDBVersion()
 	{
 		$aVersions = self::QueryToCol('SELECT Version() as version', 'version');
@@ -452,8 +470,10 @@ class CMDBSource
 	/**
 	 * Get the DB vendor between MySQL and its main forks
 	 * @return string
+	 *
+	 * @uses \CMDBSource::GetServerVariable() so needs a connection opened !
 	 */
-	static public function GetDBVendor()
+	public static function GetDBVendor()
 	{
 		$sDBVendor = static::ENUM_DB_VENDOR_MYSQL;
 		
@@ -709,7 +729,7 @@ class CMDBSource
 		{
 			$aContext = array('query' => $sSql);
 
-			$iMySqlErrorNo = self::$m_oMysqli->errno;
+			$iMySqlErrorNo = self::GetMySQLiForQuery()->errno;
 			$aMySqlHasGoneAwayErrorCodes = MySQLHasGoneAwayException::getErrorCodes();
 			if (in_array($iMySqlErrorNo, $aMySqlHasGoneAwayErrorCodes))
 			{
@@ -731,7 +751,7 @@ class CMDBSource
 	private static function LogDeadLock(Exception $e)
 	{
 		// checks MySQL error code
-		$iMySqlErrorNo = self::$m_oMysqli->errno;
+		$iMySqlErrorNo = self::GetMySQLiForQuery()->errno;
 		if (!in_array($iMySqlErrorNo, array(self::MYSQL_ERRNO_WAIT_TIMEOUT, self::MYSQL_ERRNO_DEADLOCK)))
 		{
 			return;
@@ -739,7 +759,7 @@ class CMDBSource
 
 		// Get error info
 		$sUser = UserRights::GetUser();
-		$oError = self::$m_oMysqli->query('SHOW ENGINE INNODB STATUS');
+		$oError = self::GetMySQLiForQuery()->query('SHOW ENGINE INNODB STATUS');
 		if ($oError !== false)
 		{
 			$aData = $oError->fetch_all(MYSQLI_ASSOC);
@@ -778,14 +798,14 @@ class CMDBSource
 	private static function StartTransaction()
 	{
 		$aStackTrace = debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT , 3);
-		$sCaller = 'From '.$aStackTrace[1]['file'].'('.$aStackTrace[1]['line'].'): '.$aStackTrace[2]['class'].'->'.$aStackTrace[2]['function'].'()';
+
 		$bHasExistingTransactions = self::IsInsideTransaction();
 		if (!$bHasExistingTransactions)
 		{
-			IssueLog::Trace("START TRANSACTION $sCaller", 'cmdbsource');
+			IssueLog::Trace("START TRANSACTION was sent to the DB", LogChannels::CMDB_SOURCE, ['stacktrace' => $aStackTrace]);
 			self::DBQuery('START TRANSACTION');
 		} else {
-			IssueLog::Trace("Ignore nested (".self::$m_iTransactionLevel.") START TRANSACTION $sCaller", 'cmdbsource');
+			IssueLog::Trace("START TRANSACTION ignored as a transaction is already opened", LogChannels::CMDB_SOURCE, ['stacktrace' => $aStackTrace]);
 		}
 
 		self::AddTransactionLevel();
@@ -967,17 +987,21 @@ class CMDBSource
 	/**
 	 * @param string $sSql
 	 * @param int $iCol beginning at 0
+	 * @param mysqli $oMysqli if not null will query using this connection, otherwise will use {@see GetMySQLiForQuery}
 	 *
 	 * @return string corresponding cell content on the first line
 	 * @throws \MySQLException
 	 * @throws \MySQLQueryHasNoResultException
+	 * @since 2.7.5-2 2.7.6 3.0.0 N°4215 new optional mysqli param
 	 */
-	public static function QueryToScalar($sSql, $iCol = 0)
+	public static function QueryToScalar($sSql, $iCol = 0, $oMysqli = null)
 	{
+		$oMysqliToQuery = (is_null($oMysqli)) ? self::GetMySQLiForQuery() : $oMysqli;
+
 		$oKPI = new ExecutionKPI();
 		try
 		{
-			$oResult = self::GetMySQLiForQuery()->query($sSql);
+			$oResult = $oMysqliToQuery->query($sSql);
 		}
 		catch(mysqli_sql_exception $e)
 		{

core/config.class.inc.php

@@ -22,7 +22,15 @@
 
 define('ITOP_APPLICATION', 'iTop');
 define('ITOP_APPLICATION_SHORT', 'iTop');
-define('ITOP_VERSION', '2.7.0-dev'); // @see utils::GetItopVersionShort() and utils::GetItopVersionWikiSyntax()
+
+/**
+ * Constant containing the application version
+ * Warning: this might be different from iTop core version!
+ *
+ * @see ITOP_CORE_VERSION to get iTop core version
+ */
+define('ITOP_VERSION', '2.7.0-dev');
+
 define('ITOP_REVISION', 'svn');
 define('ITOP_BUILD_DATE', '$WCNOW$');
 define('ITOP_VERSION_FULL', ITOP_VERSION.'-'.ITOP_REVISION);
@@ -468,11 +476,11 @@ class Config
 			'show_in_conf_sample' => true,
 		),
 		'cron_max_execution_time' => array(
-			'type' => 'integer',
-			'description' => 'Duration (seconds) of the page cron.php, must be shorter than php setting max_execution_time and shorter than the web server response timeout',
-			'default' => 600,
-			'value' => 600,
-			'source_of_value' => '',
+			'type'                => 'integer',
+			'description'         => 'Duration (seconds) of the cron.php script : if exceeded the script will exit even if there are remaining tasks to process. Must be shorter than php max_execution_time setting (note than when using CLI, this is set to 0 by default which means unlimited). If cron.php is ran via web, it must be shorter than the web server response timeout.',
+			'default'             => 600,
+			'value'               => 600,
+			'source_of_value'     => '',
 			'show_in_conf_sample' => true,
 		),
 		'cron_sleep' => array(
@@ -501,7 +509,7 @@ class Config
 		),
 		'email_transport' => array(
 			'type' => 'string',
-			'description' => 'Mean to send emails: PHPMail (uses the function mail()) or SMTP (implements the client protocol)',
+			'description' => 'Mean to send emails: PHPMail (uses the function mail()), SMTP (implements the client protocol) or SMTP_OAuth (connect to the server using OAuth 2.0)',
 			'default' => "PHPMail",
 			'value' => "PHPMail",
 			'source_of_value' => '',
@@ -595,6 +603,13 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
+		/**
+		 * The timezone is automatically set using this parameter in \utils::InitTimeZone
+		 * This method is called almost everywhere, cause it's called in \MetaModel::LoadConfig and exec.php... but you might
+		 * need to get it yourself !
+		 *
+		 * @used-by utils::InitTimeZone()
+		 */
 		'timezone' => array(
 			'type' => 'string',
 			'description' => 'Timezone (reference: http://php.net/manual/en/timezones.php). If empty, it will be left unchanged and MUST be explicitly configured in PHP',
@@ -838,6 +853,14 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
+		'impact_analysis_lazy_loading' => [
+			'type'                => 'bool',
+			'description'         => 'In the impact analysis view: display the analysis or filter before display',
+			'default'             => false,
+			'value'               => '',
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		],
 		'url_validation_pattern' => array(
 			'type' => 'string',
 			'description' => 'Regular expression to validate/detect the format of an URL (URL attributes and Wiki formatting for Text attributes)',
@@ -1113,6 +1136,14 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
+		'svg_sanitizer' => array(
+			'type' => 'string',
+			'description' => 'The class to use for SVG sanitization : allow to provide a custom made sanitizer',
+			'default' => 'SVGDOMSanitizer',
+			'value' => '',
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		),
 		'inline_image_max_display_width' => array(
 			'type' => 'integer',
 			'description' => 'The maximum width (in pixels) when displaying images inside an HTML formatted attribute. Images will be displayed using this this maximum width.',
@@ -1273,6 +1304,14 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		],
+		'security.disable_inline_documents_sandbox' => array(
+			'type' => 'bool',
+			'description' => 'If true then the sandbox for documents displayed in a browser tab will be disabled; enabling scripts and other interactive content. Note that setting this to true will open the application to potential XSS attacks!',
+			'default' => false,
+			'value' => false,
+			'source_of_value' => '',
+			'show_in_conf_sample' => false,
+		),
 	);
 
 

core/dbobject.class.php

@@ -1880,7 +1880,7 @@ abstract class DBObject implements iDisplay
 				$oTargetObj = MetaModel::GetObject($sTargetClass, $toCheck, false /*must be found*/, true /*allow all data*/);
 				if (is_null($oTargetObj))
 				{
-					return "Target object not found ($sTargetClass::$toCheck)";
+					return "Target object not found (".utils::HtmlEntities($sTargetClass).".::".utils::HtmlEntities($toCheck).")";
 				}
 			}
 			if ($oAtt->IsHierarchicalKey())
@@ -1889,7 +1889,7 @@ abstract class DBObject implements iDisplay
 				$aValues = $oAtt->GetAllowedValues(array('this' => $this));
 				if (!array_key_exists($toCheck, $aValues))
 				{
-					return "Value not allowed [$toCheck]";
+					return "Value not allowed [". utils::HtmlEntities($toCheck)."]";
 				}
 			}
 		}
@@ -1903,7 +1903,7 @@ abstract class DBObject implements iDisplay
 					$oTag->SetValues(explode(' ', $toCheck));
 				} catch (Exception $e)
 				{
-					return "Tag value '$toCheck' is not a valid tag list";
+					return "Tag value [". utils::HtmlEntities($toCheck)."] is not a valid tag list";
 				}
 
 				return true;
@@ -1931,7 +1931,7 @@ abstract class DBObject implements iDisplay
 					$oTag->SetValues($aValues);
 				} catch (Exception $e)
 				{
-					return "Set value '$toCheck' is not a valid set";
+					return "Set value[". utils::HtmlEntities($toCheck)."] is not a valid set";
 				}
 
 				return true;
@@ -1951,7 +1951,7 @@ abstract class DBObject implements iDisplay
 			{
 				if (!array_key_exists($toCheck, $aValues))
 				{
-					return "Value not allowed [$toCheck]";
+					return "Value not allowed [". utils::HtmlEntities($toCheck)."]";
 				}
 			}
 			if (!is_null($iMaxSize = $oAtt->GetMaxSize()))
@@ -1964,7 +1964,7 @@ abstract class DBObject implements iDisplay
 			}
 			if (!$oAtt->CheckFormat($toCheck))
 			{
-				return "Wrong format [$toCheck]";
+				return "Wrong format [". utils::HtmlEntities($toCheck)."]";
 			}
 		}
 		else
@@ -1977,9 +1977,9 @@ abstract class DBObject implements iDisplay
 	/**
 	 * check attributes together
 	 *
-     * @overwritable-hook You can extend this method in order to provide your own logic.
-     * 
-	 * @return bool 
+	 * @overwritable-hook You can extend this method in order to provide your own logic.
+	 *
+	 * @return true|string true if successful, the error description otherwise
 	 */
 	public function CheckConsistency()
 	{

core/dbobjectsearch.class.php

@@ -416,6 +416,10 @@ class DBObjectSearch extends DBSearch
 	 * @param string $sFilterCode
 	 * @param mixed $value
 	 * @param string $sOpCode operator to use : 'IN', 'NOT IN', 'Contains',' Begins with', 'Finishes with', ...
+	 *   If no operator is specified then :
+	 *     * for id field we will use "="
+	 *     * for other fields we will call the corresponding {@link AttributeDefinition::GetSmartConditionExpression} method impl
+	 *       to generate the expression
 	 * @param bool $bParseSearchString
 	 *
 	 * @throws \CoreException
@@ -1228,7 +1232,7 @@ class DBObjectSearch extends DBSearch
 				elseif (MetaModel::IsParentClass($oRightFilter->GetFirstJoinedClass(), $oLeftFilter->GetClass()))
 				{
 					// Specialize $oRightFilter
-					$oRightFilter->ChangeClass($oLeftFilter->GetClass());
+					$oRightFilter->ChangeClass($oLeftFilter->GetFirstJoinedClass());
 				}
 				else
 				{

core/dbunionsearch.class.php

@@ -416,7 +416,11 @@ class DBUnionSearch extends DBSearch
 		$aSearches = array();
 		foreach ($this->aSearches as $oSearch)
 		{
-			$aSearches[] = $oSearch->Filter($sClassAlias, $oFilter);
+			if (!$oSearch->IsAllDataAllowed()) {
+				$aSearches[] = $oSearch->Filter($sClassAlias, $oFilter);
+			} else {
+				$aSearches[] = $oSearch;
+			}
 		}
 		return new DBUnionSearch($aSearches);
 	}

core/dict.class.inc.php

@@ -64,6 +64,8 @@ class Dict
 	protected static $m_aLanguages = array(); // array( code => array( 'description' => '...', 'localized_description' => '...') ...)
 	protected static $m_aData = array();
 	protected static $m_sApplicationPrefix = null;
+	/** @var \ApcService $m_oApcService  */
+	protected static $m_oApcService = null;
 
 	/**
 	 * @param $sLanguageCode
@@ -145,15 +147,17 @@ class Dict
 	{
 		// Attempt to find the string in the user language
 		//
-		self::InitLangIfNeeded(self::GetUserLanguage());
+		$sLangCode = self::GetUserLanguage();
+		self::InitLangIfNeeded($sLangCode);
 
-		if (!array_key_exists(self::GetUserLanguage(), self::$m_aData))
+		if (!array_key_exists($sLangCode, self::$m_aData))
 		{
+			IssueLog::Warning("Cannot find $sLangCode in dictionnaries. default labels displayed");
 			// It may happen, when something happens before the dictionaries get loaded
 			return $sStringCode;
 		}
-		$aCurrentDictionary = self::$m_aData[self::GetUserLanguage()];
-		if (array_key_exists($sStringCode, $aCurrentDictionary))
+		$aCurrentDictionary = self::$m_aData[$sLangCode];
+		if (is_array($aCurrentDictionary) && array_key_exists($sStringCode, $aCurrentDictionary))
 		{
 			return $aCurrentDictionary[$sStringCode];
 		}
@@ -164,7 +168,7 @@ class Dict
 			self::InitLangIfNeeded(self::$m_sDefaultLanguage);
 			
 			$aDefaultDictionary = self::$m_aData[self::$m_sDefaultLanguage];
-			if (array_key_exists($sStringCode, $aDefaultDictionary))
+			if (is_array($aDefaultDictionary) && array_key_exists($sStringCode, $aDefaultDictionary))
 			{
 				return $aDefaultDictionary[$sStringCode];
 			}
@@ -173,7 +177,7 @@ class Dict
 			self::InitLangIfNeeded('EN US');
 
 			$aDefaultDictionary = self::$m_aData['EN US'];
-			if (array_key_exists($sStringCode, $aDefaultDictionary))
+			if (is_array($aDefaultDictionary) && array_key_exists($sStringCode, $aDefaultDictionary))
 			{
 				return $aDefaultDictionary[$sStringCode];
 			}
@@ -232,7 +236,26 @@ class Dict
 	{
 		self::$m_aLanguages = $aLanguagesList;
 	}
-	
+
+	/**
+	 * @since 2.7.6 N°4125
+	 * @return \ApcService
+	 */
+	public static function GetApcService() {
+		if (self::$m_oApcService === null){
+			self::$m_oApcService = new ApcService();
+		}
+		return self::$m_oApcService;
+	}
+
+	/**
+	 * @since 2.7.6 N°4125
+	 * @param \ApcService $m_oApcService
+	 */
+	public static function SetApcService($oApcService) {
+		self::$m_oApcService = $oApcService;
+	}
+
 	/**
 	 * Load a language from the language dictionary, if not already loaded
 	 * @param string $sLangCode Language code
@@ -241,20 +264,23 @@ class Dict
 	public static function InitLangIfNeeded($sLangCode)
 	{
 		if (array_key_exists($sLangCode, self::$m_aData)) return true;
-		
+
 		$bResult = false;
-		
-		if (function_exists('apc_fetch') && (self::$m_sApplicationPrefix !== null))
+
+		if (self::GetApcService()->function_exists('apc_fetch')
+			&& (self::$m_sApplicationPrefix !== null))
 		{
 			// Note: For versions of APC older than 3.0.17, fetch() accepts only one parameter
 			//
-			self::$m_aData[$sLangCode] = apc_fetch(self::$m_sApplicationPrefix.'-dict-'.$sLangCode);
-			if (self::$m_aData[$sLangCode] === false)
-			{
+			self::$m_aData[$sLangCode] = self::GetApcService()->apc_fetch(self::$m_sApplicationPrefix.'-dict-'.$sLangCode);
+			if (self::$m_aData[$sLangCode] === false) {
 				unset(self::$m_aData[$sLangCode]);
-			}
-			else
-			{
+			} else if (! is_array(self::$m_aData[$sLangCode])) {
+				// N°4125: we dont fix dictionnary corrupted cache (on iTop side).
+				// but we log an error in a dedicated channel to let itop administrator be aware of a potential APCu issue to fix.
+				IssueLog::Error("APCu corrupted data (with $sLangCode dictionnary). APCu configuration and running version should be troubleshooted...", LogChannels::APC);
+				$bResult = true;
+			} else {
 				$bResult = true;
 			}
 		}
@@ -263,9 +289,10 @@ class Dict
 			$sDictFile = APPROOT.'env-'.utils::GetCurrentEnvironment().'/dictionaries/'.str_replace(' ', '-', strtolower($sLangCode)).'.dict.php';
 			require_once($sDictFile);
 			
-			if (function_exists('apc_store') && (self::$m_sApplicationPrefix !== null))
+			if (self::GetApcService()->function_exists('apc_store')
+				&& (self::$m_sApplicationPrefix !== null))
 			{
-				apc_store(self::$m_sApplicationPrefix.'-dict-'.$sLangCode, self::$m_aData[$sLangCode]);
+				self::GetApcService()->apc_store(self::$m_sApplicationPrefix.'-dict-'.$sLangCode, self::$m_aData[$sLangCode]);
 			}
 			$bResult = true;
 		}

core/displayablegraph.class.inc.php

@@ -1203,8 +1203,10 @@ class DisplayableGraph extends SimpleGraph
 	 * @param float $xMax Right coordinate of the bounding box to display the graph
 	 * @param float $yMin Top coordinate of the bounding box to display the graph
 	 * @param float $yMax Bottom coordinate of the bounding box to display the graph
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°4985 $sComments param is no longer optional
 	 */
-	function RenderAsPDF(PDFPage $oPage, $sComments = '', $sContextKey, $xMin = -1, $xMax = -1, $yMin = -1, $yMax = -1)
+	function RenderAsPDF(PDFPage $oPage, $sComments, $sContextKey, $xMin = -1, $xMax = -1, $yMin = -1, $yMax = -1)
 	{
 		$aContextDefs = static::GetContextDefinitions($sContextKey, false); // No need to develop the parameters
 		$oPdf = $oPage->get_tcpdf();
@@ -1431,83 +1433,25 @@ class DisplayableGraph extends SimpleGraph
 	 * @param int $iObjKey
 	 * @param string $sContextKey
 	 * @param array $aContextParams
+	 * @param bool $bLazyLoading since 2.7.7 3.0.1
 	 *
 	 * @throws \CoreException
 	 * @throws \DictExceptionMissingString
 	 */
-	function Display(WebPage $oP, $aResults, $sRelation, ApplicationContext $oAppContext, $aExcludedObjects, $sObjClass, $iObjKey, $sContextKey, $aContextParams = array())
-	{	
-		$aContextDefs = static::GetContextDefinitions($sContextKey, true, $aContextParams);
-		$aExcludedByClass = array();
-		foreach($aExcludedObjects as $oObj)
-		{
-			if (!array_key_exists(get_class($oObj), $aExcludedByClass))
-			{
-				$aExcludedByClass[get_class($oObj)] = array();
-			}
-			$aExcludedByClass[get_class($oObj)][] = $oObj->GetKey();
-		}
-		$sSftShort = Dict::S('UI:ElementsDisplayed');
-		$sSearchToggle = Dict::S('UI:Search:Toggle');
-		$oP->add("<div class=\"not-printable\">\n");
-		$oP->add(
-<<<EOF
- <div id="ds_flash" class="search_box">
-	<form id="dh_flash" class="search_form_handler closed">
-	<h2 class="sf_title"><span class="sft_long">$sSftShort</span><span class="sft_short">$sSftShort</span><span class="sft_toggler fas fa-caret-down pull-right" title="$sSearchToggle"></span></h2>
-	<div id="dh_flash_criterion_outer" class="sf_criterion_area"><div class="sf_criterion_row">
-EOF
-		);
-		
-		$oP->add_ready_script(
-<<<EOF
-	$("#dh_flash > .sf_title").click( function() {
-		$("#dh_flash").toggleClass('closed');
-	});
-    $('#ReloadMovieBtn').button().button('disable');
-EOF
-		);
-		$aSortedElements = array();
-		foreach($aResults as $sClassIdx => $aObjects)
-		{
-			foreach($aObjects as $oCurrObj)
-			{
-				$sSubClass = get_class($oCurrObj);
-				$aSortedElements[$sSubClass] = MetaModel::GetName($sSubClass);
-			}
-		}
-				
-		asort($aSortedElements);
-		$idx = 0;
-		foreach($aSortedElements as $sSubClass => $sClassName)
-		{
-			$oP->add("<span style=\"padding-right:2em; white-space:nowrap;\"><input type=\"checkbox\" id=\"exclude_$idx\" name=\"excluded[]\" value=\"$sSubClass\" checked onChange=\"$('#ReloadMovieBtn').button('enable')\"><label for=\"exclude_$idx\">&nbsp;".MetaModel::GetClassIcon($sSubClass)."&nbsp;$sClassName</label></span> ");
-			$idx++;
-		}
-		$oP->add("<p style=\"text-align:right\"><button type=\"button\" id=\"ReloadMovieBtn\" onClick=\"DoReload()\">".Dict::S('UI:Button:Refresh')."</button></p>");
-		$oP->add("</div></div></form>");
-		$oP->add("</div>\n");
-	 	$oP->add("</div>\n"); // class="not-printable"
-
-		$aAdditionalContexts = array();
-		foreach($aContextDefs as $sKey => $aDefinition)
-		{
-			$aAdditionalContexts[] = array('key' => $sKey, 'label' => Dict::S($aDefinition['dict']), 'oql' => $aDefinition['oql'], 'default' => (array_key_exists('default', $aDefinition)  && ($aDefinition['default'] == 'yes')));
-		}
-		
-		$sDirection = utils::ReadParam('d', 'horizontal');
+	function Display(WebPage $oP, $aResults, $sRelation, ApplicationContext $oAppContext, $aExcludedObjects, $sObjClass, $iObjKey, $sContextKey, $aContextParams = array(), $bLazyLoading = false)
+	{
+		list($aExcludedByClass, $aAdditionalContexts) = $this->DisplayFiltering($sContextKey, $aContextParams, $aExcludedObjects, $oP, $aResults, $bLazyLoading);
 		$iGroupingThreshold = utils::ReadParam('g', 5);
-	
+
 		$oP->add_linked_script(utils::GetAbsoluteUrlAppRoot().'js/fraphael.js');
 		$oP->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot().'css/jquery.contextMenu.css');
 		$oP->add_linked_script(utils::GetAbsoluteUrlAppRoot().'js/jquery.contextMenu.js');
 		$oP->add_linked_script(utils::GetAbsoluteUrlAppRoot().'js/simple_graph.js');
+
 		try
 		{
 			$this->InitFromGraphviz();
-			$sExportAsPdfURL = '';
 			$sExportAsPdfURL = utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=relation_pdf&relation='.$sRelation.'&direction='.($this->bDirectionDown ? 'down' : 'up');
-			$oAppcontext = new ApplicationContext();
 			$sContext = $oAppContext->GetForLink();
 			$sDrillDownURL = utils::GetAbsoluteUrlAppRoot().'pages/UI.php?operation=details&class=%1$s&id=%2$s&'.$sContext;
 			$sExportAsDocumentURL = utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=relation_attachment&relation='.$sRelation.'&direction='.($this->bDirectionDown ? 'down' : 'up');
@@ -1586,7 +1530,14 @@ EOF
 				// Export as Attachment requires GD (for building the PDF) AND a valid objclass/objkey couple
 				unset($aParams['export_as_attachment']);
 			}
-			$oP->add_ready_script("$('#$sId').simple_graph(".json_encode($aParams).");");
+			if ($oP->IsPrintableVersion() || !$bLazyLoading) {
+				$oP->add_ready_script(" $('#$sId').simple_graph(".json_encode($aParams).");");
+			} else {
+				$oP->add_script("function Load(){var aExcluded = [];	$('input[name^=excluded]').each( function() {if (!$(this).prop('checked'))	{	aExcluded.push($(this).val());		}} ); var params= $.extend(".json_encode($aParams).",  {excluded_classes: aExcluded}); $('#$sId').simple_graph(params);}");
+				$oP->add_ready_script("$('#impacted_objects_lists').html('".utils::TextToHtml(Dict::S('Relation:impacts/NoFilteredData'))."');$('#impacted_groups').html('".utils::TextToHtml(Dict::S('Relation:impacts/NoFilteredData'))."');");
+
+			}
+
 		}
 		catch(Exception $e)
 		{
@@ -1618,5 +1569,86 @@ EOF
 EOF
 		);
 	}
+
+	/**
+	 * @param $sContextKey
+	 * @param array $aContextParams
+	 * @param array $aExcludedObjects
+	 * @param \WebPage $oP
+	 * @param array $aResults
+	 * @param bool $bLazyLoading
+	 *
+	 * @return array
+	 * @throws \CoreException
+	 * @throws \DictExceptionMissingString
+	 * @since 2.7.7 & 3.0.1
+	 */
+	protected function DisplayFiltering($sContextKey, $aContextParams, $aExcludedObjects, $oP, $aResults, $bLazyLoading)
+	{
+		$aContextDefs = static::GetContextDefinitions($sContextKey, true, $aContextParams);
+		$aExcludedByClass = array();
+		foreach ($aExcludedObjects as $oObj) {
+			if (!array_key_exists(get_class($oObj), $aExcludedByClass)) {
+				$aExcludedByClass[get_class($oObj)] = array();
+			}
+			$aExcludedByClass[get_class($oObj)][] = $oObj->GetKey();
+		}
+		$sSftShort = Dict::S('UI:ElementsDisplayed');
+		$sSearchToggle = Dict::S('UI:Search:Toggle');
+		$oP->add("<div class=\"not-printable\">\n");
+		$oP->add(
+			<<<EOF
+ <div id="ds_flash" class="search_box">
+	<form id="dh_flash" class="search_form_handler">
+	<h2 class="sf_title"><span class="sft_long">$sSftShort</span><span class="sft_short">$sSftShort</span><span class="sft_toggler fas fa-caret-down pull-right" title="$sSearchToggle"></span></h2>
+	<div id="dh_flash_criterion_outer" class="sf_criterion_area"><div class="sf_criterion_row">
+EOF
+		);
+
+		$oP->add_ready_script(
+			<<<EOF
+	$("#dh_flash > .sf_title").click( function() {
+		$("#dh_flash").toggleClass('closed');
+	});
+    $('#ReloadMovieBtn').button().button('disable');
+EOF
+		);
+		if ($bLazyLoading) {
+			$oP->add_ready_script("$('#ReloadMovieBtn').button('enable');");
+		} else {
+			$oP->add_ready_script("$('#dh_flash').addClass('closed');");
+		}
+		$aSortedElements = array();
+		foreach ($aResults as $sClassIdx => $aObjects) {
+			foreach ($aObjects as $oCurrObj) {
+				$sSubClass = get_class($oCurrObj);
+				$aSortedElements[$sSubClass] = MetaModel::GetName($sSubClass);
+			}
+		}
+
+		asort($aSortedElements);
+		$idx = 0;
+		foreach ($aSortedElements as $sSubClass => $sClassName) {
+			$oP->add("<span style=\"padding-right:2em; white-space:nowrap;\"><input type=\"checkbox\" id=\"exclude_$idx\" name=\"excluded[]\" value=\"$sSubClass\" checked onChange=\"$('#ReloadMovieBtn').button('enable')\"><label for=\"exclude_$idx\">&nbsp;".MetaModel::GetClassIcon($sSubClass)."&nbsp;$sClassName</label></span> ");
+			$idx++;
+		}
+		if ($bLazyLoading) {
+			$sOnCLick = "Load(); $('#ReloadMovieBtn').attr('onclick','DoReload()');$('#ReloadMovieBtn').html('".Dict::S('UI:Button:Refresh')."');";
+			$oP->add("<p style=\"text-align:right\"><button type=\"button\" id=\"ReloadMovieBtn\" onClick=\"$sOnCLick\">".Dict::S('Relation:impacts/LoadData')."</button></p>");
+		} else {
+			$sOnCLick = "DoReload()";
+			$oP->add("<p style=\"text-align:right\"><button type=\"button\" id=\"ReloadMovieBtn\" onClick=\"$sOnCLick\">".Dict::S('UI:Button:Refresh')."</button></p>");
+		}
+		$oP->add("</div></div></form>");
+		$oP->add("</div>\n");
+		$oP->add("</div>\n"); // class="not-printable"
+
+		$aAdditionalContexts = array();
+		foreach ($aContextDefs as $sKey => $aDefinition) {
+			$aAdditionalContexts[] = array('key' => $sKey, 'label' => Dict::S($aDefinition['dict']), 'oql' => $aDefinition['oql'], 'default' => (array_key_exists('default', $aDefinition) && ($aDefinition['default'] == 'yes')));
+		}
+
+		return array($aExcludedByClass, $aAdditionalContexts);
+	}
 	
 }

core/email.class.inc.php

@@ -24,38 +24,26 @@
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
-Swift_Preferences::getInstance()->setCharset('UTF-8');
+use Combodo\iTop\Core\Email\EmailFactory;
+use Combodo\iTop\Core\Email\iEMail;
 
 
 define ('EMAIL_SEND_OK', 0);
 define ('EMAIL_SEND_PENDING', 1);
 define ('EMAIL_SEND_ERROR', 2);
 
-class EMail
+class EMail implements iEMail
 {
+	protected $oMailer;
+
 	// Serialization formats
 	const ORIGINAL_FORMAT = 1; // Original format, consisting in serializing the whole object, inculding the Swift Mailer's object.
-							   // Did not work with attachements since their binary representation cannot be stored as a valid UTF-8 string
+	// Did not work with attachements since their binary representation cannot be stored as a valid UTF-8 string
 	const FORMAT_V2 = 2; // New format, only the raw data are serialized (base64 encoded if needed)
-	
-	protected static $m_oConfig = null;
-	protected $m_aData; // For storing data to serialize
-
-	public function LoadConfig($sConfigFile = ITOP_DEFAULT_CONFIG_FILE)
-	{
-		if (is_null(self::$m_oConfig))
-		{
-			self::$m_oConfig = new Config($sConfigFile);
-		}
-	}
-
-	protected $m_oMessage;
 
 	public function __construct()
 	{
-		$this->m_aData = array();
-		$this->m_oMessage = Swift_Message::newInstance();
-		$this->SetRecipientFrom(MetaModel::GetConfig()->Get('email_default_sender_address'), MetaModel::GetConfig()->Get('email_default_sender_label'));
+		$this->oMailer = EmailFactory::GetMailer();
 	}
 
 	/**
@@ -66,485 +54,97 @@ class EMail
 	 */
 	public function SerializeV2()
 	{
-		return serialize($this->m_aData);
+		return $this->oMailer->SerializeV2();
 	}
-	
+
 	/**
 	 * Custom de-serialization method
+	 *
 	 * @param string $sSerializedMessage The serialized representation of the message
+	 *
+	 * @return \Email
+	 * @throws \ArchivedObjectException
+	 * @throws \CoreException
+	 * @throws \Symfony\Component\CssSelector\Exception\SyntaxErrorException
 	 */
 	static public function UnSerializeV2($sSerializedMessage)
 	{
-		$aData = unserialize($sSerializedMessage);
-		$oMessage = new Email();
-		
-		if (array_key_exists('body', $aData))
-		{
-			$oMessage->SetBody($aData['body']['body'], $aData['body']['mimeType']);
-		}
-		if (array_key_exists('message_id', $aData))
-		{
-			$oMessage->SetMessageId($aData['message_id']);
-		}
-		if (array_key_exists('bcc', $aData))
-		{
-			$oMessage->SetRecipientBCC($aData['bcc']);
-		}
-		if (array_key_exists('cc', $aData))
-		{
-			$oMessage->SetRecipientCC($aData['cc']);
-		}
-		if (array_key_exists('from', $aData))
-		{
-			$oMessage->SetRecipientFrom($aData['from']['address'], $aData['from']['label']);
-		}
-		if (array_key_exists('reply_to', $aData))
-		{
-			$oMessage->SetRecipientReplyTo($aData['reply_to']);
-		}
-		if (array_key_exists('to', $aData))
-		{
-			$oMessage->SetRecipientTO($aData['to']);
-		}
-		if (array_key_exists('subject', $aData))
-		{
-			$oMessage->SetSubject($aData['subject']);
-		}
-		
-		
-		if (array_key_exists('headers', $aData))
-		{
-			foreach($aData['headers'] as $sKey => $sValue)
-			{
-				$oMessage->AddToHeader($sKey, $sValue);
-			}
-		}
-		if (array_key_exists('parts', $aData))
-		{
-			foreach($aData['parts'] as $aPart)
-			{
-				$oMessage->AddPart($aPart['text'], $aPart['mimeType']);
-			}
-		}
-		if (array_key_exists('attachments', $aData))
-		{
-			foreach($aData['attachments'] as $aAttachment)
-			{
-				$oMessage->AddAttachment(base64_decode($aAttachment['data']), $aAttachment['filename'], $aAttachment['mimeType']);
-			}
-		}
-		return $oMessage;
-	}
-	
-  	protected function SendAsynchronous(&$aIssues, $oLog = null)
-	{
-		try
-		{
-			AsyncSendEmail::AddToQueue($this, $oLog);
-		}
-		catch(Exception $e)
-		{
-			$aIssues = array($e->GetMessage());
-			return EMAIL_SEND_ERROR;
-		}
-		$aIssues = array();
-		return EMAIL_SEND_PENDING;
-	}
-
-	protected function SendSynchronous(&$aIssues, $oLog = null)
-	{
-		// If the body of the message is in HTML, embed all images based on attachments
-		$this->EmbedInlineImages();
-		
-		$this->LoadConfig();
-
-		$sTransport = self::$m_oConfig->Get('email_transport');
-		switch ($sTransport)
-		{
-		case 'SMTP':
-			$sHost = self::$m_oConfig->Get('email_transport_smtp.host');
-			$sPort = self::$m_oConfig->Get('email_transport_smtp.port');
-			$sEncryption = self::$m_oConfig->Get('email_transport_smtp.encryption');
-			$sUserName = self::$m_oConfig->Get('email_transport_smtp.username');
-			$sPassword = self::$m_oConfig->Get('email_transport_smtp.password');
-
-			$oTransport = Swift_SmtpTransport::newInstance($sHost, $sPort, $sEncryption);
-			if (strlen($sUserName) > 0)
-			{
-				$oTransport->setUsername($sUserName);
-				$oTransport->setPassword($sPassword);
-			}
-			break;
-
-		case 'Null':
-			$oTransport = Swift_NullTransport::newInstance();
-			break;
-		
-		case 'LogFile':
-			$oTransport = Swift_LogFileTransport::newInstance();
-			$oTransport->setLogFile(APPROOT.'log/mail.log');
-			break;
-			
-		case 'PHPMail':
-		default:
-			$oTransport = Swift_MailTransport::newInstance();
-		}
-
-		$oMailer = Swift_Mailer::newInstance($oTransport);
-
-		$aFailedRecipients = array();
-		$this->m_oMessage->setMaxLineLength(0);
-		$oKPI = new ExecutionKPI();
-		try
-		{
-			$iSent = $oMailer->send($this->m_oMessage, $aFailedRecipients);
-			if ($iSent === 0)
-			{
-				// Beware: it seems that $aFailedRecipients sometimes contains the recipients that actually received the message !!!
-				IssueLog::Warning('Email sending failed: Some recipients were invalid, aFailedRecipients contains: '.implode(', ', $aFailedRecipients));
-				$aIssues = array('Some recipients were invalid.');
-				$oKPI->ComputeStats('Email Sent', 'Error received');
-				return EMAIL_SEND_ERROR;
-			}
-			else
-			{
-				$aIssues = array();
-				$oKPI->ComputeStats('Email Sent', 'Succeded');
-				return EMAIL_SEND_OK;
-			}
-		}
-		catch (Exception $e)
-		{
-			$oKPI->ComputeStats('Email Sent', 'Error received');
-			throw $e;
-		}
-	}
-	
-	/**
-	 * Reprocess the body of the message (if it is an HTML message)
-	 * to replace the URL of images based on attachments by a link
-	 * to an embedded image (i.e. cid:....)
-	 */
-	protected function EmbedInlineImages()
-	{
-		if ($this->m_aData['body']['mimeType'] == 'text/html')
-		{
-			$oDOMDoc = new DOMDocument();
-			$oDOMDoc->preserveWhitespace = true;
-			@$oDOMDoc->loadHTML('<?xml encoding="UTF-8"?>'.$this->m_aData['body']['body']); // For loading HTML chunks where the character set is not specified
-
-			$oXPath = new DOMXPath($oDOMDoc);
-			$sXPath = '//img[@'.InlineImage::DOM_ATTR_ID.']';
-			$oImagesList = $oXPath->query($sXPath);
-
-			if ($oImagesList->length != 0)
-			{
-				foreach($oImagesList as $oImg)
-				{
-					$iAttId = $oImg->getAttribute(InlineImage::DOM_ATTR_ID);
-					$oAttachment = MetaModel::GetObject('InlineImage', $iAttId, false, true /* Allow All Data */);
-					if ($oAttachment)
-					{
-						$sImageSecret = $oImg->getAttribute('data-img-secret');
-						$sAttachmentSecret = $oAttachment->Get('secret');
-						if ($sImageSecret !== $sAttachmentSecret)
-						{
-							// @see N°1921
-							// If copying from another iTop we could get an IMG pointing to an InlineImage with wrong secret
-							continue;
-						}
-
-						$oDoc = $oAttachment->Get('contents');
-						$oSwiftImage = new Swift_Image($oDoc->GetData(), $oDoc->GetFileName(), $oDoc->GetMimeType());
-						$sCid = $this->m_oMessage->embed($oSwiftImage);
-						$oImg->setAttribute('src', $sCid);
-					}
-				}
-			}
-			$sHtmlBody = $oDOMDoc->saveHTML();
-			$this->m_oMessage->setBody($sHtmlBody, 'text/html', 'UTF-8');
-		}
+		return EmailFactory::GetMailer()::UnSerializeV2($sSerializedMessage);
 	}
 
 	public function Send(&$aIssues, $bForceSynchronous = false, $oLog = null)
 	{
-		//select a default sender if none is provided.
-		if(empty($this->m_aData['from']['address']) && !empty($this->m_aData['to'])){
-			$this->SetRecipientFrom($this->m_aData['to']);
-		}
-
-		if ($bForceSynchronous)
-		{
-			return $this->SendSynchronous($aIssues, $oLog);
-		}
-		else
-		{
-			$bConfigASYNC = MetaModel::GetConfig()->Get('email_asynchronous');
-			if ($bConfigASYNC)
-			{
-				return $this->SendAsynchronous($aIssues, $oLog);
-			}
-			else
-			{
-				return $this->SendSynchronous($aIssues, $oLog);
-			}
-		}
+		return $this->oMailer->Send($aIssues, $bForceSynchronous, $oLog);
 	}
 
 	public function AddToHeader($sKey, $sValue)
 	{
-		if (!array_key_exists('headers', $this->m_aData))
-		{
-			$this->m_aData['headers'] = array();
-		}
-		$this->m_aData['headers'][$sKey] = $sValue;
-		
-		if (strlen($sValue) > 0)
-		{
-			$oHeaders = $this->m_oMessage->getHeaders();
-			switch(strtolower($sKey))
-			{
-				case 'return-path':
-					$this->m_oMessage->setReturnPath($sValue);
-					break;
-
-				default:
-					$oHeaders->addTextHeader($sKey, $sValue);
-			}
-		}
+		$this->oMailer->AddToHeader($sKey, $sValue);
 	}
 
 	public function SetMessageId($sId)
 	{
-		$this->m_aData['message_id'] = $sId;
-		
-		// Note: Swift will add the angle brackets for you
-		// so let's remove the angle brackets if present, for historical reasons
-		$sId = str_replace(array('<', '>'), '', $sId);
-		
-		$oMsgId = $this->m_oMessage->getHeaders()->get('Message-ID');
-		$oMsgId->SetId($sId);
+		$this->oMailer->SetMessageId($sId);
 	}
 	
 	public function SetReferences($sReferences)
 	{
-		$this->AddToHeader('References', $sReferences);
+		$this->oMailer->SetReferences($sReferences);
 	}
 
 	public function SetBody($sBody, $sMimeType = 'text/html', $sCustomStyles = null)
 	{
-		if (($sMimeType === 'text/html') && ($sCustomStyles !== null))
-		{
-			$emogrifier = new \Pelago\Emogrifier($sBody, $sCustomStyles);
-			$sBody = $emogrifier->emogrify(); // Adds html/body tags if not already present
-		}
-		$this->m_aData['body'] = array('body' => $sBody, 'mimeType' => $sMimeType);
-		$this->m_oMessage->setBody($sBody, $sMimeType);
+		$this->oMailer->SetBody($sBody, $sMimeType, $sCustomStyles);
 	}
 
 	public function AddPart($sText, $sMimeType = 'text/html')
 	{
-		if (!array_key_exists('parts', $this->m_aData))
-		{
-			$this->m_aData['parts'] = array();
-		}
-		$this->m_aData['parts'][] = array('text' => $sText, 'mimeType' => $sMimeType);
-		$this->m_oMessage->addPart($sText, $sMimeType);
+		$this->oMailer->AddPart($sText, $sMimeType);
 	}
 
 	public function AddAttachment($data, $sFileName, $sMimeType)
 	{
-		if (!array_key_exists('attachments', $this->m_aData))
-		{
-			$this->m_aData['attachments'] = array();
-		}
-		$this->m_aData['attachments'][] = array('data' => base64_encode($data), 'filename' => $sFileName, 'mimeType' => $sMimeType);
-		$this->m_oMessage->attach(Swift_Attachment::newInstance($data, $sFileName, $sMimeType));
+		$this->oMailer->AddAttachment($data, $sFileName, $sMimeType);
 	}
 
 	public function SetSubject($sSubject)
 	{
-		$this->m_aData['subject'] = $sSubject;
-		$this->m_oMessage->setSubject($sSubject);
+		$this->oMailer->SetSubject($sSubject);
 	}
 
 	public function GetSubject()
 	{
-		return $this->m_oMessage->getSubject();
+		return $this->oMailer->GetSubject();
 	}
 
-	/**
-	 * Helper to transform and sanitize addresses
-	 * - get rid of empty addresses	 
-	 */	 	
-	protected function AddressStringToArray($sAddressCSVList)
-	{
-		$aAddresses = array();
-		foreach(explode(',', $sAddressCSVList) as $sAddress)
-		{
-			$sAddress = trim($sAddress);
-			if (strlen($sAddress) > 0)
-			{
-				$aAddresses[] = $sAddress;
-			}
-		}
-		return $aAddresses;
-	}
-	
 	public function SetRecipientTO($sAddress)
 	{
-		$this->m_aData['to'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$aAddresses = $this->AddressStringToArray($sAddress);
-			$this->m_oMessage->setTo($aAddresses);
-		}
+		$this->oMailer->SetRecipientTO($sAddress);
 	}
 
 	public function GetRecipientTO($bAsString = false)
 	{
-		$aRes = $this->m_oMessage->getTo();
-		if ($aRes === null)
-		{
-			// There is no "To" header field
-			$aRes = array();
-		}
-		if ($bAsString)
-		{
-			$aStrings = array();
-			foreach ($aRes as $sEmail => $sName)
-			{
-				if (is_null($sName))
-				{
-					$aStrings[] = $sEmail;
-				}
-				else
-				{
-					$sName = str_replace(array('<', '>'), '', $sName);
-					$aStrings[] = "$sName <$sEmail>";
-				}
-			}
-			return implode(', ', $aStrings);
-		}
-		else
-		{
-			return $aRes;
-		}
+		return $this->oMailer->GetRecipientTO($bAsString);
 	}
 
 	public function SetRecipientCC($sAddress)
 	{
-		$this->m_aData['cc'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$aAddresses = $this->AddressStringToArray($sAddress);
-			$this->m_oMessage->setCc($aAddresses);
-		}
+		$this->oMailer->SetRecipientCC($sAddress);
 	}
 
 	public function SetRecipientBCC($sAddress)
 	{
-		$this->m_aData['bcc'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$aAddresses = $this->AddressStringToArray($sAddress);
-			$this->m_oMessage->setBcc($aAddresses);
-		}
+		$this->oMailer->SetRecipientBCC($sAddress);
 	}
 
 	public function SetRecipientFrom($sAddress, $sLabel = '')
 	{
-		$this->m_aData['from'] = array('address' => $sAddress, 'label' => $sLabel);
-		if ($sLabel != '')
-		{
-			$this->m_oMessage->setFrom(array($sAddress => $sLabel));		
-		}
-		else if (!empty($sAddress))
-		{
-			$this->m_oMessage->setFrom($sAddress);
-		}
+		$this->oMailer->SetRecipientFrom($sAddress, $sLabel);
 	}
 
 	public function SetRecipientReplyTo($sAddress)
 	{
-		$this->m_aData['reply_to'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$this->m_oMessage->setReplyTo($sAddress);
-		}
+		$this->oMailer->SetRecipientReplyTo($sAddress);
 	}
 
-}
-
-/////////////////////////////////////////////////////////////////////////////////////
-
-/**
- * Extension to SwiftMailer: "debug" transport that pretends messages have been sent,
- * but just log them to a file.
- *
- * @package Swift
- * @author  Denis Flaven
- */
-class Swift_Transport_LogFileTransport extends Swift_Transport_NullTransport
-{
-	protected $sLogFile;
-	
-	/**
-	 * Sends the given message.
-	 *
-	 * @param Swift_Mime_Message $message
-	 * @param string[]           $failedRecipients An array of failures by-reference
-	 *
-	 * @return int     The number of sent emails
-	 */
-	public function send(Swift_Mime_Message $message, &$failedRecipients = null)
-	{
-		$hFile = @fopen($this->sLogFile, 'a');
-		if ($hFile)
-		{
-			$sTxt = "================== ".date('Y-m-d H:i:s')." ==================\n";
-			$sTxt .= $message->toString()."\n";
-		
-			@fwrite($hFile, $sTxt);
-			@fclose($hFile);
-		}
-		
-		return parent::send($message, $failedRecipients);
-	}
-	
-	public function setLogFile($sFilename)
-	{
-		$this->sLogFile = $sFilename;
-	}
-}
-
-/**
- * Pretends messages have been sent, but just log them to a file.
- *
- * @package Swift
- * @author  Denis Flaven
- */
-class Swift_LogFileTransport extends Swift_Transport_LogFileTransport
-{
-	/**
-	 * Create a new LogFileTransport.
-	 */
-	public function __construct()
-	{
-		call_user_func_array(
-		array($this, 'Swift_Transport_LogFileTransport::__construct'),
-		Swift_DependencyContainer::getInstance()
-		->createDependenciesFor('transport.null')
-		);
-	}
-
-	/**
-	 * Create a new LogFileTransport instance.
-	 *
-	 * @return Swift_LogFileTransport
-	 */
-	public static function newInstance()
-	{
-		return new self();
-	}
 }

core/htmlsanitizer.class.inc.php

@@ -34,43 +34,51 @@ abstract class HTMLSanitizer
 	
 	/**
 	 * Sanitize an HTML string with the configured sanitizer, falling back to HTMLDOMSanitizer in case of Exception or invalid configuration
+	 *
 	 * @param string $sHTML
+	 * @param string $sConfigKey
+	 *
 	 * @return string
+	 * @noinspection SelfClassReferencingInspection
 	 */
-	public static function Sanitize($sHTML)
+	public static function Sanitize($sHTML, $sConfigKey = 'html_sanitizer')
 	{
-		$sSanitizerClass = MetaModel::GetConfig()->Get('html_sanitizer');
-		if(!class_exists($sSanitizerClass))
-		{
-			IssueLog::Warning('The configured "html_sanitizer" class "'.$sSanitizerClass.'" is not a valid class. Will use HTMLDOMSanitizer as the default sanitizer.');
+		$sSanitizerClass = MetaModel::GetConfig()->Get($sConfigKey);
+		if (!class_exists($sSanitizerClass)) {
+			IssueLog::Warning('The configured "'.$sConfigKey.'" class "'.$sSanitizerClass.'" is not a valid class. Will use HTMLDOMSanitizer as the default sanitizer.');
 			$sSanitizerClass = 'HTMLDOMSanitizer';
+		} else if (false === is_subclass_of($sSanitizerClass, HTMLSanitizer::class)) {
+			if ($sConfigKey === 'html_sanitizer') {
+				IssueLog::Warning('The configured "'.$sConfigKey.'" class "'.$sSanitizerClass.'" is not a subclass of HTMLSanitizer. Will use HTMLDOMSanitizer as the default sanitizer.');
+				$sSanitizerClass = 'HTMLDOMSanitizer';
+			}
+			if ($sConfigKey === 'svg_sanitizer') {
+				IssueLog::Error('The configured "'.$sConfigKey.'" class "'.$sSanitizerClass.'" is not a subclass of '.HTMLSanitizer::class.' ! Won\'t sanitize string.');
+
+				return $sHTML;
+			}
 		}
-		else if(!is_subclass_of($sSanitizerClass, 'HTMLSanitizer'))
-		{
-			IssueLog::Warning('The configured "html_sanitizer" class "'.$sSanitizerClass.'" is not a subclass of HTMLSanitizer. Will use HTMLDOMSanitizer as the default sanitizer.');
-			$sSanitizerClass = 'HTMLDOMSanitizer';
-		}
-		
-		try
-		{
+
+		try {
 			$oSanitizer = new $sSanitizerClass();
 			$sCleanHTML = $oSanitizer->DoSanitize($sHTML);
 		}
-		catch(Exception $e)
-		{
-			if($sSanitizerClass != 'HTMLDOMSanitizer')
-			{
-				IssueLog::Warning('Failed to sanitize an HTML string with "'.$sSanitizerClass.'". The following exception occured: '.$e->getMessage());
-				IssueLog::Warning('Will try to sanitize with HTMLDOMSanitizer.');
-				// try again with the HTMLDOMSanitizer
-				$oSanitizer = new HTMLDOMSanitizer();
-				$sCleanHTML = $oSanitizer->DoSanitize($sHTML);
-			}
-			else
-			{
-				IssueLog::Error('Failed to sanitize an HTML string with "HTMLDOMSanitizer". The following exception occured: '.$e->getMessage());
-				IssueLog::Error('The HTML will NOT be sanitized.');
-				$sCleanHTML = $sHTML;	
+		catch(Exception $e) {
+			if ($sConfigKey === 'html_sanitizer') {
+				if ($sSanitizerClass !== HTMLDOMSanitizer::class) {
+					IssueLog::Warning('Failed to sanitize an HTML string with "'.$sSanitizerClass.'". The following exception occured: '.$e->getMessage());
+					IssueLog::Warning('Will try to sanitize with HTMLDOMSanitizer.');
+					// try again with the HTMLDOMSanitizer
+					$oSanitizer = new HTMLDOMSanitizer();
+					$sCleanHTML = $oSanitizer->DoSanitize($sHTML);
+				} else {
+					IssueLog::Error('Failed to sanitize an HTML string with "HTMLDOMSanitizer". The following exception occured: '.$e->getMessage());
+					IssueLog::Error('The HTML will NOT be sanitized.');
+					$sCleanHTML = $sHTML;
+				}
+			} else {
+				IssueLog::Error('Failed to sanitize string with "'.$sSanitizerClass.'", will return original value ! Exception: '.$e->getMessage());
+				$sCleanHTML = $sHTML;
 			}
 		}
 		return $sCleanHTML;
@@ -97,67 +105,179 @@ class HTMLNullSanitizer extends HTMLSanitizer
 	{
 		return $sHTML;
 	}
-	
+
 }
 
+
 /**
- * A standard-compliant HTMLSanitizer based on the HTMLPurifier library by Edward Z. Yang
- * Complete but quite slow
- * http://htmlpurifier.org
+ * Common implementation for sanitizer using DOM parsing
  */
-/*
-class HTMLPurifierSanitizer extends HTMLSanitizer
+abstract class DOMSanitizer extends HTMLSanitizer
 {
-	protected static $oPurifier = null;
-	
-	public function __construct()
+	/** @var DOMDocument */
+	protected $oDoc;
+	/**
+	 * @var string Class to use for InlineImage static method calls
+	 * @used-by \Combodo\iTop\Test\UnitTest\Core\Sanitizer\HTMLDOMSanitizerTest::testDoSanitizeCallInlineImageProcessImageTag
+	 */
+	protected $sInlineImageClassName;
+
+	public function __construct($sInlineImageClassName = InlineImage::class)
 	{
-		if (self::$oPurifier == null)
-		{
-			$sLibPath = APPROOT.'lib/htmlpurifier/HTMLPurifier.auto.php';
-			if (!file_exists($sLibPath))
-			{
-				throw new Exception("Missing library '$sLibPath', cannot use HTMLPurifierSanitizer.");
-			}
-			require_once($sLibPath);
-			
-			$oPurifierConfig = HTMLPurifier_Config::createDefault();
-			$oPurifierConfig->set('Core.Encoding', 'UTF-8'); // defaults to 'UTF-8'
-			$oPurifierConfig->set('HTML.Doctype', 'XHTML 1.0 Strict'); // defaults to 'XHTML 1.0 Transitional'
-			$oPurifierConfig->set('URI.AllowedSchemes', array (
-				'http' => true,
-				'https' => true,
-				'data' => true, // This one is not present by default
-			));
-			$sPurifierCache = APPROOT.'data/HTMLPurifier';
-			if (!is_dir($sPurifierCache))
-			{
-				mkdir($sPurifierCache);
-			}
-			if (!is_dir($sPurifierCache))
-			{
-				throw new Exception("Could not create the cache directory '$sPurifierCache'");
-			}
-			$oPurifierConfig->set('Cache.SerializerPath', $sPurifierCache); // no trailing slash
-			self::$oPurifier = new HTMLPurifier($oPurifierConfig);
-		}
+		parent::__construct();
+
+		$this->sInlineImageClassName = $sInlineImageClassName;
 	}
-	
+
+	abstract public function GetTagsWhiteList();
+
+	abstract public function GetTagsBlackList();
+
+	abstract public function GetAttrsWhiteList();
+
+	abstract public function GetAttrsBlackList();
+
+	abstract public function GetStylesWhiteList();
+
 	public function DoSanitize($sHTML)
 	{
-		$sCleanHtml = self::$oPurifier->purify($sHTML);
-		return $sCleanHtml;		
+		$this->oDoc = new DOMDocument();
+		$this->oDoc->preserveWhitespace = true;
+
+		// MS outlook implements empty lines by the mean of <p><o:p></o:p></p>
+		// We have to transform that into <p><br></p> (which is how Thunderbird implements empty lines)
+		// Unfortunately, DOMDocument::loadHTML does not take the tag namespaces into account (once loaded there is no way to know if the tag did have a namespace)
+		// therefore we have to do the transformation upfront
+		$sHTML = preg_replace('@<o:p>(\s|&nbsp;)*</o:p>@', '<br>', $sHTML);
+
+		$this->LoadDoc($sHTML);
+
+		$this->CleanNode($this->oDoc);
+
+		$sCleanHtml = $this->PrintDoc();
+
+		return $sCleanHtml;
+	}
+
+	abstract public function LoadDoc($sHTML);
+
+	/**
+	 * @return string cleaned source
+	 * @uses \DOMSanitizer::oDoc
+	 */
+	abstract public function PrintDoc();
+
+	protected function CleanNode(DOMNode $oElement)
+	{
+		$aAttrToRemove = array();
+		// Gather the attributes to remove
+		if ($oElement->hasAttributes()) {
+			foreach ($oElement->attributes as $oAttr) {
+				$sAttr = strtolower($oAttr->name);
+				if ((false === empty($this->GetAttrsBlackList()))
+					&& (in_array($sAttr, $this->GetAttrsBlackList(), true))) {
+					$aAttrToRemove[] = $oAttr->name;
+				} else if ((false === empty($this->GetTagsWhiteList()))
+					&& (false === in_array($sAttr, $this->GetTagsWhiteList()[strtolower($oElement->tagName)]))) {
+					$aAttrToRemove[] = $oAttr->name;
+				} else if (!$this->IsValidAttributeContent($sAttr, $oAttr->value)) {
+					// Invalid content
+					$aAttrToRemove[] = $oAttr->name;
+				} else if ($sAttr == 'style') {
+					// Special processing for style tags
+					$sCleanStyle = $this->CleanStyle($oAttr->value);
+					if ($sCleanStyle == '') {
+						// Invalid content
+						$aAttrToRemove[] = $oAttr->name;
+					} else {
+						$oElement->setAttribute($oAttr->name, $sCleanStyle);
+					}
+				}
+			}
+			// Now remove them
+			foreach($aAttrToRemove as $sName)
+			{
+				$oElement->removeAttribute($sName);
+			}
+		}
+		
+		if ($oElement->hasChildNodes())
+		{
+			$aChildElementsToRemove = array();
+			// Gather the child noes to remove
+			foreach($oElement->childNodes as $oNode) {
+				if ($oNode instanceof DOMElement) {
+					$sNodeTagName = strtolower($oNode->tagName);
+				}
+				if (($oNode instanceof DOMElement)
+					&& (false === empty($this->GetTagsBlackList()))
+					&& (in_array($sNodeTagName, $this->GetTagsBlackList(), true))) {
+					$aChildElementsToRemove[] = $oNode;
+				} else if (($oNode instanceof DOMElement)
+					&& (false === empty($this->GetTagsWhiteList()))
+					&& (false === array_key_exists($sNodeTagName, $this->GetTagsWhiteList()))) {
+					$aChildElementsToRemove[] = $oNode;
+				} else if ($oNode instanceof DOMComment) {
+					$aChildElementsToRemove[] = $oNode;
+				} else {
+					// Recurse
+					$this->CleanNode($oNode);
+					if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img')) {
+						$this->sInlineImageClassName::ProcessImageTag($oNode);
+					}
+				}
+			}
+			// Now remove them
+			foreach($aChildElementsToRemove as $oDomElement)
+			{
+				$oElement->removeChild($oDomElement);
+			}
+		}
+	}
+
+	protected function IsValidAttributeContent($sAttributeName, $sValue)
+	{
+		if ((false === empty($this->GetAttrsBlackList()))
+			&& (in_array($sAttributeName, $this->GetAttrsBlackList(), true))) {
+			return true;
+		}
+
+		if (array_key_exists($sAttributeName, $this->GetAttrsWhiteList())) {
+			return preg_match($this->GetAttrsWhiteList()[$sAttributeName], $sValue);
+		}
+
+		return true;
+	}
+
+	protected function CleanStyle($sStyle)
+	{
+		if (empty($this->GetStylesWhiteList())) {
+			return $sStyle;
+		}
+
+		$aAllowedStyles = array();
+		$aItems = explode(';', $sStyle);
+		{
+			foreach ($aItems as $sItem) {
+				$aElements = explode(':', trim($sItem));
+				if (in_array(trim(strtolower($aElements[0])), $this->GetStylesWhiteList())) {
+					$aAllowedStyles[] = trim($sItem);
+				}
+			}
+		}
+
+		return implode(';', $aAllowedStyles);
 	}
 }
-*/
 
-class HTMLDOMSanitizer extends HTMLSanitizer
+
+class HTMLDOMSanitizer extends DOMSanitizer
 {
 	protected $oDoc;
 
 	/**
-	 * @var array
 	 * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations
+	 * @var array
 	 */
 	protected static $aTagsWhiteList = array(
 		'html' => array(),
@@ -214,8 +334,8 @@ class HTMLDOMSanitizer extends HTMLSanitizer
 	);
 
 	/**
-	 * @var array
 	 * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations
+	 * @var array
 	 */
 	protected static $aStylesWhiteList = array(
 		'background-color',
@@ -239,164 +359,200 @@ class HTMLDOMSanitizer extends HTMLSanitizer
 		'white-space',
 	);
 
-	public function __construct()
+	public function __construct($sInlineImageClassName = InlineImage::class)
 	{
-		parent::__construct();
+		parent::__construct($sInlineImageClassName);
 
 		// Building href validation pattern from url and email validation patterns as the patterns are not used the same way in HTML content than in standard attributes value.
 		// eg. "foo@bar.com" vs "mailto:foo@bar.com?subject=Title&body=Hello%20world"
-		if (!array_key_exists('href', self::$aAttrsWhiteList))
-		{
+		if (!array_key_exists('href', self::$aAttrsWhiteList)) {
 			// Regular urls
 			$sUrlPattern = utils::GetConfig()->Get('url_validation_pattern');
 
 			// Mailto urls
-			$sMailtoPattern = '(mailto:(' . utils::GetConfig()->Get('email_validation_pattern') . ')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
+			$sMailtoPattern = '(mailto:('.utils::GetConfig()->Get('email_validation_pattern').')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
 
 			// Notification placeholders
 			// eg. $this->caller_id$, $this->hyperlink()$, $this->hyperlink(portal)$, $APP_URL$, $MODULES_URL$, ...
 			// Note: Authorize both $xxx$ and %24xxx%24 as the latter one is encoded when used in HTML attributes (eg. a[href])
 			$sPlaceholderPattern = '(\$|%24)[\w-]*(->[\w]*(\([\w-]*?\))?)?(\$|%24)';
 
-			$sPattern = $sUrlPattern . '|' . $sMailtoPattern . '|' . $sPlaceholderPattern;
+			$sPattern = $sUrlPattern.'|'.$sMailtoPattern.'|'.$sPlaceholderPattern;
 			$sPattern = '/'.str_replace('/', '\/', $sPattern).'/i';
 			self::$aAttrsWhiteList['href'] = $sPattern;
 		}
 	}
 
-	public function DoSanitize($sHTML)
+	public function GetTagsWhiteList()
 	{
-		$this->oDoc = new DOMDocument();
-		$this->oDoc->preserveWhitespace = true;
+		return static::$aTagsWhiteList;
+	}
 
-		// MS outlook implements empty lines by the mean of <p><o:p></o:p></p>
-		// We have to transform that into <p><br></p> (which is how Thunderbird implements empty lines)
-		// Unfortunately, DOMDocument::loadHTML does not take the tag namespaces into account (once loaded there is no way to know if the tag did have a namespace)
-		// therefore we have to do the transformation upfront
-		$sHTML = preg_replace('@<o:p>(\s|&nbsp;)*</o:p>@', '<br>', $sHTML);
-		// Replace badly encoded non breaking space
-		$sHTML = preg_replace('~\xc2\xa0~', ' ', $sHTML);
+	public function GetTagsBlackList()
+	{
+		return [];
+	}
 
+	public function GetAttrsWhiteList()
+	{
+		return static::$aAttrsWhiteList;
+	}
+
+	public function GetAttrsBlackList()
+	{
+		return [];
+	}
+
+	public function GetStylesWhiteList()
+	{
+		return static::$aStylesWhiteList;
+	}
+
+	public function LoadDoc($sHTML)
+	{
 		@$this->oDoc->loadHTML('<?xml encoding="UTF-8"?>'.$sHTML); // For loading HTML chunks where the character set is not specified
-		
-		$this->CleanNode($this->oDoc);
-		
+		$this->oDoc->preserveWhitespace = true;
+	}
+
+	public function PrintDoc()
+	{
 		$oXPath = new DOMXPath($this->oDoc);
 		$sXPath = "//body";
 		$oNodesList = $oXPath->query($sXPath);
-		
-		if ($oNodesList->length == 0)
-		{
+
+		if ($oNodesList->length == 0) {
 			// No body, save the whole document
 			$sCleanHtml = $this->oDoc->saveHTML();
-		}
-		else
-		{
+		} else {
 			// Export only the content of the body tag
 			$sCleanHtml = $this->oDoc->saveHTML($oNodesList->item(0));
 			// remove the body tag itself
-			$sCleanHtml = str_replace( array('<body>', '</body>'), '', $sCleanHtml);
+			$sCleanHtml = str_replace(array('<body>', '</body>'), '', $sCleanHtml);
 		}
-		
+
 		return $sCleanHtml;
 	}
-	
-	protected function CleanNode(DOMNode $oElement)
+}
+
+
+/**
+ * @since 2.6.5 2.7.6 3.0.0 N°4360
+ */
+class SVGDOMSanitizer extends DOMSanitizer
+{
+	public function GetTagsWhiteList()
 	{
-		$aAttrToRemove = array();
-		// Gather the attributes to remove
-		if ($oElement->hasAttributes())
-		{
-			foreach($oElement->attributes as $oAttr)
-			{
-				$sAttr = strtolower($oAttr->name);
-				if (!in_array($sAttr, self::$aTagsWhiteList[strtolower($oElement->tagName)]))
-				{
-					// Forbidden (or unknown) attribute
-					$aAttrToRemove[] = $oAttr->name;
-				}
-				else if (!$this->IsValidAttributeContent($sAttr, $oAttr->value))
-				{
-					// Invalid content
-					$aAttrToRemove[] = $oAttr->name;
-				}
-				else if ($sAttr == 'style')
-				{
-					// Special processing for style tags
-					$sCleanStyle = $this->CleanStyle($oAttr->value);
-					if ($sCleanStyle == '')
-					{
-						// Invalid content
-						$aAttrToRemove[] = $oAttr->name;
-					}
-					else
-					{
-						$oElement->setAttribute($oAttr->name, $sCleanStyle);
-					}
-				}
-			}
-			// Now remove them
-			foreach($aAttrToRemove as $sName)
-			{
-				$oElement->removeAttribute($sName);
-			}
-		}
-		
-		if ($oElement->hasChildNodes())
-		{
-			$aChildElementsToRemove = array();
-			// Gather the child noes to remove
-			foreach($oElement->childNodes as $oNode)
-			{
-				if (($oNode instanceof DOMElement) && (!array_key_exists(strtolower($oNode->tagName), self::$aTagsWhiteList)))
-				{
-					$aChildElementsToRemove[] = $oNode;
-				}
-				else if ($oNode instanceof DOMComment)
-				{
-					$aChildElementsToRemove[] = $oNode;
-				}
-				else
-				{
-					// Recurse
-					$this->CleanNode($oNode);
-					if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img'))
-					{
-						InlineImage::ProcessImageTag($oNode);
-					}
-				}
-			}
-			// Now remove them
-			foreach($aChildElementsToRemove as $oDomElement)
-			{
-				$oElement->removeChild($oDomElement);
-			}
-		}
+		return [];
 	}
 
-	protected function CleanStyle($sStyle)
+	/**
+	 * @return string[]
+	 * @link https://developer.mozilla.org/en-US/docs/Web/SVG/Element/script
+	 */
+	public function GetTagsBlackList()
 	{
-		$aAllowedStyles = array();
-		$aItems = explode(';', $sStyle);
-		{
-			foreach($aItems as $sItem)
-			{
-				$aElements = explode(':', trim($sItem));
-				if (in_array(trim(strtolower($aElements[0])), static::$aStylesWhiteList))
-				{
-					$aAllowedStyles[] = trim($sItem);
-				}
-			}
-		}
-		return implode(';', $aAllowedStyles);
+		return [
+			'script',
+		];
 	}
-	
-	protected function IsValidAttributeContent($sAttributeName, $sValue)
+
+	public function GetAttrsWhiteList()
 	{
-		if (array_key_exists($sAttributeName, self::$aAttrsWhiteList))
-		{
-			return preg_match(self::$aAttrsWhiteList[$sAttributeName], $sValue);
-		}
-		return true;
+		return [];
+	}
+
+	/**
+	 * @return string[]
+	 * @link https://developer.mozilla.org/en-US/docs/Web/SVG/Attribute/Events#document_event_attributes
+	 */
+	public function GetAttrsBlackList()
+	{
+		return [
+			'onbegin',
+			'onbegin',
+			'onrepeat',
+			'onabort',
+			'onerror',
+			'onerror',
+			'onscroll',
+			'onunload',
+			'oncopy',
+			'oncut',
+			'onpaste',
+			'oncancel',
+			'oncanplay',
+			'oncanplaythrough',
+			'onchange',
+			'onclick',
+			'onclose',
+			'oncuechange',
+			'ondblclick',
+			'ondrag',
+			'ondragend',
+			'ondragenter',
+			'ondragleave',
+			'ondragover',
+			'ondragstart',
+			'ondrop',
+			'ondurationchange',
+			'onemptied',
+			'onended',
+			'onerror',
+			'onfocus',
+			'oninput',
+			'oninvalid',
+			'onkeydown',
+			'onkeypress',
+			'onkeyup',
+			'onload',
+			'onloadeddata',
+			'onloadedmetadata',
+			'onloadstart',
+			'onmousedown',
+			'onmouseenter',
+			'onmouseleave',
+			'onmousemove',
+			'onmouseout',
+			'onmouseover',
+			'onmouseup',
+			'onmousewheel',
+			'onpause',
+			'onplay',
+			'onplaying',
+			'onprogress',
+			'onratechange',
+			'onreset',
+			'onresize',
+			'onscroll',
+			'onseeked',
+			'onseeking',
+			'onselect',
+			'onshow',
+			'onstalled',
+			'onsubmit',
+			'onsuspend',
+			'ontimeupdate',
+			'ontoggle',
+			'onvolumechange',
+			'onwaiting',
+			'onactivate',
+			'onfocusin',
+			'onfocusout',
+		];
+	}
+
+	public function GetStylesWhiteList()
+	{
+		return [];
+	}
+
+	public function LoadDoc($sHTML)
+	{
+		@$this->oDoc->loadXml($sHTML, LIBXML_NOBLANKS);
+	}
+
+	public function PrintDoc()
+	{
+		return $this->oDoc->saveXML();
 	}
 }

core/iTopConfigParser.php

@@ -6,6 +6,8 @@
  */
 
 use PhpParser\Node\Expr\Assign;
+use PhpParser\Node\Expr\Variable;
+use PhpParser\Parser;
 use PhpParser\ParserFactory;
 use PhpParser\PrettyPrinter\Standard;
 
@@ -80,38 +82,49 @@ class iTopConfigParser
 	 * @param \PhpParser\Parser $oParser
 	 * @param $sConfig
 	 *
-	 * @return \Combodo\iTop\Config\Validator\ConfigNodesVisitor
+	 * @return void
 	 */
-	private function BrowseFile(\PhpParser\Parser $oParser, $sConfig)
+	private function BrowseFile(Parser $oParser, $sConfig)
 	{
 		$prettyPrinter = new Standard();
 
-		try
-		{
+		try {
 			$aNodes = $oParser->parse($sConfig);
 		}
-		catch (\Error $e)
-		{
+		catch (\Error $e) {
 			$sMessage = Dict::Format('config-parse-error', $e->getMessage(), $e->getLine());
 			$this->oException = new \Exception($sMessage, 0, $e);
 		}
 
-		foreach ($aNodes as $oAssignation)
-		{
-			if (! $oAssignation instanceof Assign)
-			{
+		foreach ($aNodes as $sKey => $oNode) {
+			// With PhpParser 3 we had an Assign node at root
+			// In PhpParser 4 the root node is now an Expression
+
+			if (false === ($oNode instanceof \PhpParser\Node\Stmt\Expression)) {
+				continue;
+			}
+			/** @var \PhpParser\Node\Stmt\Expression $oNode */
+
+			if (false === ($oNode->expr instanceof Assign)) {
+				continue;
+			}
+			/** @var Assign $oAssignation */
+			$oAssignation = $oNode->expr;
+
+			if (false === ($oAssignation->var instanceof Variable)) {
+				continue;
+			}
+			if (false === ($oAssignation->expr instanceof PhpParser\Node\Expr\Array_)) {
 				continue;
 			}
 
 			$sCurrentRootVar = $oAssignation->var->name;
-			if (!array_key_exists($sCurrentRootVar, $this->aVarsMap))
-			{
+			if (!array_key_exists($sCurrentRootVar, $this->aVarsMap)) {
 				continue;
 			}
 			$aCurrentRootVarMap =& $this->aVarsMap[$sCurrentRootVar];
 
-			foreach ($oAssignation->expr->items as $oItem)
-			{
+			foreach ($oAssignation->expr->items as $oItem) {
 				$sValue = $prettyPrinter->prettyPrintExpr($oItem->value);
 				$aCurrentRootVarMap[$oItem->key->value] = $sValue;
 			}

core/log.class.inc.php

@@ -539,8 +539,25 @@ class FileLog
  */
 class LogChannels
 {
+	const APC = 'apc';
+
+	/**
+	 * @var string
+	 * @since 2.7.7 N°4558 use this new channel when logging DB transactions
+	 */
+	const CMDB_SOURCE = 'cmdbsource';
+
 	const DEADLOCK = 'DeadLock';
+
 	const INLINE_IMAGE = 'InlineImage';
+
+	/**
+	 * @var string
+	 * @since 3.0.1 N°4849
+	 * @since 2.7.7 N°4635
+	 */
+	const NOTIFICATIONS = 'notifications';
+
 	const PORTAL = 'portal';
 }
 
@@ -681,7 +698,7 @@ abstract class LogAPI
 
 		if (isset($sLogLevelMin[static::CHANNEL_DEFAULT]))
 		{
-			return $sLogLevelMin[$sChannel];
+			return $sLogLevelMin[static::CHANNEL_DEFAULT];
 		}
 
 		return static::LEVEL_DEFAULT;

core/metamodel.class.php

@@ -589,10 +589,10 @@ abstract class MetaModel
 	 * @param string $sRuleId
 	 *
 	 * @throws \CoreException
-	 * @since 2.6.1 N°1918 (sous les pavés, la plage) initialize in 'root_class' property the class that has the first
+	 * @since 2.6.1 N°1968 (sous les pavés, la plage) initialize in 'root_class' property the class that has the first
 	 *         definition of the rule in the hierarchy
 	 */
-	final private static function SetUniquenessRuleRootClass($sRootClass, $sRuleId)
+	private static function SetUniquenessRuleRootClass($sRootClass, $sRuleId)
 	{
 		foreach (self::EnumChildClasses($sRootClass, ENUM_CHILD_CLASSES_ALL) as $sClass)
 		{
@@ -7330,9 +7330,11 @@ abstract class MetaModel
 	 * @param string $sInput
 	 * @param array $aParams
 	 *
-	 * @return mixed
+	 * @return string
+	 *
+	 * @throws \Exception
 	 */
-	static public function ApplyParams($sInput, $aParams)
+	public static function ApplyParams($sInput, $aParams)
 	{
 		$aParams = static::AddMagicPlaceholders($aParams);
 
@@ -7342,7 +7344,7 @@ abstract class MetaModel
 
 		$aSearches = array();
 		$aReplacements = array();
-		foreach($aParams as $sSearch => $replace)
+		foreach ($aParams as $sSearch => $replace)
 		{
 			// Some environment parameters are objects, we just need scalars
 			if (is_object($replace))

core/ormtagset.class.inc.php

@@ -138,7 +138,7 @@ final class ormTagSet extends ormSet
 	}
 
 	/**
-	 * @return array of tags indexed by code
+	 * @return array index: code, value: corresponding {@see \TagSetFieldData}
 	 */
 	public function GetTags()
 	{

core/spreadsheetbulkexport.class.inc.php

@@ -340,7 +340,7 @@ EOF
 						}
 						else if ($oAttDef instanceof AttributeTagSet)
 						{
-							$sField = $oObj->GetAsCSV($sAttCode, $this->bLocalizeOutput, '');
+							$sField = utils::HtmlEntities($oObj->GetAsCSV($sAttCode, $this->bLocalizeOutput, ''));
 							$sData .= "<td x:str>$sField</td>";
 						}
 						else

core/sqlobjectquery.class.inc.php

@@ -491,7 +491,17 @@ class SQLObjectQuery extends SQLQuery
 		}
 	}
 
-	private function PrepareSingleTable(SQLObjectQuery $oRootQuery, &$aFrom, $sCallerAlias = '', $aJoinData)
+	/**
+	 * @param \SQLObjectQuery $oRootQuery
+	 * @param $aFrom
+	 * @param $sCallerAlias
+	 * @param $aJoinData
+	 *
+	 * @return string
+	 *
+	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $sCallerAlias for PHP 8.0 compat (Private method with only 2 calls in the class, both providing the optional parameter)
+	 */
+	private function PrepareSingleTable(SQLObjectQuery $oRootQuery, &$aFrom, $sCallerAlias, $aJoinData)
 	{
 		$aTranslationTable[$this->m_sTable]['*'] = $this->m_sTableAlias;
 		$sJoinCond = '';
@@ -610,6 +620,7 @@ class SQLObjectQuery extends SQLQuery
 		$aTempFrom = array(); // temporary subset of 'from' specs, to be grouped in the final query
 		foreach ($this->m_aJoinSelects as $aJoinData)
 		{
+			/** @var \SQLObjectQuery $oRightSelect */
 			$oRightSelect = $aJoinData["select"];
 
 			$oRightSelect->PrepareSingleTable($oRootQuery, $aTempFrom, $this->m_sTableAlias, $aJoinData);

core/trigger.class.inc.php

@@ -263,6 +263,7 @@ abstract class TriggerOnObject extends Trigger
 		{
 			$oSearch = DBObjectSearch::FromOQL($sFilter);
 			$oSearch->AddCondition('id', $iObjectId, '=');
+			$oSearch->AllowAllData();
 			$oSet = new DBObjectSet($oSearch);
 			$bRet = ($oSet->Count() > 0);
 		}

core/userrights.class.inc.php

@@ -952,6 +952,21 @@ class UserRights
 		return self::$m_oRealUser;
 	}
 
+	/**
+	 * @return int|string ID of the connected user : if impersonate then use {@see m_oRealUser}, else {@see m_oUser}. If no user set then return ''
+	 * @since 2.6.5 2.7.6 3.0.0 N°4289 method creation
+	 */
+	public static function GetConnectedUserId() {
+		if (false === is_null(static::$m_oRealUser)) {
+			return static::$m_oRealUser->GetKey();
+		}
+		if (false === is_null(static::$m_oUser)) {
+			return static::$m_oUser->GetKey();
+		}
+
+		return '';
+	}
+
 	public static function GetRealUserId()
 	{
 		if (is_null(self::$m_oRealUser))
@@ -1212,7 +1227,7 @@ class UserRights
 		elseif ((self::$m_oUser !== null) && ($oUser->GetKey() == self::$m_oUser->GetKey()))
 		{
 			// Data about the current user can be found into the session data
-			if (array_key_exists('profile_list', $_SESSION))
+			if ((false === utils::IsModeCLI()) && array_key_exists('profile_list', $_SESSION))
 			{
 				$aProfiles = $_SESSION['profile_list'];
 			}

css/css-variables.scss

@@ -17,7 +17,7 @@
  */
 
 // Beware the version number MUST be enclosed with quotes otherwise v2.3.0 becomes v2 0.3 .0
-$version: "v2.7.5";
+$version: "v2.7.7";
 $approot-relative: "../../../../../" !default; // relative to env-***/branding/themes/***/main.css
 
 // Base colors

css/light-grey.scss

@@ -2424,26 +2424,33 @@ fieldset .details>.field_container {
 
 								.selectize-dropdown,
 								.selectize-input,
-								.selectize-input input{
-									font-size: 12px;
-								}
-								.selectize-input{
-									padding: 2px 2px 0px 2px; /* padding-bottom = padding-top - item margin-bottom */
-									border: 1px solid #ABABAB;
-									border-radius: 0;
+                .selectize-input input {
+                  font-size: 12px;
+                }
 
-									.attribute-set-item.partial-code{
-										color: transparentize($gray-darker, 0.4);
-										background-color: lighten($gray-lighter, 5%);
-									}
-								}
-							}
-						}
-					}
-				}
-			}
-		}
-	}
+                .selectize-input {
+                  padding: 2px 2px 0px 2px; /* padding-bottom = padding-top - item margin-bottom */
+                  border: 1px solid #ABABAB;
+                  border-radius: 0;
+
+                  .attribute-set-item.partial-code {
+                    color: transparentize($gray-darker, 0.4);
+                    background-color: lighten($gray-lighter, 5%);
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+
+  &[data-attribute-type="AttributeDuration"] {
+    .field_value_container {
+      white-space: nowrap;
+    }
+  }
 }
 .one-col-details .details .field_container.field_small {
 	div.field_label {

css/ui-lightness/jqueryui.scss

@@ -4,6 +4,8 @@
 * To view and modify this theme, visit http://jqueryui.com/themeroller/?scope=&folderName=custom-theme&bgImgOpacityError=18&bgImgOpacityHighlight=75&bgImgOpacityActive=65&bgImgOpacityHover=100&bgImgOpacityDefault=100&bgImgOpacityContent=100&bgImgOpacityHeader=35&cornerRadiusShadow=5px&offsetLeftShadow=-5px&offsetTopShadow=-5px&thicknessShadow=5px&opacityShadow=20&bgImgOpacityShadow=10&bgTextureShadow=flat&bgColorShadow=%23000000&opacityOverlay=50&bgImgOpacityOverlay=20&bgTextureOverlay=diagonals_thick&bgColorOverlay=%23666666&iconColorError=%23ffd27a&fcError=%23ffffff&borderColorError=%23cd0a0a&bgTextureError=diagonals_thick&bgColorError=%23b81900&iconColorHighlight=%231c94c4&fcHighlight=%23363636&borderColorHighlight=%23fed22f&bgTextureHighlight=flat&bgColorHighlight=%23ffe45c&iconColorActive=%23E87C1E&fcActive=%23E87C1E&borderColorActive=%23E87C1E&bgTextureActive=flat&bgColorActive=%23ffffff&iconColorHover=%23E87C1E&fcHover=%23E87C1E&borderColorHover=%23E87C1E&bgTextureHover=flat&bgColorHover=%23fde17c&iconColorDefault=%23F26522&fcDefault=%23555555&borderColorDefault=%23cccccc&bgTextureDefault=flat&bgColorDefault=%23f1f1f1&iconColorContent=%23222222&fcContent=%23333333&borderColorContent=%23dddddd&bgTextureContent=flat&bgColorContent=%23eeeeee&iconColorHeader=%23ffffff&fcHeader=%23ffffff&borderColorHeader=%23F26522&bgTextureHeader=flat&bgColorHeader=%23E87C1E&cornerRadius=0&fwDefault=bold&fsDefault=1.1em&ffDefault=Trebuchet%20MS%2CTahoma%2CVerdana%2CArial%2Csans-serif
 * Copyright jQuery Foundation and other contributors; Licensed MIT 
 * The original css file has been scssized (through www.css2scss.com)
+*
+* Other modification done : replaced the `Alpha(` by `alpha(` to avoid warnings generated by SCSSPHP
  */
 .ui-draggable-handle {
     -ms-touch-action: none;
@@ -46,26 +48,27 @@
     }
 }
 .ui-helper-zfix {
-    width: 100%;
-    height: 100%;
-    top: 0;
-    left: 0;
-    position: absolute;
-    opacity: 0;
-    filter: Alpha(Opacity=0);
+  width: 100%;
+  height: 100%;
+  top: 0;
+  left: 0;
+  position: absolute;
+  opacity: 0;
+  filter: alpha(Opacity=0);
 }
 .ui-front {
     z-index: 100;
 }
 .ui-state-disabled {
-    cursor: default !important;
-    pointer-events: none;
-    opacity: .35;
-    filter: Alpha(Opacity=35);
-    background-image: none;
-    .ui-icon {
-        filter: Alpha(Opacity=35);
-    }
+  cursor: default !important;
+  pointer-events: none;
+  opacity: .35;
+  filter: alpha(Opacity=35);
+  background-image: none;
+
+  .ui-icon {
+    filter: alpha(Opacity=35);
+  }
 }
 .ui-icon {
     display: inline-block;
@@ -86,14 +89,14 @@
     display: block;
 }
 .ui-widget-overlay {
-    position: fixed;
-    top: 0;
-    left: 0;
-    width: 100%;
-    height: 100%;
-    background: #666666 url($approot-relative + "css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=" + $version) 50% 50% repeat;
-    opacity: .5;
-    filter: Alpha(Opacity=50);
+  position: fixed;
+  top: 0;
+  left: 0;
+  width: 100%;
+  height: 100%;
+  background: #666666 url($approot-relative + "css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=" + $version) 50% 50% repeat;
+  opacity: .5;
+  filter: alpha(Opacity=50);
 }
 .ui-resizable {
     position: relative;
@@ -1069,14 +1072,14 @@ body {
         font-weight: bold;
     }
     .ui-priority-secondary {
-        opacity: .7;
-        filter: Alpha(Opacity=70);
-        font-weight: normal;
+      opacity: .7;
+      filter: alpha(Opacity=70);
+      font-weight: normal;
     }
     .ui-state-disabled {
-        opacity: .35;
-        filter: Alpha(Opacity=35);
-        background-image: none;
+      opacity: .35;
+      filter: alpha(Opacity=35);
+      background-image: none;
     }
     .ui-icon {
         background-image: url($approot-relative + "css/ui-lightness/images/ui-icons_222222_256x240.png?v=" + $version);
@@ -1137,14 +1140,14 @@ body {
         font-weight: bold;
     }
     .ui-priority-secondary {
-        opacity: .7;
-        filter: Alpha(Opacity=70);
-        font-weight: normal;
+      opacity: .7;
+      filter: alpha(Opacity=70);
+      font-weight: normal;
     }
     .ui-state-disabled {
-        opacity: .35;
-        filter: Alpha(Opacity=35);
-        background-image: none;
+      opacity: .35;
+      filter: alpha(Opacity=35);
+      background-image: none;
     }
     .ui-icon {
         background-image: url($approot-relative + "css/ui-lightness/images/ui-icons_ffffff_256x240.png?v=" + $version);
@@ -1341,9 +1344,9 @@ a {
     font-weight: bold;
 }
 .ui-priority-secondary {
-    opacity: .7;
-    filter: Alpha(Opacity=70);
-    font-weight: normal;
+  opacity: .7;
+  filter: alpha(Opacity=70);
+  font-weight: normal;
 }
 .ui-icon-blank {
     background-position: 16px 16px;

datamodels/2.x/authent-cas/es_cr.dict.authent-cas.php

@@ -1,12 +1,15 @@
 <?php
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2013 XXXXX
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
+ * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
+ * @notas       Utilizar codificación UTF-8 para mostrar acentos y otros caracteres especiales 
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
-	'CAS:Error:UserNotAllowed' => 'User not allowed~~',
-	'CAS:Login:SignIn' => 'Sign in with CAS~~',
-	'CAS:Login:SignInTooltip' => 'Click here to authenticate yourself with the CAS server~~',
+
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
+	'CAS:Error:UserNotAllowed' => 'Usuario no permitido',
+	'CAS:Login:SignIn' => 'Iniciar sesión con CAS',
+	'CAS:Login:SignInTooltip' => 'Click para autenticarse con servidor CAS',
 ));

datamodels/2.x/authent-cas/module.authent-cas.php

@@ -5,7 +5,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'authent-cas/2.7.5',
+	'authent-cas/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/authent-external/es_cr.dict.authent-external.php

@@ -15,10 +15,10 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2010-2013 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  */
@@ -34,7 +34,7 @@
 //
 // Class: UserExternal
 //
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserExternal' => 'Usuario Externo',
 	'Class:UserExternal+' => 'Usuario Autenticado fuera de iTop',
 ));

datamodels/2.x/authent-external/module.authent-external.php

@@ -27,7 +27,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'authent-external/2.7.5',
+	'authent-external/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/authent-ldap/es_cr.dict.authent-ldap.php

@@ -15,10 +15,10 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2010-2013 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  */
@@ -34,7 +34,7 @@
 //
 // Class: UserLDAP
 //
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLDAP' => 'Usuario LDAP',
 	'Class:UserLDAP+' => 'Usuario Autenticado vía LDAP',
 	'Class:UserLDAP/Attribute:password' => 'Contraseña',

datamodels/2.x/authent-ldap/module.authent-ldap.php

@@ -9,7 +9,7 @@ if (function_exists('ldap_connect'))
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'authent-ldap/2.7.5',
+	'authent-ldap/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/authent-local/es_cr.dict.authent-local.php

@@ -15,10 +15,10 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2010-2013 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  */
@@ -34,24 +34,24 @@
 //
 // Class: UserLocal
 //
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:UserLocal' => 'Usuario de iTop',
 	'Class:UserLocal+' => 'Usuario Autenticado vía iTop',
 	'Class:UserLocal/Attribute:password' => 'Contraseña',
 	'Class:UserLocal/Attribute:password+' => 'Contraseña',
 
-	'Class:UserLocal/Attribute:expiration' => 'Password expiration~~',
-	'Class:UserLocal/Attribute:expiration+' => 'Password expiration status (requires an extension to have an effect)~~',
-	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Can expire~~',
-	'Class:UserLocal/Attribute:expiration/Value:can_expire+' => '~~',
-	'Class:UserLocal/Attribute:expiration/Value:never_expire' => 'Never expire~~',
-	'Class:UserLocal/Attribute:expiration/Value:never_expire+' => '~~',
-	'Class:UserLocal/Attribute:expiration/Value:force_expire' => 'Expired~~',
-	'Class:UserLocal/Attribute:expiration/Value:force_expire+' => '~~',
-	'Class:UserLocal/Attribute:password_renewed_date' => 'Password renewal~~',
-	'Class:UserLocal/Attribute:password_renewed_date+' => 'When the password was last changed~~',
+	'Class:UserLocal/Attribute:expiration' => 'Expiración de contraseña',
+	'Class:UserLocal/Attribute:expiration+' => 'Estatus de expiración de contraseña (requiere de una extensión para que tenga efecto)',
+	'Class:UserLocal/Attribute:expiration/Value:can_expire' => 'Puede expirar',
+	'Class:UserLocal/Attribute:expiration/Value:can_expire+' => '',
+	'Class:UserLocal/Attribute:expiration/Value:never_expire' => 'Nunca expirar',
+	'Class:UserLocal/Attribute:expiration/Value:never_expire+' => '',
+	'Class:UserLocal/Attribute:expiration/Value:force_expire' => 'Expirado',
+	'Class:UserLocal/Attribute:expiration/Value:force_expire+' => '',
+	'Class:UserLocal/Attribute:password_renewed_date' => 'Renovación de contraseña',
+	'Class:UserLocal/Attribute:password_renewed_date+' => 'Cuando fue el último cambio de contraseña',
 
-	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'Password must be at least 8 characters and include uppercase, lowercase, numeric and special characters.~~',
+	'Error:UserLocalPasswordValidator:UserPasswordPolicyRegex:ValidationFailed' => 'La contraseña debe ser de al menos 8 caracteres e incluír mayúsculas, minúsculas, números y caracteres especiales.',
 
-	'UserLocal:password:expiration' => 'The fields below require an extension~~'
+	'UserLocal:password:expiration' => 'El siguiente campo requiere una extensión'
 ));

datamodels/2.x/authent-local/module.authent-local.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'authent-local/2.7.5',
+	'authent-local/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/combodo-db-tools/dbtools.php

@@ -301,9 +301,7 @@ function DisplayLostAttachments(iTopWebPage &$oP, ApplicationContext &$oAppConte
 					$sHistoryEntry = Dict::Format('DBTools:LostAttachments:History', $oOrmDocument->GetFileName());
 					CMDBObject::SetTrackInfo(UserRights::GetUserFriendlyName());
 					$oChangeOp = MetaModel::NewObject('CMDBChangeOpPlugin');
-					/** @var \Change $oChange */
-					$oChange = CMDBObject::GetCurrentChange();
-					$oChangeOp->Set('change', $oChange->GetKey());
+					// CMDBChangeOp.change will be automatically filled
 					$oChangeOp->Set('objclass', $sTargetClass);
 					$oChangeOp->Set('objkey', $sTargetId);
 					$oChangeOp->Set('description', $sHistoryEntry);

datamodels/2.x/combodo-db-tools/es_cr.dict.combodo-db-tools.php

@@ -20,12 +20,19 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with iTop. If not, see <http://www.gnu.org/licenses/>
  */
+ /**
+ * Spanish Localized data
+ *
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
+ */
 // Database inconsistencies
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	// Dictionary entries go here
-	'Menu:DBToolsMenu' => 'Herramientas de bases de datos',
+	'Menu:DBToolsMenu' => 'Integridad de Base de Datos',
 	'DBTools:Class' => 'Clase',
-	'DBTools:Title' => 'Herramientas de mantenimiento de base de datos',
+	'DBTools:Title' => 'Herramientas de Mantenimiento de Base de Datos',
 	'DBTools:ErrorsFound' => 'Errores encontrados',
 	'DBTools:Error' => 'Error',
 	'DBTools:Count' => 'Cantidad',
@@ -37,45 +44,45 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 	'DBTools:ShowIds' => 'Vista detallada',
 	'DBTools:ShowReport' => 'Reporte',
 	'DBTools:IntegrityCheck' => 'Verificación de integridad',
-	'DBTools:FetchCheck' => 'Fetch Check (long)~~',
+	'DBTools:FetchCheck' => 'Verificación de búsqueda (larga)',
 
 	'DBTools:Analyze' => 'Analizar',
 	'DBTools:Details' => 'Mostrar detalles',
 	'DBTools:ShowAll' => 'Mostrar todos los errores',
 
-	'DBTools:Inconsistencies' => 'Inconsistencias de base de datos',
+	'DBTools:Inconsistencies' => 'Inconsistencias de Base de Datos',
 
 	'DBAnalyzer-Integrity-OrphanRecord' => 'Registro huérfano en `%1$s`, debería tener su contraparte en la tabla `%2$s`',
 	'DBAnalyzer-Integrity-InvalidExtKey' => 'Llave externa inválida %1$s (columna: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-MissingExtKey' => 'Llave externa perdida %1$s (columna: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-InvalidValue' => 'Valor inválido para %1$s (columna: `%2$s.%3$s`)',
 	'DBAnalyzer-Integrity-UsersWithoutProfile' => 'Algunas cuentas de usuario no tienen perfil asignado',
-	'DBAnalyzer-Fetch-Count-Error' => 'Fetch count error in `%1$s`, %2$d entries fetched / %3$d counted~~',
-	'DBAnalyzer-Integrity-FinalClass' => 'Field `%2$s`.`%1$s` must have the same value as `%3$s`.`%1$s`~~',
-	'DBAnalyzer-Integrity-RootFinalClass' => 'Field `%2$s`.`%1$s` must contains a valid class~~',
+	'DBAnalyzer-Fetch-Count-Error' => 'Obtener cuenta de errores en `%1$s`, %2$d entradas recuperadas / %3$d contadas',
+	'DBAnalyzer-Integrity-FinalClass' => 'Campo `%2$s`.`%1$s` debe tener los mismos valores que `%3$s`.`%1$s`',
+	'DBAnalyzer-Integrity-RootFinalClass' => 'Campo `%2$s`.`%1$s` debe contener un caracter válido',
 ));
 
 // Database Info
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
-	'DBTools:DatabaseInfo' => 'Información de base de datos',
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
+	'DBTools:DatabaseInfo' => 'Información de Base de Datos',
 	'DBTools:Base' => 'Base',
 	'DBTools:Size' => 'Tamaño',
 ));
 
 // Lost attachments
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'DBTools:LostAttachments' => 'Adjuntos perdidos',
-	'DBTools:LostAttachments:Disclaimer' => 'Aquí usted puede buscar adjuntos perdidos o desplazados. Esta NO es una herramienta de recuperación de datos, no obtiene datos borrados.',
+	'DBTools:LostAttachments:Disclaimer' => 'Aquí usted puede buscar anexos perdidos o fuera de lugar. Esta NO es una herramienta de recuperación de datos, no obtiene datos borrados.',
 
 	'DBTools:LostAttachments:Button:Analyze' => 'Analizar',
 	'DBTools:LostAttachments:Button:Restore' => 'Restaurar',
 	'DBTools:LostAttachments:Button:Restore:Confirm' => 'Esta acción no se puede deshacer, por favor confirme que quiere restaurar los archivos seleccionados.',
 	'DBTools:LostAttachments:Button:Busy' => 'Por favor espere...',
 
-	'DBTools:LostAttachments:Step:Analyze' => 'Primero, buscaremos adjuntos perdidos/desplazados analizando la base de datos.',
+	'DBTools:LostAttachments:Step:Analyze' => 'Primero, buscar anexos perdidos o fuera de lugar analizando la base de datos.',
 
 	'DBTools:LostAttachments:Step:AnalyzeResults' => 'Analizar resultados:',
-	'DBTools:LostAttachments:Step:AnalyzeResults:None' => 'Genial! Todo parece estar en el lugar correcto.',
+	'DBTools:LostAttachments:Step:AnalyzeResults:None' => '¡Genial! Todo parece estar en el lugar correcto.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Some' => 'Algunos adjuntos (%1$d) parecen estar desplazados. Mire la siguiente lista y verifique los que quiera mover.',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:Filename' => 'Nombre de archivo',
 	'DBTools:LostAttachments:Step:AnalyzeResults:Item:CurrentLocation' => 'Ubicación actual',

datamodels/2.x/combodo-db-tools/module.combodo-db-tools.php

@@ -24,7 +24,7 @@
 /** @noinspection PhpUnhandledExceptionInspection */
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'combodo-db-tools/2.7.5',
+	'combodo-db-tools/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/installation.xml

@@ -20,6 +20,7 @@
             <module>combodo-db-tools</module>
             <module>itop-core-update</module>
             <module>itop-hub-connector</module>
+            <module>itop-oauth-client</module>
           </modules>
           <mandatory>true</mandatory>
         </choice>

datamodels/2.x/itop-attachments/es_cr.dict.itop-attachments.php

@@ -15,14 +15,14 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2010-2013 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Attachments:TabTitle_Count' => 'Anexos (%1$d)',
 	'Attachments:EmptyTabTitle' => 'Anexos',
 	'Attachments:FieldsetTitle' => 'Anexos',
@@ -36,53 +36,53 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 	'Attachment:Max_Ko' => '(Tamaño Máximo de Archivo: %1$s Kb)',
 	'Attachments:NoAttachment' => 'No hay Anexo. ',
 	'Attachments:PreviewNotAvailable' => 'Vista preliminar no disponible para este tipo de Anexo.',
-	'Attachments:Error:FileTooLarge' => 'File is too large to be uploaded. %1$s~~',
-	'Attachments:Error:UploadedFileEmpty' => 'The received file is empty and cannot be attached.
-Either you have pushed an empty file,
-or ask your iTop administrator if the iTop server disk is full.~~',
-	'Attachments:Render:Icons' => 'Display as icons~~',
-	'Attachments:Render:Table' => 'Display as list~~',
+	'Attachments:Error:FileTooLarge' => 'El archivo es demasiado grande para ser cargado. %1$s',
+	'Attachments:Error:UploadedFileEmpty' => 'El archivo recibido está vacío y no puede ser anexado.
+Puede ser que haya enviado un archivo vació,
+o pregunte al administador de iTop si el servidor que ha quedado sin espacio en disco.',
+	'Attachments:Render:Icons' => 'Desplegar como icono',
+	'Attachments:Render:Table' => 'Desplegar como lista',
 ));
 
 //
 // Class: Attachment
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
-	'Class:Attachment' => 'Attachment~~',
-	'Class:Attachment+' => '~~',
-	'Class:Attachment/Attribute:expire' => 'Expire~~',
-	'Class:Attachment/Attribute:expire+' => '~~',
-	'Class:Attachment/Attribute:temp_id' => 'Temporary id~~',
-	'Class:Attachment/Attribute:temp_id+' => '~~',
-	'Class:Attachment/Attribute:item_class' => 'Item class~~',
-	'Class:Attachment/Attribute:item_class+' => '~~',
-	'Class:Attachment/Attribute:item_id' => 'Item~~',
-	'Class:Attachment/Attribute:item_id+' => '~~',
-	'Class:Attachment/Attribute:item_org_id' => 'Item organization~~',
-	'Class:Attachment/Attribute:item_org_id+' => '~~',
-	'Class:Attachment/Attribute:contents' => 'Contents~~',
-	'Class:Attachment/Attribute:contents+' => '~~',
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
+	'Class:Attachment' => 'Anexo',
+	'Class:Attachment+' => 'Anexo',
+	'Class:Attachment/Attribute:expire' => 'Expira',
+	'Class:Attachment/Attribute:expire+' => '',
+	'Class:Attachment/Attribute:temp_id' => 'Id Temporal',
+	'Class:Attachment/Attribute:temp_id+' => '',
+	'Class:Attachment/Attribute:item_class' => 'Clase de Elemento',
+	'Class:Attachment/Attribute:item_class+' => '',
+	'Class:Attachment/Attribute:item_id' => 'Elemento',
+	'Class:Attachment/Attribute:item_id+' => '',
+	'Class:Attachment/Attribute:item_org_id' => 'Organización de Elemento',
+	'Class:Attachment/Attribute:item_org_id+' => '',
+	'Class:Attachment/Attribute:contents' => 'Contenido',
+	'Class:Attachment/Attribute:contents+' => '',
 ));
 
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
-	'Attachments:File:Thumbnail' => 'Icon~~',
-	'Attachments:File:Name' => 'File name~~',
-	'Attachments:File:Date' => 'Upload date~~',
-	'Attachments:File:Uploader' => 'Uploaded by~~',
-	'Attachments:File:Size' => 'Size~~',
-	'Attachments:File:MimeType' => 'Type~~',
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
+	'Attachments:File:Thumbnail' => 'Ícono',
+	'Attachments:File:Name' => 'Nombre de Archivo',
+	'Attachments:File:Date' => 'Fecha de Carga',
+	'Attachments:File:Uploader' => 'Cargado por',
+	'Attachments:File:Size' => 'Tamaño',
+	'Attachments:File:MimeType' => 'Tipo',
 ));
 //
 // Class: Attachment
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
-	'Class:Attachment/Attribute:creation_date' => 'Creation date~~',
-	'Class:Attachment/Attribute:creation_date+' => '~~',
-	'Class:Attachment/Attribute:user_id' => 'User id~~',
-	'Class:Attachment/Attribute:user_id+' => '~~',
-	'Class:Attachment/Attribute:contact_id' => 'Contact id~~',
-	'Class:Attachment/Attribute:contact_id+' => '~~',
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
+	'Class:Attachment/Attribute:creation_date' => 'Fecha de Creación',
+	'Class:Attachment/Attribute:creation_date+' => '',
+	'Class:Attachment/Attribute:user_id' => 'Id del Usuario',
+	'Class:Attachment/Attribute:user_id+' => '',
+	'Class:Attachment/Attribute:contact_id' => 'Id del Contacto',
+	'Class:Attachment/Attribute:contact_id+' => '',
 ));

datamodels/2.x/itop-attachments/module.itop-attachments.php

@@ -19,7 +19,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-attachments/2.7.5',
+	'itop-attachments/2.7.7',
 	array(
 		// Identification
 		//
@@ -177,6 +177,12 @@ SQL;
 			SetupPage::log_info("Initializing attachment/item_org_id - zero to the container");
 			$oSearch = DBObjectSearch::FromOQL("SELECT Attachment WHERE item_org_id = 0");
 			$oSet = new DBObjectSet($oSearch);
+			$oSet->OptimizeColumnLoad([
+				'Attachment' => [
+					'item_class',
+					'item_id',
+				]
+			]);
 			$iUpdated = 0;
 			while ($oAttachment = $oSet->Fetch())
 			{

datamodels/2.x/itop-attachments/renderers.itop-attachments.php

@@ -551,7 +551,7 @@ JS
 	  <td role="filename"><a href="$sDocDownloadUrl" target="_blank" class="$sIconClass">$sFileName</a>$sAttachmentMeta</td>
 	  <td role="formatted-size" data-order="$iFileSize">$sFileFormattedSize</td>
 	  <td role="upload-date" data-order="$iAttachmentDateRaw">$sAttachmentDateFormatted</td>
-	  <td role="uploader">$sAttachmentUploader</td>
+	  <td role="uploader">$sAttachmentUploaderForHtml</td>
 	  <td role="type">$sFileType</td>
 	  $sDeleteColumn
 	</tr>

datamodels/2.x/itop-backup/es_cr.dict.itop-backup.php

@@ -2,8 +2,9 @@
 /**
  * Localized data
  *
- * @copyright Copyright (C) 2010-2018 Combodo SARL
+ * @copyright Copyright (C) 2010-2021 Combodo SARL
  * @license	http://opensource.org/licenses/AGPL-3.0
+ * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com>
  *
  * This file is part of iTop.
  *
@@ -20,7 +21,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with iTop. If not, see <http://www.gnu.org/licenses/>
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 
 	'bkp-backup-running' => 'Un respaldo está en ejecuión.  Por favor espere...',
 	'bkp-restore-running' => 'Una restauración está en ejecución. Por favor espere...',

datamodels/2.x/itop-backup/module.itop-backup.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-backup/2.7.5',
+	'itop-backup/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/itop-bridge-virtualization-storage/module.itop-bridge-virtualization-storage.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-bridge-virtualization-storage/2.7.5',
+	'itop-bridge-virtualization-storage/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/itop-change-mgmt-itil/es_cr.dict.itop-change-mgmt-itil.php

@@ -15,14 +15,14 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2010-2013 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Menu:ChangeManagement' => 'Administración de Cambios',
 	'Menu:Change:Overview' => 'Resumen de Cambios',
 	'Menu:Change:Overview+' => 'Resumen de Cambios',
@@ -63,7 +63,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 // Class: Change
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:Change' => 'Cambio',
 	'Class:Change+' => 'Cambio',
 	'Class:Change/Attribute:status' => 'Estatus',
@@ -166,7 +166,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 // Class: RoutineChange
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:RoutineChange' => 'Cambio Rutinario',
 	'Class:RoutineChange+' => 'Cambio Rutinario',
 	'Class:RoutineChange/Stimulus:ev_validate' => 'Validar',
@@ -197,7 +197,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 // Class: ApprovedChange
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:ApprovedChange' => 'Cambios Aprobados',
 	'Class:ApprovedChange+' => 'Cambios Aprobados',
 	'Class:ApprovedChange/Attribute:approval_date' => 'Fecha de Aprobación',
@@ -232,7 +232,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 // Class: NormalChange
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:NormalChange' => 'Cambio Normal',
 	'Class:NormalChange+' => 'Cambio Normal',
 	'Class:NormalChange/Attribute:acceptance_date' => 'Fecha de Aceptación',
@@ -267,7 +267,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 // Class: EmergencyChange
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:EmergencyChange' => 'Cambio de Emergencia',
 	'Class:EmergencyChange+' => 'Cambio de Emergencia',
 	'Class:EmergencyChange/Stimulus:ev_validate' => 'Validar',

datamodels/2.x/itop-change-mgmt-itil/module.itop-change-mgmt-itil.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-change-mgmt-itil/2.7.5',
+	'itop-change-mgmt-itil/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/itop-change-mgmt-itil/tr.dict.itop-change-mgmt-itil.php

@@ -40,12 +40,12 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Menu:Changes+' => '',
 	'Menu:MyChanges' => 'Bana atanan değişiklik istekleri',
 	'Menu:MyChanges+' => 'Bana atanan değişiklik istekleri',
-	'UI-ChangeManagementOverview-ChangeByCategory-last-7-days' => 'Changes by category for the last 7 days~~',
-	'UI-ChangeManagementOverview-Last-7-days' => 'Number of changes for the last 7 days~~',
-	'UI-ChangeManagementOverview-ChangeByDomain-last-7-days' => 'Changes by domain for the last 7 days~~',
-	'UI-ChangeManagementOverview-ChangeByStatus-last-7-days' => 'Changes by status for the last 7 days~~',
-	'Tickets:Related:OpenChanges' => 'Open changes~~',
-	'Tickets:Related:RecentChanges' => 'Recent changes (72h)~~',
+	'UI-ChangeManagementOverview-ChangeByCategory-last-7-days' => 'Son 7 gün için kategoriye göre değişiklikler',
+	'UI-ChangeManagementOverview-Last-7-days' => 'Son 7 gün için değişiklik sayısı',
+	'UI-ChangeManagementOverview-ChangeByDomain-last-7-days' => 'Son 7 gün için etki alanı tarafından yapılan değişiklikler',
+	'UI-ChangeManagementOverview-ChangeByStatus-last-7-days' => 'Son 7 gün için duruma göre değişiklikler',
+	'Tickets:Related:OpenChanges' => 'Açık değişiklikler',
+	'Tickets:Related:RecentChanges' => 'Son değişiklikler (72H)',
 ));
 
 // Dictionnay conventions
@@ -122,21 +122,21 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:Change/Attribute:outage/Value:yes+' => '',
 	'Class:Change/Attribute:fallback' => 'Geridönüş planı',
 	'Class:Change/Attribute:fallback+' => '',
-	'Class:Change/Attribute:parent_id' => 'Parent change~~',
+	'Class:Change/Attribute:parent_id' => 'Ana Kaynak Değişimi',
 	'Class:Change/Attribute:parent_id+' => '~~',
-	'Class:Change/Attribute:parent_name' => 'Parent change Ref~~',
+	'Class:Change/Attribute:parent_name' => 'Ana Kaynak Değişimi Ref',
 	'Class:Change/Attribute:parent_name+' => '~~',
-	'Class:Change/Attribute:related_request_list' => 'Related requests~~',
-	'Class:Change/Attribute:related_request_list+' => 'All the user requests linked to this change~~',
-	'Class:Change/Attribute:related_problems_list' => 'Related problems~~',
-	'Class:Change/Attribute:related_problems_list+' => 'All the problems linked to this change~~',
-	'Class:Change/Attribute:related_incident_list' => 'Related incidents~~',
-	'Class:Change/Attribute:related_incident_list+' => 'All the incidents linked to this change~~',
-	'Class:Change/Attribute:child_changes_list' => 'Child changes~~',
-	'Class:Change/Attribute:child_changes_list+' => 'All the sub changes linked to this change~~',
-	'Class:Change/Attribute:parent_id_friendlyname' => 'Parent friendly name~~',
+	'Class:Change/Attribute:related_request_list' => 'İlgili Talepler',
+	'Class:Change/Attribute:related_request_list+' => 'Bu değişikliğe bağlı tüm kullanıcı istekleri',
+	'Class:Change/Attribute:related_problems_list' => 'İlgili problemler',
+	'Class:Change/Attribute:related_problems_list+' => 'Bu değişiklikle bağlantılı tüm problemler',
+	'Class:Change/Attribute:related_incident_list' => 'İlişkili Olaylar',
+	'Class:Change/Attribute:related_incident_list+' => 'Bu değişikliğe bağlı tüm olaylar',
+	'Class:Change/Attribute:child_changes_list' => 'Alt bağlantı değişiklikleri',
+	'Class:Change/Attribute:child_changes_list+' => 'Bu değişikliğe bağlı tüm alt değişiklikler',
+	'Class:Change/Attribute:parent_id_friendlyname' => 'Ana Kaynak Bilinen Adı',
 	'Class:Change/Attribute:parent_id_friendlyname+' => '~~',
-	'Class:Change/Attribute:parent_id_finalclass_recall' => 'Change type~~',
+	'Class:Change/Attribute:parent_id_finalclass_recall' => 'Değişim türü',
 	'Class:Change/Attribute:parent_id_finalclass_recall+' => '~~',
 	'Class:Change/Stimulus:ev_validate' => 'Doğrula',
 	'Class:Change/Stimulus:ev_validate+' => '',
@@ -171,7 +171,7 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:RoutineChange+' => '',
 	'Class:RoutineChange/Stimulus:ev_validate' => 'Doğrulanan',
 	'Class:RoutineChange/Stimulus:ev_validate+' => '',
-	'Class:RoutineChange/Stimulus:ev_reject' => 'Reject~~',
+	'Class:RoutineChange/Stimulus:ev_reject' => 'Reddet',
 	'Class:RoutineChange/Stimulus:ev_reject+' => '~~',
 	'Class:RoutineChange/Stimulus:ev_assign' => 'Atanan',
 	'Class:RoutineChange/Stimulus:ev_assign+' => '',
@@ -179,11 +179,11 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:RoutineChange/Stimulus:ev_reopen+' => '',
 	'Class:RoutineChange/Stimulus:ev_plan' => 'Planlanan',
 	'Class:RoutineChange/Stimulus:ev_plan+' => '',
-	'Class:RoutineChange/Stimulus:ev_approve' => 'Approve~~',
+	'Class:RoutineChange/Stimulus:ev_approve' => 'Onayla',
 	'Class:RoutineChange/Stimulus:ev_approve+' => '~~',
 	'Class:RoutineChange/Stimulus:ev_replan' => 'Tekrar planlanan',
 	'Class:RoutineChange/Stimulus:ev_replan+' => '',
-	'Class:RoutineChange/Stimulus:ev_notapprove' => 'Do Not Approve~~',
+	'Class:RoutineChange/Stimulus:ev_notapprove' => 'Onaylama',
 	'Class:RoutineChange/Stimulus:ev_notapprove+' => '~~',
 	'Class:RoutineChange/Stimulus:ev_implement' => 'Uygula',
 	'Class:RoutineChange/Stimulus:ev_implement+' => '',

datamodels/2.x/itop-change-mgmt/es_cr.dict.itop-change-mgmt.php

@@ -15,14 +15,14 @@
 //
 //   You should have received a copy of the GNU Affero General Public License
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
-/**
- * Localized data
+ /**
+ * Spanish Localized data
  *
- * @copyright   Copyright (C) 2010-2013 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Menu:ChangeManagement' => 'Administración de Cambios',
 	'Menu:Change:Overview' => 'Resumen de Cambios',
 	'Menu:Change:Overview+' => 'Resumen de Cambios',
@@ -63,7 +63,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 // Class: Change
 //
 
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'Class:Change' => 'Cambio',
 	'Class:Change+' => 'Cambio',
 	'Class:Change/Attribute:status' => 'Estatus',

datamodels/2.x/itop-change-mgmt/module.itop-change-mgmt.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-change-mgmt/2.7.5',
+	'itop-change-mgmt/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/itop-change-mgmt/tr.dict.itop-change-mgmt.php

@@ -38,12 +38,12 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Menu:Changes+' => 'All open changes~~',
 	'Menu:MyChanges' => 'Bana atanan değişiklik istekleri',
 	'Menu:MyChanges+' => 'Bana atanan değişiklik istekleri',
-	'UI-ChangeManagementOverview-ChangeByCategory-last-7-days' => 'Changes by category for the last 7 days~~',
-	'UI-ChangeManagementOverview-Last-7-days' => 'Number of changes for the last 7 days~~',
-	'UI-ChangeManagementOverview-ChangeByDomain-last-7-days' => 'Changes by domain for the last 7 days~~',
-	'UI-ChangeManagementOverview-ChangeByStatus-last-7-days' => 'Changes by status for the last 7 days~~',
-	'Tickets:Related:OpenChanges' => 'Open changes~~',
-	'Tickets:Related:RecentChanges' => 'Recent changes (72h)~~',
+	'UI-ChangeManagementOverview-ChangeByCategory-last-7-days' => 'Son 7 gün için kategoriye göre değişiklikler',
+	'UI-ChangeManagementOverview-Last-7-days' => 'Son 7 gün için değişiklik sayısı',
+	'UI-ChangeManagementOverview-ChangeByDomain-last-7-days' => 'Son 7 gün için etki alanı tarafından yapılan değişiklikler',
+	'UI-ChangeManagementOverview-ChangeByStatus-last-7-days' => 'Son 7 gün için duruma göre değişiklikler',
+	'Tickets:Related:OpenChanges' => 'Açık değişiklikler',
+	'Tickets:Related:RecentChanges' => 'Son değişiklikler (72H)',
 ));
 
 // Dictionnay conventions
@@ -98,9 +98,9 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:Change/Attribute:changemanager_id+' => '~~',
 	'Class:Change/Attribute:changemanager_email' => 'Change manager email~~',
 	'Class:Change/Attribute:changemanager_email+' => '~~',
-	'Class:Change/Attribute:parent_id' => 'Parent change~~',
+	'Class:Change/Attribute:parent_id' => 'Ana Kaynak Değişimi',
 	'Class:Change/Attribute:parent_id+' => '~~',
-	'Class:Change/Attribute:parent_name' => 'Parent change ref~~',
+	'Class:Change/Attribute:parent_name' => 'Ana Kaynak Değişimi Ref',
 	'Class:Change/Attribute:parent_name+' => '~~',
 	'Class:Change/Attribute:creation_date' => 'Yaratıldı',
 	'Class:Change/Attribute:creation_date+' => '~~',
@@ -108,15 +108,15 @@ Dict::Add('TR TR', 'Turkish', 'Türkçe', array(
 	'Class:Change/Attribute:approval_date+' => '~~',
 	'Class:Change/Attribute:fallback_plan' => 'Fallback plan~~',
 	'Class:Change/Attribute:fallback_plan+' => '~~',
-	'Class:Change/Attribute:related_request_list' => 'Related requests~~',
-	'Class:Change/Attribute:related_request_list+' => 'All the user requests linked to this change~~',
-	'Class:Change/Attribute:related_incident_list' => 'Related incidents~~',
-	'Class:Change/Attribute:related_incident_list+' => 'All the incidents linked to this change~~',
-	'Class:Change/Attribute:related_problems_list' => 'Related problems~~',
-	'Class:Change/Attribute:related_problems_list+' => 'All the problems linked to this change~~',
-	'Class:Change/Attribute:child_changes_list' => 'Child changes~~',
-	'Class:Change/Attribute:child_changes_list+' => 'All the sub changes linked to this change~~',
-	'Class:Change/Attribute:parent_id_friendlyname' => 'Parent change friendly name~~',
+	'Class:Change/Attribute:related_request_list' => 'İlgili Talepler',
+	'Class:Change/Attribute:related_request_list+' => 'Bu değişikliğe bağlı tüm kullanıcı istekleri',
+	'Class:Change/Attribute:related_incident_list' => 'İlişkili Olaylar',
+	'Class:Change/Attribute:related_incident_list+' => 'Bu değişikliğe bağlı tüm olaylar',
+	'Class:Change/Attribute:related_problems_list' => 'İlgili problemler',
+	'Class:Change/Attribute:related_problems_list+' => 'Bu değişiklikle bağlantılı tüm problemler',
+	'Class:Change/Attribute:child_changes_list' => 'Alt bağlantı değişiklikleri',
+	'Class:Change/Attribute:child_changes_list+' => 'Bu değişikliğe bağlı tüm alt değişiklikler',
+	'Class:Change/Attribute:parent_id_friendlyname' => 'Ana Kaynak Bilinen Adı',
 	'Class:Change/Attribute:parent_id_friendlyname+' => '~~',
 	'Class:Change/Stimulus:ev_assign' => 'Ata',
 	'Class:Change/Stimulus:ev_assign+' => '~~',

datamodels/2.x/itop-config-mgmt/de.dict.itop-config-mgmt.php

@@ -32,6 +32,8 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
 	'Relation:depends on/Description' => 'Elemente, von denen dieses Element abhängt.',
 	'Relation:depends on/DownStream' => 'Hängt ab von ...',
 	'Relation:depends on/UpStream' => 'Wirkt auf ...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/en.dict.itop-config-mgmt.php

@@ -36,6 +36,8 @@ Dict::Add('EN US', 'English', 'English', array(
 	'Relation:depends on/Description' => 'Elements impacting',
 	'Relation:depends on/DownStream' => 'Depends on...',
 	'Relation:depends on/UpStream' => 'Impacts...',
+	'Relation:impacts/LoadData'       => 'Load data',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag',
 ));
 
 

datamodels/2.x/itop-config-mgmt/fr.dict.itop-config-mgmt.php

@@ -32,6 +32,8 @@ Dict::Add('FR FR', 'French', 'Français', array(
 	'Relation:depends on/Description' => 'Eléments dont dépend',
 	'Relation:depends on/DownStream' => 'Dépend de...',
 	'Relation:depends on/UpStream' => 'Impacte...',
+	'Relation:impacts/LoadData'       => 'Charger les données',
+	'Relation:impacts/NoFilteredData' => 'Veuillez sélectionner des objets dans l\'onglet Graph',
 ));
 
 

datamodels/2.x/itop-config-mgmt/hu.dict.itop-config-mgmt.php

@@ -29,6 +29,8 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
 	'Relation:depends on/Description' => 'Konfigurációs elemtől függnek',
 	'Relation:depends on/DownStream' => 'Függőségek',
 	'Relation:depends on/UpStream' => 'Hatások',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/it.dict.itop-config-mgmt.php

@@ -29,6 +29,8 @@ Dict::Add('IT IT', 'Italian', 'Italiano', array(
 	'Relation:depends on/Description' => 'Elementi di questo elemento dipende da',
 	'Relation:depends on/DownStream' => 'Dipende da...',
 	'Relation:depends on/UpStream' => 'Impatto...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/ja.dict.itop-config-mgmt.php

@@ -29,6 +29,8 @@ Dict::Add('JA JP', 'Japanese', '日本語', array(
 	'Relation:depends on/Description' => 'この要素が依存している要素',
 	'Relation:depends on/DownStream' => '依存...',
 	'Relation:depends on/UpStream' => 'インパクト...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/module.itop-config-mgmt.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-config-mgmt/2.7.5',
+	'itop-config-mgmt/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/itop-config-mgmt/nl.dict.itop-config-mgmt.php

@@ -41,6 +41,8 @@ Dict::Add('NL NL', 'Dutch', 'Nederlands', array(
 	'Relation:depends on/Description' => 'Elementen waarvan dit object afhankelijk van is',
 	'Relation:depends on/DownStream' => 'Is afhankelijk van...',
 	'Relation:depends on/UpStream' => 'Impact op...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/pt_br.dict.itop-config-mgmt.php

@@ -35,6 +35,8 @@ Dict::Add('PT BR', 'Brazilian', 'Brazilian', array(
 	'Relation:depends on/Description' => 'Elementos estes, que dependem deste elemento',
 	'Relation:depends on/DownStream' => 'Depende de...',
 	'Relation:depends on/UpStream' => 'Impactos...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/ru.dict.itop-config-mgmt.php

@@ -22,6 +22,8 @@ Dict::Add('RU RU', 'Russian', 'Русский', array(
 	'Relation:depends on/Description' => 'Элементы, от которых зависит',
 	'Relation:depends on/DownStream' => 'Зависит от...',
 	'Relation:depends on/UpStream' => 'Влияет на...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/sk.dict.itop-config-mgmt.php

@@ -34,6 +34,8 @@ Dict::Add('SK SK', 'Slovak', 'Slovenčina', array(
 	'Relation:depends on/Description' => 'Prvky, od ktorých závisí tento prvok',
 	'Relation:depends on/DownStream' => 'Depends on...~~',
 	'Relation:depends on/UpStream' => 'Impacts...~~',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config-mgmt/zh_cn.dict.itop-config-mgmt.php

@@ -34,6 +34,8 @@ Dict::Add('ZH CN', 'Chinese', '简体中文', array(
 	'Relation:depends on/Description' => '该元素依赖的元素...',
 	'Relation:depends on/DownStream' => '依赖于...',
 	'Relation:depends on/UpStream' => '影响...',
+	'Relation:impacts/LoadData'       => 'Load data~~',
+	'Relation:impacts/NoFilteredData' => 'please select objects in Graphical view tag~~',
 ));
 
 

datamodels/2.x/itop-config/es_cr.dict.itop-config.php

@@ -4,6 +4,7 @@
  *
  * @copyright Copyright (C) 2010-2018 Combodo SARL
  * @license	http://opensource.org/licenses/AGPL-3.0
+ * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com>
  *
  * This file is part of iTop.
  *
@@ -20,7 +21,7 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with iTop. If not, see <http://www.gnu.org/licenses/>
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 
 	'Menu:ConfigEditor' => 'Configuración',
 	'config-edit-title' => 'Editor de Archivo de Configuración',
@@ -34,5 +35,5 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 	'config-reverted' => 'La configuración ha sido revertida.',
 	'config-parse-error' => 'Línea %2$d: %1$s.<br/>El archivo NO ha sido actualizado.',
 	'config-current-line' => 'Editando línea: %1$s',
-	'config-saved-warning-db-password' => 'Successfully recorded, but the backup won\'t work due to unsupported characters in the database password.~~',
+	'config-saved-warning-db-password' => 'Registrado correctamente, pero el respaldo NO funcionará debido a caracteres no admitidos en la contraseña de la base de datos.',
 ));

datamodels/2.x/itop-config/module.itop-config.php

@@ -3,7 +3,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-config/2.7.5',
+	'itop-config/2.7.7',
 	array(
 		// Identification
 		//

datamodels/2.x/itop-config/src/Validator/ConfigNodesVisitor.php

@@ -23,6 +23,7 @@ class ConfigNodesVisitor extends NodeVisitorAbstract
 			Node\Name::class,
 
 			Node\Const_::class,
+			Node\Identifier::class,
 
 			Node\Expr\Array_::class,
 			Node\Expr\ArrayDimFetch::class,
@@ -44,6 +45,7 @@ class ConfigNodesVisitor extends NodeVisitorAbstract
 			Node\Expr\PreDec::class,
 			Node\Expr\PreInc::class,
 			Node\Expr\Print_::class,
+			Node\Stmt\Expression::class,
 			Node\Expr\Ternary::class,
 			Node\Expr\UnaryMinus::class,
 			Node\Expr\UnaryPlus::class,

datamodels/2.x/itop-core-update/cs.dict.itop-core-update.php

@@ -75,6 +75,8 @@ Dict::Add('CS CZ', 'Czech', 'Čeština', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Application can be updated~~',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Application cannot be updated: %1$s~~',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.~~',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start~~',

datamodels/2.x/itop-core-update/da.dict.itop-core-update.php

@@ -75,6 +75,8 @@ Dict::Add('DA DA', 'Danish', 'Dansk', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Application can be updated~~',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Application cannot be updated: %1$s~~',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.~~',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start~~',

datamodels/2.x/itop-core-update/de.dict.itop-core-update.php

@@ -75,6 +75,8 @@ Dict::Add('DE DE', 'German', 'Deutsch', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Anwendungsupgrade kann durchgeführt werden',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Anwendungsupgrade nicht möglich: %1$s',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Einige angepasste Dateien wurden erkannt</b>, eine Teil-Update kann nicht ausgeführt werden.<br/>Befolgen Sie das  <a target="_blank" href="%2$s">Verfahren</a>, um Ihr iTop manuell zu aktualisieren. Sie müssen das <a href="%1$s">Setup</a> benutzen, um Ihre Applikation zu aktualisieren.<br />',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Bereit zum Upgrade',

datamodels/2.x/itop-core-update/en.dict.itop-core-update.php

@@ -75,7 +75,8 @@ Dict::Add('EN US', 'English', 'English', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Application can be updated',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Application cannot be updated: %1$s',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s',
-	'iTopUpdate:UI:CannotUpdateUseSetup' => 'You must use the <a href="%1$s">setup</a> to update the application.<br />Some modified files were detected, a partial update cannot be executed.',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start',

datamodels/2.x/itop-core-update/es_cr.dict.itop-core-update.php

@@ -2,8 +2,9 @@
 /**
  * Localized data
  *
- * @copyright Copyright (C) 2010-2018 Combodo SARL
+ * @copyright Copyright (C) 2010-2021 Combodo SARL
  * @license	http://opensource.org/licenses/AGPL-3.0
+ * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com>
  *
  * This file is part of iTop.
  *
@@ -20,15 +21,15 @@
  * You should have received a copy of the GNU Affero General Public License
  * along with iTop. If not, see <http://www.gnu.org/licenses/>
  */
-Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
 	'iTopUpdate:UI:PageTitle' => 'Actualización de aplicación',
-    'itop-core-update:UI:SelectUpdateFile' => 'Application Upgrade~~',
-    'itop-core-update:UI:ConfirmUpdate' => 'Application Upgrade~~',
-    'itop-core-update:UI:UpdateCoreFiles' => 'Application Upgrade~~',
+    'itop-core-update:UI:SelectUpdateFile' => 'Seleccionar archivo',
+    'itop-core-update:UI:ConfirmUpdate' => 'Confirmar actualización',
+    'itop-core-update:UI:UpdateCoreFiles' => 'Actualizar aplicación',
 	'iTopUpdate:UI:MaintenanceModeActive' => 'La aplicación está actualmente en mantenimiento, ningún usuario puede acceder. UStede debe ejecutar la instalación o restaturar la aplicación para regresar al modo normal.',
-	'itop-core-update:UI:UpdateDone' => 'Application Upgrade~~',
+	'itop-core-update:UI:UpdateDone' => 'Actualización realizada',
 
-	'itop-core-update/Operation:SelectUpdateFile/Title' => 'Application Upgrade~~',
+	'itop-core-update/Operation:SelectUpdateFile/Title' => 'Seleccionar archivo',
 	'itop-core-update/Operation:ConfirmUpdate/Title' => 'Confirmar actualización de la aplicación',
 	'itop-core-update/Operation:UpdateCoreFiles/Title' => 'Actualizando aplicación',
 	'itop-core-update/Operation:UpdateDone/Title' => 'Actualización de aplicación terminada',
@@ -60,21 +61,23 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
     'iTopUpdate:UI:DoBackup:Label' => 'Respaldo de archivos y base de datos',
     'iTopUpdate:UI:DoBackup:Warning' => 'El respaldo no está recomendado por el limitado espacio en el dispositivo',
 
-    'iTopUpdate:UI:DiskFreeSpace' => 'Espaciolibre en el dispositivo',
-    'iTopUpdate:UI:ItopDiskSpace' => 'Espacio en diso de iTop',
-    'iTopUpdate:UI:DBDiskSpace' => 'Espacio en diso de base de datos',
-	'iTopUpdate:UI:FileUploadMaxSize' => 'Máximo tamaño de subida de archivos',
+    'iTopUpdate:UI:DiskFreeSpace' => 'Espacio libre en el dispositivo',
+    'iTopUpdate:UI:ItopDiskSpace' => 'Espacio en disco de iTop',
+    'iTopUpdate:UI:DBDiskSpace' => 'Espacio en disco de base de datos',
+	'iTopUpdate:UI:FileUploadMaxSize' => 'Máximo tamaño de carga de archivos',
 
-	'iTopUpdate:UI:PostMaxSize' => 'Valor post_max_size en PHP ini: %1$s~~',
-	'iTopUpdate:UI:UploadMaxFileSize' => 'Valor upload_max_filesize en PHP ini: %1$s~~',
+	'iTopUpdate:UI:PostMaxSize' => 'Valor post_max_size en PHP ini: %1$s',
+	'iTopUpdate:UI:UploadMaxFileSize' => 'Valor upload_max_filesize en PHP ini: %1$s',
 
     'iTopUpdate:UI:CanCoreUpdate:Loading' => 'Revisando sistema de archivos',
     'iTopUpdate:UI:CanCoreUpdate:Error' => 'La revisión del sistema de archivos falló (%1$s)',
-    'iTopUpdate:UI:CanCoreUpdate:ErrorFileNotExist' => 'La revisión del sistema de archivos falló (Archivo no existe %1$s)~~',
+    'iTopUpdate:UI:CanCoreUpdate:ErrorFileNotExist' => 'La revisión del sistema de archivos falló (Archivo no existe %1$s)',
     'iTopUpdate:UI:CanCoreUpdate:Failed' => 'La revisión del sistema de archivos falló',
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'La aplicación puede ser actualizada',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'La aplicación no puede ser actualizada: %1$s',
-	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Advertencia: la actualización de la aplicación puede fallar: %1$s',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.~~',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Listo para empezar',
@@ -90,12 +93,12 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 
 	// Errors
 	'iTopUpdate:Error:MissingFunction' => 'Imposible comenzar actualización, función no disponible',
-	'iTopUpdate:Error:MissingFile' => 'Archivo no encontrado: %1$s~~',
+	'iTopUpdate:Error:MissingFile' => 'Archivo no encontrado: %1$s',
 	'iTopUpdate:Error:CorruptedFile' => 'El archivo %1$s está corrupto',
     'iTopUpdate:Error:BadFileFormat' => 'El archivo de actualización no es un archivo zip',
     'iTopUpdate:Error:BadFileContent' => 'El archivo de actualización no es correcto',
     'iTopUpdate:Error:BadItopProduct' => 'El archivo de actualización no es compatible con su producto',
-	'iTopUpdate:Error:Copy' => 'Error, no puedo copiar \'%1$s\' a \'%2$s\'~~',
+	'iTopUpdate:Error:Copy' => 'Error, no puedo copiar \'%1$s\' a \'%2$s\'',
     'iTopUpdate:Error:FileNotFound' => 'Archivo no encontrado',
     'iTopUpdate:Error:NoFile' => 'Archivo no seleccionado',
 	'iTopUpdate:Error:InvalidToken' => 'Token inválido',
@@ -104,7 +107,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
 
 	'iTopUpdate:UI:RestoreArchive' => 'Usted puede restaurar su aplicación desde el archivo \'%1$s\'',
 	'iTopUpdate:UI:RestoreBackup' => 'Usted puede restaurar la base de datos desde \'%1$s\'',
-	'iTopUpdate:UI:UpdateDone' => 'Actualización exitosa',
+	'iTopUpdate:UI:UpdateDone' => 'Actualización éxitosa',
 	'Menu:iTopUpdate' => 'Actualización de aplicación',
 	'Menu:iTopUpdate+' => 'Actualización de aplicación',
 
@@ -112,7 +115,7 @@ Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
     'Class:ModuleInstallation/Attribute:installed' => 'Instalado en',
     'Class:ModuleInstallation/Attribute:name' => 'Nombre',
     'Class:ModuleInstallation/Attribute:version' => 'Versión',
-    'Class:ModuleInstallation/Attribute:comment' => 'Commentario',
+    'Class:ModuleInstallation/Attribute:comment' => 'Comentario',
 ));
 
 

datamodels/2.x/itop-core-update/fr.dict.itop-core-update.php

@@ -73,9 +73,10 @@ Dict::Add('FR FR', 'French', 'Français', array(
     'iTopUpdate:UI:CanCoreUpdate:ErrorFileNotExist' => 'Échec de la vérification des fichiers (Fichier manquant %1$s)',
     'iTopUpdate:UI:CanCoreUpdate:Failed' => 'Échec de la vérification des fichiers',
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'L\'application peut être mise à jour',
-    'iTopUpdate:UI:CanCoreUpdate:No' => 'L\'application ne peut pas être mise à jour : %1$s',
+	'iTopUpdate:UI:CanCoreUpdate:No' => 'L\'application ne peut pas être mise à jour : %1$s',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Attention : la mise à jour de l\'application peut échouer : %1$s',
-	'iTopUpdate:UI:CannotUpdateUseSetup' => 'Vous devez utiliser la page <a href="%1$s">d\'installation</a> pour mettre à jour l\'application.<br />Des fichiers modifiés ont été détectés, une mise à jour partielle ne peut pas être effectuée.',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Des fichiers modifiés ont été détectés</b>, une mise à jour partielle ne peut pas être effectuée.<br />Suivez la <a target="_blank" href="%2$s"> procedure</a> pour mettre à jour manuellement votre iTop. Vous devez utiliser la page <a href="%1$s">d\'installation</a> pour mettre à jour l\'application.',
+	'iTopUpdate:UI:CheckInProgress'=>'Veuillez patienter pendant la vérification d\'intégrité',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Prêt pour l\\installation',

datamodels/2.x/itop-core-update/hu.dict.itop-core-update.php

@@ -75,6 +75,8 @@ Dict::Add('HU HU', 'Hungarian', 'Magyar', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Application can be updated~~',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Application cannot be updated: %1$s~~',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.~~',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start~~',

datamodels/2.x/itop-core-update/it.dict.itop-core-update.php

@@ -75,6 +75,8 @@ Dict::Add('IT IT', 'Italian', 'Italiano', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Application can be updated~~',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Application cannot be updated: %1$s~~',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.~~',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start~~',

datamodels/2.x/itop-core-update/ja.dict.itop-core-update.php

@@ -75,6 +75,8 @@ Dict::Add('JA JP', 'Japanese', '日本語', array(
     'iTopUpdate:UI:CanCoreUpdate:Yes' => 'Application can be updated~~',
 	'iTopUpdate:UI:CanCoreUpdate:No' => 'Application cannot be updated: %1$s~~',
 	'iTopUpdate:UI:CanCoreUpdate:Warning' => 'Warning: application update can fail: %1$s~~',
+	'iTopUpdate:UI:CannotUpdateUseSetup' => '<b>Some modified files were detected</b>, a partial update cannot be executed.</br>Follow the <a target="_blank" href="%2$s"> procedure</a> in order to manually upgrade your iTop. You must use the <a href="%1$s">setup</a> to update the application.~~',
+	'iTopUpdate:UI:CheckInProgress'=>'Please wait during integrity check~~',
 
 	// Setup Messages
     'iTopUpdate:UI:SetupMessage:Ready' => 'Ready to start~~',

datamodels/2.x/itop-core-update/module.itop-core-update.php

@@ -24,7 +24,7 @@
 /** @noinspection PhpUnhandledExceptionInspection */
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'itop-core-update/2.7.5',
+	'itop-core-update/2.7.7',
 	array(
 		// Identification
 		//