[WIP][POC] the PhpUnit tests can now build and use various environments

drawbacks: the application startup was emulated since it is not compatible with a custom env. when launched with the CLI (it rely on the session in an incompatible way)

.editorconfig

@@ -90,7 +90,7 @@ ij_xml_attribute_wrap = normal
 ij_xml_block_comment_at_first_column = true
 ij_xml_keep_blank_lines = 2
 ij_xml_keep_indents_on_empty_lines = false
-ij_xml_keep_line_breaks = true
+ij_xml_keep_line_breaks = false
 ij_xml_keep_line_breaks_in_text = true
 ij_xml_keep_whitespaces = false
 ij_xml_keep_whitespaces_around_cdata = preserve
@@ -110,7 +110,6 @@ ij_shell_keep_column_alignment_padding = false
 ij_shell_minify_program = false
 ij_shell_redirect_followed_by_space = false
 ij_shell_switch_cases_indented = false
-ij_shell_use_unix_line_separator = true
 
 [{*.cjs,*.js}]
 indent_style = tab
@@ -280,7 +279,7 @@ ij_javascript_while_brace_force = always
 ij_javascript_while_on_new_line = false
 ij_javascript_wrap_comments = false
 
-[{*.ctp, *.hphp, *.inc, *.module, *.php, *.php4, *.php5, *.phtml}]
+[{*.ctp,*.hphp,*.inc,*.module,*.php,*.php4,*.php5,*.phtml}]
 indent_style = tab
 ij_continuation_indent_size = 4
 ij_smart_tabs = true
@@ -289,8 +288,8 @@ ij_php_align_assignments = false
 ij_php_align_class_constants = false
 ij_php_align_group_field_declarations = false
 ij_php_align_inline_comments = false
-ij_php_align_key_value_pairs = true
-ij_php_align_multiline_array_initializer_expression = true
+ij_php_align_key_value_pairs = false
+ij_php_align_multiline_array_initializer_expression = false
 ij_php_align_multiline_binary_operation = false
 ij_php_align_multiline_chained_methods = false
 ij_php_align_multiline_extends_list = false
@@ -515,7 +514,7 @@ ij_json_wrap_long_lines = false
 indent_style = tab
 ij_smart_tabs = true
 ij_visual_guides = none
-ij_html_add_new_line_before_tags = body,div,p,form,h1,h2,h3
+ij_html_add_new_line_before_tags = body, div, p, form, h1, h2, h3
 ij_html_align_attributes = true
 ij_html_align_text = false
 ij_html_attribute_wrap = normal
@@ -542,21 +541,7 @@ ij_html_space_inside_empty_tag = false
 ij_html_text_wrap = normal
 ij_html_uniform_ident = false
 
-[{*.markdown,*.md}]
-ij_visual_guides = none
-ij_markdown_force_one_space_after_blockquote_symbol = true
-ij_markdown_force_one_space_after_header_symbol = true
-ij_markdown_force_one_space_after_list_bullet = true
-ij_markdown_force_one_space_between_words = true
-ij_markdown_keep_indents_on_empty_lines = false
-ij_markdown_max_lines_around_block_elements = 1
-ij_markdown_max_lines_around_header = 1
-ij_markdown_max_lines_between_paragraphs = 1
-ij_markdown_min_lines_around_block_elements = 1
-ij_markdown_min_lines_around_header = 1
-ij_markdown_min_lines_between_paragraphs = 1
-
-[{*.yaml,*.yml}]
+[{*.yaml, *.yml}]
 indent_size = 2
 ij_visual_guides = none
 ij_yaml_align_values_properties = do_not_align

.gitattributes

@@ -1,48 +0,0 @@
-# Set the default behavior, in case people don't have core.autocrlf set.
-* text=auto
-
-# Explicitly declare text files you want to always be normalized and converted
-# to native line endings on checkout.
-*.bash text eol=lf
-*.bat text eol=lf
-*.cmd text eol=lf
-*.css text eol=lf
-*.scss text eol=lf
-*.dist text eol=lf
-.editorconfig text eol=lf
-.env* text eol=lf
-.gitignore text eol=lf
-.htaccess text eol=lf
-*.htm text eol=lf
-*.html text eol=lf
-*.ini text eol=lf
-*.js text eol=lf
-*.json text eol=lf
-*.lock text eol=lf
-*.md text eol=lf
-*.php text eol=lf
-*.php_cs text eol=lf
-*.php8 text eol=lf
-*.plex text eol=lf
-*.sh text eol=lf
-*.svg text eol=lf
-*.ts text eol=lf
-*.twig text eol=lf
-*.txt text eol=lf
-*.xml text eol=lf
-*.xsd text eol=lf
-*.yaml text eol=lf
-*.yml text eol=lf
-
-# Denote all files that are truly binary and should not be modified.
-*.png binary
-*.jpeg binary
-*.jpg binary
-*.gif binary
-*.ico binary
-*.pdf binary
-*.swf binary
-*.zip binary
-*.ttf binary
-*.woff binary
-*.woff2 binary

.gitignore

@@ -6,6 +6,12 @@
 # maintenance mode (N°2240)
 /.maintenance
 
+# listing prevention in conf directory
+/conf/**
+!/conf/.htaccess
+!/conf/index.php
+!/conf/web.config
+
 # composer reserver directory, from sources, populate/update using "composer install"
 vendor/*
 test/vendor/*
@@ -13,7 +19,6 @@ test/vendor/*
 # all conf but listing prevention
 /conf/**
 !/conf/.htaccess
-!/conf/index.php
 !/conf/web.config
 
 # all datas but listing prevention
@@ -32,13 +37,9 @@ test/vendor/*
 !/log/index.php
 !/log/web.config
 
-# PHPUnit cache file
-/test/.phpunit.result.cache
-
 
 # Jetbrains
 /.idea/**
-!/.idea/IntelliLang.xml
 
 # doc. generation
 /.doc/vendor

.idea/IntelliLang.xml

@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="LanguageInjectionConfiguration">
-    <injection language="InjectablePHP" injector-id="xml">
-      <display-name>iTop - Class method code</display-name>
-      <place><![CDATA[xmlTag().withLocalName(string().equalTo("code"))]]></place>
-      <xpath-condition>name(..) = 'method' and count(/itop_design) = 1</xpath-condition>
-    </injection>
-    <injection language="InjectablePHP" injector-id="xml">
-      <display-name>iTop - Snippet code</display-name>
-      <place><![CDATA[xmlTag().withLocalName(string().equalTo("snippet"))]]></place>
-      <xpath-condition>name(..) = 'snippets' and count(/itop_design) = 1</xpath-condition>
-    </injection>
-  </component>
-</project>

.make/composer/rmDeniedTestDir.php

@@ -36,38 +36,22 @@ clearstatcache();
 $oiTopComposer = new iTopComposer();
 $aDeniedButStillPresent = $oiTopComposer->ListDeniedButStillPresent();
 
-echo "\n";
 foreach ($aDeniedButStillPresent as $sDir)
 {
-	if (false === iTopComposer::IsTestDir($sDir))
+	if (! preg_match('#[tT]ests?/?$#', $sDir))
 	{
-		echo "ERROR found INVALID denied test dir: '$sDir'\n";
+		echo "\nfound INVALID denied test dir: '$sDir'\n";
 		throw new \Exception("$sDir must end with /Test/ or /test/");
 	}
 
-	if (false === file_exists($sDir)) {
-		echo "INFO $sDir is in denied list, but not existing on disk => skipping !\n";
-		continue;
-	}
-
-	try {
+	try
+	{
 		SetupUtils::rrmdir($sDir);
-		echo "OK Remove denied test dir: '$sDir'\n";
+		echo "Remove denied test dir: '$sDir'\n";
 	}
-	catch (\Exception $e) {
+	catch (\Exception $e)
+	{
 		echo "\nFAILED to remove denied test dir: '$sDir'\n";
 	}
-}
 
-
-$aAllowedAndDeniedDirs = array_merge(
-	$oiTopComposer->ListAllowedTestDir(),
-	$oiTopComposer->ListDeniedTestDir()
-);
-$aExistingDirs = $oiTopComposer->ListAllTestDir();
-$aMissing = array_diff($aExistingDirs, $aAllowedAndDeniedDirs);
-if (false === empty($aMissing)) {
-	echo "Some new tests dirs exists !\n"
-		.'  They must be declared either in the allowed or denied list in '.iTopComposer::class." (see N°2651).\n"
-		.'  List of dirs:'."\n".var_export($aMissing, true);
 }

.make/license/updateLicenses.php

@@ -1,22 +1,7 @@
 <?php
 /**
- * script used to sort license file (useful for autogeneration)
- *
- * Requirements :
- *  * bash (on Windows, use Git Bash)
- *  * composer (if you use the phar version, mind to create a `Composer` alias !)
- *  * JQ command
- *    to install on Windows :
- *       `curl -L -o /usr/bin/jq.exe https://github.com/stedolan/jq/releases/latest/download/jq-win64.exe`
- *    this is a Windows port : https://stedolan.github.io/jq/
- *
- * Licenses sources :
- *  * `composer licenses --format json` (see https://getcomposer.org/doc/03-cli.md#licenses)
- *  * keep every existing nodes with `/licenses/license[11]/product/@scope` not in ['lib', 'datamodels']
- *    ⚠ If licenses were added manually, they might be removed by this tool ! Be very careful to check for the result before pushing !
- *
- * To launch, check requirements and run `php updateLicenses.php`
- * The target license file path is in `$xmlFilePath`
+ * script used to sort license file (usefull for autogeneration)
+ * Example: php 
  */
 
 $iTopFolder = __DIR__ . "/../../" ;
@@ -66,83 +51,39 @@ function get_license_nodes($file_path)
 	$xp = new DOMXPath($dom);
 
 	$licenseList = $xp->query('/licenses/license');
-	$licenses    = iterator_to_array($licenseList);
+	$licenses = iterator_to_array($licenseList);
 
 	usort($licenses, 'sort_by_product');
-
 	return $licenses;
 }
 
-/** @noinspection SuspiciousAssignmentsInspection */
-function fix_product_name(DOMNode &$oProductNode)
-{
-	$sProductNameOrig = $oProductNode->nodeValue;
-
-	// sample : `C:\Dev\wamp64\www\itop-27\.make\license/../..//lib/symfony/polyfill-ctype`
-	$sProductNameFixed = remove_dir_from_string($sProductNameOrig, 'lib/');
-
-	// sample : `C:\Dev\wamp64\www\itop-27\.make\license/../..//datamodels/2.x/authent-cas/vendor/apereo/phpcas`
-	$sProductNameFixed = remove_dir_from_string($sProductNameFixed, 'vendor/');
-
-	$oProductNode->nodeValue = $sProductNameFixed;
-}
-
-function remove_dir_from_string($sString, $sNeedle)
-{
-	if (strpos($sString, $sNeedle) === false) {
-		return $sString;
-	}
-
-	$sStringTmp   = strstr($sString, $sNeedle);
-	$sStringFixed = str_replace($sNeedle, '', $sStringTmp);
-
-	// DEBUG trace O:)
-//	echo "$sNeedle = $sString => $sStringFixed\n";
-
-	return $sStringFixed;
-}
-
 $old_licenses = get_license_nodes($xmlFilePath);
 
 //generate file with updated licenses
 $generated_license_file_path = __DIR__."/provfile.xml";
-echo "- Generating licences...";
-exec("bash ".__DIR__."/gen-community-license.sh $iTopFolder > ".$generated_license_file_path);
-echo "OK!\n";
-
-echo "- Get licenses nodes...";
+exec("bash " . __DIR__ . "/gen-community-license.sh $iTopFolder > ". $generated_license_file_path);
 $new_licenses = get_license_nodes($generated_license_file_path);
-unlink($generated_license_file_path);
+exec("rm -f ". $generated_license_file_path);
 
 foreach ($old_licenses as $b) {
 	$aProductNode = get_product_node($b);
 
-	if (get_scope($aProductNode) !== "lib" && get_scope($aProductNode) !== "datamodels") {
+	if (get_scope($aProductNode) !== "lib" && get_scope($aProductNode) !== "datamodels" )
+	{
 		$new_licenses[] = $b;
 	}
 }
 
 usort($new_licenses, 'sort_by_product');
-echo "OK!\n";
 
-echo "- Overwritting Combodo license file...";
 $new_dom = new DOMDocument("1.0");
 $new_dom->formatOutput = true;
 $root = $new_dom->createElement("licenses");
 $new_dom->appendChild($root);
 
 foreach ($new_licenses as $b) {
-	$node = $new_dom->importNode($b, true);
-
-	// N°3870 fix when running script in Windows
-	// fix should be in gen-community-license.sh but it is easier to do it here !
-	if (strncasecmp(PHP_OS, 'WIN', 3) === 0) {
-		$oProductNodeOrig = get_product_node($node);
-		fix_product_name($oProductNodeOrig);
-	}
-
-	$root->appendChild($node);
+	$node = $new_dom->importNode($b,true);
+	$root->appendChild($new_dom->importNode($b,true));
 }
 
-$new_dom->save($xmlFilePath);
-echo "OK!\n";
+$new_dom->save($xmlFilePath);

.make/release/changelog.php

@@ -1,77 +0,0 @@
-<?php
-/**
- * Usage :
- * `php changelog.php 2.7.4`
- *
- * As argument is passed the git ref (tag name or sha1) we want to use as reference
- *
- * Outputs :
- *
- * 1. List of bugs as CSV :
- * bug ref;link
- * Example :
- * <code>
- * Bug_ref;Bug_URL;sha1
- * 1234;https://support.combodo.com/pages/UI.php?operation=details&class=Bug&id=1234;949b213f9|b1ca1f263|a1271da74
- * </code>
- *
- * 2. List of commits sha1/message without bug ref
- * Example :
- * <code>
- * sha1;subject
- * a6aa183e2;:bookmark: Prepare 2.7.5
- * </code>
- */
-
-
-if (count($argv) === 1) {
-	echo '⚠ You must pass the base tag/sha1 as parameter';
-	exit(1);
-}
-$sBaseReference = $argv[1];
-
-
-//--- Get log
-$sGitLogCommand = 'git log --decorate --pretty="%h;%s" --date-order --no-merges '.$sBaseReference.'..HEAD';
-$sGitLogRaw = shell_exec($sGitLogCommand);
-
-
-//--- Analyze log
-$aGitLogLines = preg_split('/\n/', trim($sGitLogRaw));;
-$aLogLinesWithBugRef = [];
-$aLogLineNoBug = [];
-foreach ($aGitLogLines as $sLogLine) {
-	$sBugRef = preg_match('/[nN]°(\d{3,4})/', $sLogLine, $aLineBugRef);
-	if (($sBugRef === false) || empty($aLineBugRef)) {
-		$aLogLineNoBug[] = $sLogLine;
-		continue;
-	}
-
-	$iBugId = $aLineBugRef[1];
-	$sSha = substr($sLogLine, 0, 9);
-
-	if (array_key_exists($iBugId, $aLogLinesWithBugRef)) {
-		$aBugShaRefs = $aLogLinesWithBugRef[$iBugId];
-		$aBugShaRefs[] = $sSha;
-		$aLogLinesWithBugRef[$iBugId] = $aBugShaRefs;
-	} else {
-		$aLogLinesWithBugRef[$iBugId] = [$sSha];
-	}
-}
-$aBugsList = array_keys($aLogLinesWithBugRef);
-sort($aBugsList, SORT_NUMERIC);
-
-
-//-- Output results
-echo "# Bugs included\n";
-echo "Bug_ref;Bug_URL;sha1\n";
-foreach ($aBugsList as $sBugRef) {
-	$sShaRefs = implode('|', $aLogLinesWithBugRef[$sBugRef]);
-	echo "{$sBugRef};https://support.combodo.com/pages/UI.php?operation=details&class=Bug&id={$sBugRef};$sShaRefs\n";
-}
-echo "\n";
-echo "# Logs line without bug referenced\n";
-echo "sha1;subject\n";
-foreach ($aLogLineNoBug as $sLogLine) {
-	echo "$sLogLine\n";
-}

.make/release/update-versions.php

@@ -27,7 +27,6 @@ $aFilesUpdaters = array(
 	new iTopVersionFileUpdater(),
 	new CssVariablesFileUpdater(),
 	new DatamodelsModulesFiles(),
-	new ConstantFileUpdater('ITOP_CORE_VERSION', 'approot.inc.php'),
 );
 
 if (count($argv) === 1)

.make/release/update.classes.inc.php

@@ -69,40 +69,6 @@ abstract class AbstractSingleFileVersionUpdater extends FileVersionUpdater
 	}
 }
 
-/**
- * @since 2.7.7 3.0.1 3.1.0 N°4714
- */
-class ConstantFileUpdater extends AbstractSingleFileVersionUpdater {
-	/** @var string */
-	private $sConstantName;
-
-	/**
-	 * @param $sConstantName constant to search, for example `ITOP_CORE_VERSION`
-	 * @param $sFileToUpdate file containing constant definition
-	 */
-	public function __construct($sConstantName, $sFileToUpdate)
-	{
-		$this->sConstantName = $sConstantName;
-		parent::__construct($sFileToUpdate);
-	}
-
-	/**
-	 * @inheritDoc
-	 */
-	public function UpdateFileContent($sVersionLabel, $sFileContent, $sFileFullPath)
-	{
-		$sConstantSearchPattern = <<<REGEXP
-/define\('{$this->sConstantName}', ?'[^']+'\);/
-REGEXP;
-
-		return preg_replace(
-			$sConstantSearchPattern,
-			"define('{$this->sConstantName}', '{$sVersionLabel}');",
-			$sFileContent
-		);
-	}
-}
-
 class iTopVersionFileUpdater extends AbstractSingleFileVersionUpdater
 {
 	public function __construct()

CONTRIBUTING.md

@@ -111,9 +111,9 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 * Use the present tense ("Add feature" not "Added feature")
 * Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
 * Limit the first line to 72 characters or less
-* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.dev/)).  
-  Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
-  Emoji examples :
+* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.carloscuesta.me/)).  
+ Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
+ Emoji examples :
     * 🌐 `:globe_with_meridians:` for translations
     * 🎨 `:art:` when improving the format/structure of the code
     * ⚡️ `:zap:` when improving performance
@@ -132,7 +132,7 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 
 When your code is working, please:
 
-* squash as much as possible your commits,
+* stash as much as possible your commits,
 * rebase your branch on our repo last commit,
 * create a pull request.
 

README.md

@@ -21,19 +21,6 @@ iTop also offers mass import tools and web services to integrate with your IT
 - [Data synchronization][18] (for data federation)
 
 
-## Latest release
-
-- [Changes since the previous version][62]
-- [New features][63]
-- [Installation notes][64]
-- [Download][65]
-
-[62]: https://www.itophub.io/wiki/page?id=latest:release:change_log
-[63]: https://www.itophub.io/wiki/page?id=latest:release:start
-[64]: https://www.itophub.io/wiki/page?id=latest:install:start
-[65]: https://sourceforge.net/projects/itop/files/latest/download
-
-
 ## Resources
 
  - [iTop Forums][1]: community support
@@ -62,6 +49,47 @@ iTop also offers mass import tools and web services to integrate with your IT
 
 
 
+## Last releases
+
+### Versions 2.7.*
+ - 2.7.1 published on April 8, 2020
+ - [Changes since the previous version][62]
+ - [New features][63]
+ - [Migration notes][64]
+ - [Download iTop 2.7.0-2][65]
+
+[62]: https://www.itophub.io/wiki/page?id=2_7_0:release:change_log
+[63]: https://www.itophub.io/wiki/page?id=2_7_0:release:2_7_whats_new
+[64]: https://www.itophub.io/wiki/page?id=2_7_0:install:260_to_270_migration_notes
+[65]: https://sourceforge.net/projects/itop/files/itop/2.7.0-2
+
+
+### Versions 2.6.*
+ - 2.6.0 published on January 9, 2019
+ - [Changes since the previous version][58]
+ - [New features][59]
+ - [Migration notes][60]
+ - [Download iTop 2.6.3][61]
+
+[58]: https://www.itophub.io/wiki/page?id=2_6_0:release:change_log
+[59]: https://www.itophub.io/wiki/page?id=2_6_0:release:2_6_whats_new
+[60]: https://www.itophub.io/wiki/page?id=2_6_0:install:250_to_260_migration_notes
+[61]: https://sourceforge.net/projects/itop/files/itop/2.6.3
+
+
+### Versions 2.5.*
+ - 2.5.0 published on July 11, 2018
+ - [Changes since the previous version][54]
+ - [New features][55]
+ - [Migration notes][56]
+ - [Download iTop 2.5.1][57]
+
+[54]: https://www.itophub.io/wiki/page?id=2_5_0:release:change_log
+[55]: https://www.itophub.io/wiki/page?id=2_5_0:release:2_5_whats_new
+[56]: https://www.itophub.io/wiki/page?id=2_5_0:install:240_to_250_migration_notes
+[57]: https://sourceforge.net/projects/itop/files/itop/2.5.1
+
+
 ## About Us
 
 iTop development is sponsored, led and supported by [Combodo][0].
@@ -95,9 +123,8 @@ We would like to give a special thank you to the people from the community who c
  - Lassiter, Dennis
  - Lazcano, Federico
  - Lucas, Jonathan
-- Malik, Remie
-- Mindêllo de Andrade, Lucas (a.k.a @rokam)
-- Rosenke, Stephan
+ - Malik, Remie
+ - Rosenke, Stephan
  - Seki, Shoji
  - Shilov, Vladimir
  - Tulio, Marco

addons/userrights/userrightsprofile.class.inc.php

@@ -23,7 +23,7 @@ define('PORTAL_PROFILE_NAME', 'Portal user');
 class UserRightsBaseClassGUI extends cmdbAbstractObject
 {
 	// Whenever something changes, reload the privileges
-
+	
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -73,7 +73,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	}
 
 	protected static $m_aCacheProfiles = null;
-
+	
 	public static function DoCreateProfile($sName, $sDescription)
 	{
 		if (is_null(self::$m_aCacheProfiles))
@@ -85,7 +85,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheProfiles[$oProfile->Get('name')] = $oProfile->GetKey();
 			}
-		}
+		}	
 
 		$sCacheKey = $sName;
 		if (isset(self::$m_aCacheProfiles[$sCacheKey]))
@@ -96,10 +96,10 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('name', $sName);
 		$oNewObj->Set('description', $sDescription);
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheProfiles[$sCacheKey] = $iId;
+		self::$m_aCacheProfiles[$sCacheKey] = $iId;	
 		return $iId;
 	}
-
+	
 	function GetGrantAsHtml($oUserRights, $sClass, $sAction)
 	{
 		$bGrant = $oUserRights->GetProfileActionGrant($this->GetKey(), $sClass, $sAction);
@@ -116,7 +116,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			return '<span style="background-color: #ffdddd;">'.Dict::S('UI:UserManagement:ActionAllowed:No').'</span>';
 		}
 	}
-
+	
 	function DoShowGrantSumary($oPage)
 	{
 		if ($this->GetRawName() == "Administrator")
@@ -128,7 +128,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 
 		// Note: for sure, we assume that the instance is derived from UserRightsProfile
 		$oUserRights = UserRights::GetModuleInstance();
-
+	
 		$aDisplayData = array();
 		foreach (MetaModel::GetClasses('bizmodel,grant_by_profile') as $sClass)
 		{
@@ -137,12 +137,12 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				$bGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if ($bGrant === true)
-				{
+				{ 
 					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
-
+			
 			$aDisplayData[] = array(
 				'class' => MetaModel::GetName($sClass),
 				'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'r'),
@@ -154,7 +154,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				'stimuli' => $sStimuli,
 			);
 		}
-
+	
 		$aDisplayConfig = array();
 		$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
 		$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
@@ -214,7 +214,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	 * @param $aReasons array To store the reasons why the attribute is read-only (info about the synchro replicas)
 	 * @param $sTargetState string The target state in which to evalutate the flags, if empty the current state will be used
 	 * @return integer Flags: the binary combination of the flags applicable to this attribute
-	 */
+	 */	 	  	 	
 	public function GetAttributeFlags($sAttCode, &$aReasons = array(), $sTargetState = '')
 	{
 		$iFlags = parent::GetAttributeFlags($sAttCode, $aReasons, $sTargetState);
@@ -397,7 +397,7 @@ class URP_UserOrg extends UserRightsBaseClassGUI
 	{
 		if (!UserRights::IsLoggedIn() || UserRights::IsAdministrator()) { return; }
 
-		$oUser = UserRights::GetUserObject();
+		$oUser = UserRights::GetUserObject();		
 		$oAddon = UserRights::GetModuleInstance();
 		$aOrgs = $oAddon->GetUserOrgs($oUser, '');
 		if (count($aOrgs) > 0)
@@ -521,7 +521,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 				$oSearch->AllowAllData();
 				$oCondition = new BinaryExpression(new FieldExpression('userid'), '=', new VariableExpression('userid'));
 				$oSearch->AddConditionExpression($oCondition);
-
+				
 				$oUserOrgSet = new DBObjectSet($oSearch, array(), array('userid' => $iUser));
 				while ($oUserOrg = $oUserOrgSet->Fetch())
 				{
@@ -646,10 +646,8 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		// load and cache permissions for the current user on the given class
 		//
 		$iUser = $oUser->GetKey();
-		if (isset($this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode])){
-			$aTest = $this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
-			if (is_array($aTest)) return $aTest;
-		}
+		$aTest = @$this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
+		if (is_array($aTest)) return $aTest;
 
 		$sAction = self::$m_aActionCodes[$iActionCode];
 
@@ -815,8 +813,8 @@ class UserRightsProfile extends UserRightsAddOnAPI
 
 	/**
 	 * Find out which attribute is corresponding the the dimension 'owner org'
-	 * returns null if no such attribute has been found (no filtering should occur)
-	 */
+	 * returns null if no such attribute has been found (no filtering should occur)	 
+	 */	 	
 	public static function GetOwnerOrganizationAttCode($sClass)
 	{
 		$sAttCode = null;

application/applicationextension.inc.php

@@ -72,14 +72,15 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension
 	/**
 	 * @inheritDoc
 	 */
-	abstract public function ListSupportedLoginModes();
+	public abstract function ListSupportedLoginModes();
 
 	/**
 	 * @inheritDoc
 	 */
 	public function LoginAction($sLoginState, &$iErrorCode)
 	{
-		switch ($sLoginState) {
+		switch ($sLoginState)
+		{
 			case LoginWebPage::LOGIN_STATE_START:
 				return $this->OnStart($iErrorCode);
 
@@ -1083,11 +1084,11 @@ abstract class AbstractPageUIExtension implements iPageUIExtension
 /**
  * Implement this interface to add content to any enhanced portal page
  *
+ * IMPORTANT! Experimental API, may be removed at anytime, we don't recommend to use it just now!
+ *
  * @api
  * @package     Extensibility
- *
- * @since 2.4.0 interface creation
- * @since 2.7.0 change method signatures due to Silex to Symfony migration
+ * @since 2.4.0
  */
 interface iPortalUIExtension
 {
@@ -1160,11 +1161,7 @@ interface iPortalUIExtension
 }
 
 /**
- * Extend this class instead of iPortalUIExtension if you don't need to overload all methods
- *
- * @api
- * @package     Extensibility
- * @since       2.4.0
+ * IMPORTANT! Experimental API, may be removed at anytime, we don't recommend to use it just now!
  */
 abstract class AbstractPortalUIExtension implements iPortalUIExtension
 {

application/cmdbabstract.class.inc.php

@@ -541,7 +541,7 @@ EOF
 				{
 					continue;
 				}
-				$oPage->AddAjaxTab( 'Class:'.$sClass.'/Attribute:'.$sAttCode, utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=dashboard&class='.get_class($this).'&id='.$this->GetKey().'&attcode='.$oAttDef->GetCode(), true, $oAttDef->GetLabel());
+				$oPage->AddAjaxTab($oAttDef->GetLabel(), utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=dashboard&class='.get_class($this).'&id='.$this->GetKey().'&attcode='.$oAttDef->GetCode(), true, 'Class:'.$sClass.'/Attribute:'.$sAttCode);
 				continue;
 			}
 
@@ -1557,9 +1557,6 @@ HTML
 	 * @param array $aParams
 	 *
 	 * @throws \Exception
-	 *  only used in old and deprecated export.php
-	 *
-	 * @internal Only to be used by `/webservices/export.php` : this is a legacy method that produces wrong HTML (no TR on table body rows)
 	 */
 	public static function DisplaySetAsHTMLSpreadsheet(WebPage $oPage, CMDBObjectSet $oSet, $aParams = array())
 	{
@@ -1580,8 +1577,6 @@ HTML
 	 * @throws \MySQLException
 	 * @throws \MySQLHasGoneAwayException
 	 * @throws \Exception
-	 * 
-	 * @internal Only to be used by `/webservices/export.php` : this is a legacy method that produces wrong HTML (no TR on table body rows)
 	 */
 	public static function GetSetAsHTMLSpreadsheet(DBObjectSet $oSet, $aParams = array())
 	{
@@ -4735,15 +4730,11 @@ EOF
 			$sCSSClass = $bResult ? HILIGHT_CLASS_NONE : HILIGHT_CLASS_CRITICAL;
 			$sChecked = $bResult ? 'checked' : '';
 			$sDisabled = $bResult ? '' : 'disabled';
-
-			$aErrorsToDisplay = array_map(function($sError) {
-				return utils::HtmlEntities($sError);
-			}, $aErrors);
 			$aRows[] = array(
 				'form::select' => "<input type=\"checkbox\" class=\"selectList\" $sChecked $sDisabled\"></input>",
 				'object' => $oObj->GetHyperlink(),
 				'status' => $sStatus,
-				'errors' => '<p>'.($bResult ? '' : implode('</p><p>', $aErrorsToDisplay)).'</p>',
+				'errors' => '<p>'.($bResult ? '' : implode('</p><p>', $aErrors)).'</p>',
 				'@class' => $sCSSClass,
 			);
 			if ($bResult && (!$bPreview))

application/dashboard.class.inc.php

@@ -852,29 +852,28 @@ class RuntimeDashboard extends Dashboard
 	{
 		$bCustomized = false;
 
-		$sDashboardFileSanitized = utils::RealPath($sDashboardFile, APPROOT);
-		if (false === $sDashboardFileSanitized) {
-			throw new SecurityException('Invalid dashboard file !');
-		}
-
-		if (!appUserPreferences::GetPref('display_original_dashboard_'.$sDashBoardId, false)) {
+		if (!appUserPreferences::GetPref('display_original_dashboard_'.$sDashBoardId, false))
+		{
 			// Search for an eventual user defined dashboard
 			$oUDSearch = new DBObjectSearch('UserDashboard');
 			$oUDSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
 			$oUDSearch->AddCondition('menu_code', $sDashBoardId, '=');
 			$oUDSet = new DBObjectSet($oUDSearch);
-			if ($oUDSet->Count() > 0) {
+			if ($oUDSet->Count() > 0)
+			{
 				// Assuming there is at most one couple {user, menu}!
 				$oUserDashboard = $oUDSet->Fetch();
 				$sDashboardDefinition = $oUserDashboard->Get('contents');
 				$bCustomized = true;
-			} else {
-				$sDashboardDefinition = @file_get_contents($sDashboardFileSanitized);
+			}
+			else
+			{
+				$sDashboardDefinition = @file_get_contents($sDashboardFile);
 			}
 		}
 		else
 		{
-			$sDashboardDefinition = @file_get_contents($sDashboardFileSanitized);
+			$sDashboardDefinition = @file_get_contents($sDashboardFile);
 		}
 
 		if ($sDashboardDefinition !== false)
@@ -882,7 +881,7 @@ class RuntimeDashboard extends Dashboard
 			$oDashboard = new RuntimeDashboard($sDashBoardId);
 			$oDashboard->FromXml($sDashboardDefinition);
 			$oDashboard->SetCustomFlag($bCustomized);
-			$oDashboard->SetDefinitionFile($sDashboardFileSanitized);
+			$oDashboard->SetDefinitionFile($sDashboardFile);
 		}
 		else
 		{
@@ -1478,29 +1477,6 @@ JS
 		return $this->sDefinitionFile;
 	}
 
-	/**
-	 * @param string $sDashboardFileRelative can also be an absolute path (compatibility with old URL)
-	 *
-	 * @return string full path to the Dashboard file
-	 * @throws \SecurityException if path isn't under approot
-	 * @uses utils::RealPath()
-	 * @since 2.7.8 3.0.3 3.1.0 N°4449 remove FPD
-	 */
-	public static function GetDashboardFileFromRelativePath($sDashboardFileRelative)
-	{
-		if (utils::RealPath($sDashboardFileRelative, APPROOT)) {
-			// compatibility with old URL containing absolute path !
-			return $sDashboardFileRelative;
-		}
-
-		$sDashboardFile = APPROOT.$sDashboardFileRelative;
-		if (false === utils::RealPath($sDashboardFile, APPROOT)) {
-			throw new SecurityException('Invalid dashboard file !');
-		}
-
-		return $sDashboardFile;
-	}
-
 	/**
 	 * @param string $sDefinitionFile
 	 */

application/dashlet.class.inc.php

@@ -255,7 +255,7 @@ abstract class Dashlet
 		catch(OqlException $e)
 		{
 			$oPage->add('<div class="dashlet-content">');
-			$oPage->p(utils::HtmlEntities($e->GetUserFriendlyDescription()));
+			$oPage->p($e->GetUserFriendlyDescription());
 			$oPage->add('</div>');
 		}
 		catch(Exception $e)

application/displayblock.class.inc.php

@@ -324,10 +324,8 @@ class DisplayBlock
 	 * @throws DictExceptionMissingString
 	 * @throws MySQLException
 	 * @throws Exception
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 add type hinting to $aExtraParams
 	 */
-	public function GetRenderContent(WebPage $oPage, array $aExtraParams, $sId)
+	public function GetRenderContent(WebPage $oPage, $aExtraParams, $sId)
 	{
 		$sHtml = '';
 		// Add the extra params into the filter if they make sense for such a filter
@@ -853,7 +851,7 @@ class DisplayBlock
 				foreach($aStates as $sStateValue)
 				{
 					$sHtmlValue=$aGroupBy['group1']->MakeValueLabel($this->m_oFilter, $sStateValue, $sStateValue);
-					$aStateLabels[$sStateValue] = strip_tags($sHtmlValue);
+					$aStateLabels[$sStateValue] = html_entity_decode(strip_tags($sHtmlValue), ENT_QUOTES, 'UTF-8');
 
 					$aCounts[$sStateValue] = (array_key_exists($sStateValue, $aCountsQueryResults))
 						? $aCountsQueryResults[$sStateValue]
@@ -1420,25 +1418,8 @@ class HistoryBlock extends DisplayBlock
 		$this->iLimitStart = $iStart;
 		$this->iLimitCount = $iCount;
 	}
-
-	/**
-	 * @param \WebPage $oPage
-	 * @param array $aExtraParams
-	 * @param string $sId
-	 *
-	 * @return string
-	 * @throws \ArchivedObjectException
-	 * @throws \CoreException
-	 * @throws \CoreUnexpectedValue
-	 * @throws \DictExceptionMissingString
-	 * @throws \MissingQueryArgument
-	 * @throws \MySQLException
-	 * @throws \MySQLHasGoneAwayException
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aExtraParams and add type hinting for PHP 8.0 compatibility
-	 *      (var is unused, and all calls were already made using a default value)
-	 */
-	public function GetRenderContent(WebPage $oPage, array $aExtraParams, $sId)
+	
+	public function GetRenderContent(WebPage $oPage, $aExtraParams = array(), $sId)
 	{
 		$sHtml = '';
 		$bTruncated = false;
@@ -1577,10 +1558,8 @@ class MenuBlock extends DisplayBlock
 	 * @throws \Exception
 	 * @throws \MissingQueryArgument
 	 * @throws \MySQLException
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value and add type hinting on $aExtraParams for PHP 8.0 compatibility
 	 */
-	public function GetRenderContent(WebPage $oPage, array $aExtraParams, $sId)
+	public function GetRenderContent(WebPage $oPage, $aExtraParams = array(), $sId)
 	{
 		if ($this->m_sStyle == 'popup') // popup is a synonym of 'list' for backward compatibility
 		{

application/forms.class.inc.php

@@ -1223,7 +1223,7 @@ class DesignerComboField extends DesignerFormField
 		$sChecked = $this->defaultValue ? 'checked' : '';
 		$sMandatory = $this->bMandatory ? 'true' :  'false';
 		$sReadOnly = $this->IsReadOnly() ? 'disabled="disabled"' :  '';
-		if ($this->IsSorted() )
+		if ($this->IsSorted())
 		{
 			asort($this->aAllowedValues);
 		}
@@ -1271,14 +1271,18 @@ class DesignerComboField extends DesignerFormField
 					$sHtml .= "<option value=\"\">".$this->sNullLabel."</option>";
 				}
 			}
-			foreach ($this->aAllowedValues as $sKey => $sDisplayValue) {
-				if ($this->bMultipleSelection) {
+			foreach($this->aAllowedValues as $sKey => $sDisplayValue)
+			{
+				if ($this->bMultipleSelection)
+				{
 					$sSelected = in_array($sKey, $this->defaultValue) ? 'selected' : '';
-				} else {
+				}
+				else
+				{
 					$sSelected = ($sKey == $this->defaultValue) ? 'selected' : '';
 				}
 				// Quick and dirty: display the menu parents as a tree
-				$sHtmlValue = str_replace(' ', '&nbsp;', $sDisplayValue);
+				$sHtmlValue = str_replace(' ', '&nbsp;', htmlentities($sDisplayValue, ENT_QUOTES, 'UTF-8'));
 				$sHtml .= "<option value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\" $sSelected>$sHtmlValue</option>";
 			}
 			$sHtml .= "</select>";

application/itopwebpage.class.inc.php

@@ -354,15 +354,14 @@ JS
 		);
 		
 		// Highlight code content created with CKEditor
-		// Note: We check for the <code> tag inside the <pre> tag to only target code from CKEditor, otherwise we might highlight some others things. See N°3810
 		$this->add_ready_script(
 			<<<JS
 		// Highlight code content for HTML AttributeText
-        $("[data-attribute-type='AttributeText'] .HTML pre > code").parent().each(function(i, block) {
+        $("[data-attribute-type='AttributeText'] .HTML pre").each(function(i, block) {
             hljs.highlightBlock(block);
         });        
 		// Highlight code content for CaseLogs
-		$("[data-attribute-type='AttributeCaseLog'] .caselog_entry_html pre > code").parent().each(function(i, block) {
+		$("[data-attribute-type='AttributeCaseLog'] .caselog_entry_html pre").each(function(i, block) {
             hljs.highlightBlock(block);
         });
 JS
@@ -624,7 +623,7 @@ JS
 	ShowDebug();
 	$('#logOffBtn>ul').popupmenu();
 	
-	$('body').on('click', '.caselog_header', function () { $(this).toggleClass('open').next('.caselog_entry,.caselog_entry_html').toggle(); });
+	$('.caselog_header').click( function () { $(this).toggleClass('open').next('.caselog_entry,.caselog_entry_html').toggle(); });
 	
 	$(document).ajaxSend(function(event, jqxhr, options) {
 		jqxhr.setRequestHeader('X-Combodo-Ajax', 'true');

application/loginbasic.class.inc.php

@@ -59,8 +59,6 @@ class LoginBasic extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			// Save the checked user
-			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -69,7 +67,7 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if ($_SESSION['login_mode'] == 'basic')
 		{
-			$sAuthUser = $_SESSION['auth_user'];
+			list($sAuthUser) = $this->GetAuthUserAndPassword();
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginexternal.class.inc.php

@@ -43,8 +43,6 @@ class LoginExternal extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			// Save the checked user
-			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -53,7 +51,7 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if ($_SESSION['login_mode'] == 'external')
 		{
-			$sAuthUser = $_SESSION['auth_user'];
+			$sAuthUser = $this->GetAuthUser();
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginform.class.inc.php

@@ -71,8 +71,6 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			// Save the checked user
-			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -84,7 +82,15 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 	{
 		if ($_SESSION['login_mode'] == 'form')
 		{
-			$sAuthUser = $_SESSION['auth_user'];
+			if (isset($_SESSION['auth_user']))
+			{
+				// If FSM reenter this state (example 2FA) then the auth_user is not resubmitted
+				$sAuthUser = $_SESSION['auth_user'];
+			}
+			else
+			{
+				$sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data');
+			}
 			// Store 'auth_user' in session for further use
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}

application/loginurl.class.inc.php

@@ -58,8 +58,6 @@ class LoginURL extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			// Save the checked user
-			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -68,7 +66,7 @@ class LoginURL extends AbstractLoginFSMExtension
 	{
 		if ($_SESSION['login_mode'] == 'url')
 		{
-			$sAuthUser = $_SESSION['auth_user'];
+			$sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data');
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginwebpage.class.inc.php

@@ -208,7 +208,7 @@ class LoginWebPage extends NiceWebPage
 				}
 
 				// This token allows the user to change the password without knowing the previous one
-				$sToken = bin2hex(random_bytes(32));
+				$sToken = substr(md5(APPROOT.uniqid()), 0, 16);
 				$oUser->Set('reset_pwd_token', $sToken);
 				CMDBObject::SetTrackInfo('Reset password');
 				$oUser->AllowWrite(true);

application/startup.inc.php

@@ -35,25 +35,29 @@ register_shutdown_function(function()
 	$sReservedMemory = null;
 	if (!is_null($err = error_get_last()) && ($err['type'] == E_ERROR))
 	{
-		// Remove stack trace from MySQLException (since 2.7.2 see N°3174)
+		// Remove stack trace from MySQLException
 		$sMessage = $err['message'];
-		if (strpos($sMessage, 'MySQLException') !== false) {
+		if (strpos($sMessage, 'MySQLException') !== false)
+		{
 			$iStackTracePos = strpos($sMessage, 'Stack trace:');
-			if ($iStackTracePos !== false) {
+			if ($iStackTracePos !== false)
+			{
 				$sMessage = substr($sMessage, 0, $iStackTracePos);
 			}
 		}
-		// Log additional info but message from $err (since 2.7.6 N°4174)
-		$aErrToLog = $err;
-		unset($aErrToLog['message']);
-		IssueLog::error($sMessage, null, $aErrToLog);
-		if (strpos($err['message'], 'Allowed memory size of') !== false) {
+		IssueLog::error($sMessage);
+		if (strpos($err['message'], 'Allowed memory size of') !== false)
+		{
 			$sLimit = ini_get('memory_limit');
 			echo "<p>iTop: Allowed memory size of $sLimit exhausted, contact your administrator to increase 'memory_limit' in php.ini</p>\n";
-		} elseif (strpos($err['message'], 'Maximum execution time') !== false) {
+		}
+		elseif (strpos($err['message'], 'Maximum execution time') !== false)
+		{
 			$sLimit = ini_get('max_execution_time');
 			echo "<p>iTop: Maximum execution time of $sLimit exceeded, contact your administrator to increase 'max_execution_time' in php.ini</p>\n";
-		} else {
+		}
+		else
+		{
 			echo "<p>iTop: An error occurred, check server error log for more information.</p>\n";
 		}
 	}

application/transaction.class.inc.php

@@ -26,6 +26,8 @@
  * @copyright   Copyright (C) 2010-2012 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
+
+
 class privUITransaction
 {
 	/**
@@ -97,10 +99,9 @@ class privUITransaction
 }
 
 /**
- * The original mechanism for storing transaction information as an array in the $_SESSION variable
+ * The original (and by default) mechanism for storing transaction information
+ * as an array in the $_SESSION variable
  *
- * Warning, since 2.6.0 the session is regenerated on each login (see PR #20) !
- * Also, we saw some problems when using memcached as the PHP session implementation (see N°1835)
  */
 class privUITransactionSession
 {
@@ -193,35 +194,9 @@ class privUITransactionSession
  */
 class privUITransactionFile
 {
-	/** @var int Value to use when no user logged */
-	const UNAUTHENTICATED_USER_ID = -666;
-
 	/**
-	 * @return int current user id, or {@see self::UNAUTHENTICATED_USER_ID} if no user logged
-	 *
-	 * @since 2.6.5 2.7.6 3.0.0 N°4289 method creation
-	 */
-	private static function GetCurrentUserId()
-	{
-		$iCurrentUserId = UserRights::GetConnectedUserId();
-		if ('' === $iCurrentUserId) {
-			$iCurrentUserId = static::UNAUTHENTICATED_USER_ID;
-		}
-
-		return $iCurrentUserId;
-	}
-
-	/**
-	 * Create a new transaction id, store it in the session and return its id
-	 *
-	 * @param void
-	 *
 	 * @return int The new transaction identifier
-	 *
-	 * @throws \SecurityException
 	 * @throws \Exception
-	 *
-	 * @since 2.6.5 2.7.6 3.0.0 security hardening + throws SecurityException if no user logged
 	 */
 	public static function GetNewTransactionId()
 	{
@@ -238,36 +213,24 @@ class privUITransactionFile
 				throw new Exception('Failed to create the directory "'.APPROOT.'data/transactions". Ajust the rights on the parent directory or let an administrator create the transactions directory and give the web sever enough rights to write into it.');
 			}
 		}
-
 		if (!is_writable(APPROOT.'data/transactions'))
 		{
 			throw new Exception('The directory "'.APPROOT.'data/transactions" must be writable to the application.');
 		}
-
-		$iCurrentUserId = static::GetCurrentUserId();
-
 		self::CleanupOldTransactions();
+		$id = basename(tempnam(APPROOT.'data/transactions', static::GetUserPrefix()));
+		self::Info('GetNewTransactionId: Created transaction: '.$id);
 
-		$sTransactionIdFullPath = tempnam(APPROOT.'data/transactions', static::GetUserPrefix());
-		file_put_contents($sTransactionIdFullPath, $iCurrentUserId, LOCK_EX);
-
-		$sTransactionIdFileName = basename($sTransactionIdFullPath);
-		self::Info('GetNewTransactionId: Created transaction: '.$sTransactionIdFileName);
-
-		return $sTransactionIdFileName;
+		return (string)$id;
 	}
 
 	/**
 	 * Check whether a transaction is valid or not and (optionally) remove the valid transaction from
 	 * the session so that another call to IsTransactionValid for the same transaction id
 	 * will return false
-	 *
 	 * @param int $id Identifier of the transaction, as returned by GetNewTransactionId
 	 * @param bool $bRemoveTransaction True if the transaction must be removed
-	 *
 	 * @return bool True if the transaction is valid, false otherwise
-	 *
-	 * @since 2.6.5 2.7.6 3.0.0 N°4289 security hardening
 	 */
 	public static function IsTransactionValid($id, $bRemoveTransaction = true)
 	{
@@ -281,53 +244,53 @@ class privUITransactionFile
 
 		clearstatcache(true, $sFilepath);
 		$bResult = file_exists($sFilepath);
-
-		if (false === $bResult) {
-			self::Info("IsTransactionValid: Transaction '$id' not found. Pending transactions:\n".implode("\n", self::GetPendingTransactions()));
-			return false;
-		}
-
-		$iCurrentUserId = static::GetCurrentUserId();
-		$sTransactionIdUserId = file_get_contents($sFilepath);
-		if ($iCurrentUserId != $sTransactionIdUserId) {
-			self::Info("IsTransactionValid: Transaction '$id' not existing for current user. Pending transactions:\n".implode("\n", self::GetPendingTransactions()));
-			return false;
-		}
-
-		if ($bRemoveTransaction)
+		if ($bResult)
 		{
-			$bResult = @unlink($sFilepath);
-			if (!$bResult)
+			if ($bRemoveTransaction)
 			{
-				self::Error('IsTransactionValid: FAILED to remove transaction '.$id);
-			}
-			else
-			{
-				self::Info('IsTransactionValid: OK. Removed transaction: '.$id);
+				$bResult = @unlink($sFilepath);
+				if (!$bResult)
+				{
+					self::Error('IsTransactionValid: FAILED to remove transaction '.$id);
+				}
+				else
+				{
+					self::Info('IsTransactionValid: OK. Removed transaction: '.$id);
+				}
 			}
 		}
-
+		else
+		{
+			self::Info("IsTransactionValid: Transaction '$id' not found. Pending transactions for this user:\n".implode("\n", self::GetPendingTransactions()));
+		}
 		return $bResult;
 	}
 
 	/**
 	 * Removes the transaction specified by its id
 	 * @param int $id The Identifier (as returned by GetNewTransactionId) of the transaction to be removed.
-	 * @return bool true if the token can be removed
-	 *
-	 * @since 2.6.5 2.7.6 3.0.0 N°4289 security hardening
+	 * @return void
 	 */
 	public static function RemoveTransaction($id)
 	{
-		/** @noinspection PhpRedundantOptionalArgumentInspection */
-		$bResult = static::IsTransactionValid($id, true);
-		if (false === $bResult) {
-			self::Error("RemoveTransaction: Transaction '$id' is invalid. Pending transactions:\n"
-				.implode("\n", self::GetPendingTransactions()));
-			return false;
+		$bSuccess = true;
+		$sFilepath = APPROOT.'data/transactions/'.$id;
+		clearstatcache(true, $sFilepath);
+		if(!file_exists($sFilepath))
+		{
+			$bSuccess = false;
+			self::Error("RemoveTransaction: Transaction '$id' not found. Pending transactions for this user:\n".implode("\n", self::GetPendingTransactions()));
 		}
-
-		return true;
+		$bSuccess = @unlink($sFilepath);
+		if (!$bSuccess)
+		{
+			self::Error('RemoveTransaction: FAILED to remove transaction '.$id);
+		}
+		else
+		{
+			self::Info('RemoveTransaction: OK '.$id);
+		}
+		return $bSuccess;
 	}
 
 	/**
@@ -400,35 +363,22 @@ class privUITransactionFile
 	{
 		self::Write('Error | '.$sText);
 	}
-
-	protected static function IsLogEnabled() {
-		$oConfig = MetaModel::GetConfig();
-		if (is_null($oConfig)) {
-			return false;
-		}
-
-		$bLogTransactions = $oConfig->Get('log_transactions');
-		if (true === $bLogTransactions) {
-			return true;
-		}
-
-		return false;
-	}
-
+	
 	protected static function Write($sText)
 	{
-		if (false === static::IsLogEnabled()) {
-			return;
-		}
-
+		$bLogEnabled = MetaModel::GetConfig()->Get('log_transactions');
+		if ($bLogEnabled)
+		{
 		$hLogFile = @fopen(APPROOT.'log/transactions.log', 'a');
-		if ($hLogFile !== false) {
+		if ($hLogFile !== false)
+		{
 			flock($hLogFile, LOCK_EX);
 			$sDate = date('Y-m-d H:i:s');
 			fwrite($hLogFile, "$sDate | $sText\n");
 			fflush($hLogFile);
 			flock($hLogFile, LOCK_UN);
 			fclose($hLogFile);
+			}
 		}
 	}
 }

application/twigextension.class.inc.php

@@ -5,6 +5,7 @@ namespace Combodo\iTop;
 use AttributeDateTime;
 use Dict;
 use Exception;
+use MetaModel;
 use Twig_Environment;
 use Twig_SimpleFilter;
 use Twig_SimpleFunction;
@@ -114,6 +115,14 @@ class TwigExtension
 			return utils::IsDevelopmentEnvironment();
 		}));
 
+		// Function to get configuration parameter
+		// Usage in twig: {{ get_config_parameter('foo') }}
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_config_parameter', function($sParamName)
+		{
+			$oConfig = MetaModel::GetConfig();
+			return $oConfig->Get($sParamName);
+		}));
+
 		// Function to get the URL of a static page in a module
 		// Usage in twig: {{ get_static_page_module_url('itop-my-module', 'path-to-my-page') }}
 		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_static_page_module_url', function($sModuleName, $sPage)

application/ui.extkeywidget.class.inc.php

@@ -71,11 +71,7 @@ class UIExtKeyWidget
 	protected $bSearchMode;
 
 	//public function __construct($sAttCode, $sClass, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sNameSuffix = '', $sFieldPrefix = '', $sFormPrefix = '')
-
-	/**
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Add default value for $aArgs for PHP 8.0 compat
-	 */
-	public static function DisplayFromAttCode($oPage, $sAttCode, $sClass, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sFieldName = '', $sFormPrefix = '', $aArgs = [], $bSearchMode = false)
+	static public function DisplayFromAttCode($oPage, $sAttCode, $sClass, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sFieldName = '', $sFormPrefix = '', $aArgs, $bSearchMode = false)
 	{
 		$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
 		$sTargetClass = $oAttDef->GetTargetClass();
@@ -376,10 +372,10 @@ EOF
 		$sHTML .= "</form>\n";
 		$sHTML .= '</div></div>';
 
-		$sDialogTitleSanitized = addslashes(utils::HtmlToText($sTitle));
+		$sDialogTitle = addslashes($sTitle);
 		$oPage->add_ready_script(
 <<<EOF
-		$('#ac_dlg_{$this->iId}').dialog({ width: $(window).width()*0.8, height: $(window).height()*0.8, autoOpen: false, modal: true, title: '$sDialogTitleSanitized', resizeStop: oACWidget_{$this->iId}.UpdateSizes, close: oACWidget_{$this->iId}.OnClose });
+		$('#ac_dlg_{$this->iId}').dialog({ width: $(window).width()*0.8, height: $(window).height()*0.8, autoOpen: false, modal: true, title: '$sDialogTitle', resizeStop: oACWidget_{$this->iId}.UpdateSizes, close: oACWidget_{$this->iId}.OnClose });
 		$('#fs_{$this->iId}').bind('submit.uiAutocomplete', oACWidget_{$this->iId}.DoSearchObjects);
 		$('#dc_{$this->iId}').resize(oACWidget_{$this->iId}.UpdateSizes);
 EOF
@@ -430,10 +426,8 @@ EOF
      *
      * @throws CoreException
      * @throws OQLException
-     *
-     * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $oObj for PHP 8.0 compatibility
      */
-	public function AutoComplete(WebPage $oP, $sFilter, $oObj, $sContains, $sOutputFormat = self::ENUM_OUTPUT_FORMAT_CSV, $sOperation = null)
+	public function AutoComplete(WebPage $oP, $sFilter, $oObj = null, $sContains, $sOutputFormat = self::ENUM_OUTPUT_FORMAT_CSV, $sOperation = null)
 	{
 		if (is_null($sFilter))
 		{

application/ui.linksdirectwidget.class.inc.php

@@ -85,15 +85,9 @@ class UILinksWidgetDirect
 	 * @param array $aArgs
 	 * @param string $sFormPrefix
 	 * @param DBObject $oCurrentObj
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aArgs for PHP 8.0 compatibility (handling wrong values at method start)
 	 */
-	public function Display(WebPage $oPage, $oValue, $aArgs, $sFormPrefix, $oCurrentObj)
+	public function Display(WebPage $oPage, $oValue, $aArgs = array(), $sFormPrefix, $oCurrentObj)
 	{
-		if (empty($aArgs)) {
-			$aArgs = [];
-		}
-
 		$oLinksetDef = MetaModel::GetAttributeDef($this->sClass, $this->sAttCode);
 		switch($oLinksetDef->GetEditMode())
 		{
@@ -143,10 +137,8 @@ class UILinksWidgetDirect
 	 * @param string $sFormPrefix
 	 * @param DBObject $oCurrentObj
 	 * @param bool $bDisplayMenu
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aArgs for PHP 8.0 compatibility (protected method, always called with default value)
 	 */
-	protected function DisplayAsBlock(WebPage $oPage, $oValue, $aArgs, $sFormPrefix, $oCurrentObj, $bDisplayMenu)
+	protected function DisplayAsBlock(WebPage $oPage, $oValue, $aArgs = array(), $sFormPrefix, $oCurrentObj, $bDisplayMenu)
 	{
 		$oLinksetDef = MetaModel::GetAttributeDef($this->sClass, $this->sAttCode);
 		$sTargetClass = $oLinksetDef->GetLinkedClass();
@@ -247,10 +239,8 @@ class UILinksWidgetDirect
 	 * @param string $sFormPrefix
 	 * @param DBObject $oCurrentObj
 	 * @param array $aButtons
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $aArgs for PHP 8.0 compatibility (protected method, caller already handles it)
 	 */
-	protected function DisplayEditInPlace(WebPage $oPage, $oValue, $aArgs, $sFormPrefix, $oCurrentObj, $aButtons = array('create', 'delete'))
+	protected function DisplayEditInPlace(WebPage $oPage, $oValue, $aArgs = array(), $sFormPrefix, $oCurrentObj, $aButtons = array('create', 'delete'))
 	{
 		$aAttribs = $this->GetTableConfig();
 

application/utils.inc.php

@@ -283,7 +283,6 @@ class utils
 	 *
 	 * @since 2.5.2 2.6.0 new 'transaction_id' filter
 	 * @since 2.7.0 new 'element_identifier' filter
-	 * @since 2.7.7, 3.0.2, 3.1.0 N°4899 - new 'url' filter
 	 */
 	protected static function Sanitize_Internal($value, $sSanitizationFilter)
 	{
@@ -359,11 +358,6 @@ class utils
 				$retValue = preg_replace('/[^a-zA-Z0-9_]/', '', $value);
 				break;
 
-			// For URL
-			case 'url':
-				$retValue = filter_var($value, FILTER_SANITIZE_URL);
-				break;
-
 			default:
 			case 'raw_data':
 				$retValue = $value;
@@ -569,93 +563,48 @@ class utils
 
 	public static function ReadFromFile($sFileName)
 	{
-		if (!file_exists($sFileName)) {
-			return false;
-		}
-
+		if (!file_exists($sFileName)) return false;
 		return file_get_contents($sFileName);
 	}
 
 	/**
-	 * @param mixed $value The value as read from php.ini (eg 256k, 2M, 1G etc.)
-	 *
-	 * @return int conversion to number of bytes
-	 *
-	 * @since 2.7.5 3.0.0 convert to int numeric values
-	 *
-	 * @link https://www.php.net/manual/en/faq.using.php#faq.using.shorthandbytes Shorthand bytes value reference in PHP.net FAQ
+	 * Helper function to convert a value expressed in a 'user friendly format'
+	 * as in php.ini, e.g. 256k, 2M, 1G etc. Into a number of bytes
+	 * @param mixed $value The value as read from php.ini
+	 * @return number
 	 */
-	public static function ConvertToBytes($value)
+	public static function ConvertToBytes( $value )
 	{
-		if (!is_numeric($value)) {
-			$iLength = strlen($value);
-			$iReturn = substr($value, 0, $iLength - 1);
-			$sUnit = strtoupper(substr($value, $iLength - 1));
-			switch ($sUnit) {
-				case 'G':
-					$iReturn *= 1024;
-				case 'M':
-					$iReturn *= 1024;
-				case 'K':
-					$iReturn *= 1024;
-			}
-		} else {
-			$iReturn = (int)$value;
-		}
-
-		return $iReturn;
-	}
-
-	/**
-	 * Checks if the memory limit is at least what is required
-	 *
-	 * @param int $iMemoryLimit set limit in bytes, use {@link utils::ConvertToBytes()} to convert current php.ini value
-	 * @param int $iRequiredLimit required limit in bytes
-	 *
-	 * @return bool
-	 */
-	public static function IsMemoryLimitOk($iMemoryLimit, $iRequiredLimit)
-	{
-		if ($iMemoryLimit === -1) {
-			// -1 means : no limit (see https://www.php.net/manual/fr/ini.core.php#ini.memory-limit)
-			return true;
-		}
-
-		return ($iMemoryLimit >= $iRequiredLimit);
-	}
-
-	/**
-	 * Set memory_limit to required value
-	 *
-	 * @param string $sRequiredLimit required limit, for example '512M'
-	 *
-	 * @return bool|null null if nothing was done, true if modifying memory_limit was successful, false otherwise
-	 *
-	 * @uses utils::ConvertToBytes()
-	 * @uses \ini_get('memory_limit')
-	 * @uses \ini_set()
-	 * @uses utils::ConvertToBytes()
-	 *
-	 * @since 2.7.5 N°3806
-	 */
-	public static function SetMinMemoryLimit($sRequiredLimit)
-	{
-		$iRequiredLimit = static::ConvertToBytes($sRequiredLimit);
-		$sMemoryLimit = trim(ini_get('memory_limit'));
-		if (empty($sMemoryLimit)) {
-			// On some PHP installations, memory_limit does not exist as a PHP setting!
-			// (encountered on a 5.2.0 under Windows)
-			// In that case, ini_set will not work
-			return false;
-		}
-		$iMemoryLimit = static::ConvertToBytes($sMemoryLimit);
-
-		if (static::IsMemoryLimitOk($iMemoryLimit, $iRequiredLimit)) {
-			return null;
-		}
-
-		return ini_set('memory_limit', $iRequiredLimit);
-	}
+		$iReturn = $value;
+	    if ( !is_numeric( $value ) )
+		{
+	        $iLength = strlen( $value );
+	        $iReturn = substr( $value, 0, $iLength - 1 );
+	        $sUnit = strtoupper( substr( $value, $iLength - 1 ) );
+	        switch ( $sUnit )
+			{
+	            case 'G':
+	                $iReturn *= 1024;
+	            case 'M':
+	                $iReturn *= 1024;
+	            case 'K':
+	                $iReturn *= 1024;
+	        }
+	    }
+        return $iReturn;
+    }
+  
+  /**
+   * Checks if the memory limit is at least what is required
+   *
+   * @param int $memoryLimit set limit in bytes
+   * @param int $requiredLimit required limit in bytes
+   * @return bool
+   */
+  public static function IsMemoryLimitOk($memoryLimit, $requiredLimit)
+  {
+      return ($memoryLimit >= $requiredLimit) || ($memoryLimit == -1);
+  }
 
 	/**
 	 * Format a value into a more friendly format (KB, MB, GB, TB) instead a juste a Bytes amount.
@@ -784,7 +733,7 @@ class utils
 	 * @throws \ConfigException
 	 * @throws \CoreException
 	 *
-	 * @since 2.7.0 N°2478 this method will now always call {@link MetaModel::GetConfig} first, and cache in this class is only set when loading from disk
+	 * @since 2.7.0 N°2478 always call {@link MetaModel::GetConfig} first, cache is only set when loading from disk
 	 */
 	public static function GetConfig()
 	{
@@ -1329,19 +1278,19 @@ class utils
 				$oDashboard = $param;
 				$sDashboardId = $oDashboard->GetId();
 				$sDashboardFile = $oDashboard->GetDefinitionFile();
-				$sDashboardFileRelative = utils::LocalPath($sDashboardFile);
 				$sDlgTitle = addslashes(Dict::S('UI:ImportDashboardTitle'));
 				$sDlgText = addslashes(Dict::S('UI:ImportDashboardText'));
 				$sCloseBtn = addslashes(Dict::S('UI:Button:Cancel'));
-				$sDashboardFileJS = addslashes($sDashboardFileRelative);
-				$sDashboardFileURL = urlencode($sDashboardFileRelative);
+				$sDashboardFileJS = addslashes($sDashboardFile);
+				$sDashboardFileURL = urlencode($sDashboardFile);
 				$sUploadDashboardTransactId = utils::GetNewTransactionId();
 				$aResult = array(
 					new SeparatorPopupMenuItem(),
 					new URLPopupMenuItem('UI:ExportDashboard', Dict::S('UI:ExportDashBoard'), utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=export_dashboard&id='.$sDashboardId.'&file='.$sDashboardFileURL),
 					new JSPopupMenuItem('UI:ImportDashboard', Dict::S('UI:ImportDashBoard'), "UploadDashboard({dashboard_id: '$sDashboardId', file: '$sDashboardFileJS', title: '$sDlgTitle', text: '$sDlgText', close_btn: '$sCloseBtn', transaction: '$sUploadDashboardTransactId' })"),
 				);
-				if ($oDashboard->GetReloadURL()) {
+				if ($oDashboard->GetReloadURL())
+				{
 					$aResult[] = new SeparatorPopupMenuItem();
 					$aResult[] = new URLPopupMenuItem('UI:Menu:PrintableVersion', Dict::S('UI:Menu:PrintableVersion'), $oDashboard->GetReloadURL().'&printable=1', '_blank');
 				}
@@ -1966,15 +1915,11 @@ class utils
 	}
 	
 	/**
-	 * **Warning** : returned result can be invalid as we're using backtrace to find the module dir name
-	 *
-	 * @param int $iCallDepth The depth of the module in the callstack. Zero when called directly from within the module
-	 *
-	 * @return string the relative (to MODULESROOT) path of the root directory of the module containing the file where the call to
-	 *     this function is made
-	 *     or an empty string if no such module is found (or not called within a module file)
-	 *
-	 * @uses \debug_backtrace()
+	 * Returns the relative (to MODULESROOT) path of the root directory of the module containing the file where the call to
+	 * this function is made
+	 * or an empty string if no such module is found (or not called within a module file)
+	 * @param number $iCallDepth The depth of the module in the callstack. Zero when called directly from within the module
+	 * @return string
 	 */
 	public static function GetCurrentModuleDir($iCallDepth)
 	{
@@ -1999,14 +1944,9 @@ class utils
 	}
 
 	/**
-	 * **Warning** : as this method uses {@see GetCurrentModuleDir} it produces hazardous results.
-	 * You should better uses directly {@see GetAbsoluteUrlModulesRoot} and add the module dir name yourself ! See N°4573
-	 *
 	 * @return string the base URL for all files in the current module from which this method is called
 	 * or an empty string if no such module is found (or not called within a module file)
 	 * @throws \Exception
-	 *
-	 * @uses GetCurrentModuleDir
 	 */
 	public static function GetCurrentModuleUrl()
 	{
@@ -2261,19 +2201,38 @@ class utils
 	}
 
 	/**
-	 * @return string eg : '2_7_0' if iTop core version is '2.7.5-2'
-	 * @throws \ApplicationException if constant value is invalid
-	 * @uses ITOP_CORE_VERSION
+	 * @return string eg : '2_7_0' ITOP_VERSION is '2.7.1-dev'
 	 */
-	public static function GetItopVersionWikiSyntax($sItopVersion = ITOP_CORE_VERSION)
+	public static function GetItopVersionWikiSyntax()
 	{
-		$aExplodedVersion = explode('.', $sItopVersion);
+		$sMinorVersion = self::GetItopMinorVersion();
+		return str_replace('.', '_', $sMinorVersion).'_0';
+	}
 
-		if ((false === isset($aExplodedVersion[0])) || (false === isset($aExplodedVersion[1]))) {
-			throw new ApplicationException('iTop version is wrongfully configured!');
+	/**
+	 * @return string eg 2.7 if ITOP_VERSION is '2.7.0-dev'
+	 * @throws \Exception
+	 */
+	public static function GetItopMinorVersion()
+	{
+		$sPatchVersion = self::GetItopPatchVersion();
+		$aExplodedVersion = explode('.', $sPatchVersion);
+
+		if (empty($aExplodedVersion[0]) || empty($aExplodedVersion[1]))
+		{
+			throw new Exception('iTop version is wrongfully configured!');
 		}
 
-		return "{$aExplodedVersion[0]}_{$aExplodedVersion[1]}_0";
+		return sprintf('%d.%d', $aExplodedVersion[0], $aExplodedVersion[1]);
+	}
+
+	/**
+	 * @return string eg '2.7.0' if ITOP_VERSION is '2.7.0-dev'
+	 */
+	public static function GetItopPatchVersion()
+	{
+		$aExplodedVersion = explode('-', ITOP_VERSION);
+		return $aExplodedVersion[0];
 	}
 
 	/**

approot.inc.php

@@ -3,18 +3,4 @@
 define('APPROOT', dirname(__FILE__).'/');
 define('APPCONF', APPROOT.'conf/');
 
-
-/**
- * Constant containing the iTop core version, whatever application was built
- *
- * Note that in iTop 3.0.0 we used {@see ITOP_DESIGN_LATEST_VERSION} to get core version.
- * When releasing, both constants should be updated : see `.make/release/update-versions.php` for that !
- *
- * @since 2.7.7 3.0.1 3.1.0 N°4714 constant creation
- * @used-by utils::GetItopVersionWikiSyntax()
- * @used-by iTopModulesPhpVersionIntegrationTest
- */
-define('ITOP_CORE_VERSION', '2.7.8');
-
-
 require_once APPROOT.'bootstrap.inc.php';

composer.json

@@ -1,10 +1,8 @@
 {
-  "name": "combodo/itop",
-  "description": "IT Operations Portal",
   "type": "project",
-  "license": "AGPL-3.0-only",
+  "license": "AGPLv3",
   "require": {
-    "php": ">=7.0.8",
+    "php": ">=5.6.0",
     "ext-ctype": "*",
     "ext-dom": "*",
     "ext-gd": "*",
@@ -12,27 +10,22 @@
     "ext-json": "*",
     "ext-mysqli": "*",
     "ext-soap": "*",
-    "combodo/tcpdf": "~6.4.4",
-    "guzzlehttp/guzzle": "^6.5.8",
-    "laminas/laminas-mail": "^2.11",
-    "laminas/laminas-servicemanager": "^3.5",
-    "league/oauth2-google": "^3.0",
-    "nikic/php-parser": "~4.13.2",
-    "pear/archive_tar": "~1.4.14",
-    "pelago/emogrifier": "~3.1.0",
+    "combodo/tcpdf": "6.3.5",
+    "nikic/php-parser": "^3.1",
+    "pear/archive_tar": "1.4.10",
+    "pelago/emogrifier": "2.1.0",
     "scssphp/scssphp": "1.0.6",
-    "swiftmailer/swiftmailer": "~6.3.0",
-    "symfony/console": "~3.4.47",
-    "symfony/dotenv": "~3.4.47",
-    "symfony/framework-bundle": "~3.4.47",
-    "symfony/twig-bundle": "~3.4.47",
-    "symfony/yaml": "~3.4.47",
-    "thenetworg/oauth2-azure": "^2.0",
-    "twig/twig": "~1.42.5"
+    "swiftmailer/swiftmailer": "5.4.12",
+    "symfony/console": "3.4.*",
+    "symfony/dotenv": "3.4.*",
+    "symfony/framework-bundle": "3.4.*",
+    "symfony/polyfill-php70": "1.*",
+    "symfony/twig-bundle": "3.4.*",
+    "symfony/yaml": "3.4.*"
   },
   "require-dev": {
-    "symfony/stopwatch": "~3.4.47",
-    "symfony/web-profiler-bundle": "~3.4.47"
+    "symfony/stopwatch": "3.4.*",
+    "symfony/web-profiler-bundle": "3.4.*"
   },
   "suggest": {
     "ext-libsodium": "Required to use the AttributeEncryptedString.",
@@ -44,7 +37,7 @@
   },
   "config": {
     "platform": {
-      "php": "7.0.8"
+      "php": "5.6.0"
     },
     "vendor-dir": "lib",
     "preferred-install": {
@@ -59,8 +52,7 @@
       "application",
       "sources/application",
       "sources/Composer",
-      "sources/Controller",
-      "sources/Core"
+      "sources/Controller"
     ],
     "exclude-from-classmap": [
       "core/dbobjectsearch.class.php",

core/action.class.inc.php

@@ -179,7 +179,7 @@ class ActionEmail extends ActionNotification
 	protected function FindRecipients($sRecipAttCode, $aArgs)
 	{
 		$sOQL = $this->Get($sRecipAttCode);
-		if (strlen($sOQL) === 0) return '';
+		if (strlen($sOQL) == '') return '';
 
 		try
 		{
@@ -314,58 +314,42 @@ class ActionEmail extends ActionNotification
 		{
 			$this->m_iRecipients = 0;
 			$this->m_aMailErrors = array();
-
+			$bRes = false; // until we do succeed in sending the email
+	
 			// Determine recicipients
 			//
 			$sTo = $this->FindRecipients('to', $aContextArgs);
 			$sCC = $this->FindRecipients('cc', $aContextArgs);
 			$sBCC = $this->FindRecipients('bcc', $aContextArgs);
-
+	
 			$sFrom = MetaModel::ApplyParams($this->Get('from'), $aContextArgs);
 			$sReplyTo = MetaModel::ApplyParams($this->Get('reply_to'), $aContextArgs);
-
+	
 			$sSubject = MetaModel::ApplyParams($this->Get('subject'), $aContextArgs);
 			$sBody = MetaModel::ApplyParams($this->Get('body'), $aContextArgs);
-
+			
 			$oObj = $aContextArgs['this->object()'];
-			$sMessageId = sprintf('iTop_%s_%d_%F@%s.openitop.org',
-				get_class($oObj),
-				$oObj->GetKey(),
-				microtime(true /* get as float*/),
-				MetaModel::GetEnvironmentId()
-			);
+			$sMessageId = sprintf('iTop_%s_%d_%f@%s.openitop.org', get_class($oObj), $oObj->GetKey(), microtime(true /* get as float*/), MetaModel::GetEnvironmentId());
 			$sReference = '<'.$sMessageId.'>';
 		}
-		catch (Exception $e) {
-			/** @noinspection PhpUnhandledExceptionInspection */
-			throw $e;
-		}
-		finally {
-			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
-		}
-
-		if (!is_null($oLog)) {
+		catch(Exception $e)
+		{
+  			ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
+  			throw $e;
+  		}
+		ApplicationContext::SetUrlMakerClass($sPreviousUrlMaker);
+		
+		if (!is_null($oLog))
+		{
 			// Note: we have to secure this because those values are calculated
 			// inside the try statement, and we would like to keep track of as
 			// many data as we could while some variables may still be undefined
-			if (isset($sTo)) {
-				$oLog->Set('to', $sTo);
-			}
-			if (isset($sCC)) {
-				$oLog->Set('cc', $sCC);
-			}
-			if (isset($sBCC)) {
-				$oLog->Set('bcc', $sBCC);
-			}
-			if (isset($sFrom)) {
-				$oLog->Set('from', $sFrom);
-			}
-			if (isset($sSubject)) {
-				$oLog->Set('subject', $sSubject);
-			}
-			if (isset($sBody)) {
-				$oLog->Set('body', $sBody);
-			}
+			if (isset($sTo))       $oLog->Set('to', $sTo);
+			if (isset($sCC))       $oLog->Set('cc', $sCC);
+			if (isset($sBCC))      $oLog->Set('bcc', $sBCC);
+			if (isset($sFrom))     $oLog->Set('from', $sFrom);
+			if (isset($sSubject))  $oLog->Set('subject', $sSubject);
+			if (isset($sBody))     $oLog->Set('body', $sBody);
 		}
 		$sStyles = file_get_contents(APPROOT.'css/email.css');
 		$sStyles .= MetaModel::GetConfig()->Get('email_css');
@@ -455,3 +439,4 @@ class ActionEmail extends ActionNotification
 		}
 	}
 }
+?>

core/apc-service.class.inc.php

@@ -1,42 +0,0 @@
-<?php
-
-/**
- * Class ApcService
- * @since 2.7.6 N°4125
- */
-class ApcService {
-	public function __construct() {
-	}
-
-	/**
-	 * @param string $function_name
-	 * @return bool
-	 * @see function_exists()
-	 */
-	public function function_exists($function_name) {
-		return function_exists($function_name);
-	}
-
-	/**
-	 * @param string|array $key
-	 * @return mixed
-	 * @see apc_fetch()
-	 */
-	function apc_fetch($key)
-	{
-		return apc_fetch($key);
-	}
-
-	/**
-	 * @param array|string $key
-	 * @param $var
-	 * @param int $ttl
-	 * @return array|bool
-	 * @see apc_store()
-	 */
-	function apc_store($key, $var = NULL, $ttl = 0)
-	{
-		return apc_store($key, $var, $ttl);
-	}
-}
-?>

core/asynctask.class.inc.php

@@ -230,7 +230,7 @@ abstract class AsyncTask extends DBObject
 			$this->Set('remaining_retries', $this->GetMaxRetries($iErrorCode));
 		}
 
-		$this->SetTrim('last_error', $sErrorMessage);
+		$this->Set('last_error', $sErrorMessage);
 		$this->Set('last_error_code', $iErrorCode); // Note: can be ZERO !!!
 		$this->Set('last_attempt', time());
 

core/attributedef.class.inc.php

@@ -7978,13 +7978,6 @@ class AttributeImage extends AttributeBlob
 	{
 		$oDoc = parent::MakeRealValue($proposedValue, $oHostObj);
 
-		if (($oDoc instanceof ormDocument)
-			&& (false === $oDoc->IsEmpty())
-			&& ($oDoc->GetMimeType() === 'image/svg+xml')) {
-			$sCleanSvg = HTMLSanitizer::Sanitize($oDoc->GetData(), 'svg_sanitizer');
-			$oDoc = new ormDocument($sCleanSvg, $oDoc->GetMimeType(), $oDoc->GetFileName());
-		}
-
 		// The validation of the MIME Type is done by CheckFormat below
 		return $oDoc;
 	}

core/cmdbchangeop.class.inc.php

@@ -63,30 +63,22 @@ class CMDBChangeOp extends DBObject
 
 	/**
 	 * Describe (as a text string) the modifications corresponding to this change
-	 */
+	 */	 
 	public function GetDescription()
 	{
 		return '';
 	}
 
 	/**
-	 * Safety net:
-	 * * if change isn't persisted yet, use the current change and persist it if needed
-	 * * in case the change is not given, let's guarantee that it will be set to the current ongoing change (or create a new one)
-	 *
-	 * @since 2.7.7 3.0.2 3.1.0 N°3717 do persist the current change if needed
-	 */
+	 * Safety net: in case the change is not given, let's guarantee that it will
+	 * be set to the current ongoing change (or create a new one)	
+	 */	
 	protected function OnInsert()
 	{
-		$iChange = $this->Get('change');
-		if (($iChange <= 0) || (is_null($iChange))) {
-			$oChange = CMDBObject::GetCurrentChange();
-			if ($oChange->IsNew()) {
-				$oChange->DBWrite();
-			}
-			$this->Set('change', $oChange);
+		if ($this->Get('change') <= 0)
+		{
+			$this->Set('change', CMDBObject::GetCurrentChange());
 		}
-
 		parent::OnInsert();
 	}
 }

core/cmdbobject.class.inc.php

@@ -114,26 +114,6 @@ abstract class CMDBObject extends DBObject
 		self::$m_oCurrChange = $oChange;
 	}
 
-	/**
-	 * @param string $sUserInfo
-	 * @param string $sOrigin
-	 * @param \DateTime $oDate
-	 *
-	 * @throws \CoreException
-	 *
-	 * @since 2.7.7 3.0.2 3.1.0 N°3717 new method to reset current change
-	 */
-	public static function SetCurrentChangeFromParams($sUserInfo, $sOrigin = null, $oDate = null)
-	{
-		static::SetTrackInfo($sUserInfo);
-		static::SetTrackOrigin($sOrigin);
-		static::CreateChange();
-
-		if (!is_null($oDate)) {
-			static::$m_oCurrChange->Set("date", $oDate);
-		}
-	}
-
 	//
 	// Todo: simplify the APIs and do not pass the current change as an argument anymore
 	//       SetTrackInfo to be invoked in very few cases (UI.php, CSV import, Data synchro)
@@ -165,8 +145,6 @@ abstract class CMDBObject extends DBObject
 	 *    $oMyChange->Set("userinfo", 'this is done by ... for ...');
 	 *    $iChangeId = $oMyChange->DBInsert();
 	 *
-	 * **warning** : this will do nothing if current change already exists !
-	 *
 	 * @see SetCurrentChange to specify a CMDBObject instance instead
 	 *
 	 * @param string $sInfo
@@ -179,8 +157,6 @@ abstract class CMDBObject extends DBObject
 	/**
 	 * Provides information about the origin of the change
 	 *
-	 * **warning** : this will do nothing if current change already exists !
-	 *
 	 * @see SetTrackInfo
 	 * @see SetCurrentChange to specify a CMDBObject instance instead
 	 *
@@ -191,15 +167,18 @@ abstract class CMDBObject extends DBObject
 	{
 		self::$m_sOrigin = $sOrigin;
 	}
-
+	
 	/**
 	 * Get the additional information (defaulting to user name)
-	 */
-	public static function GetTrackInfo()
+	 */	 	
+	protected static function GetTrackInfo()
 	{
-		if (is_null(self::$m_sInfo)) {
+		if (is_null(self::$m_sInfo))
+		{
 			return CMDBChange::GetCurrentUserName();
-		} else {
+		}
+		else
+		{
 			return self::$m_sInfo;
 		}
 	}
@@ -222,8 +201,7 @@ abstract class CMDBObject extends DBObject
 	/**
 	 * Set to {@link $m_oCurrChange} a standard change record (done here 99% of the time, and nearly once per page)
 	 *
-	 * @since 2.7.7 3.0.2 3.1.0 N°3717 {@see CMDBChange} **will be persisted later** in {@see \CMDBChangeOp::OnInsert} (was done previously directly here)
-	 *     This will avoid creating in DB CMDBChange lines without any corresponding CMDBChangeOp
+	 * The CMDBChange is persisted so that it has a key > 0, and any new CMDBChangeOp can link to it
 	 */
 	protected static function CreateChange()
 	{
@@ -231,6 +209,7 @@ abstract class CMDBObject extends DBObject
 		self::$m_oCurrChange->Set("date", time());
 		self::$m_oCurrChange->Set("userinfo", self::GetTrackInfo());
 		self::$m_oCurrChange->Set("origin", self::GetTrackOrigin());
+		self::$m_oCurrChange->DBInsert();
 	}
 
 	/**

core/cmdbsource.class.inc.php

@@ -39,7 +39,6 @@ class MySQLException extends CoreException
 	 */
 	public function __construct($sIssue, $aContext, $oException = null, $oMysqli = null)
 	{
-
 		if ($oException != null)
 		{
 			$aContext['mysql_errno'] = $oException->getCode();
@@ -59,11 +58,6 @@ class MySQLException extends CoreException
 			$aContext['mysql_error'] = CMDBSource::GetError();
 		}
 		parent::__construct($sIssue, $aContext);
-		//if is connection error, don't log the default message with password in
-		if (mysqli_connect_errno()) {
-			error_log($this->message);
-			error_reporting(0);
-		}
 	}
 }
 
@@ -113,18 +107,10 @@ class MySQLNoTransactionException extends MySQLException
 
 }
 
-/**
- * @since 2.7.8 3.0.3 3.1.0 N°5538
- */
-class MySQLTransactionNotClosedException extends MySQLException
-{
-
-}
-
 
 /**
  * CMDBSource
- * database access wrapper
+ * database access wrapper 
  *
  * @package     iTopORM
  */
@@ -162,17 +148,6 @@ class CMDBSource
 
 	/** @var mysqli $m_oMysqli */
 	protected static $m_oMysqli;
-	/**
-	 * The mysqli object is really hard to mock ! This attribute is used only in certain methods, so that we can mock only a very little subset of the mysqli object.
-	 * We are setting it in {@see Init}, by default it is a copy of {@see $m_oMysqli}
-	 * The mock can be injected using the setter {@see SetMySQLiForQuery}
-	 *
-	 * @var mysqli $oMySQLiForQuery
-	 * @see GetMySQLiForQuery
-	 * @see SetMySQLiForQuery
-	 * @since 2.7.5 N°3513 new var to allow mock in tests ({@see \Combodo\iTop\Test\UnitTest\Core\TransactionsTest})
-	 */
-	protected static $oMySQLiForQuery;
 
 	/**
 	 * @var int number of level for nested transactions : 0 if no transaction was ever opened, +1 for each 'START TRANSACTION' sent
@@ -239,7 +214,6 @@ class CMDBSource
 		self::$m_sDBTlsCA = empty($sTlsCA) ? null : $sTlsCA;
 
 		self::$m_oMysqli = self::GetMysqliInstance($sServer, $sUser, $sPwd, $sSource, $bTlsEnabled, $sTlsCA, true);
-		self::SetMySQLiForQuery(self::$m_oMysqli);
 	}
 
 	/**
@@ -253,12 +227,12 @@ class CMDBSource
 	 *
 	 * @return \mysqli
 	 * @throws \MySQLException
-	 *
-	 * @uses IsOpenedDbConnectionUsingTls when asking for a TLS connection, to check if it was really opened using TLS
 	 */
 	public static function GetMysqliInstance(
 		$sDbHost, $sUser, $sPwd, $sSource = '', $bTlsEnabled = false, $sTlsCa = null, $bCheckTlsAfterConnection = false
 	) {
+		$oMysqli = null;
+
 		$sServer = null;
 		$iPort = null;
 		self::InitServerAndPort($sDbHost, $sServer, $iPort);
@@ -288,7 +262,7 @@ class CMDBSource
 		}
 		catch(mysqli_sql_exception $e)
 		{
-			throw new MySQLException('Could not connect to the DB server', array('host' => $sServer, 'user' => $sUser),$e);
+			throw new MySQLException('Could not connect to the DB server', array('host' => $sServer, 'user' => $sUser), $e);
 		}
 
 		if ($bTlsEnabled
@@ -357,41 +331,41 @@ class CMDBSource
 	 * parameters were used.<br>
 	 * This method can be called to ensure that the DB connection really uses TLS.
 	 *
-	 * <p>We're using our own mysqli instance to do the check as this check is done when creating the mysqli instance : the consumer
-	 * might want a dedicated object, and if so we don't want to overwrite the one saved in CMDBSource !<br>
-	 * This is the case for example with {@see \iTopMutex} !
+	 * <p>We're using this object connection : {@link self::$m_oMysqli}
 	 *
 	 * @param \mysqli $oMysqli
 	 *
-	 * @return boolean true if the connection was really established using TLS, false otherwise
+	 * @return boolean true if the connection was really established using TLS
 	 * @throws \MySQLException
 	 *
-	 * @used-by GetMysqliInstance
 	 * @uses IsMySqlVarNonEmpty
-	 * @uses 'ssl_version' MySQL var
-	 * @uses 'ssl_cipher' MySQL var
 	 */
 	private static function IsOpenedDbConnectionUsingTls($oMysqli)
 	{
-		$bNonEmptySslVersionVar = self::IsMySqlVarNonEmpty('ssl_version', $oMysqli);
-		$bNonEmptySslCipherVar = self::IsMySqlVarNonEmpty('ssl_cipher', $oMysqli);
+		if (self::$m_oMysqli == null)
+		{
+			self::$m_oMysqli = $oMysqli;
+		}
+
+		$bNonEmptySslVersionVar = self::IsMySqlVarNonEmpty('ssl_version');
+		$bNonEmptySslCipherVar = self::IsMySqlVarNonEmpty('ssl_cipher');
 
 		return ($bNonEmptySslVersionVar && $bNonEmptySslCipherVar);
 	}
 
 	/**
 	 * @param string $sVarName
-	 * @param mysqli $oMysqli connection to use for the query
 	 *
 	 * @return bool
 	 * @throws \MySQLException
-	 * @uses 'SHOW SESSION STATUS' queries
+	 *
+	 * @uses SHOW STATUS queries
 	 */
-	private static function IsMySqlVarNonEmpty($sVarName, $oMysqli)
+	private static function IsMySqlVarNonEmpty($sVarName)
 	{
 		try
 		{
-			$sResult = self::QueryToScalar("SHOW SESSION STATUS LIKE '$sVarName'", 1, $oMysqli);
+			$sResult = self::QueryToScalar("SHOW SESSION STATUS LIKE '$sVarName'", 1);
 		}
 		catch (MySQLQueryHasNoResultException $e)
 		{
@@ -455,12 +429,6 @@ class CMDBSource
 
 	}
 
-	/**
-	 * @return string
-	 * @throws \MySQLException
-	 *
-	 * @uses \CMDBSource::QueryToCol() so needs a connection opened !
-	 */
 	public static function GetDBVersion()
 	{
 		$aVersions = self::QueryToCol('SELECT Version() as version', 'version');
@@ -478,10 +446,8 @@ class CMDBSource
 	/**
 	 * Get the DB vendor between MySQL and its main forks
 	 * @return string
-	 *
-	 * @uses \CMDBSource::GetServerVariable() so needs a connection opened !
 	 */
-	public static function GetDBVendor()
+	static public function GetDBVendor()
 	{
 		$sDBVendor = static::ENUM_DB_VENDOR_MYSQL;
 		
@@ -564,24 +530,6 @@ class CMDBSource
 		return self::$m_oMysqli;
 	}
 
-	/**
-	 * @return
-	 */
-	private static function GetMySQLiForQuery()
-	{
-		return self::$oMySQLiForQuery;
-	}
-
-
-	/**
-	 * Used for test purpose (mysqli mock)
-	 * @param $oMySQLi
-	 */
-	private static function SetMySQLiForQuery($oMySQLi)
-	{
-		self::$oMySQLiForQuery = $oMySQLi;
-	}
-
 	public static function GetErrNo()
 	{
 		if (self::$m_oMysqli->errno != 0)
@@ -717,15 +665,10 @@ class CMDBSource
 	 */
 	private static function DBQuery($sSql)
 	{
-		$sShortSQL = substr(preg_replace("/\s+/", " ", substr($sSql, 0, 180)), 0, 150);
-		if (substr_compare($sShortSQL, "SELECT", 0, strlen("SELECT")) !== 0) {
-			IssueLog::Trace("$sShortSQL", 'cmdbsource');
-		}
-
 		$oKPI = new ExecutionKPI();
 		try
 		{
-			$oResult = self::GetMySQLiForQuery()->query($sSql);
+			$oResult = self::$m_oMysqli->query($sSql);
 		}
 		catch (mysqli_sql_exception $e)
 		{
@@ -737,7 +680,7 @@ class CMDBSource
 		{
 			$aContext = array('query' => $sSql);
 
-			$iMySqlErrorNo = self::GetMySQLiForQuery()->errno;
+			$iMySqlErrorNo = self::$m_oMysqli->errno;
 			$aMySqlHasGoneAwayErrorCodes = MySQLHasGoneAwayException::getErrorCodes();
 			if (in_array($iMySqlErrorNo, $aMySqlHasGoneAwayErrorCodes))
 			{
@@ -759,7 +702,7 @@ class CMDBSource
 	private static function LogDeadLock(Exception $e)
 	{
 		// checks MySQL error code
-		$iMySqlErrorNo = self::GetMySQLiForQuery()->errno;
+		$iMySqlErrorNo = self::$m_oMysqli->errno;
 		if (!in_array($iMySqlErrorNo, array(self::MYSQL_ERRNO_WAIT_TIMEOUT, self::MYSQL_ERRNO_DEADLOCK)))
 		{
 			return;
@@ -767,7 +710,7 @@ class CMDBSource
 
 		// Get error info
 		$sUser = UserRights::GetUser();
-		$oError = self::GetMySQLiForQuery()->query('SHOW ENGINE INNODB STATUS');
+		$oError = self::$m_oMysqli->query('SHOW ENGINE INNODB STATUS');
 		if ($oError !== false)
 		{
 			$aData = $oError->fetch_all(MYSQLI_ASSOC);
@@ -789,7 +732,7 @@ class CMDBSource
 		);
 		DeadLockLog::Info($sMessage, $iMySqlErrorNo, $aLogContext);
 
-		IssueLog::Error($sMessage, LogChannels::DEADLOCK, $e->getMessage());
+		IssueLog::Error($sMessage, 'DeadLock', $e->getMessage());
 	}
 
 	/**
@@ -805,15 +748,10 @@ class CMDBSource
 	 */
 	private static function StartTransaction()
 	{
-		$aStackTrace = debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT , 3);
-
 		$bHasExistingTransactions = self::IsInsideTransaction();
 		if (!$bHasExistingTransactions)
 		{
-			IssueLog::Trace("START TRANSACTION was sent to the DB", LogChannels::CMDB_SOURCE, ['stacktrace' => $aStackTrace]);
 			self::DBQuery('START TRANSACTION');
-		} else {
-			IssueLog::Trace("START TRANSACTION ignored as a transaction is already opened", LogChannels::CMDB_SOURCE, ['stacktrace' => $aStackTrace]);
 		}
 
 		self::AddTransactionLevel();
@@ -831,12 +769,9 @@ class CMDBSource
 	 */
 	private static function Commit()
 	{
-		$aStackTrace = debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT , 3);
-		$sCaller = 'From '.$aStackTrace[1]['file'].'('.$aStackTrace[1]['line'].'): '.$aStackTrace[2]['class'].'->'.$aStackTrace[2]['function'].'()';
 		if (!self::IsInsideTransaction())
 		{
 			// should not happen !
-			IssueLog::Error("No Transaction COMMIT $sCaller", 'cmdbsource');
 			throw new MySQLNoTransactionException('Trying to commit transaction whereas none have been started !', null);
 		}
 
@@ -844,10 +779,8 @@ class CMDBSource
 
 		if (self::IsInsideTransaction())
 		{
-			IssueLog::Trace("Ignore nested (".self::$m_iTransactionLevel.") COMMIT $sCaller", 'cmdbsource');
 			return;
 		}
-		IssueLog::Trace("COMMIT $sCaller", 'cmdbsource');
 		self::DBQuery('COMMIT');
 	}
 
@@ -866,22 +799,17 @@ class CMDBSource
 	 */
 	private static function Rollback()
 	{
-		$aStackTrace = debug_backtrace(DEBUG_BACKTRACE_PROVIDE_OBJECT , 3);
-		$sCaller = 'From '.$aStackTrace[1]['file'].'('.$aStackTrace[1]['line'].'): '.$aStackTrace[2]['class'].'->'.$aStackTrace[2]['function'].'()';
 		if (!self::IsInsideTransaction())
 		{
 			// should not happen !
-			IssueLog::Error("No Transaction ROLLBACK $sCaller", 'cmdbsource');
 			throw new MySQLNoTransactionException('Trying to commit transaction whereas none have been started !', null);
 		}
 		self::RemoveLastTransactionLevel();
 		if (self::IsInsideTransaction())
 		{
-			IssueLog::Trace("Ignore nested (".self::$m_iTransactionLevel.") ROLLBACK $sCaller", 'cmdbsource');
 			return;
 		}
 
-		IssueLog::Trace("ROLLBACK $sCaller", 'cmdbsource');
 		self::DBQuery('ROLLBACK');
 	}
 
@@ -931,17 +859,6 @@ class CMDBSource
 		self::$m_iTransactionLevel = 0;
 	}
 
-	public static function IsDeadlockException(Exception $e)
-	{
-		while ($e instanceof Exception) {
-			if (($e instanceof MySQLException) && ($e->getCode() == 1213)) {
-				return true;
-			}
-			$e = $e->getPrevious();
-		}
-		return false;
-	}
-
 	/**
 	 *
 	 * @deprecated 2.7.0 N°1627 use ItopCounter instead
@@ -995,21 +912,17 @@ class CMDBSource
 	/**
 	 * @param string $sSql
 	 * @param int $iCol beginning at 0
-	 * @param mysqli $oMysqli if not null will query using this connection, otherwise will use {@see GetMySQLiForQuery}
 	 *
 	 * @return string corresponding cell content on the first line
 	 * @throws \MySQLException
 	 * @throws \MySQLQueryHasNoResultException
-	 * @since 2.7.5-2 2.7.6 3.0.0 N°4215 new optional mysqli param
 	 */
-	public static function QueryToScalar($sSql, $iCol = 0, $oMysqli = null)
+	public static function QueryToScalar($sSql, $iCol = 0)
 	{
-		$oMysqliToQuery = (is_null($oMysqli)) ? self::GetMySQLiForQuery() : $oMysqli;
-
 		$oKPI = new ExecutionKPI();
 		try
 		{
-			$oResult = $oMysqliToQuery->query($sSql);
+			$oResult = self::$m_oMysqli->query($sSql);
 		}
 		catch(mysqli_sql_exception $e)
 		{
@@ -1049,7 +962,7 @@ class CMDBSource
 		$oKPI = new ExecutionKPI();
 		try
 		{
-			$oResult = self::GetMySQLiForQuery()->query($sSql);
+			$oResult = self::$m_oMysqli->query($sSql);
 		}
 		catch(mysqli_sql_exception $e)
 		{
@@ -1131,7 +1044,7 @@ class CMDBSource
 	{
 		try
 		{
-			$oResult = self::GetMySQLiForQuery()->query($sSql);
+			$oResult = self::$m_oMysqli->query($sSql);
 		}
 		catch(mysqli_sql_exception $e)
 		{
@@ -1618,7 +1531,7 @@ class CMDBSource
 		$sSql = "SELECT * FROM `$sTable`";
 		try
 		{
-			$oResult = self::GetMySQLiForQuery()->query($sSql);
+			$oResult = self::$m_oMysqli->query($sSql);
 		}
 		catch(mysqli_sql_exception $e)
 		{

core/config.class.inc.php

@@ -22,15 +22,7 @@
 
 define('ITOP_APPLICATION', 'iTop');
 define('ITOP_APPLICATION_SHORT', 'iTop');
-
-/**
- * Constant containing the application version
- * Warning: this might be different from iTop core version!
- *
- * @see ITOP_CORE_VERSION to get iTop core version
- */
-define('ITOP_VERSION', '2.7.0-dev');
-
+define('ITOP_VERSION', '2.7.0-dev'); // @see utils::GetItopVersionShort() and utils::GetItopVersionWikiSyntax()
 define('ITOP_REVISION', 'svn');
 define('ITOP_BUILD_DATE', '$WCNOW$');
 define('ITOP_VERSION_FULL', ITOP_VERSION.'-'.ITOP_REVISION);
@@ -476,11 +468,11 @@ class Config
 			'show_in_conf_sample' => true,
 		),
 		'cron_max_execution_time' => array(
-			'type'                => 'integer',
-			'description'         => 'Duration (seconds) of the cron.php script : if exceeded the script will exit even if there are remaining tasks to process. Must be shorter than php max_execution_time setting (note than when using CLI, this is set to 0 by default which means unlimited). If cron.php is ran via web, it must be shorter than the web server response timeout.',
-			'default'             => 600,
-			'value'               => 600,
-			'source_of_value'     => '',
+			'type' => 'integer',
+			'description' => 'Duration (seconds) of the page cron.php, must be shorter than php setting max_execution_time and shorter than the web server response timeout',
+			'default' => 600,
+			'value' => 600,
+			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		),
 		'cron_sleep' => array(
@@ -509,7 +501,7 @@ class Config
 		),
 		'email_transport' => array(
 			'type' => 'string',
-			'description' => 'Mean to send emails: PHPMail (uses the function mail()), SMTP (implements the client protocol) or SMTP_OAuth (connect to the server using OAuth 2.0)',
+			'description' => 'Mean to send emails: PHPMail (uses the function mail()) or SMTP (implements the client protocol)',
 			'default' => "PHPMail",
 			'value' => "PHPMail",
 			'source_of_value' => '',
@@ -555,22 +547,6 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
-		'email_transport_smtp.allow_self_signed' => array(
-			'type'                => 'bool',
-			'description'         => 'Allow self signed peer certificates',
-			'default'             => false,
-			'value'               => false,
-			'source_of_value'     => '',
-			'show_in_conf_sample' => false,
-		),
-		'email_transport_smtp.verify_peer' => array(
-			'type'                => 'bool',
-			'description'         => 'Verify peer certificate',
-			'default'             => true,
-			'value'               => true,
-			'source_of_value'     => '',
-			'show_in_conf_sample' => false,
-		),
 		'email_css' => array(
 			'type' => 'string',
 			'description' => 'CSS that will override the standard stylesheet used for the notifications',
@@ -619,13 +595,6 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
-		/**
-		 * The timezone is automatically set using this parameter in \utils::InitTimeZone
-		 * This method is called almost everywhere, cause it's called in \MetaModel::LoadConfig and exec.php... but you might
-		 * need to get it yourself !
-		 *
-		 * @used-by utils::InitTimeZone()
-		 */
 		'timezone' => array(
 			'type' => 'string',
 			'description' => 'Timezone (reference: http://php.net/manual/en/timezones.php). If empty, it will be left unchanged and MUST be explicitly configured in PHP',
@@ -869,14 +838,6 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
-		'impact_analysis_lazy_loading' => [
-			'type'                => 'bool',
-			'description'         => 'In the impact analysis view: display the analysis or filter before display',
-			'default'             => false,
-			'value'               => '',
-			'source_of_value'     => '',
-			'show_in_conf_sample' => false,
-		],
 		'url_validation_pattern' => array(
 			'type' => 'string',
 			'description' => 'Regular expression to validate/detect the format of an URL (URL attributes and Wiki formatting for Text attributes)',
@@ -1152,14 +1113,6 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
-		'svg_sanitizer' => array(
-			'type' => 'string',
-			'description' => 'The class to use for SVG sanitization : allow to provide a custom made sanitizer',
-			'default' => 'SVGDOMSanitizer',
-			'value' => '',
-			'source_of_value' => '',
-			'show_in_conf_sample' => false,
-		),
 		'inline_image_max_display_width' => array(
 			'type' => 'integer',
 			'description' => 'The maximum width (in pixels) when displaying images inside an HTML formatted attribute. Images will be displayed using this this maximum width.',
@@ -1320,14 +1273,6 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => true,
 		],
-		'security.disable_inline_documents_sandbox' => array(
-			'type' => 'bool',
-			'description' => 'If true then the sandbox for documents displayed in a browser tab will be disabled; enabling scripts and other interactive content. Note that setting this to true will open the application to potential XSS attacks!',
-			'default' => false,
-			'value' => false,
-			'source_of_value' => '',
-			'show_in_conf_sample' => false,
-		),
 	);
 
 

core/coreexception.class.inc.php

@@ -149,14 +149,14 @@ class CoreCannotSaveObjectException extends CoreException
 	 *
 	 * @param array $aContextData containing at least those keys : issues, id, class
 	 */
-	public function __construct($aContextData, $oPrevious = null)
+	public function __construct($aContextData)
 	{
 		$this->aIssues = $aContextData['issues'];
 		$this->iObjectId = $aContextData['id'];
 		$this->sObjectClass = $aContextData['class'];
 
 		$sIssues = implode(', ', $this->aIssues);
-		parent::__construct($sIssues, $aContextData, '', $oPrevious);
+		parent::__construct($sIssues, $aContextData);
 	}
 
 	/**
@@ -165,15 +165,19 @@ class CoreCannotSaveObjectException extends CoreException
 	public function getHtmlMessage()
 	{
 		$sTitle = Dict::S('UI:Error:SaveFailed');
-		$sContent = "<span><strong>".utils::HtmlEntities($sTitle)."</strong></span>";
+		$sContent = "<span><strong>{$sTitle}</strong></span>";
 
-		if (count($this->aIssues) == 1) {
+		if (count($this->aIssues) == 1)
+		{
 			$sIssue = reset($this->aIssues);
-			$sContent .= " <span>".utils::HtmlEntities($sIssue)."</span>";
-		} else {
+			$sContent .= " <span>{$sIssue}</span>";
+		}
+		else
+		{
 			$sContent .= '<ul>';
-			foreach ($this->aIssues as $sError) {
-				$sContent .= "<li>".utils::HtmlEntities($sError)."</li>";
+			foreach ($this->aIssues as $sError)
+			{
+				$sContent .= "<li>$sError</li>";
 			}
 			$sContent .= '</ul>';
 		}

core/dbobject.class.php

@@ -1977,9 +1977,9 @@ abstract class DBObject implements iDisplay
 	/**
 	 * check attributes together
 	 *
-	 * @overwritable-hook You can extend this method in order to provide your own logic.
-	 *
-	 * @return true|string true if successful, the error description otherwise
+     * @overwritable-hook You can extend this method in order to provide your own logic.
+     * 
+	 * @return bool 
 	 */
 	public function CheckConsistency()
 	{
@@ -2739,72 +2739,50 @@ abstract class DBObject implements iDisplay
 			}
 		}
 
-		$iTransactionRetry = 1;
 		$bIsTransactionEnabled = MetaModel::GetConfig()->Get('db_core_transactions_enabled');
-		if ($bIsTransactionEnabled)
+		try
 		{
-			// TODO Deep clone this object before the transaction (to use it in case of rollback)
-			// $iTransactionRetryCount = MetaModel::GetConfig()->Get('db_core_transactions_retry_count');
-			$iTransactionRetryCount = 1;
-			$iTransactionRetryDelay = MetaModel::GetConfig()->Get('db_core_transactions_retry_delay_ms');
-			$iTransactionRetry = $iTransactionRetryCount;
-		}
-		while ($iTransactionRetry > 0) {
-			try {
-				$iTransactionRetry--;
-				if ($bIsTransactionEnabled) {
-					CMDBSource::Query('START TRANSACTION');
-				}
-
-				// First query built upon on the root class, because the ID must be created first
-				$this->m_iKey = $this->DBInsertSingleTable($sRootClass);
-
-				// Then do the leaf class, if different from the root class
-				if ($sClass != $sRootClass) {
-					$this->DBInsertSingleTable($sClass);
-				}
-
-				// Then do the other classes
-				foreach (MetaModel::EnumParentClasses($sClass) as $sParentClass) {
-					if ($sParentClass == $sRootClass) {
-						continue;
-					}
-					$this->DBInsertSingleTable($sParentClass);
-				}
-
-				$this->OnObjectKeyReady();
-
-				$this->DBWriteLinks();
-				$this->WriteExternalAttributes();
-
-				if ($bIsTransactionEnabled) {
-					CMDBSource::Query('COMMIT');
-				}
-				break;
+			if ($bIsTransactionEnabled)
+			{
+				CMDBSource::Query('START TRANSACTION');
 			}
-			catch (Exception $e) {
-				IssueLog::Error($e->getMessage());
-				if ($bIsTransactionEnabled)
+
+			// First query built upon on the root class, because the ID must be created first
+			$this->m_iKey = $this->DBInsertSingleTable($sRootClass);
+
+			// Then do the leaf class, if different from the root class
+			if ($sClass != $sRootClass)
+			{
+				$this->DBInsertSingleTable($sClass);
+			}
+
+			// Then do the other classes
+			foreach (MetaModel::EnumParentClasses($sClass) as $sParentClass)
+			{
+				if ($sParentClass == $sRootClass)
 				{
-					CMDBSource::Query('ROLLBACK');
-					if (!CMDBSource::IsInsideTransaction() && CMDBSource::IsDeadlockException($e))
-					{
-						// Deadlock found when trying to get lock; try restarting transaction (only in main transaction)
-						if ($iTransactionRetry > 0)
-						{
-							// wait and retry
-							IssueLog::Error("Insert TRANSACTION Retrying...");
-							usleep(random_int(1, 5) * 1000 * $iTransactionRetryDelay * ($iTransactionRetryCount - $iTransactionRetry));
-							continue;
-						}
-						else
-						{
-							IssueLog::Error("Insert Deadlock TRANSACTION prevention failed.");
-						}
-					}
+					continue;
 				}
-				throw $e;
+				$this->DBInsertSingleTable($sParentClass);
 			}
+
+			$this->OnObjectKeyReady();
+
+			$this->DBWriteLinks();
+			$this->WriteExternalAttributes();
+
+			if ($bIsTransactionEnabled)
+			{
+				CMDBSource::Query('COMMIT');
+			}
+		}
+		catch (Exception $e)
+		{
+			if ($bIsTransactionEnabled)
+			{
+				CMDBSource::Query('ROLLBACK');
+			}
+			throw $e;
 		}
 
 		$this->m_bIsInDB = true;
@@ -3145,11 +3123,13 @@ abstract class DBObject implements iDisplay
 				array(), $aParams);
 			while ($oTrigger = $oSet->Fetch())
 			{
-				/** @var \TriggerOnObjectUpdate $oTrigger */
-				try {
+				/** @var \Trigger $oTrigger */
+				try
+				{
 					$oTrigger->DoActivate($this->ToArgs('this'));
 				}
-				catch (Exception $e) {
+				catch(Exception $e)
+				{
 					utils::EnrichRaisedException($oTrigger, $e);
 				}
 			}
@@ -3178,11 +3158,9 @@ abstract class DBObject implements iDisplay
 			$bIsTransactionEnabled = MetaModel::GetConfig()->Get('db_core_transactions_enabled');
 			if ($bIsTransactionEnabled)
 			{
-				// TODO Deep clone this object before the transaction (to use it in case of rollback)
-				// $iTransactionRetryCount = MetaModel::GetConfig()->Get('db_core_transactions_retry_count');
-				$iTransactionRetryCount = 1;
+				$iIsTransactionRetryCount = MetaModel::GetConfig()->Get('db_core_transactions_retry_count');
 				$iIsTransactionRetryDelay = MetaModel::GetConfig()->Get('db_core_transactions_retry_delay_ms');
-				$iTransactionRetry = $iTransactionRetryCount;
+				$iTransactionRetry = $iIsTransactionRetryCount;
 			}
 			while ($iTransactionRetry > 0)
 			{
@@ -3250,6 +3228,13 @@ abstract class DBObject implements iDisplay
 					$this->DBWriteLinks();
 					$this->WriteExternalAttributes();
 
+					// following lines are resetting changes (so after this {@see DBObject::ListChanges()} won't return changes anymore)
+					// new values are already in the object (call {@see DBObject::Get()} to get them)
+					// call {@see DBObject::ListPreviousValuesForUpdatedAttributes()} to get changed fields and previous values
+					$this->m_bDirty = false;
+					$this->m_aTouchedAtt = array();
+					$this->m_aModifiedAtt = array();
+
 					if (count($aChanges) != 0)
 					{
 						$this->RecordAttChanges($aChanges, $aOriginalValues);
@@ -3263,18 +3248,18 @@ abstract class DBObject implements iDisplay
 				}
 				catch (MySQLException $e)
 				{
-					IssueLog::Error($e->getMessage());
 					if ($bIsTransactionEnabled)
 					{
 						CMDBSource::Query('ROLLBACK');
-						if (!CMDBSource::IsInsideTransaction() && CMDBSource::IsDeadlockException($e))
+						if ($e->getCode() == 1213)
 						{
-							// Deadlock found when trying to get lock; try restarting transaction (only in main transaction)
+							// Deadlock found when trying to get lock; try restarting transaction
+							IssueLog::Error($e->getMessage());
 							if ($iTransactionRetry > 0)
 							{
 								// wait and retry
 								IssueLog::Error("Update TRANSACTION Retrying...");
-								usleep(random_int(1, 5) * 1000 * $iIsTransactionRetryDelay * ($iTransactionRetryCount - $iTransactionRetry));
+								usleep(random_int(1, 5) * 1000 * $iIsTransactionRetryDelay * ($iIsTransactionRetryCount - $iTransactionRetry));
 								continue;
 							}
 							else
@@ -3288,11 +3273,10 @@ abstract class DBObject implements iDisplay
 						'id' => $this->GetKey(),
 						'class' => get_class($this),
 						'issues' => $aErrors
-					), $e);
+					));
 				}
 				catch (CoreCannotSaveObjectException $e)
 				{
-					IssueLog::Error($e->getMessage());
 					if ($bIsTransactionEnabled)
 					{
 						CMDBSource::Query('ROLLBACK');
@@ -3301,7 +3285,6 @@ abstract class DBObject implements iDisplay
 				}
 				catch (Exception $e)
 				{
-					IssueLog::Error($e->getMessage());
 					if ($bIsTransactionEnabled)
 					{
 						CMDBSource::Query('ROLLBACK');
@@ -3315,13 +3298,6 @@ abstract class DBObject implements iDisplay
 				}
 			}
 
-			// following lines are resetting changes (so after this {@see DBObject::ListChanges()} won't return changes anymore)
-			// new values are already in the object (call {@see DBObject::Get()} to get them)
-			// call {@see DBObject::ListPreviousValuesForUpdatedAttributes()} to get changed fields and previous values
-			$this->m_bDirty = false;
-			$this->m_aTouchedAtt = array();
-			$this->m_aModifiedAtt = array();
-
 			try
 			{
 				$this->AfterUpdate();
@@ -3520,11 +3496,9 @@ abstract class DBObject implements iDisplay
 		$bIsTransactionEnabled = MetaModel::GetConfig()->Get('db_core_transactions_enabled');
 		if ($bIsTransactionEnabled)
 		{
-			// TODO Deep clone this object before the transaction (to use it in case of rollback)
-			// $iTransactionRetryCount = MetaModel::GetConfig()->Get('db_core_transactions_retry_count');
-			$iTransactionRetryCount = 1;
-			$iTransactionRetryDelay = MetaModel::GetConfig()->Get('db_core_transactions_retry_delay_ms');
-			$iTransactionRetry = $iTransactionRetryCount;
+			$iIsTransactionRetryCount = MetaModel::GetConfig()->Get('db_core_transactions_retry_count');
+			$iIsTransactionRetryDelay = MetaModel::GetConfig()->Get('db_core_transactions_retry_delay_ms');
+			$iTransactionRetry = $iIsTransactionRetryCount;
 		}
 		while ($iTransactionRetry > 0)
 		{
@@ -3547,18 +3521,18 @@ abstract class DBObject implements iDisplay
 			}
 			catch (MySQLException $e)
 			{
-				IssueLog::Error($e->getMessage());
 				if ($bIsTransactionEnabled)
 				{
 					CMDBSource::Query('ROLLBACK');
-					if (!CMDBSource::IsInsideTransaction() && CMDBSource::IsDeadlockException($e))
+					if ($e->getCode() == 1213)
 					{
 						// Deadlock found when trying to get lock; try restarting transaction
+						IssueLog::Error($e->getMessage());
 						if ($iTransactionRetry > 0)
 						{
 							// wait and retry
 							IssueLog::Error("Delete TRANSACTION Retrying...");
-							usleep(random_int(1, 5) * 1000 * $iTransactionRetryDelay * ($iTransactionRetryCount - $iTransactionRetry));
+							usleep(random_int(1, 5) * 1000 * $iIsTransactionRetryDelay * ($iIsTransactionRetryCount - $iTransactionRetry));
 							continue;
 						}
 						else
@@ -3690,7 +3664,7 @@ abstract class DBObject implements iDisplay
 	}
 
     /**
-     * @overwritable-hook You can extend this method in order to provide your own logic.
+     * @internal
      *
      * @return array
      *
@@ -3735,22 +3709,16 @@ abstract class DBObject implements iDisplay
 
 	/**
 	 * Apply a stimulus (workflow)
-	 *
-	 * @api
-	 *
-	 * @param string $sStimulusCode
-	 * @param bool $bDoNotWrite if true we won't save the object !
-	 *
+     *
+     * @api
+     *
+	 * @param string  $sStimulusCode
+	 * @param bool $bDoNotWrite
+     *
 	 * @return bool
-	 *
+     *
 	 * @throws CoreException
 	 * @throws CoreUnexpectedValue
-	 *
-	 * @uses \AttributeStopWatch::Start
-	 * @uses \AttributeStopWatch::Stop
-	 * @uses \DBObject::DBWrite
-	 * @uses \TriggerOnStateLeave::DoActivate
-	 * @uses \TriggerOnStateEnter::DoActivate
 	 */
 	public function ApplyStimulus($sStimulusCode, $bDoNotWrite = false)
 	{
@@ -3874,7 +3842,8 @@ abstract class DBObject implements iDisplay
 				}
 			}
 
-			if (!$bDoNotWrite) {
+			if (!$bDoNotWrite)
+			{
 				$this->DBWrite();
 			}
 
@@ -3882,26 +3851,30 @@ abstract class DBObject implements iDisplay
 			$aParams = array(
 				'class_list' => MetaModel::EnumParentClasses($sClass, ENUM_PARENT_CLASSES_ALL),
 				'previous_state' => $sPreviousState,
-				'new_state' => $sNewState,
-			);
+				'new_state' => $sNewState);
 			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnStateLeave AS t WHERE t.target_class IN (:class_list) AND t.state=:previous_state"), array(), $aParams);
-			while ($oTrigger = $oSet->Fetch()) {
-				/** @var \TriggerOnStateLeave $oTrigger */
-				try {
+			while ($oTrigger = $oSet->Fetch())
+			{
+				/** @var \Trigger $oTrigger */
+				try
+				{
 					$oTrigger->DoActivate($this->ToArgs('this'));
 				}
-				catch (Exception $e) {
+				catch(Exception $e)
+				{
 					utils::EnrichRaisedException($oTrigger, $e);
 				}
 			}
 
 			$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT TriggerOnStateEnter AS t WHERE t.target_class IN (:class_list) AND t.state=:new_state"), array(), $aParams);
-			while ($oTrigger = $oSet->Fetch()) {
-				/** @var \TriggerOnStateEnter $oTrigger */
-				try {
+			while ($oTrigger = $oSet->Fetch())
+			{
+				/** @var \Trigger $oTrigger */
+				try{
 					$oTrigger->DoActivate($this->ToArgs('this'));
 				}
-				catch (Exception $e) {
+				catch(Exception $e)
+				{
 					utils::EnrichRaisedException($oTrigger, $e);
 				}
 			}

core/dbobjectsearch.class.php

@@ -416,10 +416,6 @@ class DBObjectSearch extends DBSearch
 	 * @param string $sFilterCode
 	 * @param mixed $value
 	 * @param string $sOpCode operator to use : 'IN', 'NOT IN', 'Contains',' Begins with', 'Finishes with', ...
-	 *   If no operator is specified then :
-	 *     * for id field we will use "="
-	 *     * for other fields we will call the corresponding {@link AttributeDefinition::GetSmartConditionExpression} method impl
-	 *       to generate the expression
 	 * @param bool $bParseSearchString
 	 *
 	 * @throws \CoreException
@@ -1232,7 +1228,7 @@ class DBObjectSearch extends DBSearch
 				elseif (MetaModel::IsParentClass($oRightFilter->GetFirstJoinedClass(), $oLeftFilter->GetClass()))
 				{
 					// Specialize $oRightFilter
-					$oRightFilter->ChangeClass($oLeftFilter->GetFirstJoinedClass());
+					$oRightFilter->ChangeClass($oLeftFilter->GetClass());
 				}
 				else
 				{

core/dbsearch.class.php

@@ -1004,8 +1004,10 @@ abstract class DBSearch
 	}
 
 	/**
-	 * Generate a SQL query from the current search
-	 *
+     * Generate a SQL query from the current search
+     *
+     * @internal
+     *
 	 * @param array $aOrderBy Array of '[<classalias>.]attcode' => bAscending
 	 * @param array $aArgs
 	 * @param null $aAttToLoad
@@ -1013,16 +1015,12 @@ abstract class DBSearch
 	 * @param int $iLimitCount
 	 * @param int $iLimitStart
 	 * @param bool $bGetCount
-	 * @param bool $bBeautifulSQL
-	 *
 	 * @return string
-	 * @throws \ConfigException
-	 * @throws \CoreException
-	 * @throws \MissingQueryArgument
-	 * @internal
-	 *
+	 * @throws CoreException
+	 * @throws Exception
+	 * @throws MissingQueryArgument
 	 */
-	public function MakeSelectQuery($aOrderBy = array(), $aArgs = array(), $aAttToLoad = null, $aExtendedDataSpec = null, $iLimitCount = 0, $iLimitStart = 0, $bGetCount = false, $bBeautifulSQL = true)
+	public function MakeSelectQuery($aOrderBy = array(), $aArgs = array(), $aAttToLoad = null, $aExtendedDataSpec = null, $iLimitCount = 0, $iLimitStart = 0, $bGetCount = false)
 	{
 		// Check the order by specification, and prefix with the class alias
 		// and make sure that the ordering columns are going to be selected
@@ -1087,7 +1085,8 @@ abstract class DBSearch
 		}
 		try
 		{
-			$sRes = $oSQLQuery->RenderSelect($aOrderSpec, $aScalarArgs, $iLimitCount, $iLimitStart, $bGetCount, $bBeautifulSQL);
+			// $bBeautifulSQL = self::$m_bTraceQueries || self::$m_bDebugQuery || self::$m_bIndentQueries;
+			$sRes = $oSQLQuery->RenderSelect($aOrderSpec, $aScalarArgs, $iLimitCount, $iLimitStart, $bGetCount, true);
 			if ($sClassAlias == '_itop_')
 			{
 				IssueLog::Info('SQL Query (_itop_): '.$sRes);
@@ -1623,7 +1622,7 @@ abstract class DBSearch
 		$oSet = new DBObjectSet($this);
 		if (MetaModel::IsStandaloneClass($sClass))
 		{
-			$oSet->OptimizeColumnLoad(array($this->GetClassAlias() => array()));
+			$oSet->OptimizeColumnLoad(array($this->GetClassAlias() => array('')));
 			$aIds = array($sClass => $oSet->GetColumnAsArray('id'));
 		}
 		else

core/dbunionsearch.class.php

@@ -416,11 +416,7 @@ class DBUnionSearch extends DBSearch
 		$aSearches = array();
 		foreach ($this->aSearches as $oSearch)
 		{
-			if (!$oSearch->IsAllDataAllowed()) {
-				$aSearches[] = $oSearch->Filter($sClassAlias, $oFilter);
-			} else {
-				$aSearches[] = $oSearch;
-			}
+			$aSearches[] = $oSearch->Filter($sClassAlias, $oFilter);
 		}
 		return new DBUnionSearch($aSearches);
 	}

core/dict.class.inc.php

@@ -64,8 +64,6 @@ class Dict
 	protected static $m_aLanguages = array(); // array( code => array( 'description' => '...', 'localized_description' => '...') ...)
 	protected static $m_aData = array();
 	protected static $m_sApplicationPrefix = null;
-	/** @var \ApcService $m_oApcService  */
-	protected static $m_oApcService = null;
 
 	/**
 	 * @param $sLanguageCode
@@ -147,17 +145,15 @@ class Dict
 	{
 		// Attempt to find the string in the user language
 		//
-		$sLangCode = self::GetUserLanguage();
-		self::InitLangIfNeeded($sLangCode);
+		self::InitLangIfNeeded(self::GetUserLanguage());
 
-		if (!array_key_exists($sLangCode, self::$m_aData))
+		if (!array_key_exists(self::GetUserLanguage(), self::$m_aData))
 		{
-			IssueLog::Warning("Cannot find $sLangCode in dictionnaries. default labels displayed");
 			// It may happen, when something happens before the dictionaries get loaded
 			return $sStringCode;
 		}
-		$aCurrentDictionary = self::$m_aData[$sLangCode];
-		if (is_array($aCurrentDictionary) && array_key_exists($sStringCode, $aCurrentDictionary))
+		$aCurrentDictionary = self::$m_aData[self::GetUserLanguage()];
+		if (array_key_exists($sStringCode, $aCurrentDictionary))
 		{
 			return $aCurrentDictionary[$sStringCode];
 		}
@@ -168,7 +164,7 @@ class Dict
 			self::InitLangIfNeeded(self::$m_sDefaultLanguage);
 			
 			$aDefaultDictionary = self::$m_aData[self::$m_sDefaultLanguage];
-			if (is_array($aDefaultDictionary) && array_key_exists($sStringCode, $aDefaultDictionary))
+			if (array_key_exists($sStringCode, $aDefaultDictionary))
 			{
 				return $aDefaultDictionary[$sStringCode];
 			}
@@ -177,7 +173,7 @@ class Dict
 			self::InitLangIfNeeded('EN US');
 
 			$aDefaultDictionary = self::$m_aData['EN US'];
-			if (is_array($aDefaultDictionary) && array_key_exists($sStringCode, $aDefaultDictionary))
+			if (array_key_exists($sStringCode, $aDefaultDictionary))
 			{
 				return $aDefaultDictionary[$sStringCode];
 			}
@@ -236,26 +232,7 @@ class Dict
 	{
 		self::$m_aLanguages = $aLanguagesList;
 	}
-
-	/**
-	 * @since 2.7.6 N°4125
-	 * @return \ApcService
-	 */
-	public static function GetApcService() {
-		if (self::$m_oApcService === null){
-			self::$m_oApcService = new ApcService();
-		}
-		return self::$m_oApcService;
-	}
-
-	/**
-	 * @since 2.7.6 N°4125
-	 * @param \ApcService $m_oApcService
-	 */
-	public static function SetApcService($oApcService) {
-		self::$m_oApcService = $oApcService;
-	}
-
+	
 	/**
 	 * Load a language from the language dictionary, if not already loaded
 	 * @param string $sLangCode Language code
@@ -264,23 +241,20 @@ class Dict
 	public static function InitLangIfNeeded($sLangCode)
 	{
 		if (array_key_exists($sLangCode, self::$m_aData)) return true;
-
+		
 		$bResult = false;
-
-		if (self::GetApcService()->function_exists('apc_fetch')
-			&& (self::$m_sApplicationPrefix !== null))
+		
+		if (function_exists('apc_fetch') && (self::$m_sApplicationPrefix !== null))
 		{
 			// Note: For versions of APC older than 3.0.17, fetch() accepts only one parameter
 			//
-			self::$m_aData[$sLangCode] = self::GetApcService()->apc_fetch(self::$m_sApplicationPrefix.'-dict-'.$sLangCode);
-			if (self::$m_aData[$sLangCode] === false) {
+			self::$m_aData[$sLangCode] = apc_fetch(self::$m_sApplicationPrefix.'-dict-'.$sLangCode);
+			if (self::$m_aData[$sLangCode] === false)
+			{
 				unset(self::$m_aData[$sLangCode]);
-			} else if (! is_array(self::$m_aData[$sLangCode])) {
-				// N°4125: we dont fix dictionnary corrupted cache (on iTop side).
-				// but we log an error in a dedicated channel to let itop administrator be aware of a potential APCu issue to fix.
-				IssueLog::Error("APCu corrupted data (with $sLangCode dictionnary). APCu configuration and running version should be troubleshooted...", LogChannels::APC);
-				$bResult = true;
-			} else {
+			}
+			else
+			{
 				$bResult = true;
 			}
 		}
@@ -289,10 +263,9 @@ class Dict
 			$sDictFile = APPROOT.'env-'.utils::GetCurrentEnvironment().'/dictionaries/'.str_replace(' ', '-', strtolower($sLangCode)).'.dict.php';
 			require_once($sDictFile);
 			
-			if (self::GetApcService()->function_exists('apc_store')
-				&& (self::$m_sApplicationPrefix !== null))
+			if (function_exists('apc_store') && (self::$m_sApplicationPrefix !== null))
 			{
-				self::GetApcService()->apc_store(self::$m_sApplicationPrefix.'-dict-'.$sLangCode, self::$m_aData[$sLangCode]);
+				apc_store(self::$m_sApplicationPrefix.'-dict-'.$sLangCode, self::$m_aData[$sLangCode]);
 			}
 			$bResult = true;
 		}

core/displayablegraph.class.inc.php

@@ -1203,10 +1203,8 @@ class DisplayableGraph extends SimpleGraph
 	 * @param float $xMax Right coordinate of the bounding box to display the graph
 	 * @param float $yMin Top coordinate of the bounding box to display the graph
 	 * @param float $yMax Bottom coordinate of the bounding box to display the graph
-	 *
-	 * @since 2.7.7 3.0.2 3.1.0 N°4985 $sComments param is no longer optional
 	 */
-	function RenderAsPDF(PDFPage $oPage, $sComments, $sContextKey, $xMin = -1, $xMax = -1, $yMin = -1, $yMax = -1)
+	function RenderAsPDF(PDFPage $oPage, $sComments = '', $sContextKey, $xMin = -1, $xMax = -1, $yMin = -1, $yMax = -1)
 	{
 		$aContextDefs = static::GetContextDefinitions($sContextKey, false); // No need to develop the parameters
 		$oPdf = $oPage->get_tcpdf();
@@ -1433,25 +1431,83 @@ class DisplayableGraph extends SimpleGraph
 	 * @param int $iObjKey
 	 * @param string $sContextKey
 	 * @param array $aContextParams
-	 * @param bool $bLazyLoading since 2.7.7 3.0.1
 	 *
 	 * @throws \CoreException
 	 * @throws \DictExceptionMissingString
 	 */
-	function Display(WebPage $oP, $aResults, $sRelation, ApplicationContext $oAppContext, $aExcludedObjects, $sObjClass, $iObjKey, $sContextKey, $aContextParams = array(), $bLazyLoading = false)
-	{
-		list($aExcludedByClass, $aAdditionalContexts) = $this->DisplayFiltering($sContextKey, $aContextParams, $aExcludedObjects, $oP, $aResults, $bLazyLoading);
-		$iGroupingThreshold = utils::ReadParam('g', 5);
+	function Display(WebPage $oP, $aResults, $sRelation, ApplicationContext $oAppContext, $aExcludedObjects, $sObjClass, $iObjKey, $sContextKey, $aContextParams = array())
+	{	
+		$aContextDefs = static::GetContextDefinitions($sContextKey, true, $aContextParams);
+		$aExcludedByClass = array();
+		foreach($aExcludedObjects as $oObj)
+		{
+			if (!array_key_exists(get_class($oObj), $aExcludedByClass))
+			{
+				$aExcludedByClass[get_class($oObj)] = array();
+			}
+			$aExcludedByClass[get_class($oObj)][] = $oObj->GetKey();
+		}
+		$sSftShort = Dict::S('UI:ElementsDisplayed');
+		$sSearchToggle = Dict::S('UI:Search:Toggle');
+		$oP->add("<div class=\"not-printable\">\n");
+		$oP->add(
+<<<EOF
+ <div id="ds_flash" class="search_box">
+	<form id="dh_flash" class="search_form_handler closed">
+	<h2 class="sf_title"><span class="sft_long">$sSftShort</span><span class="sft_short">$sSftShort</span><span class="sft_toggler fas fa-caret-down pull-right" title="$sSearchToggle"></span></h2>
+	<div id="dh_flash_criterion_outer" class="sf_criterion_area"><div class="sf_criterion_row">
+EOF
+		);
+		
+		$oP->add_ready_script(
+<<<EOF
+	$("#dh_flash > .sf_title").click( function() {
+		$("#dh_flash").toggleClass('closed');
+	});
+    $('#ReloadMovieBtn').button().button('disable');
+EOF
+		);
+		$aSortedElements = array();
+		foreach($aResults as $sClassIdx => $aObjects)
+		{
+			foreach($aObjects as $oCurrObj)
+			{
+				$sSubClass = get_class($oCurrObj);
+				$aSortedElements[$sSubClass] = MetaModel::GetName($sSubClass);
+			}
+		}
+				
+		asort($aSortedElements);
+		$idx = 0;
+		foreach($aSortedElements as $sSubClass => $sClassName)
+		{
+			$oP->add("<span style=\"padding-right:2em; white-space:nowrap;\"><input type=\"checkbox\" id=\"exclude_$idx\" name=\"excluded[]\" value=\"$sSubClass\" checked onChange=\"$('#ReloadMovieBtn').button('enable')\"><label for=\"exclude_$idx\">&nbsp;".MetaModel::GetClassIcon($sSubClass)."&nbsp;$sClassName</label></span> ");
+			$idx++;
+		}
+		$oP->add("<p style=\"text-align:right\"><button type=\"button\" id=\"ReloadMovieBtn\" onClick=\"DoReload()\">".Dict::S('UI:Button:Refresh')."</button></p>");
+		$oP->add("</div></div></form>");
+		$oP->add("</div>\n");
+	 	$oP->add("</div>\n"); // class="not-printable"
 
+		$aAdditionalContexts = array();
+		foreach($aContextDefs as $sKey => $aDefinition)
+		{
+			$aAdditionalContexts[] = array('key' => $sKey, 'label' => Dict::S($aDefinition['dict']), 'oql' => $aDefinition['oql'], 'default' => (array_key_exists('default', $aDefinition)  && ($aDefinition['default'] == 'yes')));
+		}
+		
+		$sDirection = utils::ReadParam('d', 'horizontal');
+		$iGroupingThreshold = utils::ReadParam('g', 5);
+	
 		$oP->add_linked_script(utils::GetAbsoluteUrlAppRoot().'js/fraphael.js');
 		$oP->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot().'css/jquery.contextMenu.css');
 		$oP->add_linked_script(utils::GetAbsoluteUrlAppRoot().'js/jquery.contextMenu.js');
 		$oP->add_linked_script(utils::GetAbsoluteUrlAppRoot().'js/simple_graph.js');
-
 		try
 		{
 			$this->InitFromGraphviz();
+			$sExportAsPdfURL = '';
 			$sExportAsPdfURL = utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=relation_pdf&relation='.$sRelation.'&direction='.($this->bDirectionDown ? 'down' : 'up');
+			$oAppcontext = new ApplicationContext();
 			$sContext = $oAppContext->GetForLink();
 			$sDrillDownURL = utils::GetAbsoluteUrlAppRoot().'pages/UI.php?operation=details&class=%1$s&id=%2$s&'.$sContext;
 			$sExportAsDocumentURL = utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=relation_attachment&relation='.$sRelation.'&direction='.($this->bDirectionDown ? 'down' : 'up');
@@ -1530,14 +1586,7 @@ class DisplayableGraph extends SimpleGraph
 				// Export as Attachment requires GD (for building the PDF) AND a valid objclass/objkey couple
 				unset($aParams['export_as_attachment']);
 			}
-			if ($oP->IsPrintableVersion() || !$bLazyLoading) {
-				$oP->add_ready_script(" $('#$sId').simple_graph(".json_encode($aParams).");");
-			} else {
-				$oP->add_script("function Load(){var aExcluded = [];	$('input[name^=excluded]').each( function() {if (!$(this).prop('checked'))	{	aExcluded.push($(this).val());		}} ); var params= $.extend(".json_encode($aParams).",  {excluded_classes: aExcluded}); $('#$sId').simple_graph(params);}");
-				$oP->add_ready_script("$('#impacted_objects_lists').html('".utils::TextToHtml(Dict::S('Relation:impacts/NoFilteredData'))."');$('#impacted_groups').html('".utils::TextToHtml(Dict::S('Relation:impacts/NoFilteredData'))."');");
-
-			}
-
+			$oP->add_ready_script("$('#$sId').simple_graph(".json_encode($aParams).");");
 		}
 		catch(Exception $e)
 		{
@@ -1569,86 +1618,5 @@ class DisplayableGraph extends SimpleGraph
 EOF
 		);
 	}
-
-	/**
-	 * @param $sContextKey
-	 * @param array $aContextParams
-	 * @param array $aExcludedObjects
-	 * @param \WebPage $oP
-	 * @param array $aResults
-	 * @param bool $bLazyLoading
-	 *
-	 * @return array
-	 * @throws \CoreException
-	 * @throws \DictExceptionMissingString
-	 * @since 2.7.7 & 3.0.1
-	 */
-	protected function DisplayFiltering($sContextKey, $aContextParams, $aExcludedObjects, $oP, $aResults, $bLazyLoading)
-	{
-		$aContextDefs = static::GetContextDefinitions($sContextKey, true, $aContextParams);
-		$aExcludedByClass = array();
-		foreach ($aExcludedObjects as $oObj) {
-			if (!array_key_exists(get_class($oObj), $aExcludedByClass)) {
-				$aExcludedByClass[get_class($oObj)] = array();
-			}
-			$aExcludedByClass[get_class($oObj)][] = $oObj->GetKey();
-		}
-		$sSftShort = Dict::S('UI:ElementsDisplayed');
-		$sSearchToggle = Dict::S('UI:Search:Toggle');
-		$oP->add("<div class=\"not-printable\">\n");
-		$oP->add(
-			<<<EOF
- <div id="ds_flash" class="search_box">
-	<form id="dh_flash" class="search_form_handler">
-	<h2 class="sf_title"><span class="sft_long">$sSftShort</span><span class="sft_short">$sSftShort</span><span class="sft_toggler fas fa-caret-down pull-right" title="$sSearchToggle"></span></h2>
-	<div id="dh_flash_criterion_outer" class="sf_criterion_area"><div class="sf_criterion_row">
-EOF
-		);
-
-		$oP->add_ready_script(
-			<<<EOF
-	$("#dh_flash > .sf_title").click( function() {
-		$("#dh_flash").toggleClass('closed');
-	});
-    $('#ReloadMovieBtn').button().button('disable');
-EOF
-		);
-		if ($bLazyLoading) {
-			$oP->add_ready_script("$('#ReloadMovieBtn').button('enable');");
-		} else {
-			$oP->add_ready_script("$('#dh_flash').addClass('closed');");
-		}
-		$aSortedElements = array();
-		foreach ($aResults as $sClassIdx => $aObjects) {
-			foreach ($aObjects as $oCurrObj) {
-				$sSubClass = get_class($oCurrObj);
-				$aSortedElements[$sSubClass] = MetaModel::GetName($sSubClass);
-			}
-		}
-
-		asort($aSortedElements);
-		$idx = 0;
-		foreach ($aSortedElements as $sSubClass => $sClassName) {
-			$oP->add("<span style=\"padding-right:2em; white-space:nowrap;\"><input type=\"checkbox\" id=\"exclude_$idx\" name=\"excluded[]\" value=\"$sSubClass\" checked onChange=\"$('#ReloadMovieBtn').button('enable')\"><label for=\"exclude_$idx\">&nbsp;".MetaModel::GetClassIcon($sSubClass)."&nbsp;$sClassName</label></span> ");
-			$idx++;
-		}
-		if ($bLazyLoading) {
-			$sOnCLick = "Load(); $('#ReloadMovieBtn').attr('onclick','DoReload()');$('#ReloadMovieBtn').html('".Dict::S('UI:Button:Refresh')."');";
-			$oP->add("<p style=\"text-align:right\"><button type=\"button\" id=\"ReloadMovieBtn\" onClick=\"$sOnCLick\">".Dict::S('Relation:impacts/LoadData')."</button></p>");
-		} else {
-			$sOnCLick = "DoReload()";
-			$oP->add("<p style=\"text-align:right\"><button type=\"button\" id=\"ReloadMovieBtn\" onClick=\"$sOnCLick\">".Dict::S('UI:Button:Refresh')."</button></p>");
-		}
-		$oP->add("</div></div></form>");
-		$oP->add("</div>\n");
-		$oP->add("</div>\n"); // class="not-printable"
-
-		$aAdditionalContexts = array();
-		foreach ($aContextDefs as $sKey => $aDefinition) {
-			$aAdditionalContexts[] = array('key' => $sKey, 'label' => Dict::S($aDefinition['dict']), 'oql' => $aDefinition['oql'], 'default' => (array_key_exists('default', $aDefinition) && ($aDefinition['default'] == 'yes')));
-		}
-
-		return array($aExcludedByClass, $aAdditionalContexts);
-	}
 	
 }

core/email.class.inc.php

@@ -24,69 +24,38 @@
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
-use Combodo\iTop\Core\Email\EmailFactory;
-use Combodo\iTop\Core\Email\iEMail;
+Swift_Preferences::getInstance()->setCharset('UTF-8');
 
 
 define ('EMAIL_SEND_OK', 0);
 define ('EMAIL_SEND_PENDING', 1);
 define ('EMAIL_SEND_ERROR', 2);
 
-class EMail implements iEMail
+class EMail
 {
-	/**
-	 * @see self::LoadConfig()
-	 * @var Config
-	 * @since 2.7.7 3.0.2 3.1.0 N°3169 N°5102 Move attribute to children classes
-	 * @since 2.7.8 3.0.3 3.1.0 N°4947 pull up the attribute back to the Email class as config init is done here
-	 */
-	protected static $m_oConfig = null;
-	protected $oMailer;
-
 	// Serialization formats
 	const ORIGINAL_FORMAT = 1; // Original format, consisting in serializing the whole object, inculding the Swift Mailer's object.
-	// Did not work with attachements since their binary representation cannot be stored as a valid UTF-8 string
+							   // Did not work with attachements since their binary representation cannot be stored as a valid UTF-8 string
 	const FORMAT_V2 = 2; // New format, only the raw data are serialized (base64 encoded if needed)
+	
+	protected static $m_oConfig = null;
+	protected $m_aData; // For storing data to serialize
+
+	public function LoadConfig($sConfigFile = ITOP_DEFAULT_CONFIG_FILE)
+	{
+		if (is_null(self::$m_oConfig))
+		{
+			self::$m_oConfig = new Config($sConfigFile);
+		}
+	}
+
+	protected $m_oMessage;
 
 	public function __construct()
 	{
-		$this->oMailer = EmailFactory::GetMailer();
-	}
-
-	/**
-	 * Sets {@see m_oConfig} if current attribute is null
-	 *
-	 * @returns \Config the current {@see m_oConfig} value
-	 * @throws \ConfigException
-	 * @throws \CoreException
-	 *
-	 * @uses utils::GetConfig()
-	 *
-	 * @since 2.7.7 3.0.2 3.1.0 N°3169 N°5102 Move method to children classes
-	 * @since 2.7.8 3.0.3 3.1.0 N°4947 Pull up to the parent class, and remove `$sConfigFile` param
-	 */
-	public function LoadConfig()
-	{
-		if (is_null(static::$m_oConfig)) {
-			static::$m_oConfig = utils::GetConfig();
-		}
-
-		return static::$m_oConfig;
-	}
-
-	/**
-	 * @return void
-	 * @throws \ConfigException
-	 * @throws \CoreException
-	 * @since 2.7.8 3.0.3 3.1.0 N°4947 Method creation, to factorize same code in children classes
-	 */
-	protected function InitRecipientFrom()
-	{
-		$oConfig = $this->LoadConfig();
-		$this->SetRecipientFrom(
-			$oConfig->Get('email_default_sender_address'),
-			$oConfig->Get('email_default_sender_label')
-		);
+		$this->m_aData = array();
+		$this->m_oMessage = Swift_Message::newInstance();
+		$this->SetRecipientFrom(MetaModel::GetConfig()->Get('email_default_sender_address'), MetaModel::GetConfig()->Get('email_default_sender_label'));
 	}
 
 	/**
@@ -97,96 +66,485 @@ class EMail implements iEMail
 	 */
 	public function SerializeV2()
 	{
-		return $this->oMailer->SerializeV2();
+		return serialize($this->m_aData);
 	}
-
+	
 	/**
 	 * Custom de-serialization method
-	 *
 	 * @param string $sSerializedMessage The serialized representation of the message
-	 *
-	 * @return \Email
-	 * @throws \ArchivedObjectException
-	 * @throws \CoreException
-	 * @throws \Symfony\Component\CssSelector\Exception\SyntaxErrorException
 	 */
 	static public function UnSerializeV2($sSerializedMessage)
 	{
-		return EmailFactory::GetMailer()::UnSerializeV2($sSerializedMessage);
+		$aData = unserialize($sSerializedMessage);
+		$oMessage = new Email();
+		
+		if (array_key_exists('body', $aData))
+		{
+			$oMessage->SetBody($aData['body']['body'], $aData['body']['mimeType']);
+		}
+		if (array_key_exists('message_id', $aData))
+		{
+			$oMessage->SetMessageId($aData['message_id']);
+		}
+		if (array_key_exists('bcc', $aData))
+		{
+			$oMessage->SetRecipientBCC($aData['bcc']);
+		}
+		if (array_key_exists('cc', $aData))
+		{
+			$oMessage->SetRecipientCC($aData['cc']);
+		}
+		if (array_key_exists('from', $aData))
+		{
+			$oMessage->SetRecipientFrom($aData['from']['address'], $aData['from']['label']);
+		}
+		if (array_key_exists('reply_to', $aData))
+		{
+			$oMessage->SetRecipientReplyTo($aData['reply_to']);
+		}
+		if (array_key_exists('to', $aData))
+		{
+			$oMessage->SetRecipientTO($aData['to']);
+		}
+		if (array_key_exists('subject', $aData))
+		{
+			$oMessage->SetSubject($aData['subject']);
+		}
+		
+		
+		if (array_key_exists('headers', $aData))
+		{
+			foreach($aData['headers'] as $sKey => $sValue)
+			{
+				$oMessage->AddToHeader($sKey, $sValue);
+			}
+		}
+		if (array_key_exists('parts', $aData))
+		{
+			foreach($aData['parts'] as $aPart)
+			{
+				$oMessage->AddPart($aPart['text'], $aPart['mimeType']);
+			}
+		}
+		if (array_key_exists('attachments', $aData))
+		{
+			foreach($aData['attachments'] as $aAttachment)
+			{
+				$oMessage->AddAttachment(base64_decode($aAttachment['data']), $aAttachment['filename'], $aAttachment['mimeType']);
+			}
+		}
+		return $oMessage;
+	}
+	
+  	protected function SendAsynchronous(&$aIssues, $oLog = null)
+	{
+		try
+		{
+			AsyncSendEmail::AddToQueue($this, $oLog);
+		}
+		catch(Exception $e)
+		{
+			$aIssues = array($e->GetMessage());
+			return EMAIL_SEND_ERROR;
+		}
+		$aIssues = array();
+		return EMAIL_SEND_PENDING;
+	}
+
+	protected function SendSynchronous(&$aIssues, $oLog = null)
+	{
+		// If the body of the message is in HTML, embed all images based on attachments
+		$this->EmbedInlineImages();
+		
+		$this->LoadConfig();
+
+		$sTransport = self::$m_oConfig->Get('email_transport');
+		switch ($sTransport)
+		{
+		case 'SMTP':
+			$sHost = self::$m_oConfig->Get('email_transport_smtp.host');
+			$sPort = self::$m_oConfig->Get('email_transport_smtp.port');
+			$sEncryption = self::$m_oConfig->Get('email_transport_smtp.encryption');
+			$sUserName = self::$m_oConfig->Get('email_transport_smtp.username');
+			$sPassword = self::$m_oConfig->Get('email_transport_smtp.password');
+
+			$oTransport = Swift_SmtpTransport::newInstance($sHost, $sPort, $sEncryption);
+			if (strlen($sUserName) > 0)
+			{
+				$oTransport->setUsername($sUserName);
+				$oTransport->setPassword($sPassword);
+			}
+			break;
+
+		case 'Null':
+			$oTransport = Swift_NullTransport::newInstance();
+			break;
+		
+		case 'LogFile':
+			$oTransport = Swift_LogFileTransport::newInstance();
+			$oTransport->setLogFile(APPROOT.'log/mail.log');
+			break;
+			
+		case 'PHPMail':
+		default:
+			$oTransport = Swift_MailTransport::newInstance();
+		}
+
+		$oMailer = Swift_Mailer::newInstance($oTransport);
+
+		$aFailedRecipients = array();
+		$this->m_oMessage->setMaxLineLength(0);
+		$oKPI = new ExecutionKPI();
+		try
+		{
+			$iSent = $oMailer->send($this->m_oMessage, $aFailedRecipients);
+			if ($iSent === 0)
+			{
+				// Beware: it seems that $aFailedRecipients sometimes contains the recipients that actually received the message !!!
+				IssueLog::Warning('Email sending failed: Some recipients were invalid, aFailedRecipients contains: '.implode(', ', $aFailedRecipients));
+				$aIssues = array('Some recipients were invalid.');
+				$oKPI->ComputeStats('Email Sent', 'Error received');
+				return EMAIL_SEND_ERROR;
+			}
+			else
+			{
+				$aIssues = array();
+				$oKPI->ComputeStats('Email Sent', 'Succeded');
+				return EMAIL_SEND_OK;
+			}
+		}
+		catch (Exception $e)
+		{
+			$oKPI->ComputeStats('Email Sent', 'Error received');
+			throw $e;
+		}
+	}
+	
+	/**
+	 * Reprocess the body of the message (if it is an HTML message)
+	 * to replace the URL of images based on attachments by a link
+	 * to an embedded image (i.e. cid:....)
+	 */
+	protected function EmbedInlineImages()
+	{
+		if ($this->m_aData['body']['mimeType'] == 'text/html')
+		{
+			$oDOMDoc = new DOMDocument();
+			$oDOMDoc->preserveWhitespace = true;
+			@$oDOMDoc->loadHTML('<?xml encoding="UTF-8"?>'.$this->m_aData['body']['body']); // For loading HTML chunks where the character set is not specified
+
+			$oXPath = new DOMXPath($oDOMDoc);
+			$sXPath = '//img[@'.InlineImage::DOM_ATTR_ID.']';
+			$oImagesList = $oXPath->query($sXPath);
+
+			if ($oImagesList->length != 0)
+			{
+				foreach($oImagesList as $oImg)
+				{
+					$iAttId = $oImg->getAttribute(InlineImage::DOM_ATTR_ID);
+					$oAttachment = MetaModel::GetObject('InlineImage', $iAttId, false, true /* Allow All Data */);
+					if ($oAttachment)
+					{
+						$sImageSecret = $oImg->getAttribute('data-img-secret');
+						$sAttachmentSecret = $oAttachment->Get('secret');
+						if ($sImageSecret !== $sAttachmentSecret)
+						{
+							// @see N°1921
+							// If copying from another iTop we could get an IMG pointing to an InlineImage with wrong secret
+							continue;
+						}
+
+						$oDoc = $oAttachment->Get('contents');
+						$oSwiftImage = new Swift_Image($oDoc->GetData(), $oDoc->GetFileName(), $oDoc->GetMimeType());
+						$sCid = $this->m_oMessage->embed($oSwiftImage);
+						$oImg->setAttribute('src', $sCid);
+					}
+				}
+			}
+			$sHtmlBody = $oDOMDoc->saveHTML();
+			$this->m_oMessage->setBody($sHtmlBody, 'text/html', 'UTF-8');
+		}
 	}
 
 	public function Send(&$aIssues, $bForceSynchronous = false, $oLog = null)
 	{
-		return $this->oMailer->Send($aIssues, $bForceSynchronous, $oLog);
+		//select a default sender if none is provided.
+		if(empty($this->m_aData['from']['address']) && !empty($this->m_aData['to'])){
+			$this->SetRecipientFrom($this->m_aData['to']);
+		}
+
+		if ($bForceSynchronous)
+		{
+			return $this->SendSynchronous($aIssues, $oLog);
+		}
+		else
+		{
+			$bConfigASYNC = MetaModel::GetConfig()->Get('email_asynchronous');
+			if ($bConfigASYNC)
+			{
+				return $this->SendAsynchronous($aIssues, $oLog);
+			}
+			else
+			{
+				return $this->SendSynchronous($aIssues, $oLog);
+			}
+		}
 	}
 
 	public function AddToHeader($sKey, $sValue)
 	{
-		$this->oMailer->AddToHeader($sKey, $sValue);
+		if (!array_key_exists('headers', $this->m_aData))
+		{
+			$this->m_aData['headers'] = array();
+		}
+		$this->m_aData['headers'][$sKey] = $sValue;
+		
+		if (strlen($sValue) > 0)
+		{
+			$oHeaders = $this->m_oMessage->getHeaders();
+			switch(strtolower($sKey))
+			{
+				case 'return-path':
+					$this->m_oMessage->setReturnPath($sValue);
+					break;
+
+				default:
+					$oHeaders->addTextHeader($sKey, $sValue);
+			}
+		}
 	}
 
 	public function SetMessageId($sId)
 	{
-		$this->oMailer->SetMessageId($sId);
+		$this->m_aData['message_id'] = $sId;
+		
+		// Note: Swift will add the angle brackets for you
+		// so let's remove the angle brackets if present, for historical reasons
+		$sId = str_replace(array('<', '>'), '', $sId);
+		
+		$oMsgId = $this->m_oMessage->getHeaders()->get('Message-ID');
+		$oMsgId->SetId($sId);
 	}
 	
 	public function SetReferences($sReferences)
 	{
-		$this->oMailer->SetReferences($sReferences);
+		$this->AddToHeader('References', $sReferences);
 	}
 
 	public function SetBody($sBody, $sMimeType = 'text/html', $sCustomStyles = null)
 	{
-		$this->oMailer->SetBody($sBody, $sMimeType, $sCustomStyles);
+		if (($sMimeType === 'text/html') && ($sCustomStyles !== null))
+		{
+			$emogrifier = new \Pelago\Emogrifier($sBody, $sCustomStyles);
+			$sBody = $emogrifier->emogrify(); // Adds html/body tags if not already present
+		}
+		$this->m_aData['body'] = array('body' => $sBody, 'mimeType' => $sMimeType);
+		$this->m_oMessage->setBody($sBody, $sMimeType);
 	}
 
 	public function AddPart($sText, $sMimeType = 'text/html')
 	{
-		$this->oMailer->AddPart($sText, $sMimeType);
+		if (!array_key_exists('parts', $this->m_aData))
+		{
+			$this->m_aData['parts'] = array();
+		}
+		$this->m_aData['parts'][] = array('text' => $sText, 'mimeType' => $sMimeType);
+		$this->m_oMessage->addPart($sText, $sMimeType);
 	}
 
 	public function AddAttachment($data, $sFileName, $sMimeType)
 	{
-		$this->oMailer->AddAttachment($data, $sFileName, $sMimeType);
+		if (!array_key_exists('attachments', $this->m_aData))
+		{
+			$this->m_aData['attachments'] = array();
+		}
+		$this->m_aData['attachments'][] = array('data' => base64_encode($data), 'filename' => $sFileName, 'mimeType' => $sMimeType);
+		$this->m_oMessage->attach(Swift_Attachment::newInstance($data, $sFileName, $sMimeType));
 	}
 
 	public function SetSubject($sSubject)
 	{
-		$this->oMailer->SetSubject($sSubject);
+		$this->m_aData['subject'] = $sSubject;
+		$this->m_oMessage->setSubject($sSubject);
 	}
 
 	public function GetSubject()
 	{
-		return $this->oMailer->GetSubject();
+		return $this->m_oMessage->getSubject();
 	}
 
+	/**
+	 * Helper to transform and sanitize addresses
+	 * - get rid of empty addresses	 
+	 */	 	
+	protected function AddressStringToArray($sAddressCSVList)
+	{
+		$aAddresses = array();
+		foreach(explode(',', $sAddressCSVList) as $sAddress)
+		{
+			$sAddress = trim($sAddress);
+			if (strlen($sAddress) > 0)
+			{
+				$aAddresses[] = $sAddress;
+			}
+		}
+		return $aAddresses;
+	}
+	
 	public function SetRecipientTO($sAddress)
 	{
-		$this->oMailer->SetRecipientTO($sAddress);
+		$this->m_aData['to'] = $sAddress;
+		if (!empty($sAddress))
+		{
+			$aAddresses = $this->AddressStringToArray($sAddress);
+			$this->m_oMessage->setTo($aAddresses);
+		}
 	}
 
 	public function GetRecipientTO($bAsString = false)
 	{
-		return $this->oMailer->GetRecipientTO($bAsString);
+		$aRes = $this->m_oMessage->getTo();
+		if ($aRes === null)
+		{
+			// There is no "To" header field
+			$aRes = array();
+		}
+		if ($bAsString)
+		{
+			$aStrings = array();
+			foreach ($aRes as $sEmail => $sName)
+			{
+				if (is_null($sName))
+				{
+					$aStrings[] = $sEmail;
+				}
+				else
+				{
+					$sName = str_replace(array('<', '>'), '', $sName);
+					$aStrings[] = "$sName <$sEmail>";
+				}
+			}
+			return implode(', ', $aStrings);
+		}
+		else
+		{
+			return $aRes;
+		}
 	}
 
 	public function SetRecipientCC($sAddress)
 	{
-		$this->oMailer->SetRecipientCC($sAddress);
+		$this->m_aData['cc'] = $sAddress;
+		if (!empty($sAddress))
+		{
+			$aAddresses = $this->AddressStringToArray($sAddress);
+			$this->m_oMessage->setCc($aAddresses);
+		}
 	}
 
 	public function SetRecipientBCC($sAddress)
 	{
-		$this->oMailer->SetRecipientBCC($sAddress);
+		$this->m_aData['bcc'] = $sAddress;
+		if (!empty($sAddress))
+		{
+			$aAddresses = $this->AddressStringToArray($sAddress);
+			$this->m_oMessage->setBcc($aAddresses);
+		}
 	}
 
 	public function SetRecipientFrom($sAddress, $sLabel = '')
 	{
-		$this->oMailer->SetRecipientFrom($sAddress, $sLabel);
+		$this->m_aData['from'] = array('address' => $sAddress, 'label' => $sLabel);
+		if ($sLabel != '')
+		{
+			$this->m_oMessage->setFrom(array($sAddress => $sLabel));		
+		}
+		else if (!empty($sAddress))
+		{
+			$this->m_oMessage->setFrom($sAddress);
+		}
 	}
 
 	public function SetRecipientReplyTo($sAddress)
 	{
-		$this->oMailer->SetRecipientReplyTo($sAddress);
+		$this->m_aData['reply_to'] = $sAddress;
+		if (!empty($sAddress))
+		{
+			$this->m_oMessage->setReplyTo($sAddress);
+		}
+	}
+
+}
+
+/////////////////////////////////////////////////////////////////////////////////////
+
+/**
+ * Extension to SwiftMailer: "debug" transport that pretends messages have been sent,
+ * but just log them to a file.
+ *
+ * @package Swift
+ * @author  Denis Flaven
+ */
+class Swift_Transport_LogFileTransport extends Swift_Transport_NullTransport
+{
+	protected $sLogFile;
+	
+	/**
+	 * Sends the given message.
+	 *
+	 * @param Swift_Mime_Message $message
+	 * @param string[]           $failedRecipients An array of failures by-reference
+	 *
+	 * @return int     The number of sent emails
+	 */
+	public function send(Swift_Mime_Message $message, &$failedRecipients = null)
+	{
+		$hFile = @fopen($this->sLogFile, 'a');
+		if ($hFile)
+		{
+			$sTxt = "================== ".date('Y-m-d H:i:s')." ==================\n";
+			$sTxt .= $message->toString()."\n";
+		
+			@fwrite($hFile, $sTxt);
+			@fclose($hFile);
+		}
+		
+		return parent::send($message, $failedRecipients);
+	}
+	
+	public function setLogFile($sFilename)
+	{
+		$this->sLogFile = $sFilename;
+	}
+}
+
+/**
+ * Pretends messages have been sent, but just log them to a file.
+ *
+ * @package Swift
+ * @author  Denis Flaven
+ */
+class Swift_LogFileTransport extends Swift_Transport_LogFileTransport
+{
+	/**
+	 * Create a new LogFileTransport.
+	 */
+	public function __construct()
+	{
+		call_user_func_array(
+		array($this, 'Swift_Transport_LogFileTransport::__construct'),
+		Swift_DependencyContainer::getInstance()
+		->createDependenciesFor('transport.null')
+		);
+	}
+
+	/**
+	 * Create a new LogFileTransport instance.
+	 *
+	 * @return Swift_LogFileTransport
+	 */
+	public static function newInstance()
+	{
+		return new self();
 	}
 }

core/htmlsanitizer.class.inc.php

@@ -34,51 +34,43 @@ abstract class HTMLSanitizer
 	
 	/**
 	 * Sanitize an HTML string with the configured sanitizer, falling back to HTMLDOMSanitizer in case of Exception or invalid configuration
-	 *
 	 * @param string $sHTML
-	 * @param string $sConfigKey
-	 *
 	 * @return string
-	 * @noinspection SelfClassReferencingInspection
 	 */
-	public static function Sanitize($sHTML, $sConfigKey = 'html_sanitizer')
+	public static function Sanitize($sHTML)
 	{
-		$sSanitizerClass = MetaModel::GetConfig()->Get($sConfigKey);
-		if (!class_exists($sSanitizerClass)) {
-			IssueLog::Warning('The configured "'.$sConfigKey.'" class "'.$sSanitizerClass.'" is not a valid class. Will use HTMLDOMSanitizer as the default sanitizer.');
+		$sSanitizerClass = MetaModel::GetConfig()->Get('html_sanitizer');
+		if(!class_exists($sSanitizerClass))
+		{
+			IssueLog::Warning('The configured "html_sanitizer" class "'.$sSanitizerClass.'" is not a valid class. Will use HTMLDOMSanitizer as the default sanitizer.');
 			$sSanitizerClass = 'HTMLDOMSanitizer';
-		} else if (false === is_subclass_of($sSanitizerClass, HTMLSanitizer::class)) {
-			if ($sConfigKey === 'html_sanitizer') {
-				IssueLog::Warning('The configured "'.$sConfigKey.'" class "'.$sSanitizerClass.'" is not a subclass of HTMLSanitizer. Will use HTMLDOMSanitizer as the default sanitizer.');
-				$sSanitizerClass = 'HTMLDOMSanitizer';
-			}
-			if ($sConfigKey === 'svg_sanitizer') {
-				IssueLog::Error('The configured "'.$sConfigKey.'" class "'.$sSanitizerClass.'" is not a subclass of '.HTMLSanitizer::class.' ! Won\'t sanitize string.');
-
-				return $sHTML;
-			}
 		}
-
-		try {
+		else if(!is_subclass_of($sSanitizerClass, 'HTMLSanitizer'))
+		{
+			IssueLog::Warning('The configured "html_sanitizer" class "'.$sSanitizerClass.'" is not a subclass of HTMLSanitizer. Will use HTMLDOMSanitizer as the default sanitizer.');
+			$sSanitizerClass = 'HTMLDOMSanitizer';
+		}
+		
+		try
+		{
 			$oSanitizer = new $sSanitizerClass();
 			$sCleanHTML = $oSanitizer->DoSanitize($sHTML);
 		}
-		catch(Exception $e) {
-			if ($sConfigKey === 'html_sanitizer') {
-				if ($sSanitizerClass !== HTMLDOMSanitizer::class) {
-					IssueLog::Warning('Failed to sanitize an HTML string with "'.$sSanitizerClass.'". The following exception occured: '.$e->getMessage());
-					IssueLog::Warning('Will try to sanitize with HTMLDOMSanitizer.');
-					// try again with the HTMLDOMSanitizer
-					$oSanitizer = new HTMLDOMSanitizer();
-					$sCleanHTML = $oSanitizer->DoSanitize($sHTML);
-				} else {
-					IssueLog::Error('Failed to sanitize an HTML string with "HTMLDOMSanitizer". The following exception occured: '.$e->getMessage());
-					IssueLog::Error('The HTML will NOT be sanitized.');
-					$sCleanHTML = $sHTML;
-				}
-			} else {
-				IssueLog::Error('Failed to sanitize string with "'.$sSanitizerClass.'", will return original value ! Exception: '.$e->getMessage());
-				$sCleanHTML = $sHTML;
+		catch(Exception $e)
+		{
+			if($sSanitizerClass != 'HTMLDOMSanitizer')
+			{
+				IssueLog::Warning('Failed to sanitize an HTML string with "'.$sSanitizerClass.'". The following exception occured: '.$e->getMessage());
+				IssueLog::Warning('Will try to sanitize with HTMLDOMSanitizer.');
+				// try again with the HTMLDOMSanitizer
+				$oSanitizer = new HTMLDOMSanitizer();
+				$sCleanHTML = $oSanitizer->DoSanitize($sHTML);
+			}
+			else
+			{
+				IssueLog::Error('Failed to sanitize an HTML string with "HTMLDOMSanitizer". The following exception occured: '.$e->getMessage());
+				IssueLog::Error('The HTML will NOT be sanitized.');
+				$sCleanHTML = $sHTML;	
 			}
 		}
 		return $sCleanHTML;
@@ -105,179 +97,67 @@ class HTMLNullSanitizer extends HTMLSanitizer
 	{
 		return $sHTML;
 	}
-
+	
 }
 
-
 /**
- * Common implementation for sanitizer using DOM parsing
+ * A standard-compliant HTMLSanitizer based on the HTMLPurifier library by Edward Z. Yang
+ * Complete but quite slow
+ * http://htmlpurifier.org
  */
-abstract class DOMSanitizer extends HTMLSanitizer
+/*
+class HTMLPurifierSanitizer extends HTMLSanitizer
 {
-	/** @var DOMDocument */
-	protected $oDoc;
-	/**
-	 * @var string Class to use for InlineImage static method calls
-	 * @used-by \Combodo\iTop\Test\UnitTest\Core\Sanitizer\HTMLDOMSanitizerTest::testDoSanitizeCallInlineImageProcessImageTag
-	 */
-	protected $sInlineImageClassName;
-
-	public function __construct($sInlineImageClassName = InlineImage::class)
+	protected static $oPurifier = null;
+	
+	public function __construct()
 	{
-		parent::__construct();
-
-		$this->sInlineImageClassName = $sInlineImageClassName;
+		if (self::$oPurifier == null)
+		{
+			$sLibPath = APPROOT.'lib/htmlpurifier/HTMLPurifier.auto.php';
+			if (!file_exists($sLibPath))
+			{
+				throw new Exception("Missing library '$sLibPath', cannot use HTMLPurifierSanitizer.");
+			}
+			require_once($sLibPath);
+			
+			$oPurifierConfig = HTMLPurifier_Config::createDefault();
+			$oPurifierConfig->set('Core.Encoding', 'UTF-8'); // defaults to 'UTF-8'
+			$oPurifierConfig->set('HTML.Doctype', 'XHTML 1.0 Strict'); // defaults to 'XHTML 1.0 Transitional'
+			$oPurifierConfig->set('URI.AllowedSchemes', array (
+				'http' => true,
+				'https' => true,
+				'data' => true, // This one is not present by default
+			));
+			$sPurifierCache = APPROOT.'data/HTMLPurifier';
+			if (!is_dir($sPurifierCache))
+			{
+				mkdir($sPurifierCache);
+			}
+			if (!is_dir($sPurifierCache))
+			{
+				throw new Exception("Could not create the cache directory '$sPurifierCache'");
+			}
+			$oPurifierConfig->set('Cache.SerializerPath', $sPurifierCache); // no trailing slash
+			self::$oPurifier = new HTMLPurifier($oPurifierConfig);
+		}
 	}
-
-	abstract public function GetTagsWhiteList();
-
-	abstract public function GetTagsBlackList();
-
-	abstract public function GetAttrsWhiteList();
-
-	abstract public function GetAttrsBlackList();
-
-	abstract public function GetStylesWhiteList();
-
+	
 	public function DoSanitize($sHTML)
 	{
-		$this->oDoc = new DOMDocument();
-		$this->oDoc->preserveWhitespace = true;
-
-		// MS outlook implements empty lines by the mean of <p><o:p></o:p></p>
-		// We have to transform that into <p><br></p> (which is how Thunderbird implements empty lines)
-		// Unfortunately, DOMDocument::loadHTML does not take the tag namespaces into account (once loaded there is no way to know if the tag did have a namespace)
-		// therefore we have to do the transformation upfront
-		$sHTML = preg_replace('@<o:p>(\s|&nbsp;)*</o:p>@', '<br>', $sHTML);
-
-		$this->LoadDoc($sHTML);
-
-		$this->CleanNode($this->oDoc);
-
-		$sCleanHtml = $this->PrintDoc();
-
-		return $sCleanHtml;
-	}
-
-	abstract public function LoadDoc($sHTML);
-
-	/**
-	 * @return string cleaned source
-	 * @uses \DOMSanitizer::oDoc
-	 */
-	abstract public function PrintDoc();
-
-	protected function CleanNode(DOMNode $oElement)
-	{
-		$aAttrToRemove = array();
-		// Gather the attributes to remove
-		if ($oElement->hasAttributes()) {
-			foreach ($oElement->attributes as $oAttr) {
-				$sAttr = strtolower($oAttr->name);
-				if ((false === empty($this->GetAttrsBlackList()))
-					&& (in_array($sAttr, $this->GetAttrsBlackList(), true))) {
-					$aAttrToRemove[] = $oAttr->name;
-				} else if ((false === empty($this->GetTagsWhiteList()))
-					&& (false === in_array($sAttr, $this->GetTagsWhiteList()[strtolower($oElement->tagName)]))) {
-					$aAttrToRemove[] = $oAttr->name;
-				} else if (!$this->IsValidAttributeContent($sAttr, $oAttr->value)) {
-					// Invalid content
-					$aAttrToRemove[] = $oAttr->name;
-				} else if ($sAttr == 'style') {
-					// Special processing for style tags
-					$sCleanStyle = $this->CleanStyle($oAttr->value);
-					if ($sCleanStyle == '') {
-						// Invalid content
-						$aAttrToRemove[] = $oAttr->name;
-					} else {
-						$oElement->setAttribute($oAttr->name, $sCleanStyle);
-					}
-				}
-			}
-			// Now remove them
-			foreach($aAttrToRemove as $sName)
-			{
-				$oElement->removeAttribute($sName);
-			}
-		}
-		
-		if ($oElement->hasChildNodes())
-		{
-			$aChildElementsToRemove = array();
-			// Gather the child noes to remove
-			foreach($oElement->childNodes as $oNode) {
-				if ($oNode instanceof DOMElement) {
-					$sNodeTagName = strtolower($oNode->tagName);
-				}
-				if (($oNode instanceof DOMElement)
-					&& (false === empty($this->GetTagsBlackList()))
-					&& (in_array($sNodeTagName, $this->GetTagsBlackList(), true))) {
-					$aChildElementsToRemove[] = $oNode;
-				} else if (($oNode instanceof DOMElement)
-					&& (false === empty($this->GetTagsWhiteList()))
-					&& (false === array_key_exists($sNodeTagName, $this->GetTagsWhiteList()))) {
-					$aChildElementsToRemove[] = $oNode;
-				} else if ($oNode instanceof DOMComment) {
-					$aChildElementsToRemove[] = $oNode;
-				} else {
-					// Recurse
-					$this->CleanNode($oNode);
-					if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img')) {
-						$this->sInlineImageClassName::ProcessImageTag($oNode);
-					}
-				}
-			}
-			// Now remove them
-			foreach($aChildElementsToRemove as $oDomElement)
-			{
-				$oElement->removeChild($oDomElement);
-			}
-		}
-	}
-
-	protected function IsValidAttributeContent($sAttributeName, $sValue)
-	{
-		if ((false === empty($this->GetAttrsBlackList()))
-			&& (in_array($sAttributeName, $this->GetAttrsBlackList(), true))) {
-			return true;
-		}
-
-		if (array_key_exists($sAttributeName, $this->GetAttrsWhiteList())) {
-			return preg_match($this->GetAttrsWhiteList()[$sAttributeName], $sValue);
-		}
-
-		return true;
-	}
-
-	protected function CleanStyle($sStyle)
-	{
-		if (empty($this->GetStylesWhiteList())) {
-			return $sStyle;
-		}
-
-		$aAllowedStyles = array();
-		$aItems = explode(';', $sStyle);
-		{
-			foreach ($aItems as $sItem) {
-				$aElements = explode(':', trim($sItem));
-				if (in_array(trim(strtolower($aElements[0])), $this->GetStylesWhiteList())) {
-					$aAllowedStyles[] = trim($sItem);
-				}
-			}
-		}
-
-		return implode(';', $aAllowedStyles);
+		$sCleanHtml = self::$oPurifier->purify($sHTML);
+		return $sCleanHtml;		
 	}
 }
+*/
 
-
-class HTMLDOMSanitizer extends DOMSanitizer
+class HTMLDOMSanitizer extends HTMLSanitizer
 {
 	protected $oDoc;
 
 	/**
-	 * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations
 	 * @var array
+	 * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations
 	 */
 	protected static $aTagsWhiteList = array(
 		'html' => array(),
@@ -334,8 +214,8 @@ class HTMLDOMSanitizer extends DOMSanitizer
 	);
 
 	/**
-	 * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations
 	 * @var array
+	 * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations
 	 */
 	protected static $aStylesWhiteList = array(
 		'background-color',
@@ -359,200 +239,164 @@ class HTMLDOMSanitizer extends DOMSanitizer
 		'white-space',
 	);
 
-	public function __construct($sInlineImageClassName = InlineImage::class)
+	public function __construct()
 	{
-		parent::__construct($sInlineImageClassName);
+		parent::__construct();
 
 		// Building href validation pattern from url and email validation patterns as the patterns are not used the same way in HTML content than in standard attributes value.
 		// eg. "foo@bar.com" vs "mailto:foo@bar.com?subject=Title&body=Hello%20world"
-		if (!array_key_exists('href', self::$aAttrsWhiteList)) {
+		if (!array_key_exists('href', self::$aAttrsWhiteList))
+		{
 			// Regular urls
 			$sUrlPattern = utils::GetConfig()->Get('url_validation_pattern');
 
 			// Mailto urls
-			$sMailtoPattern = '(mailto:('.utils::GetConfig()->Get('email_validation_pattern').')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
+			$sMailtoPattern = '(mailto:(' . utils::GetConfig()->Get('email_validation_pattern') . ')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
 
 			// Notification placeholders
 			// eg. $this->caller_id$, $this->hyperlink()$, $this->hyperlink(portal)$, $APP_URL$, $MODULES_URL$, ...
 			// Note: Authorize both $xxx$ and %24xxx%24 as the latter one is encoded when used in HTML attributes (eg. a[href])
 			$sPlaceholderPattern = '(\$|%24)[\w-]*(->[\w]*(\([\w-]*?\))?)?(\$|%24)';
 
-			$sPattern = $sUrlPattern.'|'.$sMailtoPattern.'|'.$sPlaceholderPattern;
+			$sPattern = $sUrlPattern . '|' . $sMailtoPattern . '|' . $sPlaceholderPattern;
 			$sPattern = '/'.str_replace('/', '\/', $sPattern).'/i';
 			self::$aAttrsWhiteList['href'] = $sPattern;
 		}
 	}
 
-	public function GetTagsWhiteList()
+	public function DoSanitize($sHTML)
 	{
-		return static::$aTagsWhiteList;
-	}
-
-	public function GetTagsBlackList()
-	{
-		return [];
-	}
-
-	public function GetAttrsWhiteList()
-	{
-		return static::$aAttrsWhiteList;
-	}
-
-	public function GetAttrsBlackList()
-	{
-		return [];
-	}
-
-	public function GetStylesWhiteList()
-	{
-		return static::$aStylesWhiteList;
-	}
-
-	public function LoadDoc($sHTML)
-	{
-		@$this->oDoc->loadHTML('<?xml encoding="UTF-8"?>'.$sHTML); // For loading HTML chunks where the character set is not specified
+		$this->oDoc = new DOMDocument();
 		$this->oDoc->preserveWhitespace = true;
-	}
 
-	public function PrintDoc()
-	{
+		// MS outlook implements empty lines by the mean of <p><o:p></o:p></p>
+		// We have to transform that into <p><br></p> (which is how Thunderbird implements empty lines)
+		// Unfortunately, DOMDocument::loadHTML does not take the tag namespaces into account (once loaded there is no way to know if the tag did have a namespace)
+		// therefore we have to do the transformation upfront
+		$sHTML = preg_replace('@<o:p>(\s|&nbsp;)*</o:p>@', '<br>', $sHTML);
+		// Replace badly encoded non breaking space
+		$sHTML = preg_replace('~\xc2\xa0~', ' ', $sHTML);
+
+		@$this->oDoc->loadHTML('<?xml encoding="UTF-8"?>'.$sHTML); // For loading HTML chunks where the character set is not specified
+		
+		$this->CleanNode($this->oDoc);
+		
 		$oXPath = new DOMXPath($this->oDoc);
 		$sXPath = "//body";
 		$oNodesList = $oXPath->query($sXPath);
-
-		if ($oNodesList->length == 0) {
+		
+		if ($oNodesList->length == 0)
+		{
 			// No body, save the whole document
 			$sCleanHtml = $this->oDoc->saveHTML();
-		} else {
+		}
+		else
+		{
 			// Export only the content of the body tag
 			$sCleanHtml = $this->oDoc->saveHTML($oNodesList->item(0));
 			// remove the body tag itself
-			$sCleanHtml = str_replace(array('<body>', '</body>'), '', $sCleanHtml);
+			$sCleanHtml = str_replace( array('<body>', '</body>'), '', $sCleanHtml);
 		}
-
+		
 		return $sCleanHtml;
 	}
-}
-
-
-/**
- * @since 2.6.5 2.7.6 3.0.0 N°4360
- */
-class SVGDOMSanitizer extends DOMSanitizer
-{
-	public function GetTagsWhiteList()
+	
+	protected function CleanNode(DOMNode $oElement)
 	{
-		return [];
+		$aAttrToRemove = array();
+		// Gather the attributes to remove
+		if ($oElement->hasAttributes())
+		{
+			foreach($oElement->attributes as $oAttr)
+			{
+				$sAttr = strtolower($oAttr->name);
+				if (!in_array($sAttr, self::$aTagsWhiteList[strtolower($oElement->tagName)]))
+				{
+					// Forbidden (or unknown) attribute
+					$aAttrToRemove[] = $oAttr->name;
+				}
+				else if (!$this->IsValidAttributeContent($sAttr, $oAttr->value))
+				{
+					// Invalid content
+					$aAttrToRemove[] = $oAttr->name;
+				}
+				else if ($sAttr == 'style')
+				{
+					// Special processing for style tags
+					$sCleanStyle = $this->CleanStyle($oAttr->value);
+					if ($sCleanStyle == '')
+					{
+						// Invalid content
+						$aAttrToRemove[] = $oAttr->name;
+					}
+					else
+					{
+						$oElement->setAttribute($oAttr->name, $sCleanStyle);
+					}
+				}
+			}
+			// Now remove them
+			foreach($aAttrToRemove as $sName)
+			{
+				$oElement->removeAttribute($sName);
+			}
+		}
+		
+		if ($oElement->hasChildNodes())
+		{
+			$aChildElementsToRemove = array();
+			// Gather the child noes to remove
+			foreach($oElement->childNodes as $oNode)
+			{
+				if (($oNode instanceof DOMElement) && (!array_key_exists(strtolower($oNode->tagName), self::$aTagsWhiteList)))
+				{
+					$aChildElementsToRemove[] = $oNode;
+				}
+				else if ($oNode instanceof DOMComment)
+				{
+					$aChildElementsToRemove[] = $oNode;
+				}
+				else
+				{
+					// Recurse
+					$this->CleanNode($oNode);
+					if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img'))
+					{
+						InlineImage::ProcessImageTag($oNode);
+					}
+				}
+			}
+			// Now remove them
+			foreach($aChildElementsToRemove as $oDomElement)
+			{
+				$oElement->removeChild($oDomElement);
+			}
+		}
 	}
 
-	/**
-	 * @return string[]
-	 * @link https://developer.mozilla.org/en-US/docs/Web/SVG/Element/script
-	 */
-	public function GetTagsBlackList()
+	protected function CleanStyle($sStyle)
 	{
-		return [
-			'script',
-		];
+		$aAllowedStyles = array();
+		$aItems = explode(';', $sStyle);
+		{
+			foreach($aItems as $sItem)
+			{
+				$aElements = explode(':', trim($sItem));
+				if (in_array(trim(strtolower($aElements[0])), static::$aStylesWhiteList))
+				{
+					$aAllowedStyles[] = trim($sItem);
+				}
+			}
+		}
+		return implode(';', $aAllowedStyles);
 	}
-
-	public function GetAttrsWhiteList()
+	
+	protected function IsValidAttributeContent($sAttributeName, $sValue)
 	{
-		return [];
-	}
-
-	/**
-	 * @return string[]
-	 * @link https://developer.mozilla.org/en-US/docs/Web/SVG/Attribute/Events#document_event_attributes
-	 */
-	public function GetAttrsBlackList()
-	{
-		return [
-			'onbegin',
-			'onbegin',
-			'onrepeat',
-			'onabort',
-			'onerror',
-			'onerror',
-			'onscroll',
-			'onunload',
-			'oncopy',
-			'oncut',
-			'onpaste',
-			'oncancel',
-			'oncanplay',
-			'oncanplaythrough',
-			'onchange',
-			'onclick',
-			'onclose',
-			'oncuechange',
-			'ondblclick',
-			'ondrag',
-			'ondragend',
-			'ondragenter',
-			'ondragleave',
-			'ondragover',
-			'ondragstart',
-			'ondrop',
-			'ondurationchange',
-			'onemptied',
-			'onended',
-			'onerror',
-			'onfocus',
-			'oninput',
-			'oninvalid',
-			'onkeydown',
-			'onkeypress',
-			'onkeyup',
-			'onload',
-			'onloadeddata',
-			'onloadedmetadata',
-			'onloadstart',
-			'onmousedown',
-			'onmouseenter',
-			'onmouseleave',
-			'onmousemove',
-			'onmouseout',
-			'onmouseover',
-			'onmouseup',
-			'onmousewheel',
-			'onpause',
-			'onplay',
-			'onplaying',
-			'onprogress',
-			'onratechange',
-			'onreset',
-			'onresize',
-			'onscroll',
-			'onseeked',
-			'onseeking',
-			'onselect',
-			'onshow',
-			'onstalled',
-			'onsubmit',
-			'onsuspend',
-			'ontimeupdate',
-			'ontoggle',
-			'onvolumechange',
-			'onwaiting',
-			'onactivate',
-			'onfocusin',
-			'onfocusout',
-		];
-	}
-
-	public function GetStylesWhiteList()
-	{
-		return [];
-	}
-
-	public function LoadDoc($sHTML)
-	{
-		@$this->oDoc->loadXml($sHTML, LIBXML_NOBLANKS);
-	}
-
-	public function PrintDoc()
-	{
-		return $this->oDoc->saveXML();
+		if (array_key_exists($sAttributeName, self::$aAttrsWhiteList))
+		{
+			return preg_match(self::$aAttrsWhiteList[$sAttributeName], $sValue);
+		}
+		return true;
 	}
 }

core/iTopConfigParser.php

@@ -6,8 +6,6 @@
  */
 
 use PhpParser\Node\Expr\Assign;
-use PhpParser\Node\Expr\Variable;
-use PhpParser\Parser;
 use PhpParser\ParserFactory;
 use PhpParser\PrettyPrinter\Standard;
 
@@ -82,49 +80,38 @@ class iTopConfigParser
 	 * @param \PhpParser\Parser $oParser
 	 * @param $sConfig
 	 *
-	 * @return void
+	 * @return \Combodo\iTop\Config\Validator\ConfigNodesVisitor
 	 */
-	private function BrowseFile(Parser $oParser, $sConfig)
+	private function BrowseFile(\PhpParser\Parser $oParser, $sConfig)
 	{
 		$prettyPrinter = new Standard();
 
-		try {
+		try
+		{
 			$aNodes = $oParser->parse($sConfig);
 		}
-		catch (\Error $e) {
+		catch (\Error $e)
+		{
 			$sMessage = Dict::Format('config-parse-error', $e->getMessage(), $e->getLine());
 			$this->oException = new \Exception($sMessage, 0, $e);
 		}
 
-		foreach ($aNodes as $sKey => $oNode) {
-			// With PhpParser 3 we had an Assign node at root
-			// In PhpParser 4 the root node is now an Expression
-
-			if (false === ($oNode instanceof \PhpParser\Node\Stmt\Expression)) {
-				continue;
-			}
-			/** @var \PhpParser\Node\Stmt\Expression $oNode */
-
-			if (false === ($oNode->expr instanceof Assign)) {
-				continue;
-			}
-			/** @var Assign $oAssignation */
-			$oAssignation = $oNode->expr;
-
-			if (false === ($oAssignation->var instanceof Variable)) {
-				continue;
-			}
-			if (false === ($oAssignation->expr instanceof PhpParser\Node\Expr\Array_)) {
+		foreach ($aNodes as $oAssignation)
+		{
+			if (! $oAssignation instanceof Assign)
+			{
 				continue;
 			}
 
 			$sCurrentRootVar = $oAssignation->var->name;
-			if (!array_key_exists($sCurrentRootVar, $this->aVarsMap)) {
+			if (!array_key_exists($sCurrentRootVar, $this->aVarsMap))
+			{
 				continue;
 			}
 			$aCurrentRootVarMap =& $this->aVarsMap[$sCurrentRootVar];
 
-			foreach ($oAssignation->expr->items as $oItem) {
+			foreach ($oAssignation->expr->items as $oItem)
+			{
 				$sValue = $prettyPrinter->prettyPrintExpr($oItem->value);
 				$aCurrentRootVarMap[$oItem->key->value] = $sValue;
 			}

core/inlineimage.class.inc.php

@@ -176,29 +176,31 @@ class InlineImage extends DBObject
 			$sOQL = 'SELECT InlineImage WHERE temp_id = :temp_id';
 			$oSearch = DBObjectSearch::FromOQL($sOQL);
 			$oSet = new DBObjectSet($oSearch, array(), array('temp_id' => $sTempId));
-			$aInlineImagesId = array();
-			while ($oInlineImage = $oSet->Fetch()) {
-				$aInlineImagesId[] = $oInlineImage->GetKey();
+            $aInlineImagesId = array();
+			while($oInlineImage = $oSet->Fetch())
+			{
+                $aInlineImagesId[] = $oInlineImage->GetKey();
 				$oInlineImage->SetItem($oObject);
 				$oInlineImage->Set('temp_id', '');
 				$oInlineImage->DBUpdate();
 			}
-			IssueLog::Trace('FinalizeInlineImages (see $aInlineImagesId for the id list)', LogChannels::INLINE_IMAGE, array(
-				'$sObjectClass' => get_class($oObject),
-				'$sTransactionId' => $iTransactionId,
-				'$sTempId' => $sTempId,
-				'$aInlineImagesId' => $aInlineImagesId,
-				'$sUser' => UserRights::GetUser(),
-				'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
-			));
+            IssueLog::Trace('FinalizeInlineImages (see $aInlineImagesId for the id list)', 'InlineImage', array(
+                '$sObjectClass' => get_class($oObject),
+                '$sTransactionId' => $iTransactionId,
+                '$sTempId' => $sTempId,
+                '$aInlineImagesId' => $aInlineImagesId,
+                '$sUser' => UserRights::GetUser(),
+                'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
+            ));
 		}
-        else {
-	        IssueLog::Trace('FinalizeInlineImages "error" $iTransactionId is null', LogChannels::INLINE_IMAGE, array(
-		        '$sObjectClass' => get_class($oObject),
-		        '$sTransactionId' => $iTransactionId,
-		        '$sUser' => UserRights::GetUser(),
-		        'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
-	        ));
+        else
+        {
+            IssueLog::Trace('FinalizeInlineImages "error" $iTransactionId is null', 'InlineImage', array(
+                '$sObjectClass' => get_class($oObject),
+                '$sTransactionId' => $iTransactionId,
+                '$sUser' => UserRights::GetUser(),
+                'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
+            ));
         }
 	}
 	
@@ -218,12 +220,12 @@ class InlineImage extends DBObject
             $aInlineImagesId[] = $oInlineImage->GetKey();
 			$oInlineImage->DBDelete();
 		}
-		IssueLog::Trace('OnFormCancel', LogChannels::INLINE_IMAGE, array(
-			'$sTempId' => $sTempId,
-			'$aInlineImagesId' => $aInlineImagesId,
-			'$sUser' => UserRights::GetUser(),
-			'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
-		));
+        IssueLog::Trace('OnFormCancel', 'InlineImage', array(
+            '$sTempId' => $sTempId,
+            '$aInlineImagesId' => $aInlineImagesId,
+            '$sUser' => UserRights::GetUser(),
+            'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
+        ));
 	}
 	
 	/**
@@ -563,17 +565,17 @@ JS
 
     protected function AfterInsert()
     {
-	    IssueLog::Trace(__METHOD__, LogChannels::INLINE_IMAGE, array(
-		    'id' => $this->GetKey(),
-		    'expire' => $this->Get('expire'),
-		    'temp_id' => $this->Get('temp_id'),
-		    'item_class' => $this->Get('item_class'),
-		    'item_id' => $this->Get('item_id'),
-		    'item_org_id' => $this->Get('item_org_id'),
-		    'secret' => $this->Get('secret'),
-		    'user' => $sUser = UserRights::GetUser(),
-		    'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
-		    'REQUEST_URI' => @$_SERVER['REQUEST_URI'],
+        IssueLog::Trace(__METHOD__, 'InlineImage', array(
+            'id' => $this->GetKey(),
+            'expire' => $this->Get('expire'),
+            'temp_id' => $this->Get('temp_id'),
+            'item_class' => $this->Get('item_class'),
+            'item_id' => $this->Get('item_id'),
+            'item_org_id' => $this->Get('item_org_id'),
+            'secret' => $this->Get('secret'),
+            'user' => $sUser = UserRights::GetUser(),
+            'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
+            'REQUEST_URI' => @$_SERVER['REQUEST_URI'],
         ));
 
 	    parent::AfterInsert();
@@ -581,17 +583,17 @@ JS
 
     protected function AfterUpdate()
     {
-	    IssueLog::Trace(__METHOD__, LogChannels::INLINE_IMAGE, array(
-		    'id' => $this->GetKey(),
-		    'expire' => $this->Get('expire'),
-		    'temp_id' => $this->Get('temp_id'),
-		    'item_class' => $this->Get('item_class'),
-		    'item_id' => $this->Get('item_id'),
-		    'item_org_id' => $this->Get('item_org_id'),
-		    'secret' => $this->Get('secret'),
-		    'user' => $sUser = UserRights::GetUser(),
-		    'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
-		    'REQUEST_URI' => @$_SERVER['REQUEST_URI'],
+        IssueLog::Trace(__METHOD__, 'InlineImage', array(
+            'id' => $this->GetKey(),
+            'expire' => $this->Get('expire'),
+            'temp_id' => $this->Get('temp_id'),
+            'item_class' => $this->Get('item_class'),
+            'item_id' => $this->Get('item_id'),
+            'item_org_id' => $this->Get('item_org_id'),
+            'secret' => $this->Get('secret'),
+            'user' => $sUser = UserRights::GetUser(),
+            'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
+            'REQUEST_URI' => @$_SERVER['REQUEST_URI'],
         ));
 
 	    parent::AfterUpdate();
@@ -599,17 +601,17 @@ JS
 
     protected function AfterDelete()
     {
-	    IssueLog::Trace(__METHOD__, LogChannels::INLINE_IMAGE, array(
-		    'id' => $this->GetKey(),
-		    'expire' => $this->Get('expire'),
-		    'temp_id' => $this->Get('temp_id'),
-		    'item_class' => $this->Get('item_class'),
-		    'item_id' => $this->Get('item_id'),
-		    'item_org_id' => $this->Get('item_org_id'),
-		    'secret' => $this->Get('secret'),
-		    'user' => $sUser = UserRights::GetUser(),
-		    'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
-		    'REQUEST_URI' => @$_SERVER['REQUEST_URI'],
+        IssueLog::Trace(__METHOD__, 'InlineImage', array(
+            'id' => $this->GetKey(),
+            'expire' => $this->Get('expire'),
+            'temp_id' => $this->Get('temp_id'),
+            'item_class' => $this->Get('item_class'),
+            'item_id' => $this->Get('item_id'),
+            'item_org_id' => $this->Get('item_org_id'),
+            'secret' => $this->Get('secret'),
+            'user' => $sUser = UserRights::GetUser(),
+            'HTTP_REFERER' => @$_SERVER['HTTP_REFERER'],
+            'REQUEST_URI' => @$_SERVER['REQUEST_URI'],
         ));
 
 	    parent::AfterDelete();

core/log.class.inc.php

@@ -398,10 +398,10 @@ class MonthlyRotatingLogFileNameBuilder extends RotatingLogFileNameBuilder
 	 */
 	protected function GetFileSuffix($oDate)
 	{
-		$sMonthYear = $oDate->format('o');
-		$sMonthNumber = $oDate->format('m');
+		$sWeekYear = $oDate->format('o');
+		$sWeekNumber = $oDate->format('m');
 
-		return $sMonthYear.'-month'.$sMonthNumber;
+		return $sWeekYear.'-month'.$sWeekNumber;
 	}
 
 	/**
@@ -502,7 +502,6 @@ class FileLog
 	protected function Write($sText, $sLevel = '', $sChannel = '', $aContext = array())
 	{
 		$sTextPrefix = empty($sLevel) ? '' : (str_pad($sLevel, 7).' | ');
-		$sTextPrefix .= str_pad(UserRights::GetUserId(), 5)." | ";
 		$sTextSuffix = empty($sChannel) ? '' : " | $sChannel";
 		$sText = "{$sTextPrefix}{$sText}{$sTextSuffix}";
 		$sLogFilePath = $this->oFileNameBuilder->GetLogFilePath();
@@ -517,9 +516,12 @@ class FileLog
 		{
 			flock($hLogFile, LOCK_EX);
 			$sDate = date('Y-m-d H:i:s');
-			if (empty($aContext)) {
+			if (empty($aContext))
+			{
 				fwrite($hLogFile, "$sDate | $sText\n");
-			} else {
+			}
+			else
+			{
 				$sContext = var_export($aContext, true);
 				fwrite($hLogFile, "$sDate | $sText\n$sContext\n");
 			}
@@ -530,38 +532,6 @@ class FileLog
 	}
 }
 
-
-/**
- * Simple enum like class to factorize channels values as constants
- * Channels are used especially as parameters in {@see \LogAPI} methods
- *
- * @since 2.7.5 3.0.0 N°4012
- */
-class LogChannels
-{
-	const APC = 'apc';
-
-	/**
-	 * @var string
-	 * @since 2.7.7 N°4558 use this new channel when logging DB transactions
-	 */
-	const CMDB_SOURCE = 'cmdbsource';
-
-	const DEADLOCK = 'DeadLock';
-
-	const INLINE_IMAGE = 'InlineImage';
-
-	/**
-	 * @var string
-	 * @since 3.0.1 N°4849
-	 * @since 2.7.7 N°4635
-	 */
-	const NOTIFICATIONS = 'notifications';
-
-	const PORTAL = 'portal';
-}
-
-
 abstract class LogAPI
 {
 	const CHANNEL_DEFAULT   = '';
@@ -573,11 +543,11 @@ abstract class LogAPI
 	const LEVEL_DEBUG       = 'Debug';
 	const LEVEL_TRACE       = 'Trace';
 	/**
-	 * @see GetMinLogLevel
 	 * @var string default log level, can be overrided
+	 * @see GetMinLogLevel
 	 * @since 2.7.1 N°2977
 	 */
-	const LEVEL_DEFAULT = self::LEVEL_OK;
+	const LEVEL_DEFAULT     = self::LEVEL_OK;
 
 	protected static $aLevelsPriority = array(
 		self::LEVEL_ERROR   => 400,
@@ -634,29 +604,36 @@ abstract class LogAPI
 
 	public static function Log($sLevel, $sMessage, $sChannel = null, $aContext = array())
 	{
-		if (!static::$m_oFileLog) {
+		if (! static::$m_oFileLog)
+		{
 			return;
 		}
 
-		if (!isset(self::$aLevelsPriority[$sLevel])) {
+		if (! isset(self::$aLevelsPriority[$sLevel]))
+		{
 			IssueLog::Error("invalid log level '{$sLevel}'");
-
 			return;
 		}
 
-		if (is_null($sChannel)) {
+		if (is_null($sChannel))
+		{
 			$sChannel = static::CHANNEL_DEFAULT;
 		}
 
 		$sMinLogLevel = self::GetMinLogLevel($sChannel);
 
-		if ($sMinLogLevel === false || $sMinLogLevel === 'false') {
+		if ($sMinLogLevel === false || $sMinLogLevel === 'false')
+		{
 			return;
 		}
-		if (is_string($sMinLogLevel)) {
-			if (!isset(self::$aLevelsPriority[$sMinLogLevel])) {
+		if (is_string($sMinLogLevel))
+		{
+			if (! isset(self::$aLevelsPriority[$sMinLogLevel]))
+			{
 				throw new Exception("invalid configuration for log_level '{$sMinLogLevel}' is not within the list: ".implode(',', array_keys(self::$aLevelsPriority)));
-			} elseif (self::$aLevelsPriority[$sLevel] < self::$aLevelsPriority[$sMinLogLevel]) {
+			}
+			elseif (self::$aLevelsPriority[$sLevel] < self::$aLevelsPriority[$sMinLogLevel])
+			{
 				//priority too low regarding the conf, do not log this
 				return;
 			}
@@ -698,7 +675,7 @@ abstract class LogAPI
 
 		if (isset($sLogLevelMin[static::CHANNEL_DEFAULT]))
 		{
-			return $sLogLevelMin[static::CHANNEL_DEFAULT];
+			return $sLogLevelMin[$sChannel];
 		}
 
 		return static::LEVEL_DEFAULT;
@@ -763,7 +740,7 @@ class DeadLockLog extends LogAPI
 				return self::CHANNEL_WAIT_TIMEOUT;
 				break;
 			case 1213:
-				return self::CHANNEL_DEADLOCK_FOUND;
+				return  self::CHANNEL_DEADLOCK_FOUND;
 				break;
 			default:
 				return self::CHANNEL_DEFAULT;
@@ -772,21 +749,17 @@ class DeadLockLog extends LogAPI
 	}
 
 	/**
-	 * @param string $sLevel
+	 * @param int $iMySQLErrNo will be converted to channel using {@link GetChannelFromMysqlErrorNo}
 	 * @param string $sMessage
-	 * @param int $iMysqlErrorNumber will be converted to channel using {@link GetChannelFromMysqlErrorNo}
+	 * @param null $iMysqlErroNo
 	 * @param array $aContext
 	 *
 	 * @throws \Exception
-	 * @noinspection PhpParameterNameChangedDuringInheritanceInspection
-	 *
-	 * @since 2.7.1 method creation
-	 * @since 2.7.5 3.0.0 rename param names and fix phpdoc (thanks Hipska !)
 	 */
-	public static function Log($sLevel, $sMessage, $iMysqlErrorNumber = null, $aContext = array())
+	public static function Log($iMySQLErrNo, $sMessage, $iMysqlErroNo = null, $aContext = array())
 	{
-		$sChannel = self::GetChannelFromMysqlErrorNo($iMysqlErrorNumber);
-		parent::Log($sLevel, $sMessage, $sChannel, $aContext);
+		$sChannel = self::GetChannelFromMysqlErrorNo($iMysqlErroNo);
+		parent::Log($iMySQLErrNo, $sMessage, $sChannel, $aContext);
 	}
 }
 

core/metamodel.class.php

@@ -589,10 +589,10 @@ abstract class MetaModel
 	 * @param string $sRuleId
 	 *
 	 * @throws \CoreException
-	 * @since 2.6.1 N°1968 (sous les pavés, la plage) initialize in 'root_class' property the class that has the first
+	 * @since 2.6.1 N°1918 (sous les pavés, la plage) initialize in 'root_class' property the class that has the first
 	 *         definition of the rule in the hierarchy
 	 */
-	private static function SetUniquenessRuleRootClass($sRootClass, $sRuleId)
+	final private static function SetUniquenessRuleRootClass($sRootClass, $sRuleId)
 	{
 		foreach (self::EnumChildClasses($sRootClass, ENUM_CHILD_CLASSES_ALL) as $sClass)
 		{
@@ -5366,7 +5366,7 @@ abstract class MetaModel
 				$aSugFix[$sClass]['id'][] = "ALTER TABLE `$sTable` ADD $sKeyFieldDefinition";
 				if (!$bTableToCreate)
 				{
-					$aAlterTableItems[$sTable]['field'][$sKeyField] = "ADD $sKeyFieldDefinition";
+					$aAlterTableItems[$sTable][$sKeyField] = "ADD $sKeyFieldDefinition";
 				}
 			}
 			else
@@ -5379,7 +5379,7 @@ abstract class MetaModel
 					$aSugFix[$sClass]['id'][] = "ALTER TABLE `$sTable`, DROP PRIMARY KEY, ADD PRIMARY key(`$sKeyField`)";
 					if (!$bTableToCreate)
 					{
-						$aAlterTableItems[$sTable]['field'][$sKeyField] = "CHANGE `$sKeyField` $sKeyFieldDefinition";
+						$aAlterTableItems[$sTable][$sKeyField] = "CHANGE `$sKeyField` $sKeyFieldDefinition";
 					}
 				}
 				if (self::IsAutoIncrementKey($sClass) && !CMDBSource::IsAutoIncrement($sTable, $sKeyField))
@@ -5388,7 +5388,7 @@ abstract class MetaModel
 					$aSugFix[$sClass]['id'][] = "ALTER TABLE `$sTable` CHANGE `$sKeyField` $sKeyFieldDefinition";
 					if (!$bTableToCreate)
 					{
-						$aAlterTableItems[$sTable]['field'][$sKeyField] = "CHANGE `$sKeyField` $sKeyFieldDefinition";
+						$aAlterTableItems[$sTable][$sKeyField] = "CHANGE `$sKeyField` $sKeyFieldDefinition";
 					}
 				}
 			}
@@ -5451,7 +5451,7 @@ abstract class MetaModel
 						}
 						else
 						{
-							$aAlterTableItems[$sTable]['field'][$sField] = "ADD $sFieldDefinition";
+							$aAlterTableItems[$sTable][$sField] = "ADD $sFieldDefinition";
 							$aAdditionalRequests = self::GetAdditionalRequestAfterAlter($sClass, $sTable, $sField);
 							if (!empty($aAdditionalRequests))
 							{
@@ -5495,7 +5495,7 @@ abstract class MetaModel
 							}
 							else
 							{
-								$aAlterTableItems[$sTable]['index'][] = "ADD $sIndexType `$sIndexName` ($sColumns)";
+								$aAlterTableItems[$sTable][] = "ADD $sIndexType `$sIndexName` ($sColumns)";
 							}
 						}
 
@@ -5536,7 +5536,7 @@ abstract class MetaModel
 								if (CMDBSource::HasIndex($sTable, $sField))
 								{
 									$aSugFix[$sClass][$sAttCode][] = "ALTER TABLE `$sTable` DROP INDEX `$sIndexName`";
-									$aAlterTableItems[$sTable]['index'][] = "DROP INDEX `$sIndexName`";
+									$aAlterTableItems[$sTable][] = "DROP INDEX `$sIndexName`";
 								}
 								$sSugFixAfterChange = "ALTER TABLE `$sTable` ADD $sIndexType `$sIndexName` ($sColumns)";
 								$sAlterTableItemsAfterChange = "ADD $sIndexType `$sIndexName` ($sColumns)";
@@ -5550,7 +5550,7 @@ abstract class MetaModel
 						{
 							$aErrors[$sClass][$sAttCode][] = "field '$sField' in table '$sTable' has a wrong type: found <code>$sActualFieldSpec</code> while expecting <code>$sDBFieldSpec</code>";
 							$aSugFix[$sClass][$sAttCode][] = "ALTER TABLE `$sTable` CHANGE `$sField` $sFieldDefinition";
-							$aAlterTableItems[$sTable]['field'][$sField] = "CHANGE `$sField` $sFieldDefinition";
+							$aAlterTableItems[$sTable][$sField] = "CHANGE `$sField` $sFieldDefinition";
 						}
 
 						// Create indexes (external keys only... so far)
@@ -5565,7 +5565,7 @@ abstract class MetaModel
 							}
 							else
 							{
-								$aAlterTableItems[$sTable]['index'][] = $sAlterTableItemsAfterChange;
+								$aAlterTableItems[$sTable][] = $sAlterTableItemsAfterChange;
 							}
 						}
 					}
@@ -5625,12 +5625,9 @@ abstract class MetaModel
 							{
 								$aAlterTableItems[$sTable] = array();
 							}
-							if (isset($aAlterTableItems[$sTable]['index']))
-							{
-								array_unshift($aAlterTableItems[$sTable]['index'], "DROP INDEX `$sIndexId`");
-							}
+							array_unshift($aAlterTableItems[$sTable], "DROP INDEX `$sIndexId`");
 						}
-						$aAlterTableItems[$sTable]['index'][] = "ADD INDEX `$sIndexId` ($sColumns)";
+						$aAlterTableItems[$sTable][] = "ADD INDEX `$sIndexId` ($sColumns)";
 					}
 				}
 			}
@@ -5648,7 +5645,7 @@ abstract class MetaModel
 						// without specifying the value of this unknown column
 						$sFieldDefinition = "`$sField` ".CMDBSource::GetFieldType($sTable, $sField).' NULL';
 						$aSugFix[$sClass][$sAttCode][] = "ALTER TABLE `$sTable` CHANGE `$sField` $sFieldDefinition";
-						$aAlterTableItems[$sTable]['field'][$sField] = "CHANGE `$sField` $sFieldDefinition";
+						$aAlterTableItems[$sTable][$sField] = "CHANGE `$sField` $sFieldDefinition";
 					}
 					$aSugFix[$sClass][$sAttCode][] = "-- Recommended action: ALTER TABLE `$sTable` DROP `$sField`";
 				}
@@ -5667,10 +5664,7 @@ abstract class MetaModel
 					{
 						$aAlterTableItems[$sTable] = array();
 					}
-					if (isset($aAlterTableItems[$sTable]['index']))
-					{
-						array_unshift($aAlterTableItems[$sTable]['index'], "DROP INDEX `$sIndexId`");
-					}
+					array_unshift($aAlterTableItems[$sTable], "DROP INDEX `$sIndexId`");
 				}
 			}
 
@@ -5702,16 +5696,8 @@ abstract class MetaModel
 		}
 		foreach ($aAlterTableItems as $sTable => $aChangeList)
 		{
-			if (isset($aAlterTableItems[$sTable]['field']))
-			{
-				$sChangeList = implode(', ', $aChangeList['field']);
-				$aCondensedQueries[] = "ALTER TABLE `$sTable` $sChangeList";
-			}
-			if (isset($aAlterTableItems[$sTable]['index']))
-			{
-				$sChangeList = implode(', ', $aChangeList['index']);
-				$aCondensedQueries[] = "ALTER TABLE `$sTable` $sChangeList";
-			}
+			$sChangeList = implode(', ', $aChangeList);
+			$aCondensedQueries[] = "ALTER TABLE `$sTable` $sChangeList";
 			// Add request right after the ALTER TABLE
 			if (isset($aPostTableAlteration[$sTable]))
 			{
@@ -7330,11 +7316,9 @@ abstract class MetaModel
 	 * @param string $sInput
 	 * @param array $aParams
 	 *
-	 * @return string
-	 *
-	 * @throws \Exception
+	 * @return mixed
 	 */
-	public static function ApplyParams($sInput, $aParams)
+	static public function ApplyParams($sInput, $aParams)
 	{
 		$aParams = static::AddMagicPlaceholders($aParams);
 
@@ -7344,11 +7328,14 @@ abstract class MetaModel
 
 		$aSearches = array();
 		$aReplacements = array();
-		foreach ($aParams as $sSearch => $replace) {
+		foreach($aParams as $sSearch => $replace)
+		{
 			// Some environment parameters are objects, we just need scalars
-			if (is_object($replace)) {
+			if (is_object($replace))
+			{
 				$iPos = strpos($sSearch, '->object()');
-				if ($iPos !== false) {
+				if ($iPos !== false)
+				{
 					// Expand the parameters for the object
 					$sName = substr($sSearch, 0, $iPos);
 					// Note: Capturing
@@ -7356,67 +7343,63 @@ abstract class MetaModel
 					// 2 - The arrow
 					// 3 - The attribute code
 					$aRegExps = array(
-						'/(\\$)'.$sName.'-(>|&gt;)([^\\$]+)\\$/', // Support both syntaxes: $this->xxx$ or $this-&gt;xxx$ for HTML compatibility
-						'/(%24)'.$sName.'-(>|&gt;)([^%24]+)%24/', // Support for urlencoded in HTML attributes (%20this-&gt;xxx%20)
-					);
-					foreach ($aRegExps as $sRegExp) {
-						if (preg_match_all($sRegExp, $sInput, $aMatches)) {
-							foreach ($aMatches[3] as $idx => $sPlaceholderAttCode) {
-								try {
-									$sReplacement = $replace->GetForTemplate($sPlaceholderAttCode);
-									if ($sReplacement !== null) {
-										$aReplacements[] = $sReplacement;
-										$aSearches[] = $aMatches[1][$idx].$sName.'-'.$aMatches[2][$idx].$sPlaceholderAttCode.$aMatches[1][$idx];
-									}
-								}
-								catch (Exception $e) {
-									$aContext = [
-										'placeholder'   => $sPlaceholderAttCode,
-										'replace class' => get_class($replace),
-									];
-									if ($replace instanceof DBObject) {
-										$aContext['replace id'] = $replace->GetKey();
-									}
-									IssueLog::Debug(
-										'Invalid placeholder in notification, no replacement will occur!',
-										LogChannels::NOTIFICATIONS,
-										$aContext
-									);
-								}
-							}
-						}
-					}
-				} else {
+                        '/(\\$)'.$sName.'-(>|&gt;)([^\\$]+)\\$/', // Support both syntaxes: $this->xxx$ or $this-&gt;xxx$ for HTML compatibility
+                        '/(%24)'.$sName.'-(>|&gt;)([^%24]+)%24/', // Support for urlencoded in HTML attributes (%20this-&gt;xxx%20)
+                    );
+					foreach($aRegExps as $sRegExp)
+                    {
+                        if(preg_match_all($sRegExp, $sInput, $aMatches))
+                        {
+                            foreach($aMatches[3] as $idx => $sPlaceholderAttCode)
+                            {
+                                try
+                                {
+                                    $sReplacement = $replace->GetForTemplate($sPlaceholderAttCode);
+                                    if($sReplacement !== null)
+                                    {
+                                        $aReplacements[] = $sReplacement;
+                                        $aSearches[] = $aMatches[1][$idx] . $sName . '-' . $aMatches[2][$idx] . $sPlaceholderAttCode . $aMatches[1][$idx];
+                                    }
+                                }
+                                catch(Exception $e)
+                                {
+                                    // No replacement will occur
+                                }
+                            }
+                        }
+                    }
+				}
+				else
+				{
 					continue; // Ignore this non-scalar value
 				}
-			} else {
+			}
+			else
+			{
 				$aRegExps = array(
 					'/(\$)'.$sSearch.'\$/',   // Support for regular placeholders (eg. $APP_URL$)
 					'/(%24)'.$sSearch.'%24/', // Support for urlencoded in HTML attributes (eg. %24APP_URL%24)
 				);
-				foreach ($aRegExps as $sRegExp) {
-					if (preg_match_all($sRegExp, $sInput, $aMatches)) {
-						foreach ($aMatches[1] as $idx => $sDelimiter) {
-							try {
-								$aReplacements[] = (string)$replace;
-								$aSearches[] = $aMatches[1][$idx].$sSearch.$aMatches[1][$idx];
+				foreach($aRegExps as $sRegExp)
+				{
+					if(preg_match_all($sRegExp, $sInput, $aMatches))
+					{
+						foreach($aMatches[1] as $idx => $sDelimiter)
+						{
+							try
+							{
+								$aReplacements[] = (string) $replace;
+								$aSearches[] = $aMatches[1][$idx] . $sSearch . $aMatches[1][$idx];
 							}
-							catch (Exception $e) {
-								IssueLog::Debug(
-									'Invalid placeholder in notification, no replacement will occur !',
-									LogChannels::NOTIFICATIONS,
-									[
-										'placeholder' => $sPlaceholderAttCode,
-										'replace'     => $replace,
-									]
-								);
+							catch(Exception $e)
+							{
+								// No replacement will occur
 							}
 						}
 					}
 				}
 			}
 		}
-
 		return str_replace($aSearches, $aReplacements, $sInput);
 	}
 

core/mutex.class.inc.php

@@ -242,8 +242,6 @@ class iTopMutex
 	 *
 	 * @throws \Exception
 	 * @throws \MySQLException
-	 *
-	 * @since 2.7.5 3.0.0 N°3968 specify `wait_timeout` for the mutex dedicated connection
 	 */
 	public function InitMySQLSession()
 	{
@@ -256,36 +254,10 @@ class iTopMutex
 
 		$this->hDBLink = CMDBSource::GetMysqliInstance($sServer, $sUser, $sPwd, $sSource, $bTlsEnabled, $sTlsCA, false);
 
-		if (!$this->hDBLink) {
+		if (!$this->hDBLink)
+		{
 			throw new Exception("Could not connect to the DB server (host=$sServer, user=$sUser): ".mysqli_connect_error().' (mysql errno: '.mysqli_connect_errno().')');
 		}
-
-		// Make sure that the server variable `wait_timeout` is at least 86400 seconds for this connection,
-		// since the lock will be released if/when the connection times out.
-		// Source https://dev.mysql.com/doc/refman/5.7/en/locking-functions.html :
-		// > A lock obtained with GET_LOCK() is released explicitly by executing RELEASE_LOCK() or implicitly when your session terminates
-		//
-		// BEWARE: If you want to check the value of this variable, when run from an interactive console `SHOW VARIABLES LIKE 'wait_timeout'`
-		// will actually returns the value of the variable `interactive_timeout` which may be quite different.
-		$sSql = "SHOW VARIABLES LIKE 'wait_timeout'";
-		$result = mysqli_query($this->hDBLink, $sSql);
-		if (!$result) {
-			throw new Exception("Failed to issue MySQL query '".$sSql."': ".mysqli_error($this->hDBLink).' (mysql errno: '.mysqli_errno($this->hDBLink).')');
-		}
-		if ($aRow = mysqli_fetch_array($result, MYSQLI_BOTH)) {
-			$iTimeout = (int)$aRow[1];
-		} else {
-			mysqli_free_result($result);
-			throw new Exception("No result for query '".$sSql."'");
-		}
-		mysqli_free_result($result);
-
-		if ($iTimeout < 86400) {
-			$result = mysqli_query($this->hDBLink, 'SET SESSION wait_timeout=86400');
-			if ($result === false) {
-				throw new Exception("Failed to issue MySQL query '".$sSql."': ".mysqli_error($this->hDBLink).' (mysql errno: '.mysqli_errno($this->hDBLink).')');
-			}
-		}
 	}
 
 

core/oql/oql-parser.php

@@ -597,7 +597,7 @@ static public $yy_action = array(
 **                        defined, then do no error processing.
 */
     const YYNOCODE = 119;
-    const YYSTACKDEPTH = 1000;
+    const YYSTACKDEPTH = 100;
     const YYNSTATE = 175;
     const YYNRULE = 125;
     const YYERRORSYMBOL = 76;
@@ -1175,10 +1175,6 @@ static public $yy_action = array(
             }
             /* Here code is inserted which will execute if the parser
             ** stack ever overflows */
-#line 30 "..\oql-parser.y"
-
-throw new OQLParserStackOverFlowException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol);
-#line 1186 "..\oql-parser.php"
             return;
         }
         $yytos = new OQLParser_yyStackEntry;
@@ -1478,116 +1474,116 @@ throw new OQLParserStackOverFlowException($this->m_sSourceQuery, $this->m_iLine,
     **   function yy_r0($yymsp){ ... }           // User supplied code
     **  #line <lineno> <thisfile>
     */
-#line 37 "..\oql-parser.y"
+#line 29 "..\oql-parser.y"
     function yy_r0(){ $this->my_result = $this->yystack[$this->yyidx + 0]->minor;     }
-#line 1488 "..\oql-parser.php"
-#line 41 "..\oql-parser.y"
+#line 1483 "..\oql-parser.php"
+#line 33 "..\oql-parser.y"
     function yy_r3(){
 	$this->_retvalue = new OqlUnionQuery($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor);
     }
-#line 1493 "..\oql-parser.php"
-#line 48 "..\oql-parser.y"
+#line 1488 "..\oql-parser.php"
+#line 40 "..\oql-parser.y"
     function yy_r5(){
 	$this->_retvalue = new OqlObjectQuery($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor, $this->yystack[$this->yyidx + -1]->minor, array($this->yystack[$this->yyidx + -2]->minor));
     }
-#line 1498 "..\oql-parser.php"
-#line 51 "..\oql-parser.y"
+#line 1493 "..\oql-parser.php"
+#line 43 "..\oql-parser.y"
     function yy_r6(){
 	$this->_retvalue = new OqlObjectQuery($this->yystack[$this->yyidx + -4]->minor, $this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor, $this->yystack[$this->yyidx + -1]->minor, array($this->yystack[$this->yyidx + -2]->minor));
     }
-#line 1503 "..\oql-parser.php"
-#line 55 "..\oql-parser.y"
+#line 1498 "..\oql-parser.php"
+#line 47 "..\oql-parser.y"
     function yy_r7(){
 	$this->_retvalue = new OqlObjectQuery($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor, $this->yystack[$this->yyidx + -1]->minor, $this->yystack[$this->yyidx + -4]->minor);
     }
-#line 1508 "..\oql-parser.php"
-#line 58 "..\oql-parser.y"
+#line 1503 "..\oql-parser.php"
+#line 50 "..\oql-parser.y"
     function yy_r8(){
 	$this->_retvalue = new OqlObjectQuery($this->yystack[$this->yyidx + -4]->minor, $this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor, $this->yystack[$this->yyidx + -1]->minor, $this->yystack[$this->yyidx + -6]->minor);
     }
-#line 1513 "..\oql-parser.php"
-#line 63 "..\oql-parser.y"
+#line 1508 "..\oql-parser.php"
+#line 55 "..\oql-parser.y"
     function yy_r9(){
 	$this->_retvalue = array($this->yystack[$this->yyidx + 0]->minor);
     }
-#line 1518 "..\oql-parser.php"
-#line 66 "..\oql-parser.y"
+#line 1513 "..\oql-parser.php"
+#line 58 "..\oql-parser.y"
     function yy_r10(){
 	array_push($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor);
 	$this->_retvalue = $this->yystack[$this->yyidx + -2]->minor;
     }
-#line 1524 "..\oql-parser.php"
-#line 71 "..\oql-parser.y"
+#line 1519 "..\oql-parser.php"
+#line 63 "..\oql-parser.y"
     function yy_r11(){ $this->_retvalue = $this->yystack[$this->yyidx + 0]->minor;    }
-#line 1527 "..\oql-parser.php"
-#line 72 "..\oql-parser.y"
+#line 1522 "..\oql-parser.php"
+#line 64 "..\oql-parser.y"
     function yy_r12(){ $this->_retvalue = null;    }
-#line 1530 "..\oql-parser.php"
-#line 74 "..\oql-parser.y"
+#line 1525 "..\oql-parser.php"
+#line 66 "..\oql-parser.y"
     function yy_r13(){
 	// insert the join statement on top of the existing list
 	array_unshift($this->yystack[$this->yyidx + 0]->minor, $this->yystack[$this->yyidx + -1]->minor);
 	// and return the updated array
 	$this->_retvalue = $this->yystack[$this->yyidx + 0]->minor;
     }
-#line 1538 "..\oql-parser.php"
-#line 80 "..\oql-parser.y"
+#line 1533 "..\oql-parser.php"
+#line 72 "..\oql-parser.y"
     function yy_r14(){
 	$this->_retvalue = Array($this->yystack[$this->yyidx + 0]->minor);
     }
-#line 1543 "..\oql-parser.php"
-#line 86 "..\oql-parser.y"
+#line 1538 "..\oql-parser.php"
+#line 78 "..\oql-parser.y"
     function yy_r16(){
 	// create an array with one single item
 	$this->_retvalue = new OqlJoinSpec($this->yystack[$this->yyidx + -4]->minor, $this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor);
     }
-#line 1549 "..\oql-parser.php"
-#line 91 "..\oql-parser.y"
+#line 1544 "..\oql-parser.php"
+#line 83 "..\oql-parser.y"
     function yy_r17(){
 	// create an array with one single item
 	$this->_retvalue = new OqlJoinSpec($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + 0]->minor);
     }
-#line 1555 "..\oql-parser.php"
-#line 96 "..\oql-parser.y"
+#line 1550 "..\oql-parser.php"
+#line 88 "..\oql-parser.y"
     function yy_r18(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, '=', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1558 "..\oql-parser.php"
-#line 97 "..\oql-parser.y"
+#line 1553 "..\oql-parser.php"
+#line 89 "..\oql-parser.y"
     function yy_r19(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'BELOW', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1561 "..\oql-parser.php"
-#line 98 "..\oql-parser.y"
+#line 1556 "..\oql-parser.php"
+#line 90 "..\oql-parser.y"
     function yy_r20(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'BELOW_STRICT', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1564 "..\oql-parser.php"
-#line 99 "..\oql-parser.y"
+#line 1559 "..\oql-parser.php"
+#line 91 "..\oql-parser.y"
     function yy_r21(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'NOT_BELOW', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1567 "..\oql-parser.php"
-#line 100 "..\oql-parser.y"
+#line 1562 "..\oql-parser.php"
+#line 92 "..\oql-parser.y"
     function yy_r22(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'NOT_BELOW_STRICT', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1570 "..\oql-parser.php"
-#line 101 "..\oql-parser.y"
+#line 1565 "..\oql-parser.php"
+#line 93 "..\oql-parser.y"
     function yy_r23(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'ABOVE', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1573 "..\oql-parser.php"
-#line 102 "..\oql-parser.y"
+#line 1568 "..\oql-parser.php"
+#line 94 "..\oql-parser.y"
     function yy_r24(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'ABOVE_STRICT', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1576 "..\oql-parser.php"
-#line 103 "..\oql-parser.y"
+#line 1571 "..\oql-parser.php"
+#line 95 "..\oql-parser.y"
     function yy_r25(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'NOT_ABOVE', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1579 "..\oql-parser.php"
-#line 104 "..\oql-parser.y"
+#line 1574 "..\oql-parser.php"
+#line 96 "..\oql-parser.y"
     function yy_r26(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, 'NOT_ABOVE_STRICT', $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1582 "..\oql-parser.php"
-#line 106 "..\oql-parser.y"
+#line 1577 "..\oql-parser.php"
+#line 98 "..\oql-parser.y"
     function yy_r27(){ $this->_retvalue = $this->yystack[$this->yyidx + 0]->minor;     }
-#line 1585 "..\oql-parser.php"
-#line 111 "..\oql-parser.y"
+#line 1580 "..\oql-parser.php"
+#line 103 "..\oql-parser.y"
     function yy_r31(){ $this->_retvalue = new FunctionOqlExpression($this->yystack[$this->yyidx + -3]->minor, $this->yystack[$this->yyidx + -1]->minor);     }
-#line 1588 "..\oql-parser.php"
-#line 112 "..\oql-parser.y"
+#line 1583 "..\oql-parser.php"
+#line 104 "..\oql-parser.y"
     function yy_r32(){ $this->_retvalue = $this->yystack[$this->yyidx + -1]->minor;     }
-#line 1591 "..\oql-parser.php"
-#line 113 "..\oql-parser.y"
+#line 1586 "..\oql-parser.php"
+#line 105 "..\oql-parser.y"
     function yy_r33(){ $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + -1]->minor, $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1594 "..\oql-parser.php"
-#line 119 "..\oql-parser.y"
+#line 1589 "..\oql-parser.php"
+#line 111 "..\oql-parser.y"
     function yy_r37(){
     if ($this->yystack[$this->yyidx + -1]->minor == 'MATCHES')
     {
@@ -1598,44 +1594,44 @@ throw new OQLParserStackOverFlowException($this->m_sSourceQuery, $this->m_iLine,
         $this->_retvalue = new BinaryOqlExpression($this->yystack[$this->yyidx + -2]->minor, $this->yystack[$this->yyidx + -1]->minor, $this->yystack[$this->yyidx + 0]->minor);
     }
     }
-#line 1606 "..\oql-parser.php"
-#line 136 "..\oql-parser.y"
+#line 1601 "..\oql-parser.php"
+#line 128 "..\oql-parser.y"
     function yy_r42(){
 	$this->_retvalue = new ListOqlExpression($this->yystack[$this->yyidx + -1]->minor);
     }
-#line 1611 "..\oql-parser.php"
-#line 139 "..\oql-parser.y"
+#line 1606 "..\oql-parser.php"
+#line 131 "..\oql-parser.y"
     function yy_r43(){
 	$this->_retvalue = new NestedQueryOqlExpression($this->yystack[$this->yyidx + -1]->minor);
     }
-#line 1616 "..\oql-parser.php"
-#line 154 "..\oql-parser.y"
+#line 1611 "..\oql-parser.php"
+#line 146 "..\oql-parser.y"
     function yy_r47(){
 	$this->_retvalue = array();
     }
-#line 1621 "..\oql-parser.php"
-#line 165 "..\oql-parser.y"
+#line 1616 "..\oql-parser.php"
+#line 157 "..\oql-parser.y"
     function yy_r51(){ $this->_retvalue = new IntervalOqlExpression($this->yystack[$this->yyidx + -1]->minor, $this->yystack[$this->yyidx + 0]->minor);     }
-#line 1624 "..\oql-parser.php"
-#line 178 "..\oql-parser.y"
+#line 1619 "..\oql-parser.php"
+#line 170 "..\oql-parser.y"
     function yy_r61(){ $this->_retvalue = new ScalarOqlExpression($this->yystack[$this->yyidx + 0]->minor);     }
-#line 1627 "..\oql-parser.php"
-#line 180 "..\oql-parser.y"
+#line 1622 "..\oql-parser.php"
+#line 172 "..\oql-parser.y"
     function yy_r63(){ $this->_retvalue = new ScalarOqlExpression(null);     }
-#line 1630 "..\oql-parser.php"
-#line 182 "..\oql-parser.y"
+#line 1625 "..\oql-parser.php"
+#line 174 "..\oql-parser.y"
     function yy_r64(){ $this->_retvalue = new FieldOqlExpression($this->yystack[$this->yyidx + 0]->minor);     }
-#line 1633 "..\oql-parser.php"
-#line 183 "..\oql-parser.y"
+#line 1628 "..\oql-parser.php"
+#line 175 "..\oql-parser.y"
     function yy_r65(){ $this->_retvalue = new FieldOqlExpression($this->yystack[$this->yyidx + 0]->minor, $this->yystack[$this->yyidx + -2]->minor);     }
-#line 1636 "..\oql-parser.php"
-#line 184 "..\oql-parser.y"
+#line 1631 "..\oql-parser.php"
+#line 176 "..\oql-parser.y"
     function yy_r66(){ $this->_retvalue=$this->yystack[$this->yyidx + 0]->minor;     }
-#line 1639 "..\oql-parser.php"
-#line 187 "..\oql-parser.y"
+#line 1634 "..\oql-parser.php"
+#line 179 "..\oql-parser.y"
     function yy_r67(){ $this->_retvalue = new VariableOqlExpression(substr($this->yystack[$this->yyidx + 0]->minor, 1));     }
-#line 1642 "..\oql-parser.php"
-#line 189 "..\oql-parser.y"
+#line 1637 "..\oql-parser.php"
+#line 181 "..\oql-parser.y"
     function yy_r68(){
 	if ($this->yystack[$this->yyidx + 0]->minor[0] == '`')
 	{
@@ -1647,22 +1643,22 @@ throw new OQLParserStackOverFlowException($this->m_sSourceQuery, $this->m_iLine,
 	}
 	$this->_retvalue = new OqlName($name, $this->m_iColPrev);
     }
-#line 1655 "..\oql-parser.php"
-#line 200 "..\oql-parser.y"
+#line 1650 "..\oql-parser.php"
+#line 192 "..\oql-parser.y"
     function yy_r69(){$this->_retvalue=(int)$this->yystack[$this->yyidx + 0]->minor;    }
-#line 1658 "..\oql-parser.php"
-#line 201 "..\oql-parser.y"
+#line 1653 "..\oql-parser.php"
+#line 193 "..\oql-parser.y"
     function yy_r70(){$this->_retvalue=(int)-$this->yystack[$this->yyidx + 0]->minor;    }
-#line 1661 "..\oql-parser.php"
-#line 202 "..\oql-parser.y"
+#line 1656 "..\oql-parser.php"
+#line 194 "..\oql-parser.y"
     function yy_r71(){$this->_retvalue=new OqlHexValue($this->yystack[$this->yyidx + 0]->minor);    }
-#line 1664 "..\oql-parser.php"
-#line 203 "..\oql-parser.y"
+#line 1659 "..\oql-parser.php"
+#line 195 "..\oql-parser.y"
     function yy_r72(){$this->_retvalue=stripslashes(substr($this->yystack[$this->yyidx + 0]->minor, 1, strlen($this->yystack[$this->yyidx + 0]->minor) - 2));    }
-#line 1667 "..\oql-parser.php"
-#line 206 "..\oql-parser.y"
+#line 1662 "..\oql-parser.php"
+#line 198 "..\oql-parser.y"
     function yy_r73(){$this->_retvalue=$this->yystack[$this->yyidx + 0]->minor;    }
-#line 1670 "..\oql-parser.php"
+#line 1665 "..\oql-parser.php"
 
     /**
      * placeholder for the left hand side in a reduce operation.
@@ -1763,10 +1759,6 @@ throw new OQLParserStackOverFlowException($this->m_sSourceQuery, $this->m_iLine,
         }
         /* Here code is inserted which will be executed whenever the
         ** parser fails */
-#line 33 "..\oql-parser.y"
-
-throw new OQLParserParseFailureException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol);
-#line 1775 "..\oql-parser.php"
     }
 
     /**
@@ -1780,8 +1772,8 @@ throw new OQLParserParseFailureException($this->m_sSourceQuery, $this->m_iLine,
     {
 #line 25 "..\oql-parser.y"
  
-throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol, $this->tokenName($yymajor), $TOKEN);
-#line 1791 "..\oql-parser.php"
+throw new OQLParserException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol, $this->tokenName($yymajor), $TOKEN);
+#line 1781 "..\oql-parser.php"
     }
 
     /**
@@ -1948,47 +1940,19 @@ throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $
         } while ($yymajor != self::YYNOCODE && $this->yyidx >= 0);
     }
 }
-#line 271 "..\oql-parser.y"
+#line 263 "..\oql-parser.y"
 
 
 class OQLParserException extends OQLException
-{
-	public function __construct($sIssue, $sInput, $iLine, $iCol, $sTokenValue)
-	{
-		parent::__construct($sIssue, $sInput, $iLine, $iCol, $sTokenValue);
-	}
-}
-
-class OQLParserSyntaxErrorException extends OQLParserException
 {
 	public function __construct($sInput, $iLine, $iCol, $sTokenName, $sTokenValue)
 	{
 		$sIssue = "Unexpected token $sTokenName";
-
+	
 		parent::__construct($sIssue, $sInput, $iLine, $iCol, $sTokenValue);
 	}
 }
 
-class OQLParserStackOverFlowException extends OQLParserException
-{
-	public function __construct($sInput, $iLine, $iCol)
-	{
-		$sIssue = "Stack overflow";
-
-		parent::__construct($sIssue, $sInput, $iLine, $iCol, '');
-	}
-}
-
-class OQLParserParseFailureException extends OQLParserException
-{
-	public function __construct($sInput, $iLine, $iCol)
-	{
-		$sIssue = "Unexpected token $sTokenName";
-
-		parent::__construct($sIssue, $sInput, $iLine, $iCol, '');
-	}
-}
-
 class OQLParser extends OQLParserRaw
 {
 	// dirty, but working for us (no other mean to get the final result :-(
@@ -2041,4 +2005,4 @@ class OQLParser extends OQLParserRaw
 	}
 }
 
-#line 2052 "..\oql-parser.php"
+#line 2014 "..\oql-parser.php"

core/oql/oql-parser.y

@@ -23,15 +23,7 @@ later : solve the 2 remaining shift-reduce conflicts (JOIN)
 %name OQLParser_
 %declare_class {class OQLParserRaw}
 %syntax_error { 
-throw new OQLParserSyntaxErrorException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol, $this->tokenName($yymajor), $TOKEN);
-}
-/* Bug N°4052 Parser stack size too small for huge OQL requests */
-%stack_size 1000
-%stack_overflow {
-throw new OQLParserStackOverFlowException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol);
-}
-%parse_failure {
-throw new OQLParserParseFailureException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol);
+throw new OQLParserException($this->m_sSourceQuery, $this->m_iLine, $this->m_iCol, $this->tokenName($yymajor), $TOKEN);
 }
 
 result ::= union(X). { $this->my_result = X; }
@@ -271,43 +263,15 @@ func_name(A) ::= F_INET_NTOA(X). { A=X; }
 %code {
 
 class OQLParserException extends OQLException
-{
-	public function __construct($sIssue, $sInput, $iLine, $iCol, $sTokenValue)
-	{
-		parent::__construct($sIssue, $sInput, $iLine, $iCol, $sTokenValue);
-	}
-}
-
-class OQLParserSyntaxErrorException extends OQLParserException
 {
 	public function __construct($sInput, $iLine, $iCol, $sTokenName, $sTokenValue)
 	{
 		$sIssue = "Unexpected token $sTokenName";
-
+	
 		parent::__construct($sIssue, $sInput, $iLine, $iCol, $sTokenValue);
 	}
 }
 
-class OQLParserStackOverFlowException extends OQLParserException
-{
-	public function __construct($sInput, $iLine, $iCol)
-	{
-		$sIssue = "Stack overflow";
-
-		parent::__construct($sIssue, $sInput, $iLine, $iCol, '');
-	}
-}
-
-class OQLParserParseFailureException extends OQLParserException
-{
-	public function __construct($sInput, $iLine, $iCol)
-	{
-		$sIssue = "Unexpected token $sTokenName";
-
-		parent::__construct($sIssue, $sInput, $iLine, $iCol, '');
-	}
-}
-
 class OQLParser extends OQLParserRaw
 {
 	// dirty, but working for us (no other mean to get the final result :-(

core/oql/version.txt

@@ -1 +1 @@
-2021-06-03
+2020-09-29

core/oqlclasstreeoptimizer.class.inc.php

@@ -55,7 +55,7 @@ class OQLClassTreeOptimizer
 						$sJoinedClass = $oJoin->GetOOQLClassNode()->GetNodeClass();
 						$sExtKeyAttCode = $oJoin->GetLeftField();
 						$oExtKeyAttDef = MetaModel::GetAttributeDef($oCurrentClassNode->GetNodeClass(), $sExtKeyAttCode);
-						if (($oExtKeyAttDef instanceof AttributeExternalKey) && ($sJoinedClass == $oExtKeyAttDef->GetTargetClass())) {
+						if ($sJoinedClass == $oExtKeyAttDef->GetTargetClass()) {
 							// The join is not used, remove from tree
 							$oCurrentClassNode->RemoveJoin($sLeftKey, $index);
 						}

core/ormtagset.class.inc.php

@@ -138,7 +138,7 @@ final class ormTagSet extends ormSet
 	}
 
 	/**
-	 * @return array index: code, value: corresponding {@see \TagSetFieldData}
+	 * @return array of tags indexed by code
 	 */
 	public function GetTags()
 	{

core/pdfbulkexport.class.inc.php

@@ -25,19 +25,6 @@
 
 class PDFBulkExport extends HTMLBulkExport
 {
-	/**
-	 * @var string For sample purposes
-	 * @internal
-	 * @since 2.7.8
-	 */
-	const ENUM_OUTPUT_TYPE_SAMPLE = 'sample';
-	/**
-	 * @var string For the real export
-	 * @internal
-	 * @since 2.7.8
-	 */
-	const ENUM_OUTPUT_TYPE_REAL = 'real';
-
 	public function DisplayUsage(Page $oP)
 	{
 		$oP->p(" * pdf format options:");
@@ -203,25 +190,6 @@ EOF
 		return $sPDF;
 	}
 
-	/**
-	 * @inheritDoc
-	 * @since 2.7.8
-	 */
-	protected function GetSampleData($oObj, $sAttCode)
-	{
-		if ($sAttCode !== 'id')
-		{
-			$oAttDef = MetaModel::GetAttributeDef(get_class($oObj), $sAttCode);
-
-			// As sample data will be displayed in the web browser, AttributeImage needs to be rendered with a regular HTML format, meaning its "src" looking like "data:image/png;base64,iVBORw0KGgoAAAANSUh..."
-			// Whereas for the PDF generation it needs to be rendered with a TCPPDF-compatible format, meaning its "src" looking like "@iVBORw0KGgoAAAANSUh..."
-			if ($oAttDef instanceof AttributeImage) {
-				return $this->GetAttributeImageValue($oAttDef, $oObj->Get($sAttCode), static::ENUM_OUTPUT_TYPE_SAMPLE);
-			}
-		}
-		return parent::GetSampleData($oObj, $sAttCode);
-	}
-
 	protected function GetValue($oObj, $sAttCode)
 	{
 		switch($sAttCode)
@@ -237,7 +205,31 @@ EOF
 					$oAttDef = MetaModel::GetAttributeDef(get_class($oObj), $sAttCode);
 					if ($oAttDef instanceof AttributeImage)
 					{
-						$sRet = $this->GetAttributeImageValue($oAttDef, $value, static::ENUM_OUTPUT_TYPE_REAL);
+						// To limit the image size in the PDF output, we have to enforce the size as height/width because max-width/max-height have no effect
+						//
+						$iDefaultMaxWidthPx = 48;
+						$iDefaultMaxHeightPx = 48;
+						if ($value->IsEmpty())
+						{
+							$iNewWidth = $iDefaultMaxWidthPx;
+							$iNewHeight = $iDefaultMaxHeightPx;
+
+							$sUrl = $oAttDef->Get('default_image');
+						}
+						else
+						{
+							list($iWidth, $iHeight) = utils::GetImageSize($value->GetData());
+							$iMaxWidthPx = min($iDefaultMaxWidthPx, $oAttDef->Get('display_max_width'));
+							$iMaxHeightPx = min($iDefaultMaxHeightPx, $oAttDef->Get('display_max_height'));
+
+							$fScale = min($iMaxWidthPx / $iWidth, $iMaxHeightPx / $iHeight);
+							$iNewWidth = $iWidth * $fScale;
+							$iNewHeight = $iHeight * $fScale;
+
+							$sUrl = 'data:'.$value->GetMimeType().';base64,'.base64_encode($value->GetData());
+						}
+						$sRet = ($sUrl !== null) ? '<img src="'.$sUrl.'" style="width: '.$iNewWidth.'px; height: '.$iNewHeight.'px">' : '';
+						$sRet = '<div class="view-image">'.$sRet.'</div>';
 					}
 					else
 					{
@@ -266,53 +258,4 @@ EOF
 	{
 		return 'pdf';
 	}
-
-	/**
-	 * @param \AttributeImage $oAttDef Instance of image attribute
-	 * @param \ormDocument $oValue Value of image attribute
-	 * @param string $sOutputType {@see \PDFBulkExport::ENUM_OUTPUT_TYPE_SAMPLE}, {@see \PDFBulkExport::ENUM_OUTPUT_TYPE_REAL}
-	 *
-	 * @return string Rendered value of $oAttDef / $oValue according to the desired $sOutputType
-	 * @since 2.7.8
-	 */
-	protected function GetAttributeImageValue(AttributeImage $oAttDef, ormDocument $oValue, string $sOutputType)
-	{
-		// To limit the image size in the PDF output, we have to enforce the size as height/width because max-width/max-height have no effect
-		//
-		$iDefaultMaxWidthPx = 48;
-		$iDefaultMaxHeightPx = 48;
-		if ($oValue->IsEmpty()) {
-			$iNewWidth = $iDefaultMaxWidthPx;
-			$iNewHeight = $iDefaultMaxHeightPx;
-
-			$sUrl = $oAttDef->Get('default_image');
-		} else {
-			list($iWidth, $iHeight) = utils::GetImageSize($oValue->GetData());
-			$iMaxWidthPx = min($iDefaultMaxWidthPx, $oAttDef->Get('display_max_width'));
-			$iMaxHeightPx = min($iDefaultMaxHeightPx, $oAttDef->Get('display_max_height'));
-
-			$fScale = min($iMaxWidthPx / $iWidth, $iMaxHeightPx / $iHeight);
-			$iNewWidth = $iWidth * $fScale;
-			$iNewHeight = $iHeight * $fScale;
-
-			$sValueAsBase64 = base64_encode($oValue->GetData());
-			switch ($sOutputType) {
-				case static::ENUM_OUTPUT_TYPE_SAMPLE:
-					$sUrl = 'data:'.$oValue->GetMimeType().';base64,'.$sValueAsBase64;
-					break;
-
-				case static::ENUM_OUTPUT_TYPE_REAL:
-				default:
-					// TCPDF requires base64-encoded images to be rendered without the usual "data:<MIMETYPE>;base64" header but with an "@"
-					// @link https://tcpdf.org/examples/example_009/
-					$sUrl = '@'.$sValueAsBase64;
-					break;
-			}
-		}
-
-		$sRet = ($sUrl !== null) ? '<img src="'.$sUrl.'" style="width: '.$iNewWidth.'px; height: '.$iNewHeight.'px; vertical-align: middle; text-align:center;">' : '';
-		$sRet = '<div class="view-image">'.$sRet.'</div>';
-
-		return $sRet;
-	}
 }

core/spreadsheetbulkexport.class.inc.php

@@ -340,7 +340,7 @@ EOF
 						}
 						else if ($oAttDef instanceof AttributeTagSet)
 						{
-							$sField = utils::HtmlEntities($oObj->GetAsCSV($sAttCode, $this->bLocalizeOutput, ''));
+							$sField = $oObj->GetAsCSV($sAttCode, $this->bLocalizeOutput, '');
 							$sData .= "<td x:str>$sField</td>";
 						}
 						else

core/sqlobjectquery.class.inc.php

@@ -491,17 +491,7 @@ class SQLObjectQuery extends SQLQuery
 		}
 	}
 
-	/**
-	 * @param \SQLObjectQuery $oRootQuery
-	 * @param $aFrom
-	 * @param $sCallerAlias
-	 * @param $aJoinData
-	 *
-	 * @return string
-	 *
-	 * @since 2.7.7 3.0.1 3.1.0 N°3129 Remove default value for $sCallerAlias for PHP 8.0 compat (Private method with only 2 calls in the class, both providing the optional parameter)
-	 */
-	private function PrepareSingleTable(SQLObjectQuery $oRootQuery, &$aFrom, $sCallerAlias, $aJoinData)
+	private function PrepareSingleTable(SQLObjectQuery $oRootQuery, &$aFrom, $sCallerAlias = '', $aJoinData)
 	{
 		$aTranslationTable[$this->m_sTable]['*'] = $this->m_sTableAlias;
 		$sJoinCond = '';
@@ -620,7 +610,6 @@ class SQLObjectQuery extends SQLQuery
 		$aTempFrom = array(); // temporary subset of 'from' specs, to be grouped in the final query
 		foreach ($this->m_aJoinSelects as $aJoinData)
 		{
-			/** @var \SQLObjectQuery $oRightSelect */
 			$oRightSelect = $aJoinData["select"];
 
 			$oRightSelect->PrepareSingleTable($oRootQuery, $aTempFrom, $this->m_sTableAlias, $aJoinData);

core/trigger.class.inc.php

@@ -263,7 +263,6 @@ abstract class TriggerOnObject extends Trigger
 		{
 			$oSearch = DBObjectSearch::FromOQL($sFilter);
 			$oSearch->AddCondition('id', $iObjectId, '=');
-			$oSearch->AllowAllData();
 			$oSet = new DBObjectSet($oSearch);
 			$bRet = ($oSet->Count() > 0);
 		}

core/userrights.class.inc.php

@@ -952,21 +952,6 @@ class UserRights
 		return self::$m_oRealUser;
 	}
 
-	/**
-	 * @return int|string ID of the connected user : if impersonate then use {@see m_oRealUser}, else {@see m_oUser}. If no user set then return ''
-	 * @since 2.6.5 2.7.6 3.0.0 N°4289 method creation
-	 */
-	public static function GetConnectedUserId() {
-		if (false === is_null(static::$m_oRealUser)) {
-			return static::$m_oRealUser->GetKey();
-		}
-		if (false === is_null(static::$m_oUser)) {
-			return static::$m_oUser->GetKey();
-		}
-
-		return '';
-	}
-
 	public static function GetRealUserId()
 	{
 		if (is_null(self::$m_oRealUser))
@@ -1227,7 +1212,7 @@ class UserRights
 		elseif ((self::$m_oUser !== null) && ($oUser->GetKey() == self::$m_oUser->GetKey()))
 		{
 			// Data about the current user can be found into the session data
-			if ((false === utils::IsModeCLI()) && array_key_exists('profile_list', $_SESSION))
+			if (array_key_exists('profile_list', $_SESSION))
 			{
 				$aProfiles = $_SESSION['profile_list'];
 			}

css/css-variables.scss

@@ -17,7 +17,7 @@
  */
 
 // Beware the version number MUST be enclosed with quotes otherwise v2.3.0 becomes v2 0.3 .0
-$version: "v2.7.8";
+$version: "v2.7.4";
 $approot-relative: "../../../../../" !default; // relative to env-***/branding/themes/***/main.css
 
 // Base colors

css/light-grey.scss

@@ -2424,33 +2424,26 @@ fieldset .details>.field_container {
 
 								.selectize-dropdown,
 								.selectize-input,
-                .selectize-input input {
-                  font-size: 12px;
-                }
+								.selectize-input input{
+									font-size: 12px;
+								}
+								.selectize-input{
+									padding: 2px 2px 0px 2px; /* padding-bottom = padding-top - item margin-bottom */
+									border: 1px solid #ABABAB;
+									border-radius: 0;
 
-                .selectize-input {
-                  padding: 2px 2px 0px 2px; /* padding-bottom = padding-top - item margin-bottom */
-                  border: 1px solid #ABABAB;
-                  border-radius: 0;
-
-                  .attribute-set-item.partial-code {
-                    color: transparentize($gray-darker, 0.4);
-                    background-color: lighten($gray-lighter, 5%);
-                  }
-                }
-              }
-            }
-          }
-        }
-      }
-    }
-  }
-
-  &[data-attribute-type="AttributeDuration"] {
-    .field_value_container {
-      white-space: nowrap;
-    }
-  }
+									.attribute-set-item.partial-code{
+										color: transparentize($gray-darker, 0.4);
+										background-color: lighten($gray-lighter, 5%);
+									}
+								}
+							}
+						}
+					}
+				}
+			}
+		}
+	}
 }
 .one-col-details .details .field_container.field_small {
 	div.field_label {

css/ui-lightness/jqueryui.scss

@@ -4,8 +4,6 @@
 * To view and modify this theme, visit http://jqueryui.com/themeroller/?scope=&folderName=custom-theme&bgImgOpacityError=18&bgImgOpacityHighlight=75&bgImgOpacityActive=65&bgImgOpacityHover=100&bgImgOpacityDefault=100&bgImgOpacityContent=100&bgImgOpacityHeader=35&cornerRadiusShadow=5px&offsetLeftShadow=-5px&offsetTopShadow=-5px&thicknessShadow=5px&opacityShadow=20&bgImgOpacityShadow=10&bgTextureShadow=flat&bgColorShadow=%23000000&opacityOverlay=50&bgImgOpacityOverlay=20&bgTextureOverlay=diagonals_thick&bgColorOverlay=%23666666&iconColorError=%23ffd27a&fcError=%23ffffff&borderColorError=%23cd0a0a&bgTextureError=diagonals_thick&bgColorError=%23b81900&iconColorHighlight=%231c94c4&fcHighlight=%23363636&borderColorHighlight=%23fed22f&bgTextureHighlight=flat&bgColorHighlight=%23ffe45c&iconColorActive=%23E87C1E&fcActive=%23E87C1E&borderColorActive=%23E87C1E&bgTextureActive=flat&bgColorActive=%23ffffff&iconColorHover=%23E87C1E&fcHover=%23E87C1E&borderColorHover=%23E87C1E&bgTextureHover=flat&bgColorHover=%23fde17c&iconColorDefault=%23F26522&fcDefault=%23555555&borderColorDefault=%23cccccc&bgTextureDefault=flat&bgColorDefault=%23f1f1f1&iconColorContent=%23222222&fcContent=%23333333&borderColorContent=%23dddddd&bgTextureContent=flat&bgColorContent=%23eeeeee&iconColorHeader=%23ffffff&fcHeader=%23ffffff&borderColorHeader=%23F26522&bgTextureHeader=flat&bgColorHeader=%23E87C1E&cornerRadius=0&fwDefault=bold&fsDefault=1.1em&ffDefault=Trebuchet%20MS%2CTahoma%2CVerdana%2CArial%2Csans-serif
 * Copyright jQuery Foundation and other contributors; Licensed MIT 
 * The original css file has been scssized (through www.css2scss.com)
-*
-* Other modification done : replaced the `Alpha(` by `alpha(` to avoid warnings generated by SCSSPHP
  */
 .ui-draggable-handle {
     -ms-touch-action: none;
@@ -48,27 +46,26 @@
     }
 }
 .ui-helper-zfix {
-  width: 100%;
-  height: 100%;
-  top: 0;
-  left: 0;
-  position: absolute;
-  opacity: 0;
-  filter: alpha(Opacity=0);
+    width: 100%;
+    height: 100%;
+    top: 0;
+    left: 0;
+    position: absolute;
+    opacity: 0;
+    filter: Alpha(Opacity=0);
 }
 .ui-front {
     z-index: 100;
 }
 .ui-state-disabled {
-  cursor: default !important;
-  pointer-events: none;
-  opacity: .35;
-  filter: alpha(Opacity=35);
-  background-image: none;
-
-  .ui-icon {
-    filter: alpha(Opacity=35);
-  }
+    cursor: default !important;
+    pointer-events: none;
+    opacity: .35;
+    filter: Alpha(Opacity=35);
+    background-image: none;
+    .ui-icon {
+        filter: Alpha(Opacity=35);
+    }
 }
 .ui-icon {
     display: inline-block;
@@ -89,14 +86,14 @@
     display: block;
 }
 .ui-widget-overlay {
-  position: fixed;
-  top: 0;
-  left: 0;
-  width: 100%;
-  height: 100%;
-  background: #666666 url($approot-relative + "css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=" + $version) 50% 50% repeat;
-  opacity: .5;
-  filter: alpha(Opacity=50);
+    position: fixed;
+    top: 0;
+    left: 0;
+    width: 100%;
+    height: 100%;
+    background: #666666 url($approot-relative + "css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=" + $version) 50% 50% repeat;
+    opacity: .5;
+    filter: Alpha(Opacity=50);
 }
 .ui-resizable {
     position: relative;
@@ -1072,14 +1069,14 @@ body {
         font-weight: bold;
     }
     .ui-priority-secondary {
-      opacity: .7;
-      filter: alpha(Opacity=70);
-      font-weight: normal;
+        opacity: .7;
+        filter: Alpha(Opacity=70);
+        font-weight: normal;
     }
     .ui-state-disabled {
-      opacity: .35;
-      filter: alpha(Opacity=35);
-      background-image: none;
+        opacity: .35;
+        filter: Alpha(Opacity=35);
+        background-image: none;
     }
     .ui-icon {
         background-image: url($approot-relative + "css/ui-lightness/images/ui-icons_222222_256x240.png?v=" + $version);
@@ -1140,14 +1137,14 @@ body {
         font-weight: bold;
     }
     .ui-priority-secondary {
-      opacity: .7;
-      filter: alpha(Opacity=70);
-      font-weight: normal;
+        opacity: .7;
+        filter: Alpha(Opacity=70);
+        font-weight: normal;
     }
     .ui-state-disabled {
-      opacity: .35;
-      filter: alpha(Opacity=35);
-      background-image: none;
+        opacity: .35;
+        filter: Alpha(Opacity=35);
+        background-image: none;
     }
     .ui-icon {
         background-image: url($approot-relative + "css/ui-lightness/images/ui-icons_ffffff_256x240.png?v=" + $version);
@@ -1344,9 +1341,9 @@ a {
     font-weight: bold;
 }
 .ui-priority-secondary {
-  opacity: .7;
-  filter: alpha(Opacity=70);
-  font-weight: normal;
+    opacity: .7;
+    filter: Alpha(Opacity=70);
+    font-weight: normal;
 }
 .ui-icon-blank {
     background-position: 16px 16px;

datamodels/2.x/authent-cas/composer.json

@@ -1,13 +1,5 @@
 {
-  "config" : {
-    "classmap-authoritative" : true
-  },
-  "autoload" : {
-    "psr-4" : {
-      "Combodo\\iTop\\Cas\\" : "src"
-    }
-  },
-  "require" : {
-    "apereo/phpcas" : "~1.6.0"
-  }
+	"require" : {
+		"apereo/phpcas" : "~1.3"
+	}
 }

datamodels/2.x/authent-cas/composer.lock

@@ -4,32 +4,28 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "46afbbe7e92c2ccfe403f366ef1877e5",
+    "content-hash": "4db4df78154f0de344ba35a27fe766b7",
     "packages": [
         {
             "name": "apereo/phpcas",
-            "version": "1.6.0",
+            "version": "1.3.7",
             "source": {
                 "type": "git",
                 "url": "https://github.com/apereo/phpCAS.git",
-                "reference": "f817c72a961484afef95ac64a9257c8e31f063b9"
+                "reference": "b5b29102c3a42f570c4a3e852f3cf67cae6d6082"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/apereo/phpCAS/zipball/f817c72a961484afef95ac64a9257c8e31f063b9",
-                "reference": "f817c72a961484afef95ac64a9257c8e31f063b9",
+                "url": "https://api.github.com/repos/apereo/phpCAS/zipball/b5b29102c3a42f570c4a3e852f3cf67cae6d6082",
+                "reference": "b5b29102c3a42f570c4a3e852f3cf67cae6d6082",
                 "shasum": ""
             },
             "require": {
                 "ext-curl": "*",
-                "ext-dom": "*",
-                "php": ">=7.1.0",
-                "psr/log": "^1.0 || ^2.0 || ^3.0"
+                "php": ">=5.4.0"
             },
             "require-dev": {
-                "monolog/monolog": "^1.0.0 || ^2.0.0",
-                "phpstan/phpstan": "^1.5",
-                "phpunit/phpunit": ">=7.5"
+                "phpunit/phpunit": "~3.7.10"
             },
             "type": "library",
             "extra": {
@@ -49,16 +45,11 @@
             "authors": [
                 {
                     "name": "Joachim Fritschi",
-                    "email": "jfritschi@freenet.de",
-                    "homepage": "https://github.com/jfritschi"
+                    "homepage": "https://wiki.jasig.org/display/~fritschi"
                 },
                 {
                     "name": "Adam Franco",
-                    "homepage": "https://github.com/adamfranco"
-                },
-                {
-                    "name": "Henry Pan",
-                    "homepage": "https://github.com/phy25"
+                    "homepage": "https://wiki.jasig.org/display/~adamfranco"
                 }
             ],
             "description": "Provides a simple API for authenticating users against a CAS server",
@@ -68,61 +59,7 @@
                 "cas",
                 "jasig"
             ],
-            "support": {
-                "issues": "https://github.com/apereo/phpCAS/issues",
-                "source": "https://github.com/apereo/phpCAS/tree/1.6.0"
-            },
-            "time": "2022-10-31T20:39:27+00:00"
-        },
-        {
-            "name": "psr/log",
-            "version": "1.1.4",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/php-fig/log.git",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=5.3.0"
-            },
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "1.1.x-dev"
-                }
-            },
-            "autoload": {
-                "psr-4": {
-                    "Psr\\Log\\": "Psr/Log/"
-                }
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "PHP-FIG",
-                    "homepage": "https://www.php-fig.org/"
-                }
-            ],
-            "description": "Common interface for logging libraries",
-            "homepage": "https://github.com/php-fig/log",
-            "keywords": [
-                "log",
-                "psr",
-                "psr-3"
-            ],
-            "support": {
-                "source": "https://github.com/php-fig/log/tree/1.1.4"
-            },
-            "time": "2021-05-03T11:20:27+00:00"
+            "time": "2019-04-22T19:48:16+00:00"
         }
     ],
     "packages-dev": [],
@@ -132,6 +69,5 @@
     "prefer-stable": false,
     "prefer-lowest": false,
     "platform": [],
-    "platform-dev": [],
-    "plugin-api-version": "2.1.0"
+    "platform-dev": []
 }

datamodels/2.x/authent-cas/es_cr.dict.authent-cas.php

@@ -1,15 +1,12 @@
 <?php
- /**
- * Spanish Localized data
+/**
+ * Localized data
  *
- * @copyright   Copyright (C) 2010-2021 Combodo SARL
+ * @copyright   Copyright (C) 2013 XXXXX
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @traductor   Miguel Turrubiates <miguel_tf@yahoo.com> 
- * @notas       Utilizar codificación UTF-8 para mostrar acentos y otros caracteres especiales 
  */
-
-Dict::Add('ES CR', 'Spanish', 'Español, Castellano', array(
-	'CAS:Error:UserNotAllowed' => 'Usuario no permitido',
-	'CAS:Login:SignIn' => 'Iniciar sesión con CAS',
-	'CAS:Login:SignInTooltip' => 'Click para autenticarse con servidor CAS',
+Dict::Add('ES CR', 'Spanish', 'Español, Castellaño', array(
+	'CAS:Error:UserNotAllowed' => 'User not allowed~~',
+	'CAS:Login:SignIn' => 'Sign in with CAS~~',
+	'CAS:Login:SignInTooltip' => 'Click here to authenticate yourself with the CAS server~~',
 ));

datamodels/2.x/authent-cas/main.php

@@ -0,0 +1,4 @@
+<?php
+require_once __DIR__.'/vendor/autoload.php';
+require_once __DIR__.'/src/Config.php';
+require_once __DIR__.'/src/CASLoginExtension.php';

datamodels/2.x/authent-cas/module.authent-cas.php

@@ -5,7 +5,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'authent-cas/2.7.8',
+	'authent-cas/2.7.4',
 	array(
 		// Identification
 		//
@@ -24,8 +24,7 @@ SetupWebPage::AddModule(
 		//
 		'datamodel' => array(
 			'model.authent-cas.php',
-			'vendor/autoload.php',
-			'src/CASLoginExtension.php',
+			'main.php'
 		),
 		'webservice' => array(
 			
@@ -51,7 +50,6 @@ SetupWebPage::AddModule(
 			'cas_port' => '',
 			'cas_context' => '',
 			'cas_version' => '',
-			'service_base_url' => '',
 		),
 	)
 );

datamodels/2.x/authent-cas/src/CASLog.php

@@ -1,17 +0,0 @@
-<?php
-/**
- * @copyright   Copyright (C) 2010-2022 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\Cas;
-
-use LogAPI;
-
-class CASLog extends LogAPI
-{
-	const CHANNEL_DEFAULT = 'CASLog';
-
-	protected static $m_oFileLog = null;
-}
-

datamodels/2.x/authent-cas/src/CASLogger.php

@@ -1,81 +0,0 @@
-<?php
-/**
- * @copyright   Copyright (C) 2010-2022 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-namespace Combodo\iTop\Cas;
-
-use IssueLog;
-use LogAPI;
-use Psr\Log\LoggerInterface;
-use Psr\Log\LogLevel;
-
-class CASLogger implements LoggerInterface
-{
-	public function __construct($sDebugFile)
-	{
-		CASLog::Enable($sDebugFile);
-	}
-
-	const LEVEL_COMPAT = [
-		LogLevel::EMERGENCY => LogAPI::LEVEL_ERROR,
-		LogLevel::ALERT => LogAPI::LEVEL_ERROR,
-		LogLevel::CRITICAL => LogAPI::LEVEL_ERROR,
-		LogLevel::ERROR => LogAPI::LEVEL_ERROR,
-		LogLevel::WARNING => LogAPI::LEVEL_WARNING,
-		LogLevel::NOTICE => LogAPI::LEVEL_INFO,
-		LogLevel::INFO => LogAPI::LEVEL_INFO,
-		LogLevel::DEBUG => LogAPI::LEVEL_DEBUG,
-	];
-
-	public function emergency($message, array $context = array())
-	{
-		CASLog::Error('EMERGENCY: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-		IssueLog::Error('EMERGENCY: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function alert($message, array $context = array())
-	{
-		CASLog::Error('ALERT: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-		IssueLog::Error('ALERT: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function critical($message, array $context = array())
-	{
-		CASLog::Error('CRITICAL: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-		IssueLog::Error('CRITICAL: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function error($message, array $context = array())
-	{
-		CASLog::Error('ERROR: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-		IssueLog::Error('ERROR: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function warning($message, array $context = array())
-	{
-		CASLog::Warning('WARNING: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function notice($message, array $context = array())
-	{
-		CASLog::Info('NOTICE: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function info($message, array $context = array())
-	{
-		CASLog::Info('INFO: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function debug($message, array $context = array())
-	{
-		CASLog::Debug('DEBUG: '.$message, CASLog::CHANNEL_DEFAULT, $context);
-	}
-
-	public function log($level, $message, array $context = array())
-	{
-		$sLevel = self::LEVEL_COMPAT[$level] ?? LogAPI::LEVEL_ERROR;
-		CASLog::Log($sLevel, strtoupper($level).": $message", CASLog::CHANNEL_DEFAULT, $context);
-	}
-}

datamodels/2.x/authent-cas/src/CASLoginExtension.php

@@ -154,7 +154,7 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		$bCASDebug = Config::Get('cas_debug');
 		if ($bCASDebug)
 		{
-			phpCAS::setLogger(new CASLogger(APPROOT.'log/cas.log'));
+			phpCAS::setDebug(APPROOT.'log/cas.log');
 		}
 		
 		// Initialize phpCAS
@@ -162,8 +162,7 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		$sCASHost = Config::Get('cas_host');
 		$iCASPort = Config::Get('cas_port');
 		$sCASContext = Config::Get('cas_context');
-		$sServiceBaseURL = Config::Get('service_base_url', self::GetServiceBaseURL());
-		phpCAS::client($sCASVersion, $sCASHost, $iCASPort, $sCASContext, $sServiceBaseURL, false /* session already started */);
+		phpCAS::client($sCASVersion, $sCASHost, $iCASPort, $sCASContext, false /* session already started */);
 		$sCASCACertPath = Config::Get('cas_server_ca_cert_path');
 		if (empty($sCASCACertPath))
 		{
@@ -179,38 +178,6 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		}
 	}
 
-	private static function GetServiceBaseURL()
-	{
-		$protocol = $_SERVER['REQUEST_SCHEME'];
-		$protocol .= '://';
-		if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
-			// explode the host list separated by comma and use the first host
-			$hosts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
-			// see rfc7239#5.3 and rfc7230#2.7.1: port is in HTTP_X_FORWARDED_HOST if non default
-			return $protocol . $hosts[0];
-		} else if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) {
-			$server_url = $_SERVER['HTTP_X_FORWARDED_SERVER'];
-		} else {
-			if (empty($_SERVER['SERVER_NAME'])) {
-				$server_url = $_SERVER['HTTP_HOST'];
-			} else {
-				$server_url = $_SERVER['SERVER_NAME'];
-			}
-		}
-		if (!strpos($server_url, ':')) {
-			if (empty($_SERVER['HTTP_X_FORWARDED_PORT'])) {
-				$server_port = $_SERVER['SERVER_PORT'];
-			} else {
-				$ports = explode(',', $_SERVER['HTTP_X_FORWARDED_PORT']);
-				$server_port = $ports[0];
-			}
-
-			$server_url .= ':';
-			$server_url .= $server_port;
-		}
-		return $protocol . $server_url;
-	}
-
 	private function DoUserProvisioning($sLogin)
 	{
 		$bCASUserSynchro = Config::Get('cas_user_synchro');

datamodels/2.x/authent-cas/vendor/apereo/phpcas/CAS.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ *  PHP Version 5
  *
  * @file     CAS.php
  * @category Authentication
@@ -27,6 +27,4 @@
  * @link     https://wiki.jasig.org/display/CASC/phpCAS
  */
 
-require_once __DIR__.'/source/CAS.php';
-
-trigger_error('Including CAS.php is deprecated. Install phpCAS using composer instead.', E_USER_DEPRECATED);
+require_once dirname(__FILE__).'/source/CAS.php';

datamodels/2.x/authent-cas/vendor/apereo/phpcas/README.md

@@ -6,21 +6,22 @@ users via a Central Authentication Service (CAS) server.
 
 Please see the wiki website for more information:
 
-https://apereo.github.io/phpCAS/
+https://wiki.jasig.org/display/CASC/phpCAS
 
 Api documentation can be found here:
 
-https://apereo.github.io/phpCAS/api/
+https://apereo.github.io/phpCAS/
 
 
-[![Test](https://github.com/apereo/phpCAS/actions/workflows/test.yml/badge.svg)](https://github.com/apereo/phpCAS/actions/workflows/test.yml)
+[![Build Status](https://travis-ci.org/apereo/phpCAS.png)](https://travis-ci.org/apereo/phpCAS)
+
 
 LICENSE
 -------
 
-Copyright 2007-2020, Apereo Foundation.
-This project includes software developed by Apereo Foundation.
-http://www.apereo.org/
+Copyright 2007-2015, JA-SIG, Inc.
+This project includes software developed by Jasig.
+http://www.jasig.org/
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this software except in compliance with the License.

datamodels/2.x/authent-cas/vendor/apereo/phpcas/composer.json

@@ -1,55 +1,29 @@
 {
-	"name" : "apereo/phpcas",
-	"description" : "Provides a simple API for authenticating users against a CAS server",
-	"keywords" : [
-		"cas",
-		"jasig",
-		"apereo"
-	],
-	"homepage" : "https://wiki.jasig.org/display/CASC/phpCAS",
-	"type" : "library",
-	"license" : "Apache-2.0",
-	"authors" : [{
-			"name" : "Joachim Fritschi",
-			"homepage" : "https://github.com/jfritschi",
-			"email" : "jfritschi@freenet.de"
-		}, {
-			"name" : "Adam Franco",
-			"homepage" : "https://github.com/adamfranco"
-		}, {
-			"name" : "Henry Pan",
-			"homepage" : "https://github.com/phy25"
-		}
-	],
-	"require" : {
-		"php" : ">=7.1.0",
-		"ext-curl" : "*",
-		"ext-dom"  : "*",
-		"psr/log" : "^1.0 || ^2.0 || ^3.0"
+    "name": "apereo/phpcas",
+    "description": "Provides a simple API for authenticating users against a CAS server",
+    "keywords": ["cas", "jasig", "apereo"],
+    "homepage": "https://wiki.jasig.org/display/CASC/phpCAS",
+    "type": "library",
+    "license": "Apache-2.0",
+    "authors": [
+        {"name": "Joachim Fritschi", "homepage": "https://wiki.jasig.org/display/~fritschi"},
+        {"name": "Adam Franco", "homepage": "https://wiki.jasig.org/display/~adamfranco"}
+    ],
+    "require": {
+        "php": ">=5.4.0",
+        "ext-curl": "*"
     },
-	"require-dev" : {
-		"monolog/monolog" : "^1.0.0 || ^2.0.0",
-		"phpunit/phpunit" : ">=7.5", 
-		"phpstan/phpstan" : "^1.5"
-	},
-	"autoload" : {
-		"classmap" : [
-			"source/"
-		]
-	},
-	"autoload-dev" : {
-		"files": ["source/CAS.php"],
-		"psr-4" : {
-			"PhpCas\\" : "test/CAS/"
-		}
-	},
-	"scripts" : {
-		"test" : "phpunit", 
-		"phpstan" : "phpstan"
-	},
-	"extra" : {
-		"branch-alias" : {
-			"dev-master" : "1.3.x-dev"
-		}
-	}
+    "require-dev": {
+        "phpunit/phpunit": "~3.7.10"
+    },
+    "autoload": {
+        "classmap": [
+            "source/"
+        ]
+    },
+    "extra": {
+        "branch-alias": {
+            "dev-master": "1.3.x-dev"
+        }
+    }
 }

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS.php

@@ -20,7 +20,7 @@
  *
  *
  * Interface class of the phpCAS library
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/CAS.php
  * @category Authentication
@@ -35,7 +35,6 @@
  * @ingroup public
  */
 
-use Psr\Log\LoggerInterface;
 
 //
 // hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI']
@@ -45,6 +44,11 @@ if (!isset($_SERVER['REQUEST_URI']) && isset($_SERVER['SCRIPT_NAME']) && isset($
     $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
 }
 
+// Add a E_USER_DEPRECATED for php versions <= 5.2
+if (!defined('E_USER_DEPRECATED')) {
+    define('E_USER_DEPRECATED', E_USER_NOTICE);
+}
+
 
 // ########################################################################
 //  CONSTANTS
@@ -57,7 +61,7 @@ if (!isset($_SERVER['REQUEST_URI']) && isset($_SERVER['SCRIPT_NAME']) && isset($
 /**
  * phpCAS version. accessible for the user by phpCAS::getVersion().
  */
-define('PHPCAS_VERSION', '1.6.0');
+define('PHPCAS_VERSION', '1.3.7');
 
 /**
  * @addtogroup public
@@ -136,6 +140,11 @@ define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');
  */
 define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
 
+/**
+ * SAML Attributes
+ */
+define("DEFAULT_ERROR", 'Internal script failure');
+
 /** @} */
 /**
  * @addtogroup publicPGTStorage
@@ -215,8 +224,6 @@ define("PHPCAS_LANG_JAPANESE", 'CAS_Languages_Japanese');
 define("PHPCAS_LANG_SPANISH", 'CAS_Languages_Spanish');
 define("PHPCAS_LANG_CATALAN", 'CAS_Languages_Catalan');
 define("PHPCAS_LANG_CHINESE_SIMPLIFIED", 'CAS_Languages_ChineseSimplified');
-define("PHPCAS_LANG_GALEGO", 'CAS_Languages_Galego');
-define("PHPCAS_LANG_PORTUGUESE", 'CAS_Languages_Portuguese');
 
 /** @} */
 
@@ -254,7 +261,7 @@ define('DEFAULT_DEBUG_DIR', gettmpdir()."/");
 /** @} */
 
 // include the class autoloader
-require_once __DIR__ . '/CAS/Autoload.php';
+require_once dirname(__FILE__) . '/CAS/Autoload.php';
 
 /**
  * The phpCAS class is a simple container for the phpCAS library. It provides CAS
@@ -323,22 +330,12 @@ class phpCAS
     /**
      * phpCAS client initializer.
      *
-     * @param string                   $server_version  the version of the CAS server
-     * @param string                   $server_hostname the hostname of the CAS server
-     * @param int                      $server_port     the port the CAS server is running on
-     * @param string                   $server_uri      the URI the CAS server is responding on
-     * @param string|string[]|CAS_ServiceBaseUrl_Interface
-     *                                 $service_base_url the base URL (protocol, host and the
-     *                                                  optional port) of the CAS client; pass
-     *                                                  in an array to use auto discovery with
-     *                                                  an allowlist; pass in
-     *                                                  CAS_ServiceBaseUrl_Interface for custom
-     *                                                  behavior. Added in 1.6.0. Similar to
-     *                                                  serverName config in other CAS clients.
-     * @param bool                     $changeSessionID Allow phpCAS to change the session_id
-     *                                                  (Single Sign Out/handleLogoutRequests
-     *                                                  is based on that change)
-     * @param \SessionHandlerInterface $sessionHandler  the session handler
+     * @param string $server_version  the version of the CAS server
+     * @param string $server_hostname the hostname of the CAS server
+     * @param int    $server_port     the port the CAS server is running on
+     * @param string $server_uri      the URI the CAS server is responding on
+     * @param bool   $changeSessionID Allow phpCAS to change the session_id (Single
+     * Sign Out/handleLogoutRequests is based on that change)
      *
      * @return void a newly created CAS_Client object
      * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
@@ -346,8 +343,7 @@ class phpCAS
      * and phpCAS::setDebug()).
      */
     public static function client($server_version, $server_hostname,
-        $server_port, $server_uri, $service_base_url,
-        $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null
+        $server_port, $server_uri, $changeSessionID = true
     ) {
         phpCAS :: traceBegin();
         if (is_object(self::$_PHPCAS_CLIENT)) {
@@ -366,8 +362,8 @@ class phpCAS
         // initialize the object $_PHPCAS_CLIENT
         try {
             self::$_PHPCAS_CLIENT = new CAS_Client(
-                $server_version, false, $server_hostname, $server_port, $server_uri, $service_base_url,
-                $changeSessionID, $sessionHandler
+                $server_version, false, $server_hostname, $server_port, $server_uri,
+                $changeSessionID
             );
         } catch (Exception $e) {
             phpCAS :: error(get_class($e) . ': ' . $e->getMessage());
@@ -378,22 +374,12 @@ class phpCAS
     /**
      * phpCAS proxy initializer.
      *
-     * @param string                   $server_version  the version of the CAS server
-     * @param string                   $server_hostname the hostname of the CAS server
-     * @param string                   $server_port     the port the CAS server is running on
-     * @param string                   $server_uri      the URI the CAS server is responding on
-     * @param string|string[]|CAS_ServiceBaseUrl_Interface
-     *                                 $service_base_url the base URL (protocol, host and the
-     *                                                  optional port) of the CAS client; pass
-     *                                                  in an array to use auto discovery with
-     *                                                  an allowlist; pass in
-     *                                                  CAS_ServiceBaseUrl_Interface for custom
-     *                                                  behavior. Added in 1.6.0. Similar to
-     *                                                  serverName config in other CAS clients.
-     * @param bool                     $changeSessionID Allow phpCAS to change the session_id
-     *                                                  (Single Sign Out/handleLogoutRequests
-     *                                                  is based on that change)
-     * @param \SessionHandlerInterface $sessionHandler  the session handler
+     * @param string $server_version  the version of the CAS server
+     * @param string $server_hostname the hostname of the CAS server
+     * @param int    $server_port     the port the CAS server is running on
+     * @param string $server_uri      the URI the CAS server is responding on
+     * @param bool   $changeSessionID Allow phpCAS to change the session_id (Single
+     * Sign Out/handleLogoutRequests is based on that change)
      *
      * @return void a newly created CAS_Client object
      * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
@@ -401,8 +387,7 @@ class phpCAS
      * and phpCAS::setDebug()).
      */
     public static function proxy($server_version, $server_hostname,
-        $server_port, $server_uri, $service_base_url,
-        $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null
+        $server_port, $server_uri, $changeSessionID = true
     ) {
         phpCAS :: traceBegin();
         if (is_object(self::$_PHPCAS_CLIENT)) {
@@ -421,8 +406,8 @@ class phpCAS
         // initialize the object $_PHPCAS_CLIENT
         try {
             self::$_PHPCAS_CLIENT = new CAS_Client(
-                $server_version, true, $server_hostname, $server_port, $server_uri, $service_base_url,
-                $changeSessionID, $sessionHandler
+                $server_version, true, $server_hostname, $server_port, $server_uri,
+                $changeSessionID
             );
         } catch (Exception $e) {
             phpCAS :: error(get_class($e) . ': ' . $e->getMessage());
@@ -450,24 +435,6 @@ class phpCAS
      * @{
      */
 
-    /**
-     * Set/unset PSR-3 logger
-     *
-     * @param LoggerInterface $logger the PSR-3 logger used for logging, or
-     * null to stop logging.
-     *
-     * @return void
-     */
-    public static function setLogger($logger = null)
-    {
-        if (empty(self::$_PHPCAS_DEBUG['unique_id'])) {
-            self::$_PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);
-        }
-        self::$_PHPCAS_DEBUG['logger'] = $logger;
-        self::$_PHPCAS_DEBUG['indent'] = 0;
-        phpCAS :: trace('START ('.date("Y-m-d H:i:s").') phpCAS-' . PHPCAS_VERSION . ' ******************');
-    }
-
     /**
      * Set/unset debug mode
      *
@@ -475,13 +442,9 @@ class phpCAS
      * to stop debugging.
      *
      * @return void
-     *
-     * @deprecated
      */
     public static function setDebug($filename = '')
     {
-        trigger_error('phpCAS::setDebug() is deprecated in favor of phpCAS::setLogger().', E_USER_DEPRECATED);
-
         if ($filename != false && gettype($filename) != 'string') {
             phpCAS :: error('type mismatched for parameter $dbg (should be false or the name of the log file)');
         }
@@ -555,7 +518,14 @@ class phpCAS
         $indent_str = ".";
 
 
-        if (isset(self::$_PHPCAS_DEBUG['logger']) || !empty(self::$_PHPCAS_DEBUG['filename'])) {
+        if (!empty(self::$_PHPCAS_DEBUG['filename'])) {
+            // Check if file exists and modifiy file permissions to be only
+            // readable by the webserver
+            if (!file_exists(self::$_PHPCAS_DEBUG['filename'])) {
+                touch(self::$_PHPCAS_DEBUG['filename']);
+                // Chmod will fail on windows
+                @chmod(self::$_PHPCAS_DEBUG['filename'], 0600);
+            }
             for ($i = 0; $i < self::$_PHPCAS_DEBUG['indent']; $i++) {
 
                 $indent_str .= '|    ';
@@ -563,20 +533,7 @@ class phpCAS
             // allow for multiline output with proper identing. Usefull for
             // dumping cas answers etc.
             $str2 = str_replace("\n", "\n" . self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str, $str);
-            $str3 = self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str2;
-            if (isset(self::$_PHPCAS_DEBUG['logger'])) {
-                self::$_PHPCAS_DEBUG['logger']->info($str3);
-            }
-            if (!empty(self::$_PHPCAS_DEBUG['filename'])) {
-                // Check if file exists and modifiy file permissions to be only
-                // readable by the webserver
-                if (!file_exists(self::$_PHPCAS_DEBUG['filename'])) {
-                    touch(self::$_PHPCAS_DEBUG['filename']);
-                    // Chmod will fail on windows
-                    @chmod(self::$_PHPCAS_DEBUG['filename'], 0600);
-                }
-                error_log($str3 . "\n", 3, self::$_PHPCAS_DEBUG['filename']);
-            }
+            error_log(self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str2 . "\n", 3, self::$_PHPCAS_DEBUG['filename']);
         }
 
     }
@@ -610,6 +567,8 @@ class phpCAS
         }
         if (self::$_PHPCAS_VERBOSE) {
             echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";
+        } else {
+            echo "<br />\n<b>Error</b>: <font color=\"FF0000\"><b>". DEFAULT_ERROR ."</b><br />\n";
         }
         phpCAS :: trace($msg . ' in ' . $file . 'on line ' . $line );
         phpCAS :: traceEnd();
@@ -1910,14 +1869,6 @@ class phpCAS
         }
     }
 
-    /**
-     * @return CAS_Client
-     */
-    public static function getCasClient()
-    {
-        return self::$_PHPCAS_CLIENT;
-    }
-
     /**
      * For testing purposes, use this method to set the client to a test double
      *

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/AuthenticationException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/AuthenticationException.php
  * @category Authentication
@@ -72,15 +72,11 @@ implements CAS_Exception
         phpCAS::traceBegin();
         $lang = $client->getLangObj();
         $client->printHTMLHeader($lang->getAuthenticationFailed());
-
-        if (phpCAS::getVerbose()) {
-            printf(
-                $lang->getYouWereNotAuthenticated(),
-                htmlentities($client->getURL()),
-                $_SERVER['SERVER_ADMIN'] ?? ''
-            );
-        }
-
+        printf(
+            $lang->getYouWereNotAuthenticated(),
+            htmlentities($client->getURL()),
+            isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN']:''
+        );
         phpCAS::trace($messages[] = 'CAS URL: '.$cas_url);
         phpCAS::trace($messages[] = 'Authentication failure: '.$failure);
         if ( $no_response ) {

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Autoload.php

@@ -3,7 +3,7 @@
 /**
  * Autoloader Class
  *
- *  PHP Version 7
+ *  PHP Version 5
  *
  * @file      CAS/Autoload.php
  * @category  Authentication
@@ -26,24 +26,18 @@ function CAS_autoload($class)
     // Static to hold the Include Path to CAS
     static $include_path;
     // Check only for CAS classes
-    if (substr($class, 0, 4) !== 'CAS_' && substr($class, 0, 7) !== 'PhpCas\\') {
+    if (substr($class, 0, 4) !== 'CAS_') {
         return false;
     }
-
     // Setup the include path if it's not already set from a previous call
     if (empty($include_path)) {
-        $include_path = array(dirname(__DIR__));
+        $include_path = array(dirname(dirname(__FILE__)), dirname(dirname(__FILE__)) . '/../test/' );
     }
 
     // Declare local variable to store the expected full path to the file
-    foreach ($include_path as $path) {
-        $class_path = str_replace('_', DIRECTORY_SEPARATOR, $class);
-        // PhpCas namespace mapping
-        if (substr($class_path, 0, 7) === 'PhpCas\\') {
-            $class_path = 'CAS' . DIRECTORY_SEPARATOR . substr($class_path, 7);
-        }
 
-        $file_path = $path . DIRECTORY_SEPARATOR . $class_path . '.php';
+    foreach ($include_path as $path) {
+        $file_path = $path . '/' . str_replace('_', '/', $class) . '.php';
         $fp = @fopen($file_path, 'r', true);
         if ($fp) {
             fclose($fp);
@@ -60,7 +54,6 @@ function CAS_autoload($class)
             return true;
         }
     }
-
     $e = new Exception(
         'Class ' . $class . ' could not be loaded from ' .
         $file_path . ', file does not exist (Path="'
@@ -68,22 +61,22 @@ function CAS_autoload($class)
     );
     $trace = $e->getTrace();
     if (isset($trace[2]) && isset($trace[2]['function'])
-        && in_array($trace[2]['function'], array('class_exists', 'interface_exists', 'trait_exists'))
+        && in_array($trace[2]['function'], array('class_exists', 'interface_exists'))
     ) {
         return false;
     }
     if (isset($trace[1]) && isset($trace[1]['function'])
-        && in_array($trace[1]['function'], array('class_exists', 'interface_exists', 'trait_exists'))
+        && in_array($trace[1]['function'], array('class_exists', 'interface_exists'))
     ) {
         return false;
     }
     die ((string) $e);
 }
 
-// Set up autoload if not already configured by composer.
-if (!class_exists('CAS_Client'))
-{
-    trigger_error('phpCAS autoloader is deprecated. Install phpCAS using composer instead.', E_USER_DEPRECATED);
+// set up __autoload
+if (!(spl_autoload_functions())
+    || !in_array('CAS_autoload', spl_autoload_functions())
+) {
     spl_autoload_register('CAS_autoload');
     if (function_exists('__autoload')
         && !in_array('__autoload', spl_autoload_functions())
@@ -93,3 +86,5 @@ if (!class_exists('CAS_Client'))
         spl_autoload_register('__autoload');
     }
 }
+
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/CookieJar.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/CookieJar.php
  * @category Authentication
@@ -231,7 +231,6 @@ class CAS_CookieJar
             case 'commenturl':
             case 'discard':
             case 'httponly':
-            case 'samesite':
                 $cookie[$attributeNameLC] = $attributeValue;
                 break;
             default:

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Exception.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Exception.php
  * @category Authentication
@@ -56,4 +56,4 @@ interface CAS_Exception
 {
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/GracefullTerminationException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/GracefullTerminationException.php
  * @category Authentication
@@ -83,4 +83,4 @@ implements CAS_Exception
     }
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/InvalidArgumentException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/InvalidArgumentException.php
  * @category Authentication
@@ -43,4 +43,4 @@ implements CAS_Exception
 {
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Catalan.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/Catalan.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/ChineseSimplified.php
  * @category Authentication
@@ -111,4 +111,4 @@ class CAS_Languages_ChineseSimplified implements CAS_Languages_LanguageInterface
     {
         return '服务器 <b>%s</b> 不可用（<b>%s</b>）。';
     }
-}
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/English.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/English.php
  * @category Authentication
@@ -111,4 +111,4 @@ class CAS_Languages_English implements CAS_Languages_LanguageInterface
     {
         return 'The service `<b>%s</b>\' is not available (<b>%s</b>).';
     }
-}
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/French.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/French.php
  * @category Authentication
@@ -113,4 +113,4 @@ class CAS_Languages_French implements CAS_Languages_LanguageInterface
     }
 }
 
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Galego.php

@@ -1,117 +0,0 @@
-<?php
-
-/**
- * Licensed to Jasig under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for
- * additional information regarding copyright ownership.
- *
- * Jasig licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * PHP Version 7
- *
- * @file     CAS/Language/Galego.php
- * @category Authentication
- * @package  PhpCAS
- * @author   Enrique Huelva Rivero enrique.huelvarivero@plexus.es
- * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
- * @link     https://wiki.jasig.org/display/CASC/phpCAS
- */
-
-/**
- * Galego language class
- *
- * @class    CAS_Languages_Galego
- * @category Authentication
- * @package  PhpCAS
- * @author   Enrique Huelva Rivero enrique.huelvarivero@plexus.es
- * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
- * @link     https://wiki.jasig.org/display/CASC/phpCAS
- *
-
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-class CAS_Languages_Galego implements CAS_Languages_LanguageInterface
-{
-    /**
-     * Get the using server string
-     *
-     * @return string using server
-     */
-    public function getUsingServer()
-    {
-        return 'usando servidor';
-    }
-
-    /**
-     * Get authentication wanted string
-     *
-     * @return string authentication wanted
-     */
-    public function getAuthenticationWanted()
-    {
-        return 'Autenticación CAS necesaria!';
-    }
-
-    /**
-     * Get logout string
-     *
-     * @return string logout
-     */
-    public function getLogout()
-    {
-        return 'Saída CAS necesaria!';
-    }
-
-    /**
-     * Get the should have been redirected string
-     *
-     * @return string should habe been redirected
-     */
-    public function getShouldHaveBeenRedirected()
-    {
-        return 'Xa debería ser redireccionado ao servidor CAS. Faga click <a href="%s">aquí</a> para continuar';
-    }
-
-    /**
-     * Get authentication failed string
-     *
-     * @return string authentication failed
-     */
-    public function getAuthenticationFailed()
-    {
-        return 'Autenticación CAS errada!';
-    }
-
-    /**
-     * Get the your were not authenticated string
-     *
-     * @return string not authenticated
-     */
-    public function getYouWereNotAuthenticated()
-    {
-        return '
-        <p>Non estás autenticado</p><p>Podes volver tentalo facendo click <a href="%s">aquí</a>.</p><p>Se o problema persiste debería contactar con el <a href="mailto:%s">administrador deste sitio</a>.</p>';
-    }
-
-    /**
-     * Get the service unavailable string
-     *
-     * @return string service unavailable
-     */
-    public function getServiceUnavailable()
-    {
-        return 'O servizo `<b>%s</b>\' non está dispoñible (<b>%s</b>).';
-    }
-}
-?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/German.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/German.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Greek.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/Greek.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Japanese.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/Japanese.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/LanguageInterface.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/LanguageInterface.php
  * @category Authentication
@@ -93,4 +93,4 @@ interface CAS_Languages_LanguageInterface
     public function getServiceUnavailable();
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Portuguese.php

@@ -1,114 +0,0 @@
-<?php
-
-/**
- * Licensed to Jasig under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for
- * additional information regarding copyright ownership.
- *
- * Jasig licenses this file to you under the Apache License,
- * Version 2.0 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * PHP Version 7
- *
- * @file     CAS/Language/Portuguese.php
- * @category Authentication
- * @package  PhpCAS
- * @author   Sherwin Harris <sherwin.harris@gmail.com>
- * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
- * @link     https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS
- */
-
-/**
- * Portuguese language class
- *
- * @class    CAS_Languages_Portuguese
- * @category Authentication
- * @package  PhpCAS
- * @author   Sherwin Harris <sherwin.harris@gmail.com>
- * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
- * @link     https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS
- *
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-class CAS_Languages_Portuguese implements CAS_Languages_LanguageInterface
-{
-    /**
-     * Get the using server string
-     *
-     * @return string using server
-     */
-    public function getUsingServer()
-    {
-        return 'Usando o servidor';
-    }
-
-    /**
-     * Get authentication wanted string
-     *
-     * @return string authentication wanted
-     */
-    public function getAuthenticationWanted()
-    {
-        return 'A autenticação do servidor CAS desejado!';
-    }
-
-    /**
-     * Get logout string
-     *
-     * @return string logout
-     */
-    public function getLogout()
-    {
-        return 'Saida do servidor CAS desejado!';
-    }
-
-    /**
-     * Get the should have been redirected string
-     *
-     * @return string should have been redirected
-     */
-    public function getShouldHaveBeenRedirected()
-    {
-        return 'Você já deve ter sido redirecionado para o servidor CAS. Clique <a href="%s">aqui</a> para continuar';
-    }
-
-    /**
-    * Get authentication failed string
-    *
-    * @return string authentication failed
-    */
-    public function getAuthenticationFailed()
-    {
-        return 'A autenticação do servidor CAS falheu!';
-    }
-
-    /**
-    * Get the your were not authenticated string
-    *
-    * @return string not authenticated
-    */
-    public function getYouWereNotAuthenticated()
-    {
-        return '<p>Você não foi autenticado.</p><p>Você pode enviar sua solicitação novamente clicando <a href="%s">aqui</a>. </p><p>Se o problema persistir, você pode entrar em contato com <a href="mailto:%s">o administrador deste site</a>.</p>';
-    }
-
-    /**
-    * Get the service unavailable string
-    *
-    * @return string service unavailable
-    */
-    public function getServiceUnavailable()
-    {
-        return 'O serviço `<b>%s</b>\' não está disponível (<b>%s</b>).';
-    }
-}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Spanish.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/Language/Spanish.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php

@@ -18,7 +18,7 @@
  * limitations under the License.
  *
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/OutOfSequenceBeforeAuthenticationCallException.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php

@@ -18,7 +18,7 @@
  * limitations under the License.
  *
  *
- * PHP Version 7
+ * PHP Version 5
  *
  * @file     CAS/OutOfSequenceBeforeClientException.php
  * @category Authentication